2013-09-22

The Apple docs about the cookie accept policy for NSHTTPCookieStorage are confusing.

This is what the docs say:

NSHTTPCookieStorage implements a singleton object (shared instance) that manages storage of cookies. Each cookie is represented by an instance of the NSHTTPCookie class. As a rule, cookies are shared among all applications and are kept in sync across process boundaries. Session cookies (where the cookie object’s isSessionOnly method returns YES) are local to a single process and are not shared.

iOS Note: Cookies are not shared among applications in iOS.

Note: Changes made to the cookie accept policy affect all currently running applications using the cookie storage.

And the following about - (void)setCookieAcceptPolicy:(NSHTTPCookieAcceptPolicy)aPolicy

The default cookie accept policy is NSHTTPCookieAcceptPolicyAlways. Changing the cookie policy affects all currently running applications using the cookie storage.

Now my first thought was if an app was to call setCookieAcceptPolicy, the change would affect other running applications. This does not appear to be the case. Calling setCookieAcceptPolicy will only affect the app which called it.

The only cookie policy which applies to all running applications is the Safari one. In iOS 7 before an app calls setCookieAcceptPolicy, it uses the safari policy. So if the safari cookie policy is set to always block, then any app won't be able to use cookies until it sets its own cookie policy. I understand this has caused issues for a lot of apps since iOS 7 came out.

Is my observation correct about all this, or have I missed something?

Edit

I've raised a bug with Apple and waiting to hear back from them now.

Show more