0 Replies Latest reply on Nov 7, 2013 4:19 PM by tomvdduin

    Apex session cookie in Safari


      Hi all,


      I'm hitting a restriction or security feature(?) of Safari in iOS. One of our Apex applications is a page that runs in an iframe on a site. Apex is installed on a server inside our own network and is accessable via dns: office.ourcorp.com (fake name, just to clearify the situation). We have a couple of different brands, that all have their own domains: brand1.com, brand2.com etc. All of these sites open the apex page inside an iframe.


      That all works beautifully in all browsers, except in Safari in iOS. in iOS, the apex page isn't showing. It seams it's because of the session cookie Apex sets. Safari can't set an cookie from another domain (a cross domain cookie). Is there a possibility to turn off the session cookie?(ORA_WWV_APP_xxx)?


      I also tried to set the 'cookie domain' option inside the authentication scheme to one of the domain names for our brands, but it still doesn't show up.


      Does someone has a sollution?