This repository has been archived by the owner on May 10, 2024. It is now read-only.
Fixed Opening Authenticated Documents in private and non-private mode. #1218
Conversation
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Brandon-T
changed the title
Fixed opening Authenticated documents in Private-Browsing mode when it opens in a new tab. Fixed opening Authenticated documents and attempting to share, or print them. Added Ephemeral Cookie Storage (in memory only.. once a tab is closed, all information is lost) for tabs to support opening Authenticated documents. Made TemporaryDocument URLSession use the ephemeral cookie storage.
Brandon-T
force-pushed
the
feature/WebStorage
branch
from
4574902 to
9853eda
Compare
|
This fix is not viable for the mentioned problems as discussed with @Brandon-T & @jumde. Problem 1. Will be solved by keeping same Problem 2. There are lot of other cases where cookie sharing will not work like basic web authentication. There is also an inherent problem of double download of the same resource(excess bandwidth is consumed plus will take extra time to be used for sharing). Closing this pr. |
Sign up for free
to subscribe to this conversation on GitHub.
Already have an account?
Sign in.
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
Fixes: #1144
Discovered Problem(s):
Private Tabs do NOT share session & cookies amongst its child tabs.. For example, if I open a Bank website on TabA and log in, then I go to statements and it happens to open in TabB (
target=__blank), it will ask for re-authentication because cookies & session from TabA did not pass on to child TabB.Session and Cookies not shared amongst NSURLSession. When WKWebView makes a request to a banking website, it stores the cookies and session internal in the
WKWebsiteDataStore.instance.httpCookieStorage.. when downloading a document, we are downloading withNSURLSessionand the cookies are not passed along. Therefore, when downloading opening documents in the webview, it displays fine, but when attempting to print (at which point it "downloads with NSURLSession"), it will download a redirected HTML "login" page instead of the document requested because the session information wasn't passed along.Solution:
When creating a new WebView from a parent one (IE: new tab), pass the cookies along to the new tab's website data store. (Same behaviour as Brave, Firefox, and Chrome Desktop).
However, if two tabs are completely independent of each other, the cookies should NOT be shared!
When downloading a document, store the cookies in MEMORY only (ephemeral storage), and pass it along to the child-tabs and TemporaryDocument. This allows the
TemporaryDocumentto request the pdf/image/etc.. We should probably be usingNSURLSession(configuration: .ephemeral)as well.. instead of.default.Submitter Checklist:
Fix #123: This fixes the shattered coffee cup!(orNo Bug: <message>if no relevant ticket)NSLocalizableString()Test Plan:
Screenshots:
Reviewer Checklist:
QA/(Yes|No)release-notes/(include|exclude)bug/enhancement