I have a Vaadin app that is running within a web page iFrame. It is running in HTTP and we have no need for cookies, however, it appears as though the default behavior is to require cookies. This poses a slight inconvenience with people hitting the site with Mac OSX Safari as that browser is pretty strict and many visitors with Mac OSX don’t understand how to enable the function. Is there a way to disable the requirement for cookies so that no browser will be stopped from hitting the site?
Vaadin uses cookies to track the user session, which is very central to its function. I don’t know if there are any technical reasons why it would not be possible to track sessions otherwise, the session key is already passed in every request. There is a
ticket for it .
It might mean trouble for some features, such as opening new windows or refreshing the window.
There is a system message for complaining about disabled cookies. You should be able to customize it to give more detailed instructions.
There are workarounds for Safari and Internet Explorer not allowing to set cookies:
In Internet Explorer you need to specify a P3P policy and in Safari your initial request should HTTP POST to itself
String response = "<html><body><script>var cookieForm = document.createElement('form');cookieForm.method='post';document.body.appendChild(cookieForm);cookieForm.submit();</script></body></html>";
InputStream stream = new ByteArrayInputStream(response.getBytes());
return new DownloadStream(stream, "text/html", null);
At least the
ticket mentioned above isn’t closed, so I’d assume not. Well, if you dare to compile Vaadin yourself, the patch in the ticket might do it, although I don’t know if it’s applicable anymore.
No. The feature involves rather important core functionality in Vaadin, so the core developers need to consider it carefully if there’s any problems. Unfortunately, they haven’t had the time yet, but it’s on their list, hopefully not too far.
I have my Web app at www.nuuzee.com which has the following features :
Push is enabled : @Push(transport=Transport.WEBSOCKET_XHR)
@PreserveOnRefresh
I need push since I have the Facebook oAuth for Facebook logins
If I try on www.nuuzee.com with both Chrome and Firefox everything works fine
If I try with either Safari or Edge on www.nuuzee.com, it says → Cookies Disabled. This application requires cookies to function
If I try Safari directly on my Eclipse IDE with Tomcat 7 it works fine (localhost or private IP) …