WordPress-Android icon indicating copy to clipboard operation
WordPress-Android copied to clipboard
verified publisher icon wordpress-mobile

Android 12: Security and privacy - Modern SameSite cookies in WebView

Open ashiagr opened this issue 4 years ago • 1 comments

Parent #16062

Modern SameSite cookies in WebView

  • If your app uses WebView, or if you manage a website or service that uses cookies, test flows on Android 12 WebView. If you find issues, you might need to update your cookies to support the new SameSite behaviors.

  • Watch for issues in logins and embedded content, as well as sign-in flows, purchasing, and other authentication flows where the user starts on an insecure page and transitions to a secure page.

Possible features using cookies in WebViews

  • Publicize
  • Jetpack install

ashiagr avatar Mar 08 '22 11:03 ashiagr

Tested below features on app targeting Android 12

Jetpack Install

out

Domain Purchase

domain purchase

Sharing/ Publicize

Login

2FA Login, Magic Link Login, Google SignIn

While I found everything working in my testing, pinging @ravishanker to test domain purchase on app withtargetSdkVersion = 31 who's a core contributor to the feature. Give us a 👍 if you find no issues.

Also pinging @zwarm to give a 👍 before we can close this task as it needed no changes.

ashiagr avatar Jun 24 '22 12:06 ashiagr