iOS support (Safari, Chrome)

Hello @mennobouma ,

Safari is a very strict browser.
The issue doesn’t come from the plugin, but from the fact that Safari considers all cross-domain cookies as “tracking”, and blocks them by default. It is true this is the same technology Facebook and other intrusive services use, but “tracking” (which is somehow a loaded word in that context) is sometimes what the users need or want.

The only reliable way to enable cross-domain login and logout in Safari browser for now is to have the users allow it in their browser preference (Safari > Preferences > Privacy > Website tracking > untick “Prevent cross-site tracking”).

I am aware it is less than ideal. I wish there was a workaround. Looking around the web, the issue is at least 11 years old, and past workarounds have been relentlessly and quickly patched by Apple.

Moving forward, I can see something like a modal window displayed at login & logout in Safari only, in which one-time-clickable links would invite the user to take action. These links would explicitly go to the remote site in a new tab that would immediately close after setting the cookies.

There may be other solutions possible, but all of them would require explicit user interaction. More information can be found in this announcement on webkit.org.

I find these alternatives way less elegant than under-the-hood login/logout, and I still need to wrap my head around how to actually code it, in the event I go through with it.

Hello Alexandre,

Thanks for your comprehensive answer. Too bad that Safari blocks cross-site tracking by default, but i understand it with privacy in mind.

Most of the iOS users don’t untick the prevent cross-site tracking setting i’m afraid. Maybe it’s interesting to look at Google or Microsoft. I know they have an army of developers but single sign on works at their sites on Mobile Safari.

I also found some sources, maybe it’s possible that it can be implemented in the plugin:

– https://stackoverflow.com/questions/12150320/disable-same-origin-policy-in-mobile-safari/22270776#22270776
– https://gist.github.com/iansltx/18caf551baaa60b79206

• This reply was modified 4 years, 1 month ago by mennobouma.

Don’t go reveal my plans like that :p. I’ve got something in the work that should be good news for you. Stay tuned for the next version in the coming days.
P.S.: still marked as resolved because this kind of browser support is a new feature rather than a bugfix.

Haha i’m sorry :p. I think it’s good news for every user of your plugin :).

Keep up the good work Alexandre!

Version 1.2.5 is up with iOS support.

Hello Alexandre,

Thanks for your great support and fast updates! I tried it and it looks promising! I only have 5 remote sites and that makes a lot of redirects :).

I’m running into a issue where i can’t save settings of the plugin. It only happens with your plugin. Does it conflict with object cache?

Cheers,
Menno

Hi Menno,

Indeed, the more sites, the more painful the login redirects become. These browsers don’t offer much choice I’m afraid – in any case, support first, then optimize.

About the settings, I’ll take a look with the Redis plugin (many other popular ones work the same way when busting cache), but in the meantime please open a separate topic to keep the support threads organized ??