Clearing Cookies for WKWebView on iOS 8.4

Asked 28/6, 2016 at 16:36 Answered 7/7, 2016 at 8:3

ios cookies uiwebview wkwebview nsmutableurlrequest

I'm building an app that uses Single Sign On for users to log in. After the user enters a successful ID and password, the web side of things returns headers which I grab and store in my app. The WKWebView also sets a cookie that the user successfully logged in. This is what I want to avoid or undo.

The undesired behavior that I'm seeing is that if I log in a user, everything goes well, and then I log them out and go to log back in again, the WKWebView thinks the user is still logged in and takes them to an undesired URL.

In iOS 9, mitigating this is fairly simple:

let config = WKWebViewConfiguration()
config.websiteDataStore = WKWebsiteDataStore.nonPersistentDataStore()

let webView = WKWebView(frame: .zero, configuration: config)

However in iOS 8.4, making making sure the cookies are clear each time the user goes in to load the Single Sign On URL is more complicated.

I've tried approaches where I loop through cookies in NSHTTPCookieStorage.sharedHTTPCookieStorage() and remove them. Unfortunately, the cookie count is 0.

I've also tried removing the /Cookies directory in NSFileManager.defaultManager(). This also does not work.

One thing that kind of worked was doing the following. Although this approach didn't allow me to get the headers because a redirect after login needed to happen and this interfered (in iOS 9+ and 8.4)

req = NSMutableURLRequest(URL: url)
req?.HTTPShouldHandleCookies = false
let webView = WKWebView()
webView.loadRequest(req ?? NSURLRequest(URL: url))

I'd prefer to clear cookies in the deinit of my view that holds my WKWebView if that's a possible solution here.

Selig answered 28/6, 2016 at 16:36 Comment(1)

Please check my answer for similar question below: #38481367 – Merth 9/8, 2016 at 15:21

This might be a longshot, but what about overriding the cookie accept policy to reject all cookies at the time of sign in?

NSHTTPCookieStorage.sharedHTTPCookieStorage().cookieAcceptPolicy = .Never

Another idea would be to manually mange the cookies with a custom WKProcessPool subclass (which is not really documented). I believe that's how Firefox manages any cookie issues.

Ianteen answered 30/6, 2016 at 18:51 Comment(2)

@ZackShapiro sorry, I'll keep thinking of potential solutions. – Ianteen 1/7, 2016 at 15:53

Thanks JAL. I appreciate it. Tough part is, the req = NSMutableURLRequest(URL: url); req?.HTTPShouldHandleCookies = false method worked as far as clearing the cookies up front but at the end when the redirect happens, headers are returns and cookies are set, all of that was prevented by this approach. I'd love it if I could just let the process happen and then clear cookies before the next one begins – Selig 1/7, 2016 at 15:54

Even if you mention it, is this the approach you've already tried in your deinit?

let storage = NSHTTPCookieStorage.sharedHTTPCookieStorage()
        for cookie in storage.cookies! {
            storage.deleteCookie(cookie)
        }

Mechanist answered 7/7, 2016 at 8:3 Comment(1)

I did try that approach, yes – Selig 7/7, 2016 at 15:2

Recommended topics

Hot tags