Is it possible to set a cookie manually using sharedHTTPCookieStorage for a UIWebView?

74
votes

I have webviews inside of an iOS application that require an authentication cookie to be properly authenticated. I'm looking for a way to set a cookie inside of an iOS application's webview without having to make an outbound request to set the cookie as I have auth information on the client already.

This post shows us where the UIWebView cookies are stored.

Right now I'm loading a hidden web view to make an outbound request but would prefer not to have to make an external request for setting a simple cookie.

4
objective-ciosuiwebview

4 Answers

139
votes

Yes, you can do this. First, in applicationDidBecomeActive add this line

[[NSHTTPCookieStorage sharedHTTPCookieStorage] setCookieAcceptPolicy:NSHTTPCookieAcceptPolicyAlways];

The cookieAcceptPolicy is shared across apps and can be changed without your knowledge, so you want to be sure you have the accept policy you need every time your app is running.

Then, to set the cookie:

NSMutableDictionary *cookieProperties = [NSMutableDictionary dictionary];
[cookieProperties setObject:@"testCookie" forKey:NSHTTPCookieName];
[cookieProperties setObject:@"someValue123456" forKey:NSHTTPCookieValue];
[cookieProperties setObject:@"www.example.com" forKey:NSHTTPCookieDomain];
[cookieProperties setObject:@"www.example.com" forKey:NSHTTPCookieOriginURL];
[cookieProperties setObject:@"/" forKey:NSHTTPCookiePath];
[cookieProperties setObject:@"0" forKey:NSHTTPCookieVersion];

// set expiration to one month from now or any NSDate of your choosing
// this makes the cookie sessionless and it will persist across web sessions and app launches
/// if you want the cookie to be destroyed when your app exits, don't set this
[cookieProperties setObject:[[NSDate date] dateByAddingTimeInterval:2629743] forKey:NSHTTPCookieExpires];

NSHTTPCookie *cookie = [NSHTTPCookie cookieWithProperties:cookieProperties];
[[NSHTTPCookieStorage sharedHTTPCookieStorage] setCookie:cookie];

This cookie has the name testCookie and value someValue123456 and will be sent with any http request to www.example.com.

For one big caveat to setting cookies, please see my question here!

NSHTTPCookieStorage state not saved on app exit. Any definitive knowledge/documentation out there?

14
votes

Edit: adapting for edited question

NSHTTPCookieStorage has a -setCookies:forURL:mainDocumentURL: method, so the easy thing to do is use NSURLConnection and implement -connection:didReceiveResponse:, extracting cookies and stuffing them into the cookie jar:

- ( void )connection: (NSURLConnection *)connection
          didReceiveResponse: (NSURLResponse *)response
{
    NSHTTPURLResponse        *httpResponse = (NSHTTPURLResponse *)response;
    NSArray                  *cookies;

    cookies = [ NSHTTPCookie cookiesWithResponseHeaderFields:
                             [ httpResponse allHeaderFields ]];
    [[ NSHTTPCookieStorage sharedHTTPCookieStorage ]
            setCookies: cookies forURL: self.url mainDocumentURL: nil ];
}

(You can also simply extract an NSDictionary object from the NSHTTPCookie with properties, and then write the dictionary to the disk. Reading it back in is as easy as using NSDictionary's -dictionaryWithContentsOfFile: and then creating the cookie with -initWithProperties:.)

Then you can pull the cookie back out of the storage when you need it:

- ( void )reloadWebview: (id)sender
{
    NSArray                 *cookies;
    NSDictionary            *cookieHeaders;
    NSMutableURLRequest     *request;

    cookies = [[ NSHTTPCookieStorage sharedHTTPCookieStorage ]
                cookiesForURL: self.url ];
    if ( !cookies ) {
        /* kick off new NSURLConnection to retrieve new auth cookie */
        return;
    }

    cookieHeaders = [ NSHTTPCookie requestHeaderFieldsWithCookies: cookies ];
    request = [[ NSMutableURLRequest alloc ] initWithURL: self.url ];
    [ request setValue: [ cookieHeaders objectForKey: @"Cookie" ]
              forHTTPHeaderField: @"Cookie" ];

    [ self.webView loadRequest: request ];
    [ request release ];
}
8
votes

In Swift 3 all of the keys are wrapped in the HTTPCookiePropertyKey struct:

let cookieProperties: [HTTPCookiePropertyKey : Any] = [.name : "name",
                                                       .value : "value",
                                                       .domain : "www.example.com",
                                                       .originURL : "www.example.com",
                                                       .path : "/",
                                                       .version : "0",
                                                       .expires : Date().addingTimeInterval(2629743)
                                                      ]

if let cookie = HTTPCookie(properties: cookieProperties) {
    HTTPCookieStorage.shared.setCookie(cookie)
}
1
votes

There is need to work around the limitations on cookies introduced by iOS 10, which makes them invisible to different processes.

This means that on devices with multiprocessing capability, webviews are a distinct process then your app, which means your "app" session is not transmitted automatically to the webview anymore.

So in essense, you will need to do it (even is previous posters where right, it was working automatically before iOS10).