homepage Welcome to WebmasterWorld Guest from 54.166.84.82
register, free tools, login, search, pro membership, help, library, announcements, recent posts, open posts,
Become a Pro Member

Home / Forums Index / Code, Content, and Presentation / HTML
Forum Library, Charter, Moderators: incrediBILL

HTML Forum

    
Persistent cookies for mobile
Alternative ways to recognize returning users
GoNC



 
Msg#: 4685058 posted 8:12 am on Jul 4, 2014 (gmt 0)

When a site users logs in to my site, I give them the option of "Remember me". A cookie is set, and if they select "Remember me" then they're given a cookie with an expiration date 1 year in the future.

I'm constantly battling the issue that mobile browsers (specifically, Safari for iPhone and whatever Android uses by default) don't seem to recognize these persistent cookies, though. So every time a user returns to my site, they have to log back in. I have constant complaints about it, but I'm 99.9% sure it's the browser's fault.

Any suggestions on an alternative method to recognize returning users? I've read references to "known IDs", referring to unique IDs for a device (I guess like a MAC ID?), but I can't find a lot of detail on it.

 

penders

WebmasterWorld Senior Member penders us a WebmasterWorld Top Contributor of All Time 5+ Year Member Top Contributors Of The Month



 
Msg#: 4685058 posted 2:56 pm on Jul 4, 2014 (gmt 0)

Just to clarify... these are first-party cookies, not third-party cookies?

AFAIK all relatively modern mobile browsers support persistent first-party cookies by default. Chrome (the default browser on Android these days) certainly does. I can't be sure off hand whether the previous "Android browser" did - but I'm pretty sure it did. (To be honest I would be very surprised if it didn't.)

(IMO, it is easier to disable cookies on a mobile browser. And mobile browsers do not seem to differentiate between first/third party cookies!?)

I've read references to "known IDs", referring to unique IDs for a device (I guess like a MAC ID?), but I can't find a lot of detail on it.


Not sure about this, but I imagine these are only available to native apps that have the required permissions?

incrediBILL

WebmasterWorld Administrator incredibill us a WebmasterWorld Top Contributor of All Time 5+ Year Member Top Contributors Of The Month



 
Msg#: 4685058 posted 1:05 am on Jul 8, 2014 (gmt 0)

As an example of persistent cookies, which WebmasterWorld uses, I'm always logged in when I open WebmasterWorld in any mobile browser without issue.

YMMV

GoNC



 
Msg#: 4685058 posted 2:03 am on Jul 8, 2014 (gmt 0)

It all seems to be specific to the browser version. I use Android and have no problem staying logged in, but my GF uses an iPhone, and neither Safari nor Chrome will stay logged in.

Reading online, I'm reading reports that about 60% of the browsers will recognize persistent cookies. There are a lot of variables at play, though; I've read that you could have two identical phones, and one will support persistent cookies while the other won't.

Eventually, there's going to have to be a replacement to cookies if this lack of support continues.

lucy24

WebmasterWorld Senior Member lucy24 us a WebmasterWorld Top Contributor of All Time Top Contributors Of The Month



 
Msg#: 4685058 posted 2:16 am on Jul 8, 2014 (gmt 0)

And mobile browsers do not seem to differentiate between first/third party cookies!?

Mobile Safari-- at least the iPad version-- does. By default, only first-party cookies are enabled.

I found where to change the prefs and how to delete all existing cookies, but I'm ### if I can find where to see individual cookies. It would obviously be easier to isolate the problem if you could simply go to the site in the mobile browser of your choice, and see what-if-any cookies it sets.

If you log your headers: Do requests from mobiles ever include the "Cookie:" field?

penders

WebmasterWorld Senior Member penders us a WebmasterWorld Top Contributor of All Time 5+ Year Member Top Contributors Of The Month



 
Msg#: 4685058 posted 10:48 am on Jul 8, 2014 (gmt 0)

And mobile browsers do not seem to differentiate between first/third party cookies!?


Sorry, that is a bit of a generalised statement. Just to clarify, I'm referring to the browser preferences that allow you to enable/disable third party cookies separately.

