I am trying to make SSO auth in my safari-app-extension. And the only way which I found that is creating WKWebView and getting secured cookies from inside. But there are two problems. The first that this is not really SSO, because WKWebView and safari have separated cookie storage. And the second one I don't need POPOVER tollbar item action (all UI composes inside a page). Is there any way to get a seŃured cookie from the safari page? Or at least is there any way to invoke/not-to-invoke popover conditionally?
I didn't have the same problem in old safari extensions because browser cookies were shared with the background part.
Related
On one of our application page, the user can click a button to open some popup directing to a third party application.
var popupWindow=window.open(url,"popup",sParams);
Since our application and the third party application is on different domains, it returns null. We need a reference to the popup so that it can be auto closed when the user unload our application.
Also, our application is run under IE compatibility mode with Edge and the popup is in native Edge. Not sure if that's the problem or if the cross-origin is the issue.
I have also tried to create a wrapper page with an iframe that points to the third party application.
Our application is at something like: http://company.com/application/main.html and the wrapper page is at http://company.com/html/wrapper.html and that doesn't work either, window.open also returns null. I assume they are already in single-origin?
Any suggestions?
I'm trying to redirect back from bankid (swedish authentication app) on ios back to the page in safari where the user came from. The redirect is working, however the web page is reloaded on safari which causes it to lose all state.
I found this question Return to the browser page that launched an app without refreshing which gave me some help in that I can add a random #anchor to the url and the page will not reload. However when there already is an anchor in the url I can't manage to get it working.
I've tried removing the hash before opening the bankid app and adding it back in the redirect url with no success. I've also tried adding another anchor (like http://url#anchor#another-anchor) which doesn't work either since the bankid app won't redirect at all to the browser in this case.
Is there any way to get around this? Unfortunately I can't change the host url which would be the easiest solution.
Since the default browser on iOS is Safari, the URI starting with "https://" is connected to Safari. Therefor Safari is opened when the BankID app calls starts the return-url, https://www.your-site.com/returnFromBankID.
That's not a really nice user experience and what you can do is detect what browser is being used (for example Chrome) and adopt the return-URL to use the browser specific URI. If I remember correctly, the browser-specific URI for Chrome is chrome://www.bankid.com.
Lycka till Jesper!
I'm trying to find out those dialog info for Web Apps if opened in mobile browser, that has button to open by Android/IOS Apps.
Like this 1 2 3
I'm trying to figure out is this created by the Web Apps? or by the mobile apps?
And for the button to open the app link, I've been doing reserach is it called universal link?
Any info would be appreciated, I'm kinda lost in this one
Thanks
Here you have two different options. I will explain the options and how to handle them in the app.
The first option is 'Smart App Banners' which was introduced in iOS 7. This uses meta tags to tell the browser, which app is linked to the website.
The second option is using 'universal links'. This will redirect to the specific without letting the user interact with such a banner. In some cases, this is preferable but differs on a case-to-case base.
With both of the above solutions, you will have the option to redirect to a specific section in the app.
Short:
I need help in SSO in Safari, I'm using iFrame and postMessage logic which is working fine in Chrome and Firefox (PC, Mac, Android and iOS) but the catch is in Safari. I tried Storage Access APIs and placed those in iFrame's onLoading event to check access. But the localStorage which I was used to store JWT is not persistent in the iFrame. I'm using Angular 11.
Scenario:
I'm developing few applications which uses same auth site for sso, which was working as expected as I said in short description. But when it comes to Intelligent Tracking Prevention enabled browsers as of now Safari, It blocks the iFrame by considering it as 3rd Party Trackers which is very insane since the iFrame's origin (Domain) is same with Sub-domain used in service sites.
I tried to check the access by using storage access API i.e hasStorageAccess() in window onLoad method in the iFrame's script. If has no access, I called requestStorageAccess(). I'm here not using user gesture and using button click from service site because I'm using angular for frontend framework but in order to request using button in iFrame.(Since, The policy specifies to get access works only after user interaction which is another headache for devs)
I need help to overcome this issue and fix the SSO with ITP. Any guidance is useful and I'll keep updated.
Google is working fine with their sso and services such as YouTube and Mail doesn't need login on every visit. Any idea on how they achieved.
The reason could be that Safari has the option "Prevent cross-site tracking" enabled by default and that can interfere with the SSO login and display of an embedded iframe (because it blocks some cookies).
Solution
Disable (uncheck) the option for "Prevent cross-site tracking" in the Safari configuration menu.
Tip: To achieve a better user experience, using Javascript you can detect when a user is using Safari and show him an HTML message explaining that he needs to disable that option in order to continue or use another browser like Chrome or Firefox.
My web app extends a Google Form's functionality by loading it as an iframe, and doing other stuff outside the iframe. If the Google Form requires authentication, Google makes a "Sign In" box appears within the iframe. When a user clicks on the button, a new tab opens, and the user is re-directed to the form in the new tab.
If a user navigates away from my web app, the extra functionality will obviously not work. So, what I am looking for is: to have an authenticated Google Form load as an iframe within my web app.
I can make the user first sign in via Google Sign-In (OAuth) on my web app and then load the iframe. On Chrome and Firefox, the iframe automatically starts with a logged-in session. This is great! But, this solution doesn't work on Safari. Is this related to Safari blocking third-party cookies?
If I want this functionality to work within Safari (and other such browsers), how would I go about doing it? Will I have to use the Storage Access API? If yes, can you broadly tell me how to do it?
For now, I could just ask users to download Firefox/Chrome if they want to use my web app. Most of my users are Chrome users anyway. But, is implementing these privacy measures a part of other browsers' roadmap too? If yes, I may as well try and build a solution that will work in a year or two.
I expect so.
This needs to happen in the iFrame, so Google rather than you need to implement it.
Yes, but not until 2022, so I would hope Google forms will support this by then.