Capacitor Version

💊 Capacitor Doctor 💊

Latest Dependencies:

@capacitor/cli: 7.4.4
@capacitor/core: 7.4.4
@capacitor/android: 7.4.4
@capacitor/ios: 7.4.4

Installed Dependencies:

@capacitor/cli: 7.4.2
@capacitor/core: 7.4.2
@capacitor/android: 7.4.2
@capacitor/ios: 7.4.2

[info] Using Gemfile: RubyGems bundle installed
[success] iOS looking great! 👌
[success] Android looking great! 👌

Doesn't really matter though because it's in current main branch too.

Other API Details

Platforms Affected

• iOS
• Android
• Web

Current Behavior

When calling CapacitorCookies.setCookie() the iOS implementation of this method percent-encodes the Cookie value via encode method CapacitorCookieManager. The problem is that requests using these cookies now include the encoded cookie value, which causes issues because servers typically do not decode cookie values. Although RFC 6265 (see cookie-octet) permits certain special characters such as colons, these characters are being incorrectly encoded by the plugin.

In addition to that the Android implementation of the CapacitorCookies plugin does not encode the values which causes an inconsistent behavior between iOS and Android.

Example:

A cookie such as key=chunks:2 becomes key=chunks%3A2 in the http request and will not be accepted by the server.

Expected Behavior

Cookie values should not be percent-encoded.

Project Reproduction

Any usage of CapacitorCookies.setCookie({ url: 'xxx', key: 'foo', value: 'bar:baz' }) along with CapacitorHttp being active to set the cookies in the request will reproduce the issue. However, network traffic needs to be intercepted or sever response to be checked to see it.

Minimal example can be found here: https://github.com/michaelwolz/capacitor-cookies (Replace WEBHOOK_URL with your own for testing)

Screenshot of a request sent on iOS:

Same request on Android:

Additional Information

CapacitorHttp must be active to make the request.