Hello guys,

I'm still on the same problem and I hope to find someone who has the solution, so I summarize: my platform is developed in PHP on a server, I use PHP SESSIONS for the operation, in particular to keep the user logged in while browsing, it's very classic on doing that almost everywhere, and it works very well on the different types of web browsers.

I use construct 3 to display this web platform on mobiles via an iframe, and it works on android but on Iphone, the operation of cookies does not work and when the user connects it is immediate disconnected.

I specify that I have never had an Iphone, nor a MAC, Xcode is also new to me, so there may be basic operations that I do not know, if anyone has an idea of ​​where little come my problem I would be very grateful!

I also specify that the cookies work well when I display the web platform from the safari browser of the iphone.

Thanks !

Hello,

I created a website that I display in an iframe via construct 3.

Everything works fine for android, but wanting to see what it looks like on an iphone, I realized that there was a problem with the management of cookies, indeed when the user connects from an Ihone the php session does not hold on cookies don't work,

by searching a bit (A lot it's been a few months since I've been on it) I understood that the problem came from the management of cookies on the iphone which seems different than on android,

I heard that you have to ask the user if he accepts cookies, but as I'm new to Xcode I don't understand how to do it, I need someone to tell me clearly what to do,

because I went to see the documentation at apple, and at construct, but I can't find solutions or they are incomprehensible to me,

So I wonder if there is a place in Xcode where I have to add a code to request the activation of cookies? I also read that the problem could come from the fact that I display my website in a "WebView" and that Iphone no longer works like that?

I'm a little lost, if anyone has an idea I'm interested, Thanks in advance

Problem solved!

I really suck! tell me if I should delete this post!

Suddenly the error came from my SSL configuration on the server side

I enabled "OCSP stapling"

These two links were helpful to me:

• https://httpd.apache.org/docs/trunk/fr/ssl/ssl_howto.html
• https://www.digicert.com/kb/ssl-support/pem-ssl-creation.htm

So here I have no more SSL error and my page is displayed again in the iframe without problem.

Need to try with google export but i think all is good now ! thanks

I'l be back :)

Hello,

Following the previous message, I therefore made sure that I did not have a parameter prohibiting integration by iframe on the server side.

Today i found this while trying to login, it seems the worker/browser doesn't recognize my certificate ?

[client ************:35954] AH02008: SSL library error 1 in handshake (server *****.***:443) SSL Library Error: error:14094416:SSL routines:ssl3_read_bytes:sslv3 alert certificate unknown (SSL alert number 46)

Do you have an 'x-frame-options' or 'frame-ancestors' line in your header?

Thank you for your answer it seems that no I don't have 'x-frame-options' or 'frame-ancestors', I should?

I'll look into it, I've already done some research but I don't really understand how it works, what I understand is to authorize a particular domain or an origin but I don't know how to use it,

I inserted this line in my apache config I'm not sure of the syntax, and if I understand correctly it only authorizes the same domain, and i don't know how to authorize from the mobile !?

Header set Content-Security-Policy "frame-ancestors 'self';"

Hello guys !

Here is where I am today, I will try to look into what apache.org accepts, if anyone has an idea I am a taker.

• So google and apache works but not my website.
  

• Here is the response from my server
• 

• This is what apache.org tells me
• 

see you later thanks

Hi !

good after several tests I realize that I manage to display the site https://apache.org and https://google.fr returns a ban (good thing) but my site still does not load!

I tell myself that the problem comes from the configuration on the server side, in my page I put the famous header("Access-Control-Allow-Origin: *"); I changed the file from apache config, I activated the header module, I also tried with the .htaccess but nothing.

:(

Hi !

I hope my problem has already happened to someone.

I integrate a web page of a personal domain in an iframe, everything works perfectly,

• I build the debug apk/aab, I test it on all possible supports (emulators, physical smartphone...) everything works very well

• I build the release apk/aab, I test it on all possible supports (emulators, physical smartphone...) everything works very very well

And when I send it to the google playstore, they "prepare the bundle" and offer me a version signed by google (the one that will be distributed to users) but when I download this new apk signed by google, and I test it on my smartphone, my iframe no longer seems to appear, and I find myself faced with a blank page.

I looked carefully at the responses of other threads in this forum to similar topics.

For example, the solutions that often come up are: whitelisting the site in the apk, or the famous CORS domain... I have of course tried these options, but my problem is not the same as these topics, because I don't I have no error message that appears when the iframe is displayed, and on the contrary, if I turn off the wifi when the iframe is launched, an error message appears indicating that it cannot resolve the DNS name, which means that the iframe is there and it works !?

I also added a function to get the size of the iframe in pixels (because I play a little with the size) but everything seems consistent and I get the right size.

I tried check the visibility of layer or iframe but all is ok.

As i say Everything works perfectly until google touches it, i don't understand.

So here I am stuck, I tried a lot of options, I don't really know what to do so I hope someone here will have the solution. I thank you in advance