Ionic 6 angular capacitor set cookies on ios

Question

i have a ionic 6 app with angular and i'm using external APIs to login user and retrieve some data.

When the user authenticates, the server responds with a Set-cookie header; everything works fine both on browser and android application.

On iOS looks like the set-cookie header received in the response is doing nothing.

I'm trying also to use cordova-plugin-wkwebview-inject-cookie on my app.component.ts:

this.platform.ready().then(() => {
  if (this.platform.is('ios')) {
    wkWebView.injectCookie(environment.config.baseUrl, '/');
  }
});

but the cookie is not stored, so every next request get 401 response:

Answer 1

After a lot searching about this problem, I found this thread in capacitor github issues;

Long story short: It's not an problem or issue, actually it's a security decision take by Apple, like Thomas Vidas said in the same thread here:

It's several things, the main one being it was a deliberate change from Apple on iOS 14 and up called "Intelligent Tracking Prevention" (ITP) which disables all cookies on domains not listed as an App Bound Domain. It's not due to the capacitor:// protocol. ITP made it so document.cookie calls were intended to silently fail to prevent user tracking. If your server.hostname and App Bound domains are set up properly, it may work but could have other unintended consequences (such as Apple potentially rejecting your app) so we don't recommend it.

So, I recommend you to read the entire thread to get some insights, because it's a think that capacitor team doesn't have a solution.

I hope it will help you!