To be more specific... on Android... "Chrome", "Dolphin" and "Next" browsers only appear to have an On/Off cookie option (no differentiation between first and third party cookies).

However, "Firefox" and "Opera" do allow you to control third party cookies separately (default enabled in both cases).

The "UC Browser" doesn't appear to have any option to enable/disable cookies (that I can see)!? But it does support persistent cookies.

Just a thought... is it possible that some of these non-compliant browsers are set to "delete cookies on exit"?!

... but my GF uses an iPhone, and neither Safari nor Chrome will stay logged in.


There appears to be an issue if the webpage is saved as a bookmark on the home screen (or a "bookmarklet")? Persistent cookies might not be recalled in this instance?! The workaround seems to be to use localStorage?

[stackoverflow.com...]
[stackoverflow.com...]

penders

WebmasterWorld Senior Member penders us a WebmasterWorld Top Contributor of All Time 5+ Year Member Top Contributors Of The Month



 
Msg#: 4685058 posted 11:14 am on Jul 8, 2014 (gmt 0)

I can't be sure off hand whether the previous "Android browser" did - but I'm pretty sure it did.


I've just fired up my old Android tablet, which has the original "Android browser" (version 4.0.3-20120401) and this does indeed support persistent cookies. There is just one setting in preferences to enable/disable.

...but I'm ### if I can find where to see individual cookies.


Android browsers don't seem to show this information either. (Maybe a plugin for Dolphin?!)

Dammy



 
Msg#: 4685058 posted 4:25 pm on Jul 8, 2014 (gmt 0)

Please are u setting the cookie with js or php or what language are u using?

GoNC



 
Msg#: 4685058 posted 9:41 pm on Jul 8, 2014 (gmt 0)

Please are u setting the cookie with js or php or what language are u using?


Mostly I'm setting the cookie with Perl, but I tried setting a persistent cookie with Javascript and had the same result.

lucy24

WebmasterWorld Senior Member lucy24 us a WebmasterWorld Top Contributor of All Time Top Contributors Of The Month



 
Msg#: 4685058 posted 10:11 pm on Jul 8, 2014 (gmt 0)

what language are [yo]u using

It shouldn't make any difference, should it?, unless the problem turns out to be that the cookie-setting code isn't working at all. Setting a cookie is not difficult. Translation: I can do it.

penders

WebmasterWorld Senior Member penders us a WebmasterWorld Top Contributor of All Time 5+ Year Member Top Contributors Of The Month



 
Msg#: 4685058 posted 12:56 am on Jul 9, 2014 (gmt 0)

...It shouldn't make any difference, should it?


With regards to JS vs PHP/Perl (or any other server-side language), it's possible to set an HttpOnly cookie in the HTTP response that is not accessible to JS.

Dammy



 
Msg#: 4685058 posted 6:41 pm on Jul 9, 2014 (gmt 0)

when u ar setting up cookie with js, some browser may nt support it, maybe u cn use php's setcookie() to verify...

lucy24

WebmasterWorld Senior Member lucy24 us a WebmasterWorld Top Contributor of All Time Top Contributors Of The Month



 
Msg#: 4685058 posted 7:59 pm on Jul 9, 2014 (gmt 0)

it's possible to set an HttpOnly cookie in the HTTP response that is not accessible to JS.

Ah, useful to know.

In this particular site, is the login processing and/or cookie recognition done in a script, or server-side? The question is probably a red herring, but it's good to take care of all variables.

:: vague mental association with "take arms against a sea of troubles" ::

Global Options:
 top home search open messages active posts  
 

Home / Forums Index / Code, Content, and Presentation / HTML
rss feed

All trademarks and copyrights held by respective owners. Member comments are owned by the poster.
Home ¦ Free Tools ¦ Terms of Service ¦ Privacy Policy ¦ Report Problem ¦ About ¦ Library ¦ Newsletter
WebmasterWorld is a Developer Shed Community owned by Jim Boykin.
© Webmaster World 1996-2014 all rights reserved