/fixed_webview_cookie_manager

Fixing issues in the webview_cookie_manager package

Primary LanguageDartMIT LicenseMIT

Changes in this fork

  • Pulled in pending pull requests from the original repo:
  • Use a more lenient Cookie class instead of the dart:io one, since some websites don't follow Cookie conventions and use disallowed characters like quotes. The dart Cookie class throws a format exception in that case, which would mean that we lose those cookies, which is not acceptable, since the Android & iOS WebView are fine with quotes in the cookie values. We assume Android and iOS already validated the Cookie, so we don't validate it anymore in the LaxCookie class.

Webview Cookie Manager

pub package

A flutter library to manager your web cookies for Android (API level 9+) and iOS (11+).

The cookies stores and retrieves using the httpCookieStore for iOS and CookieManager for Android.

Get started iOS

Set minimum version for iOS to 11.0

Usage

The WebCookieManager can be used directly or together with webview_flutter.

Get cookies

final cookieManager = WebviewCookieManager();

final gotCookies = await cookieManager.getCookies('https://youtube.com');
for (var item in gotCookies) {
  print(item);
}

Set a cookie

await cookieManager.setCookies([
              Cookie('cookieName', 'cookieValue')
                ..domain = 'youtube.com'
                ..expires = DateTime.now().add(Duration(days: 10))
                ..httpOnly = false
            ]);

Check is any cookie available

await cookieManager.hasCookies();

Remove a cookie

await cookieManager.removeCookie();

Clear cookies

await cookieManager.clearCookies();

Domain attribute

Domain attribute is not required according to RFC, but it is important to remember that empty domain causes undefined behavior. So it is highly reccommended to specify it this this way:

final cookie = Cookie('cookieName', 'cookieValue')..domain = 'youtube.com';

Secure attribute

If you see the error Strict Secure Cookie policy does not allow setting a secure cookie for http://your-domain.net/ for apps targeting >= R. Please either use the 'https:' scheme for this URL or omit the 'Secure' directive in the cookie value. Then you need to set the origin while setting the cookie, in that case setting the domain is not required.

final cookies = <Cookie>[];
// Add your cookie with secure flag to the array
cookieManager.setCookies(cookies, origin: 'https://your-domain.net')

Troubleshooting on iOS

  1. Set minimum target iOS version to 11 (see also #17)
  2. If you are using Objective C, check that PodFile have a flag use_frameworks (see also #4)
target 'Runner' do
  use_frameworks!
  use_modular_headers!
  ..........
end