iPhone "Bookmark to Homescreen" removes cookies and session?

christian Muller picture christian Muller · Sep 28, 2010 · Viewed 18.7k times · Source

Right now I am developing a Web-based Application, where the User has to login first.

When I open the Page by iPhone Safari, login and restart Safari, I am still logged in (Cookie & Session ID still set).

But when I add this Page with "Add to Home Screen", each Time i click the Icon for that page, I have to login again.

I did not find any information about that. What can I do so my users can set this page to their home screen as icon and still don't have to login each time they open it?

Answer

favo picture favo · Dec 31, 2011

A really simple approach could be to use a unique token in your Bookmark-URL which can serve you as a unique device identifier.

Example: http://myWebApp.com/?token=randomId29238/1

The token can be generated at the server side at opening time of the application in Mobile Safari and before the user is prompted with the "Add to Home Screen" information. The token can then be added to the URL using a quick redirect (…&token=randomToken) or a location hash (…#randomToken).

Whenever the Bookmark is now opened from the Home Screen, the token is sent to your server and you can identify the user's active session. You may also use the token as a permanent session id, but I advise against that because of security concerns.

To allow future logout and login procedures, you can always assign the new sessions to the token.

The token will serve you as a unique device identifier whenever the user will re-open your link from his Home Screen.