douce1368 2015-03-24 02:29
浏览 36
已采纳

为什么Twitter webview会清除我的会话cookie?

I'm creating your standard login in PHP. It relies on the user's session remaining the same to keep the user logged in. The session has been persisting as expected on desktop browsers, Safari on iOS, and webview in Facebook iOS app. However, it is not persisting on webview in Twitter iOS app.

I have this simple page to print out the session: 

<?php
        session_start();
?>
<html>
<body>
<h1>$_SESSION</h1>
<?php
        print_r($_SESSION);
?>
<h1>$_COOKIE</h1>
<?php
        print_R($_COOKIE);
?>
</body>
</html>

Safari on iOS

  1. Open the page in Safari on iOS.
  2. Reload the page 10 times.
  3. The same session ID is printed every time.

enter image description here

Facebook on iOS

  1. Post the link to your Facebook wall.
  2. Tap the link 10 times.
  3. The same session ID is printed every time.

enter image description hereenter image description here

Twitter on iOS

  1. Tweet the link on Twitter.
  2. Tap the link 10 times.
  3. The session ID is missing every time.

enter image description hereenter image description here

The only major difference between Twitter and everyone else is that Twitter converts all links with their shortening service. If you inspect the website source code of your posts, you'll see:

<a href="t.co/someCode">yourOriginalLink.com</a>

This affects your referrer. But how exactly would the referer screw up your session?

I know other websites have gotten sessions to persist on Twitter because I've logged in on those other apps and I remain logged in every time I launch their site. You can look at Meerkat for example. Just search for #meerkat in your Twitter iOS app and click on the link in any of the tweets. You'll be asked to log in. If you click on a second Meerkat link, it will remember that you've already logged in before.

  • 写回答

2条回答 默认 最新

  • douzi8548 2015-03-25 22:53
    关注

    Twitter iOS app destroys its session whenever the webview is dismissed. In standard cookie management, cookies without any explicit expiration are cleared when the session is over. We want to persist the cookie so that the user doesn't have to login over and over.

         $params = session_get_cookie_params();
     setcookie(
         session_name(),
         $_COOKIE[session_name()],
         time() + 60 * 60 * 24 * 365,
         $params["path"],
         $params["domain"],
         $params["secure"],
         $params["httponly"]
     );

    Facebook app doesn't clear the cookies whenever the webview disappears, probably because it has smart cacheing logic to keep the webview in memory instead of deallocating it.

    本回答被题主选为最佳回答 , 对您是否有帮助呢?
    评论
查看更多回答(1条)

报告相同问题?

悬赏问题

  • ¥15 素材场景中光线烘焙后灯光失效
  • ¥15 请教一下各位,为什么我这个没有实现模拟点击
  • ¥15 执行 virtuoso 命令后,界面没有,cadence 启动不起来
  • ¥50 comfyui下连接animatediff节点生成视频质量非常差的原因
  • ¥20 有关区间dp的问题求解
  • ¥15 多电路系统共用电源的串扰问题
  • ¥15 slam rangenet++配置
  • ¥15 有没有研究水声通信方面的帮我改俩matlab代码
  • ¥15 ubuntu子系统密码忘记
  • ¥15 保护模式-系统加载-段寄存器