16

I have been building an android app using Ionic. At this point, I am under the impression that Cordova applications do not save or send the cookies that are served from a REST API server. If I run the application with the 'ionic serve' command I can see that my session and CSRF cookies are sent with my AJAX requests. However, when I run the code with the 'ionic emulate' command it does not appear that either are sent to my server.

I have seen some articles and threads that talk about using the setAcceptThirdPartyCookies() method in the class that extends CordovaActivity, but that hasn't worked for me.

I have tried using $httpProvider.defaults.withCredentials = true in my angular module config to no avail.

I have tried using ngCookies, but that doesn't appear to get a handle on the cookies from my API server either.

I just want to know once and for all if using cookies in a Cordova application is possible or not. If it isn't I will go with a token based approach. It would be nice to be able to use the same security configuration for the mobile app and web app though.

chriaass
  • 305
  • 1
  • 3
  • 7
  • http://stackoverflow.com/questions/15349237/handling-cookies-in-phonegap-cordova This has already been posted before. – Whitebear Jun 30 '15 at 15:14

2 Answers2

17

You can't use cookies, you should use localStorage

Browsers provide a convenient module for storing data in a simple key <-> value fashion called localStorage. This is an object on window that we can get and set String values easily

See this for details

Matteo Basso
  • 2,694
  • 2
  • 14
  • 21
  • Thank you! You are suggesting to use local storage to store tokens for OAuth, OpenID, etc right? – chriaass Jun 30 '15 at 15:11
  • Yes, you can do it. Consider that localStorage has security problems as cookies or sessions, see [this](http://stackoverflow.com/questions/10835197/security-sessions-default-use-cookie-vs-local-storage). Protect you against XSS attack – Matteo Basso Jun 30 '15 at 15:20
4

No, you can't. I have also tried to use cookies in one of my applications, but it didn't work because the cookies are disabled in the new version of Android. I solved this problem by using the HTML5 localStorage API.

Stanimir Dimitrov
  • 1,872
  • 2
  • 20
  • 25