I'm trying to diplay a webpage on a Win8.1 webview. This webpage authenticates the user with a SAP login process. If I run this on a browser, the redirect works succesfully. However, when I try to do it on the webview, it doesn't redirect to the application's main page. I tried using Fiddler to catch the requests being made by the webview, and the funny thing is that, when I have fiddler running, the webview works and it takes me to the main page. I thought it had something to do with the fact that it is calling another domain when it does the authentication. So I tried adding the list of Content URIs but the problem is that the web server is using http.
I also tried using an iFrame with a win8 app but I'm still not able to get to the main page.
Anybody had a similar issue?
Related
This issue only seems to be affecting Firefox, and then only some users (with no obvious version/security setting differences). We are getting session loss in our Laravel app.
We have a payment integration that uses the iframe Opayo server integration. This opens up the payment form in an iframe in the Laravel app. Payment details are provided, and the payment is successful - including hitting an Opayo webhook to confirm the transaction.
The webhook returns a redirect URL, that Opayo uses to redirect the user (in the iframe naturally). This redirect URL is simply a URL on the same site as the app (i.e. the iframe parent).
At the point that the iframe loads the redirect URL, the site session is immediately killed. Originally, the page at the URL broke out of the iframe (set window.top.location), and also did some ajax calls - I removed both these actions, to confirm they weren't somehow responsible for the session getting nuked.
The site is served over HTTPS with a valid certificate. A session cookie is set to secure, HTTP only, and the same site is 'lax'
What could be causing this behavior?
This is because the iframe is not exactly your page running on your system. So, if the iframe is not on your system, it will not have access to the cookies that are in your application.
If the iframe is from your application, I advise you to use query params in the url of the iframe to pass such necessary information within the iframe. Something like:
<iframe src="https://www.foo.bar?value=1&value_2=2"></iframe>
I'm developing an app in shopify app market
As you know, shopify apps work in iframe. I've no problem in session when i directly use the app in browser without iframe.
The issue is only within iframe.
I'll process oauth for shopify and redirect it to my app url inside the iframe. I'll set required session data if oauth is successfull.
But as soon as the page is redirected to the dashboard page after setting session. The dashboard page doesn't have the session data which i set earlier
In oauth success block, i used this to set session data
$this->session->set_userdata('variable', array('uid' => 15));
In dashboard page, i used this to get session data
print_r($this->session->userdata('variable'));
But here i receive empty nothing else.
I tried many solutions in the web regarding this issue
But their issue is with or without iframe.
I tried lots of solutions, but nothing worked for me
Fyi, CI Version is 3.1.11
PHP Version is 7.1.9 and also tested with 7.4.21
I tried
ini_set('session.id', $params['cookie_name']);
and manually commenting our session_start() and other lines in Session.php files and other stuff
Nothing is fixed this issue
Any help would be greatly appreciated
I am starting to build an app that authenticates to a third party web service, and I'm having problems getting the authentication working. The login page is displayed correctly, but once the user logs in an error message is displayed: "The URL can't be shown".
I'm working on the iOS version of my app first, so I've only tested this on iOS so far using the Simulator. I initially thought that I wasn't registering the URL scheme for the redirect URL correctly, but if I put a breakpoint in AppDelegate.OpenURL(), and enter a URL with my URL scheme in Safari my app is launched.
Handling the OAuth2Authenticator.Error event didn't give any more information beyond the same error message.
This is my first time working with Xamarin Forms and Xamarin Auth, so I'm not sure what else to do in order to debug the problem. What else can I do in order to figure out the root cause of this error?
Turns out this was due to user error.
The redirect URL I was using didn't match the redirect URL I registered with the web service. Once I made them the same, the redirect URL worked as expected.
I am trying to login to instagram and approve my app within my OS X app by opening a web view within my OS X app. I've tried both deleting all cookies and using private browsing independently from each other. I don't intercept requests/responses. First, when I try to open auth URL, I get the following (and correct) page both in my app and in Safari:
However, when I enter my username and password, if Safari, my Instagram account opens, redirects to the app correctly e.g. it logs in. When I enter my (obviously, the same) credentials in my app and click Log in, I'm transferred back to the same screen in a redirect loop of about 10 times:
https://instagram.com/accounts/login/?force_classic_login=&next=/oauth/authorize/%3Fclient_id%3DMY_CLIENT_ID_REMOVED_FOR_SECURITY%26redirect_uri%3Dhttp%3A//my.redirect.url.removed.for.security%26response_type%3Dcode
If I try to visit that URL in Safari, I get to the login screen (if not logged in), and I get redirected to the correct URL afterwards.
I've tried entering invalid credentials, I'm getting a different error, so it's not an incorrect username/password issue:
It appears like a cookies/redirection issue. I've removed all delegates just in case they are intercepting with the login mechanism, but no avail.
Why can't I login to Instagram on Cocoa web view while I perfectly can in Safari? I'm on the latest OS X 10.11.1 and Safari 9.0.1.
It was apparently a bug with Instagram's own cookies, which required a cookie storage reset inside the app's cookie container, which I forgot to clear (I cleared Safari's, but it's different from the app's container).
I've added an option to clear cookies on app startup:
NSHTTPCookieStorage *jar = [NSHTTPCookieStorage sharedHTTPCookieStorage];
NSArray *cookies = jar.cookies;
for (NSHTTPCookie *cookie in cookies) {
[jar deleteCookie:cookie];
}
I've invoked this code and the problem went away.
I am struggling with something and I am not sure if this is possible or not with the current WP7 API. Basically my WP7 App uses WebRequest class to issue web requests to log into a third party website using username and password credentials of the user. I store session state/cookie information in a CookieContainer object so that I can make further requests for data from the web site and this all works fine, pretty standard scenario so far.
But what I would like to do now is offer a link to take the user to the secure area of web site without needing the user to log in again when accessing the site from the phones browser. If I simply call a webbrowsertask it takes me to the website but the browser has no knowledge of the cookies I stored in my app so the web site redirects the user to the log in page. What I need/want to be able to do is provide the CookieContainer object I have stored from my app requests through to the webbrowsertask so that I can go straight to the page I want.
WebBrowserTask webBrowserTask = new WebBrowserTask();
webBrowserTask.URL = "https://www.xxx.com/loginarea";
webBrowserTask.Show();
Any suggestions/thoughts on how I can do this?
Thanks.
I don't think you can get the cookies to the main IE web browser
However, if you were prepared to host the browser control inside your app, then you should be able to inject the cookie values using javascript.