Android Cookies not being deleted

Bug description:
I am implementing an OAuth2 flow for users and upon re-loading the react-native-webview with the login url after logging out on iOS devices the authorization form is displayed as it should be however incorrectly on Android devices users are taken straight into the application as if already logged in as if the Auth cookie is present. I have all the props I can see as relevant set below but still no luck.

cacheEnabled={false}
incognito={true}
thirdPartyCookiesEnabled={false}
sharedCookiesEnabled={false}
domStorageEnabled={false}

To Reproduce:
Set the source to any url which requires Auth and sets cookies such as Facebook.com. login and then reload the bundle. On iOS devices you are shown the login form, on Android devices you are logged in already.

Expected behavior:
Cookies should not be set and url should ask for authentication

Environment:

  • react-native-webview version: 5.9.1 (6.2.2 not compatible with RN Gesture Handler)
    info
    React Native Environment Info:
    System:
    OS: macOS 10.14.4
    CPU: (4) x64 Intel(R) Core(TM) i7-4578U CPU @ 3.00GHz
    Memory: 26.05 MB / 16.00 GB
    Shell: 3.2.57 – /bin/bash
    Binaries:
    Node: 8.15.0 – /usr/local/opt/node@8/bin/node
    npm: 6.4.1 – /usr/local/opt/node@8/bin/npm
    Watchman: 4.9.0 – /usr/local/bin/watchman
    SDKs:
    iOS SDK:
    Platforms: iOS 12.2, macOS 10.14, tvOS 12.2, watchOS 5.2
    Android SDK:
    API Levels: 23, 26, 27, 28
    Build Tools: 23.0.1, 26.0.2, 26.0.3, 27.0.3, 28.0.2, 28.0.3
    System Images: android-26 | Google APIs Intel x86 Atom_64, android-28 | Google APIs Intel x86 Atom
    IDEs:
    Android Studio: 3.3 AI-182.5107.16.33.5264788
    Xcode: 10.2.1/10E1001 – /usr/bin/xcodebuild
    npmPackages:
    react: 16.8.3 => 16.8.3
    react-native: 0.59.1 => 0.59.1
    npmGlobalPackages:
    create-react-native-app: 2.0.2
    react-native-git-upgrade: 0.2.7

2 thoughts on “Android Cookies not being deleted

  1. i don’t want incognito because the app needs to store various cookies to function. the problem is that android does not delete cookies in one particular scenario even though it has been instructed to do so.

Comments are closed.