[Webkit-unassigned] [Bug 272325] REGRESSION (iOS 17.x): Session cookies being reset randomly

bugzilla-daemon at webkit.org bugzilla-daemon at webkit.org
Tue Apr 9 03:32:56 PDT 2024


https://bugs.webkit.org/show_bug.cgi?id=272325

--- Comment #4 from Ricardo Cristino <ricardo.cristino at outsystems.com> ---
Hi team, 

I've attached a link to an application where the behavior is replicated (in the URL field of the bug). Access that URL on the browser in iPad 17.4.1 and add it to the Home Screen to run as a PWA. Then repeat these steps:
1. Open the PWA and the previous session is lost;
2. Click "Login with Username" button to get new session cookies;
3. You'll get redirected to a screen called Market with a list. You can click one of the items from the list and wait 1 or 2 seconds to see if the 403 error shows up in an alert message. No need to wait much more than this.
4. If the error does not pop up, just close the app and repeat the whole process again until a 403 error happens. Notice that closing the PWA causes the previous session cookies to be lost (we don't know if this is expected).

Right after installing the app for the first time, the session cookies were not getting lost when closing and reopening the app. I kept opening and closing it multiple times (less than 10 times). At some point, every time I closed the app, the session cookies were getting lost upon reopening. This is also a misbehavior that is very inconsistent from my perspective. Why does the PWA lose the session when you close and reopen it? Why is this behavior not consistent the first times you close and reopen it?

Regarding cookies A, B, and C that I mentioned earlier, their corresponding names in the app are "nr1Users", "nr2Users", and "Users".

We are now receiving reports from more major companies about this same issue. Please consider this bug report an opportunity to prevent a large-scale issue. We are interested in cooperating to resolve this.

Thank you

-- 
You are receiving this mail because:
You are the assignee for the bug.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.webkit.org/pipermail/webkit-unassigned/attachments/20240409/fe41606d/attachment.htm>


More information about the webkit-unassigned mailing list