How to remove browser cookies only related to my app?

#1

This is a weird one to reproduce, so I’m just asking for any insights to help troubleshoot …

My Ionic 3 app uses the (old) http module in a service to POST user login credentials to a server & get back the User’s profile info. It’s a poor-man “log in” to the app as the current user (no tokens or cookies involved - all I really need is to confirm their username exists on the server).

All works great on iOS, web browser, and it works perfectly AT FIRST on Android. BUT, once the user logs out all subsequent login attempts on Android fail. They still work fine on iOS & web. WHY?

The only fix is to completely uninstall & reinstall the app. Installing an updated version does not fix it. This would make some sense if the POST request was somehow relying on localStorage data tied to the user, but it’s not - it ONLY sends the username/pw from the login form, and creates the exact same request as the one that works the 1st time.

Subsequent POSTs result in a 200-OK response, but now with a null body instead of the expected user profile object it gets just fine the first time. There are also a few more ‘headers’, and content-type text/html instead of application/json like the first time.

What could be allowing, then blocking subsequent HTTP requests only on Android?
Could it be setting/caching some token/cookie I’m not aware of or not intending to use?
If it’s a server-side issue, why would the server allow Android the first time plus as many as I want from iOS and browsers? Doesn’t make sense.

Any ideas why this would work fine once & then fail afterward only on Android?
Thanks!

#2

Solved-ish …

Apparently the POST response was setting browser cookies & tokens in the app after all.

FYI: Chrome’s webview on Android stores those cookies differently from Safari on iOS.
iOS would just delete/overwrite them on subsequent logins, but Chrome did not.
It was trying to login with an old token.

That problem has been described in other posts that didn’t have any useful answers. Not really an Ionic thing, I don’t think, so much as a platform browser implementation thing.

Fixed it w/a call to log out of the server as well (which I didn’t think was necessary before), and also by a call to logout right before trying the POST to log in, just in case the prior logout failed to clear the cookies (the app is used offline quite a bit). Currently it’s a bit of a race condition as both are async & return observables, but it works now & I can refine it.