Old.protonmail.com domain keeps kicking me out
Updated by Soren Stoutner almost 2 years ago
- File Cookies - App Level Setting.png Cookies - App Level Setting.png added
- Status changed from New to Closed
- Assignee set to Soren Stoutner
Rich, you have discovered one of the annoying limitations of Android's WebView, which is that cookies are an app level setting, not an individual WebView (tab) level setting. This is explained a bit in the Settings screen (see attached screenshot), but it would probably make sense to add some text to Guide -> Local Storage explaining it further. See https://redmine.stoutner.com/issues/789.
This means that, when you are on a tab that has cookies enabled it enables cookies for all the tabs, and when you are on a tab that has cookies disabled it disables cookies for all the tabs.
Normally this isn't a problem, unless a background tab attempts to communicate with the server.
The way Settings and Domain Settings interact with the tabs is complex. And when editing Domain Settings it gets even more complex (imagine editing the domain of a Domain Settings to add or remove a wildcard, or to be a different subdomain). Hence, every time the user exits Settings or Domain Settings every tab is reloaded (refreshed) using the combined settings and Domain Settings as calculated for each tab from the current information. However, if some tabs have cookies enabled and other tabs have cookies disabled, then the last cookie setting that is applied will be applied to the entire app. Because a refreshed is then forced, tabs that require cookies when communicating with the server will fail if another tab has disabled cookies for the entire app.
This limitation in Android's WebView will be removed in the 4.x series with the release of Privacy WebView. See https://redmine.stoutner.com/issues/409.