Apple Event: May 7th at 7 am PT

Learn more

Add to your calendar 

Looks like no one’s replied in a while. To start the conversation again, simply ask a new question.

User profile for user: _Swede_
_Swede_ Author
User level: Level 1
4 points

Will Safari store cookies when redirected multiple times?

We have a problem with logging in with Safari on a Microsoft service.


The basic use case is as follows:


  1. Successful login form posting at Site M (Microsoft)
  2. Site M redirect to itself (http 302) Set-Cookie: C1
  3. Site M redirects to Site A with token (http 302) Set-Cookie: C2 + C3
  4. Site A redirects to itself (http 302).
  5. Site A loads


The result in Chrome and Firefox is that the user has a token and has cookies C1, C2 and C3.


The result in Safari 10 & 9 is that the user receives no token and no cookies. It is hard to determine exactly what happens during the redirects because Safari clears the network log in the developer tool. All traffic is over HTTPS and Site A has a self-signed certificate, Site M a CA certificate.

Is this a known problem in Safari or should the scenario above work?

Thanks in advance!

Posted on Dec 1, 2016 11:57 AM

Reply
4 replies
User profile for user: Leanne_68
Leanne_68
User level: Community Specialist

Dec 2, 2016 9:53 AM in response to _Swede_

Hi _swede_,


I understand that when trying to log into a Microsoft service with multiple redirects, your Safari app is not allowing the cookies necessary to login. I would try to adjust your Safari's Security and Privacy settings to allow cookies from all websites then try logging in again.


Safari for Mac: Manage cookies and website data using Safari​


Choose Safari > Preferences, click Privacy, then do any of the following:

Change which cookies and website data are accepted: Select a “Cookies and website data” option:

  • Always block: Safari doesn’t let any websites, third parties, or advertisers store cookies and other data on your Mac. This may prevent some websites from working properly.

  • Allow from current website only: Safari accepts cookies and website data only from the website you’re currently visiting. Websites often have embedded content from other sources. Safari does not allow these third parties to store or access cookies or other data.

  • Allow from websites I visit: Safari accepts cookies and website data only from websites you visit. Safari uses your existing cookies to determine whether you have visited a website before. Selecting this option helps prevent websites that have embedded content in other websites you browse from storing cookies and data on your Mac.

  • Always allow: Safari lets all websites, third parties, and advertisers store cookies and other data on your Mac.



Thanks for using Apple Support Communities to post your question. Let us know if this works for you.


Have a nice day.
Reply
User profile for user: jdo_apple
jdo_apple
User level: Community Specialist

Dec 2, 2016 11:21 AM in response to _Swede_

You are welcome. Has the site ever been able to load the Microsoft service successfully? If so, did anything change on your Mac recently? Please check to see if there are any updates available for Mac OS. Update the software on your Mac


If the "Block pop up windows" option is unchecked in the Security Pane of your Safari preferences and the issue remains, try booting up into safe mode. Try safe mode if your Mac doesn‘t finish starting up

What is safe mode?
Safe mode (sometimes called safe boot) is a way to start up your Mac so that it performs certain checks and prevents some software from automatically loading or opening. Starting your Mac in safe mode does the following:
Verifies your startup disk and attempts to repair directory issues, if needed
Loads only required kernel extensions
Prevents Startup Items and Login Items from opening automatically
Disables user-installed fonts
Deletes font caches, kernel cache, and other system cache files
Together, these changes can help resolve or isolate issues related to your startup disk.


If this service has never worked in Safari, I would contact the service support at Microsoft to verify the compatibility with Safari and Mac OS. Please tell us the results for these steps after you try them.


Cheers.
Reply
User profile for user: _Swede_
_Swede_ Author
User level: Level 1
4 points

Dec 2, 2016 11:21 PM in response to jdo_apple

No it never worked with Safari. As I wrote it works well with non WebKit browsers, e.g. Firefox, on the same mac. So the computer is not the problem.


Safari has a history of not setting cookies if redirected but this was back in version 5. There are old threads discussing this (Safari don't set cookie after 302 redirect). So that something similar is going on now is my suspicion.

Reply

Will Safari store cookies when redirected multiple times?

Welcome to Apple Support Community
A forum where Apple customers help each other with their products. Get started with your Apple ID.
Learn more Sign up