Iframe Issue on Ipad Mini
Monday, October 17, 2022 at 07:42pmHi Duo,
We are trying to implement an iOS App which contains a WebView. The WebView runs our website, which contains a OneSpan iframe. When we load this iframe, the following message appears: "To ensure proper functionality of the system, cookies must be enabled in your browser."
This issue only occurs on iOS WebViews, however it works fine in the safari web browser on the iPad. We have tried the workaround reference here and here, however the error still comes up.
Could I please get some insight on how to get the iframe inside an iOS WKWebView working with OneSpan?
Reply to: Iframe Issue on Ipad Mini
Tuesday, October 18, 2022 at 06:32pmNote: The issue is for the designer in Iframe not the signing ceremony.
Reply to: Iframe Issue on Ipad Mini
Wednesday, October 19, 2022 at 03:56pmHi Bikram,
Yes, it makes more sense to me if you were embedding designer page and saw this cookie warning. I think like the previous thread discussed, the main reason behind it is that the WKWebView doesn't support third-party cookie.
I knew there are existing Enhancement Requests asking to have designer UI to be cookieless like our new signer experience behaves, but this request is still a future consideration by now.
On the other hand, I did some research but I didn't find a working solution to directly have WKWebView allow third-party cookie. Hence I am assuming that you may have to open the designer page in a new WKWebView, or use a reverse proxy to sit in front of OSS service and turn OSS URLs behind your domain, in which case the third-party cookie will also become a first-party cookie.
Duo
Reply to: Iframe Issue on Ipad Mini
Thursday, October 20, 2022 at 05:57pmHello Duo,
Thanks for your reply. As you mentioned, may be we need to use reverse proxy and convert the third party cookie to first party. Can you please explain this a bit more as I haven't encounter such scenario yet.
Thanks,
Bikram
Reply to: Iframe Issue on Ipad Mini
Sunday, October 23, 2022 at 09:02pmHi Duo,
I am waiting for your response so that I can get some insight on how to resolve this particular issue as suggested by your workaround.
Reply to: Iframe Issue on Ipad Mini
Monday, October 24, 2022 at 08:25amHi Bikram,
Sorry for the late reply! Please be aware that if you really want to follow this approach, you may need some help from your IT team and set up a reverse proxy to have OneSpan Sign service running behind the reverse proxy. It could be Nginx, Apache, or any other Web Server.
For example, after the URL redirection,
the original designer link: https://sandbox.esignlive.com/auth?authenticationToken={senderAuthToken}&target=/a/transaction/{packageId}/designer
could turn to (if the reverse proxy is hosted in my local): https://localhost/auth?authenticationToken={senderAuthToken}&target=/a/transaction/{packageId}/designer
In this case when embedding this link in a localhost resource, the cookie will be first party cookie.
Setting up reverse proxy is a common technique, therefore you could also find a lot of useful technical guides out there. In particularly for Apache server, I do have a developer blog showcasing you how to configure the server:
Third Party Cookie and Reverse Proxy - https://www.onespan.com/blog/onespan-sign-developer-third-party-cookie-and-reverse-proxy
Duo