4

I was reading the following post on authenticating users from mobile web pages to native iOS 9 apps and was wondering how to best implement a hidden safari view controller similar to the hidden controller talked about below?

https://library.launchkit.io/how-ios-9-s-safari-view-controller-could-completely-change-your-app-s-onboarding-experience-2bcf2305137f#.r810oldla

locoboy
  • 38,002
  • 70
  • 184
  • 260
  • 2
    Check out this thread http://stackoverflow.com/questions/39019352/ios10-sfsafariviewcontroller-not-working-when-alpha-is-set-to-0/39216788?noredirect=1#comment65951382_39216788 for updates on the latest guidelines and iOS 10 regarding this behavior – oriharel Sep 04 '16 at 20:28
  • Are you really reading cookies from Safari app to inside your app? I need to read cookies from Safari app to inside my app. Is it possible? – Ganesh G Nov 18 '16 at 10:16

3 Answers3

8

Don't use this approach if you're going to distribute your app to the AppStore, because according to updated App Store Review Guidelines:

5.1.1:

(iv)SafariViewContoller must be used to visibly present information to users; the controller may not be hidden or obscured by other views or layers. Additionally, an app may not use SafariViewController to track users without their knowledge and consent.

Liubo
  • 674
  • 9
  • 18
  • As the original author of that post, I agree. It's an unfortunate but reasonable fear that someone could use a hidden safari view controller to track the user from the web to the app and back. But my making this guideline change, they've also taken away a really useful technique to make our apps work a bit more seamlessly, particularly during install. – Rizwan Sattar Nov 11 '16 at 19:45
  • there are a lot of questionable things like this that apps get away with. Are apps getting removed from the app store for this? – faceyspacey.com Nov 12 '16 at 16:22
4

This has changed in iOS 11. Going forward, every app (including Safari itself) will have a completely sandboxed data store. Official announcement here (at the 17:28 mark).

Long live the invisible SFSafariViewController. iOS 9 to iOS 10.

If you need a way to pass a guaranteed user match through from Safari to your app, you'll need to use an existing network of device matches, such as Branch.io (full disclosure: I'm on the Branch team). You can read about the techniques Branch uses instead of cookie passthrough here.

Alex Bauer
  • 13,147
  • 1
  • 27
  • 44
1

You can give the sample code here a try: https://github.com/mackuba/SafariAutoLoginTest

dzl
  • 908
  • 11
  • 32