Does pinning a webpage to homescreen clear cookies? - javascript

I have a sveltekit webapp using pocketbase that stores the authentication in cookies. If I use the browser on android normally, opening page and going to the vercel deployed page the authentication cookie works normally. If i close browser, clear tabs and everything if i come back it still automatically logs in. So far so good.
However when I pin my application with "add to desktop" the cookies disappear and I need to login again every time I open the application through the desktop shortcut ?
What am I missing? How can I better debug this issue?

Related

Auth0 silent auth not working on mobile, works fine elsewhere

Pretty stuck with this one. I'm using Auth0's SPA-JS SDK and it works perfectly for the most part, but on mobile when I refresh the page it logs me out.
I get the error that says "login required", but no such error when on the desktop. On the desktop, I can refresh the page as much as I want with no issue.
I am not using the dev keys anymore for my social signups, and the issue occurs on email signup as well, so I don't think dev keys are the issue either.
Thanks.
Are you using the mobile browser (eg Chrome / Safari)?
Or a mobile webview?
The latter case will always give you a private browser session where cookies and session storage are both aggressively dropped.
If you're not using the mobile browser then the other scenarios require more work. Logins via some form of the system browser work best.
Also are you using local storage of OAuth 2.0 tokens?
- if so try switching to session storage - could be related to cookies dropped due to a missing user gesture - eg Intelligent Tracking Protection

Why does Azure DevOps stay logged in when opened in Incognito

Today I noticed that our company's on-premise Azure DevOps server displayed this odd behavior. When I opened the DevOps web dashboard (through our internal domain) in Google Chrome's incognito mode, it showed me being logged in, even though I made sure I hadn't logged into the website through incognito beforehand. I then tried manually deleting the cache, cookies, session data and everything else I could find and it still kept me logged in. This behavior doesn't occur when tested with Firefox's Private Browsing mode.
When logging out of DevOps the "right" way (e.g. by clicking the Log Out button), you get a message saying: You must close your browser to complete the sign out process. which might have something to do with this whole thing. If you don't close your browser and go back to the DevOps web dashboard, you just stay logged in.
My question is if anyone knows where the session data for the Azure DevOps web dashboard is stored and how they managed to implement the logging-in system this way?
Solved it by watching the network traffic in Chrome. It sends a NT LAN request which is apparently a Microsoft proprietary authentication method. That's why deleting session files or using Incognito does nothing.

Chrome opens PWA automatically when opening the site

I have a web application that can be installed as PWA. Once installed the problem appears on Android devices with Chrome.
If a user is logged out the application will redirect to an authentication service that is hosted on a separate server. Once a user has logged in the application redirect him to main page of app. PWA is opened automatically at this point. I don't want this.
Does anybody know a way to prevent automatically opening PWA when a user open a site in browser?
It was noticed on Android 8.0 with Google Chrome 74.0.3729.157.
Also if an authentication page is rendered inside iframe PWA is not opened automatically.
Finally I get it.
PWA is installed as WebAPK so Android open my application automatically when an auth server returns redirect to my application https://developers.google.com/web/fundamentals/integration/webapks.
A way exists to prevent that by defining a scope parameter in manifest.json. But it is not my case because all my application is in the root.
Finally I use iframe to render an auth page instead of redirection to auth service directly.

Notification from web app (Android)

I'm developing a web app that shows a counter, and when the counter comes down to 0 I want to notify the user(The counter is on a server, so there won't be a problem with reloading the page).
If the user is on a computer, I'm using a popup for the notification, but if the user is on an Android device, I would like the notification to be shown even if the browser isn't open.(I'm using AngularJS if that would be any help)
Is there a way to do this? I rather not build a special Android app.
Thanks.
//G
I'm afraid no, there is no way to do that. When any android application is not active is... not active, frozen. The browser is not a service, so as far as I know it won't process anything while in background. Even it's possible the OS close the browser if it needs more memory than is available.

facebook localhost development problem - works occasionally

I am trying to integrate facebook login in my application and the development is on localhost...
problem is I get the login button sometimes when I open the site.
Most of the cases, I have to refresh the page again and again and still it does not appear.
Well the internet is up and running..
It works fine whenever the login button appears...

Categories

Resources