If associated domains are enabled on iOS, allow NSHTTPCookieStorage to get/set domain cookies
| Originator: | rsattar | ||
| Number: | rdar://21795731 | Date Originated: | 13-Jul-2015 10:42 AM |
| Status: | Open | Resolved: | |
| Product: | iOS | Product Version: | 9.0 |
| Classification: | Enhancement | Reproducible: | Not Applicable |
Summary: When a user goes from an app’s webpage to installing the app for the first time, it is very useful to be able to seamlessly transition their experience over to the app. The user experience for this can be much more magical if the iOS app could access (and even set) HTTP cookies from/on its associated domains. I want a NSHTTPCookieStorage to have: - (NSHTTPCookieStorage *) cookieStorageForDomain:(NSString *)domain; Steps to Reproduce: 1) On your iPhone/iPad, sign up for or log in to a new service on a website (say Tumblr, Pinterest, Amazon, Slack), 2) Now install the related app and run it. Expected Results: I should be able to see a “Continue as [your name]” button, or perhaps just be magically authenticated / in the same place I left off Actual Results: I’m presented with a login or signup screen in the iOS app, even though I’m signed in to the same service in Safari. Notes: Smart App Banners could help here, but it happens too late; the user would have to go *back* to the web page and tap “Open” to try and continue their experience. Shared Web Credentials obviously can solve the authentication part, but it requires the user to actually signup/login, and for them to agree to save their credentials. What if the user did some stuff on the webpage, then decided to get the app, but hadn’t actually signed up or logged in? Often, when a new user is invited to a service, they receive a link to their email or SMS that takes them to the associated app domain, but with some magic ID in the url (that sets some cookie) that identifies who they are to the webpage, so that the webpage can tailor the new user experience to just that person. It would be amazing to be able to take advantage of that from our iOS app. It is possible to use Safari View Controller in a “hidden” way with a custom URL that performs a redirect back to our app with our cookies packaged into the URL, but I suspect Apple would not be too happy with all of us using hidden Safari View Controllers to achieve this. Since we have already *safely* associated our domains to our iOS app(s), it should be possible to at least peek at the cookies stored for that domain!
Comments
Please note: Reports posted here will not necessarily be seen by Apple. All problems should be submitted at bugreport.apple.com before they are posted here. Please only post information for Radars that you have filed yourself, and please do not include Apple confidential information in your posts. Thank you!