When I ported a Cordova app to Android 5 (Lollipop), I noticed, that the login does not work anymore. In prior versions of Android it works like a charm (app login is based on session cookies).
Part of the Android Lollipop changes:
Apps that target KITKAT or below default to allowing third party cookies. Apps targeting LOLLIPOP or later default to disallowing third party cookies.
https://developer.android.com/reference/android/webkit/CookieManager.html
Android 5.0 changes the default behaviour for your app.
If your app targets API level 21 or higher:
The system blocks mixed content and third party cookies by default. To allow mixed content and third party cookies, use the setMixedContentMode() and setAcceptThirdPartyCookies() methods respectively.
The system now intelligently chooses portions of the HTML document to draw. This new default behaviour helps to reduce memory footprint and increase performance. If you want to render the whole document at once, disable this optimization by calling enableSlowWholeDocumentDraw().
If your app targets API levels lower than 21: The system allows mixed content and third party cookies, and always renders the whole document at once.
https://developer.android.com/about/versions/android-5.0-changes.html#BehaviorWebView
Indeed, if the app rely on session cookies it will stop working as expected.
However. Here is a fix to make session cookies work again on Android Lollipop and above:
/*
Licensed to the Apache Software Foundation (ASF) under one
or more contributor license agreements. See the NOTICE file
distributed with this work for additional information
regarding copyright ownership. The ASF licenses this file
to you under the Apache License, Version 2.0 (the
"License"); you may not use this file except in compliance
with the License. You may obtain a copy of the License at
http://www.apache.org/licenses/LICENSE-2.0
Unless required by applicable law or agreed to in writing,
software distributed under the License is distributed on an
"AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
KIND, either express or implied. See the License for the
specific language governing permissions and limitations
under the License.
*/
package com.blogspot.tol8;
import android.os.Bundle;
import org.apache.cordova.*;
import android.os.Build;
import android.webkit.CookieManager;
import android.webkit.WebView;
public class MyApp extends CordovaActivity
{
@Override
public void onCreate(Bundle savedInstanceState)
{
super.onCreate(savedInstanceState);
super.init();
// Allow third party cookies for Android Lollipop
if(Build.VERSION.SDK_INT >= Build.VERSION_CODES.LOLLIPOP)
{
WebView webView = (WebView)super.appView;
CookieManager cookieManager = CookieManager.getInstance();
cookieManager.setAcceptThirdPartyCookies(webView,true);
}
super.loadUrl(Config.getStartUrl());
}
}
BTW: Make sure that you use the latest Android SDK to compile the source code. I have also created an issue at the Cordova bug tracker (https://issues.apache.org/jira/browse/CB-8026).
, I noticed, that the login does not work anymore. In prior versions of Android it ...){kind=link}
Cool post, very useful for me, thank you so much dude.
ReplyDeleteWow, thanks for the post. Exactly what I'm looking for.
ReplyDeleteNice one, thank you for sharing.
ReplyDeleteGreat, I finally fix my app with your help :) Thanks!
ReplyDeleteFinally the fix is included in Cordova 4.3.0 https://www.npmjs.com/package/cordova
ReplyDeleteDon't forget to update your platform too.