Use Case:
A merchant recently implemented Songbird in an Android webview and began experiencing issues with the cardholder getting stuck after entering their OTP. Some issuers were not able to return the cardholder to the TermUrl if third party cookies were not enabled within the webview.
Problem:
...
Problem:
Some users on Android devices have experienced an inability to redirect back to the merchant’s page following completion of authentication within the issuer’s screens.
NOTE: Use of WebView’s for iFrame loading and Step Up redirection is not officially supported; however, to remedy this issue, please review the following document.
...
Cause:
...
When local storage is unavailable on a device, the Cardinal Cruise JavaScript may use cookies to proceed with a transaction flow in fail-safe scenarios. By default, use of Third Party Cookies is disabled within an Android WebView.
When the HTML is loaded within the WebView using an iFrame, in API Level 21 or higher, requires this extra step and additional step is required to allow request requests out from the iFrame.
Left: example of the consumer experience when this issue occurs.
...
Solution:
In order to use a webview WebView within Android, you will need to allow third party cookies within the webview which Third Party cookies. This can be achieved -By by setting setAcceptThirdPartyCookies to true.
| Code Block | ||
|---|---|---|
| ||
CookieManager cookieManager = CookieManager.getInstance();
cookieManager.setAcceptThirdPartyCookies(webView, true); |
Affected Versions:
Android 4.4 KitKat and above