[Webkit-unassigned] [Bug 272325] REGRESSION (iOS 17.x): Session cookies being reset randomly in a Home Screen web app

bugzilla-daemon at webkit.org bugzilla-daemon at webkit.org
Tue Apr 9 09:12:07 PDT 2024


--- Comment #7 from Ricardo Cristino <ricardo.cristino at outsystems.com> ---
(In reply to Alexey Proskuryakov from comment #6)
> Thank you! I cannot reproduce this on an iPhone with iOS 17.5 beta. Not
> getting any 403 alerts, and only saw the "Login with Username" screen once,
> after installing the app. I did force quit it a number of times.
> However, I did get to the "Login with Username" screen again, after
> rebooting the device. Which suggests that some state may be kept in memory
> even over force-quitting? And perhaps that process gets terminated in your
> case for some reason.
> I do not know much about how WebApp works architecturally, but I'll look for
> someone who would have insight.

Hi Alexey,

Thank you for following up.

I could see your attempts on my back-office audits. Indeed, the error did not happen. It is usually difficult even for me to replicate it for the first time but, once it starts happening, it's very easy to get the 403.

I would like to add that the people who have been able to replicate the error in this particular app were located in the European Union. Just in case there is any difference in the underlying technology used by our devices.

And also, there is a logout link inside the Settings tab. You can force the logout from your app when you are not losing the session. You can click it a few times to see if you can initiate the reported behavior. After a few attempts, you can close the app without logging out and the session is lost anyways.


You are receiving this mail because:
You are the assignee for the bug.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.webkit.org/pipermail/webkit-unassigned/attachments/20240409/8d82a5e5/attachment.htm>

More information about the webkit-unassigned mailing list