Two way sync for cookies between HttpURLConnection (java.net.CookieManager) and WebView (android.webkit.CookieManager)
I've implemented my own idea. It's actually pretty cool. I've created my own implementation of java.net.CookieManager
which forwards all requests to the WebViews' webkit android.webkit.CookieManager
. This means no sync is required and HttpURLConnection uses the same cookie storage as the WebViews.
Class WebkitCookieManagerProxy:
import java.io.IOException;
import java.net.CookieManager;
import java.net.CookiePolicy;
import java.net.CookieStore;
import java.net.URI;
import java.util.Arrays;
import java.util.List;
import java.util.Map;
public class WebkitCookieManagerProxy extends CookieManager
{
private android.webkit.CookieManager webkitCookieManager;
public WebkitCookieManagerProxy()
{
this(null, null);
}
public WebkitCookieManagerProxy(CookieStore store, CookiePolicy cookiePolicy)
{
super(null, cookiePolicy);
this.webkitCookieManager = android.webkit.CookieManager.getInstance();
}
@Override
public void put(URI uri, Map<String, List<String>> responseHeaders) throws IOException
{
// make sure our args are valid
if ((uri == null) || (responseHeaders == null)) return;
// save our url once
String url = uri.toString();
// go over the headers
for (String headerKey : responseHeaders.keySet())
{
// ignore headers which aren't cookie related
if ((headerKey == null) || !(headerKey.equalsIgnoreCase("Set-Cookie2") || headerKey.equalsIgnoreCase("Set-Cookie"))) continue;
// process each of the headers
for (String headerValue : responseHeaders.get(headerKey))
{
this.webkitCookieManager.setCookie(url, headerValue);
}
}
}
@Override
public Map<String, List<String>> get(URI uri, Map<String, List<String>> requestHeaders) throws IOException
{
// make sure our args are valid
if ((uri == null) || (requestHeaders == null)) throw new IllegalArgumentException("Argument is null");
// save our url once
String url = uri.toString();
// prepare our response
Map<String, List<String>> res = new java.util.HashMap<String, List<String>>();
// get the cookie
String cookie = this.webkitCookieManager.getCookie(url);
// return it
if (cookie != null) res.put("Cookie", Arrays.asList(cookie));
return res;
}
@Override
public CookieStore getCookieStore()
{
// we don't want anyone to work with this cookie store directly
throw new UnsupportedOperationException();
}
}
And use it by doing this on your application initialization:
android.webkit.CookieSyncManager.createInstance(appContext);
// unrelated, just make sure cookies are generally allowed
android.webkit.CookieManager.getInstance().setAcceptCookie(true);
// magic starts here
WebkitCookieManagerProxy coreCookieManager = new WebkitCookieManagerProxy(null, java.net.CookiePolicy.ACCEPT_ALL);
java.net.CookieHandler.setDefault(coreCookieManager);
Testing
My initial testing show this is working well. I see cookies shared between the WebViews and HttpURLConnection. I hope I'll not run into any issues. If you try this out and discover any problem, please comment.
![talkol](https://i.stack.imgur.com/v9o7p.jpg?s=256&g=1)
talkol
Updated on June 03, 2022Comments
-
talkol about 2 years
Unfortunately, there's a multitude of cookie managers for Android. The cookies for
HttpURLConnection
are maintained byjava.net.CookieManager
and the cookies forWebView
are maintained byandroid.webkit.CookieManager
. These cookie repositories are separate and require manual synchronization.My app uses both
HttpURLConnections
and showsWebViews
(it's a native-HTML hybrid). Naturally, I want both to share all cookies - so I will have a transparent session all across.More Specifically:
- When a cookie is set/changed in an HttpURLConnection, I want the WebViews to see this change as well.
- When a cookie is set/changed in a WebView, I want the next HttpURLConnections to see this change as well.
Simply put - I'm looking for a two-way sync. Or even better, to have them both use the same cookie repository. You can assume both are active in the same time (like on different tabs).
Questions:
Is there a way to make both use the same cookie repository?
If not, what is the recommended practice to do the manual sync? When exactly should I sync and how?
Related Question: This question tackles a similar issue, but only implements one-way sync (HttpURLConnection -> WebView).
My Best Idea So Far: I really want to avoid a manual sync, so I tried to think how to make both use the same repository. Maybe I can create my own core handler which extends
java.net.CookieManager
. I will set it as the core cookie handler usingjava.net.CookieHandler.setDefault()
. Its implementation will be a proxy to theandroid.webkit.CookieManager
handler instance (for every function I'll simply access the webkit manager). -
thepenguin77 over 10 yearsThis method also allowed me to get around some issues with the java.net.CookieManager. A website was settings cookies with a slightly modified domain and the .net CookieManager wasn't cooperating. This solution fixed that.
-
ohcibi over 10 yearsYou are passing the
CookiePolicy
as parameter to the overwritten constructor. Did you actually find a way to make androidsCookieManager
use that policy or don't you care about the policy so far? -
Aivan Monceller almost 10 yearshow about persisting the CookieStore when the android app closes?
-
coding_idiot almost 10 yearsdoes it persist cookies and reload on app start ? If not then, how can we implement it ?
-
ZealDeveloper over 9 yearsWorks with Retrofit.. thnxx !!
-
garnet about 9 yearsIf the server tries to delete cookies with expires as a date in the past, then this solution will not succeed in deleting the cookie. This is clearly mentioned in the javadoc [link](developer.android.com/reference/android/webkit/…, java.lang.String))) "The cookie being set will be ignored if it is expired." I also verified the same in Android 4.2.1 device.
-
Seb B. over 8 yearsIf you're your targets are API level 21+, you might need to consider the changes in the Webview-behaviour with cookies and mixed-content. This implementation relies on the android.webkit.CookieManager after all.
-
Alexander K over 8 yearsFor some reason, in my case, the code doesn't go beyond the following line:
// get the cookie String cookie = this.webkitCookieManager.getCookie(url);
I'm not sure what kind of an issue happens here. I'm not getting any exception so it might be some lock or a deadlock... -
Alexander K over 8 yearsThe stacktrace hangs on the following method: at com.android.org.chromium.android_webview.AwCookieManager.nativeGetCookie(Native Method) at c.a.o.c.android_webview.AwCookieManager.getCookie(AwCookieManager.java:50) at c.a.webview.chromium.CookieManagerAdapter.getCookie(CookieManagerAdapter.java:58) at WebkitCookieManagerProxy.get(WebkitCookieManagerProxy.java:78) at c.a.okhttp.internal.http.HttpEngine.prepareRawRequestHeaders(HttpEngine.java:540) ... at c.a.webview.chromium.WebViewContentsClientAdapter.shouldInterceptRequest(WebViewContentsClientAdapter.java:283)
-
garnet over 7 years@AlexanderK I faced same issue as you mentioned. I narrowed down the problem to happen in Android 4.2, 4.3. It works fine in Android 5.0 and above. The logs indicate: Line 32: 01-05 03:52:52.718: W/dalvikvm(6423): Invalid indirect reference 0x41594650 in decodeIndirectRef Googling the above error leads to some stackoverflow links which are related to JNI calls. CookieManager.getCookie also uses JNI calls. Have you found any solution for this issue? talkol, Any suggestion?