BlackBerry Dynamics SDK: Specific Cookies Set in the HTTP & XMLHTTP Response via the "Set-Cookie" header are not being set in the WebView

Question

After upgrading to BlackBerry Dynamics SDK (v10.1) and later, some specific cookies are not being set.

Note: We are using the native WKWebView and hitting our server which tries to set the following cookies.

Issue #1: A specific HTTP cookie is not being set in the WebView automatically.

The following cookie is received in a response from the server:

1f6cf18f-2410-4756-8f7c-f2c18d2877ae=%7B%22state-version%22%3A%221%22%2C%22state-data%22%3A%22baV9DYCXeC01d295qcJX%2F3TjgXLgT4DQdQkkuhYnBBWkWsICTfElQxlmCrHBDI%2BK3kK7NlHFhmvv0xEd4NNGl4b7C7NMoMTLy2bikETGx7N2Izj4hvBUTSulI2riBHS0KP7Yn987Zu76ay%2FkeU7KBRAYORcSMV6KURNXYnvWOQ%2Bblvv4aNKD%2F9hINd2KYMlqqVv%2FL%2FhEirllZaPVLE4gV%2B%2BFpx%2FBWNmJbyAXDhFbszCRaxXh0hnVhMY6sCpBtI%2FiqvrNnGADTO0PTthrVXKe16%2B0JIjHVKUf7djyGlpwsR4Sjvbj3V8TUp0FuKJ9d4ruU9rrKc1syDCdwD3Sy3o%2Fmr2DoCE0AEawxOBleDctnJa9xejhSukg76EUQfXB6Lz3nSHEtkq2cTKf7n737mNPMzJRxBnfoykR%2FEk6gJ0%2Bf0wjsK%2F0FnzmgHD77hyR%2BMmipCo9zuBbuphIZ9CEDWQ5O458QV2KIoj%2FVKw%2FwBlTn2sm4ha%2BnBYT6SGkF18RZE3jAJtiBtjckl3mCFZ3z8JLi2p5rlewBDbJuyjB1Rn2hM6sDdHxa%2BhyVg0e2qpO12akwAHZa%2FdCE7mB9yptdtd86gjSbyfzGVKe5XviinQeYa8%3D%22%7D; Path=/path/of/the/cookie; Secure; HttpOnly; SameSite=None

1. We have noticed only this specific cookie is not being set, while other HTTP Cookies are being set.
2. If we intercept the Response in the WKWebView using [WKNavigationDelegate webView:decidePolicyForNavigationResponse:decisionHandler:] and then set the cookie using [WKHTTPCookieStore setCookie] it seems to work.

Issue #2: Cookies set in the XMLHTTPResponse is not being set.

1. Cookies received in the XMLHTTPResponses in the 'Set-Cookie' header are not being set.
2. If we intercept the Response by injecting a ajax interceptor script in the WKWebView using [WKUserContentController addUserScript] and then set the cookie using [WKHTTPCookieStore setCookie] it seems to work.

Answer 1

Based on our SDK team's response, the sdk doesn't support processing cookies which has different path than the response. If a response comes from /path1 and contains cookie with /path2, then such cookies will not be applied.

Assuming that is your case - The main response has different path than is specified in cookie. For example, response from Ajax comes from www.google.com/another_path however cookies specify Path=/path/of/the/cookie;

Suggested Workaround: You can try changing the path in cookies to "path=/;". Alternatively, try sending request to www.google.com/path/of/the/cookie and if your server still returns such cookie in response, then Path=/path/of/the/cookie; should be applied.

Hope that helps.