bug: cookies not being persisted

[IlCallo]

Bug Report

Capacitor Version

npx cap doctor output: @capacitor/ios not installed @capacitor/cli 1.5.2 @capacitor/core 1.5.2 @capacitor/android 2.1.0

Affected Platform(s)

• [x] Android
• [ ] iOS
• [ ] Electron
• [ ] Web

Current Behavior

Android native Cookies management persists cookies only after a given amout of time. This causes problems when an auth session cookie or remember me cookie are used and the application is destroyed shortly after the login (or any other action creating a cookie) is performed. When re-started, we won't have that cookie available.

A similar problem is present on iOS too, but haven't yet tried it out (link at the end of the issue).

Expected Behavior

Cookies shall be forcefully persisted when onPause or onStop is called, to be sure to avoid data loss in case the app is later destroyed (by the user or by the system).

Sample Code or Sample Application Repo

---

Reproduction Steps

• perform a request to a server which you know will set a cookie
• hard-close the app right after
• re-open the app
• check via chrome devtools that the cookie isn't present

Other Technical Details

yarn --version output: 1.22

node --version output: 13.x

Other Information

This article explain the problem pretty well.

https://github.com/ionic-team/capacitor/issues/2347 seems to report the same problem https://github.com/ionic-team/capacitor/issues/2831 seems to be related, but not sure

[IlCallo]

Simply adding the following to my MainActivity.java fixed the problem. Could probably be onStop instead, but I'm not sure if Android persist cookies even when the app is paused

import android.webkit.CookieManager;

public class MainActivity extends BridgeActivity {
  // ...

  @Override
  public void onPause() {
    super.onPause();

    CookieManager.getInstance().flush();
  }

  // ...
}

[laurentgoudet]

I can confirm that @IlCallo solution indeed solves the problem, but shouldn't this be achieved by Capacitor itself? Or at least be part of Android template for new projects? As the current behavior (cookie state not being immediately persisted on Android) is definitely unexpected.

[leo-petrucci]

Yep, just had this happen to me. I released another Capacitor App last year and the Android Cookies were being persisted correctly, but were reset on iOS. That was fixed somewhere server-side.

Unfortunately something must've changed with Android and now the cookies are being reset on closing the app. Adding the code in the OP seems to fix it for now.

[malte94]

Simply adding the following to my MainActivity.java fixed the problem. Could probably be onStop instead, but I'm not sure if Android persist cookies even when the app is paused

import android.webkit.CookieManager;

public class MainActivity extends BridgeActivity {
  // ...

  @Override
  public void onPause() {
    super.onPause();

    CookieManager.getInstance().flush();
  }

  // ...
}

Thank you. This should be implemented by default definitely.

[Aarbel]

@malte94 @creativiii

did you fully solved the problem on both iOS and Android ?

What do you mean by OP ? Can you give some examples ?

Thanks a lot for your help

[Aarbel]

Having the problem with Auth0 cookies, our users disconnect after 2 days on iOS and Android (seems like they are not persisted after this time)

[leo-petrucci]

@malte94 @creativiii

did you fully solved the problem on both iOS and Android ?

What do you mean by OP ? Can you give some examples ?

Thanks a lot for your help

As mentioned, I added the code posted by @IlCallo to my Android project and it fixed the issue. I haven't dared removing it since, so I have no idea if the problem is fixed or not.

[malte94]

@Aarbel

Since the user disconnects after 2 days, this does not seem to be related to having no persistency at all, like discussed here.

If you use a session cookie, set an expiration date.

  const token = jwt.sign({ id: u._id }, process.env.TOKEN,
      {
          expiresIn: '120d'
      }
  );

[AndriiSherman]

@IlCallo solution worked perfectly for me! Really don't understand, why capacitor is not handling it

[jeromebon]

We experience the same bug https://github.com/ionic-team/capacitor/issues/3012#issuecomment-636017770 solved it

[muuvmuuv]

For us it was fixed by setting a correct expires date, we always just had "session"

const expires = dayjs().add(7, "days").toDate().toUTCString()
CapacitorCookies.setCookie({ key: "identifier", value: "...", expires })

[Aarbel]

@markemer was it solved ?

[jjang16]

We were having a same issue in Capacitor 5 Android. The solution above solved it. Surprising it's 2024 and the issue is still there.

https://github.com/ionic-team/capacitor/issues/3012#issuecomment-636017770

[Aarbel]

Maybe because it's here now

[Aarbel]

@markemer will you fix this problem ?

[mariusbolik]

The team's official explanation is that Capacitor cookies should not be used because they are only intended for the web: https://forum.ionicframework.com/t/cookies-vs-preferences-what-is-more-persistent/236820/4?u=mariusbolik

[Aarbel]

@mariusbolik thanks a lot, tools like auth0 use the browser cookies for example, so how to fix the problem ?

[ionitron-bot[bot]]

Thanks for the issue! This issue is being locked to prevent comments that are not relevant to the original issue. If this is still an issue with the latest version of Capacitor, please create a new issue and ensure the template is fully filled out.