An issue regarding cookies in Android Air app

Hi folks,

Thank you for your work!

I have an issue related as I think to cookies processing in Air under Android (didn't check Air on Desktop and iOS, but flashplayer web version works fine). I use flex4.14.1 & air17.

In my app I do authorization by issuing http GET (by URLLoader) to a chunck of web servers (the communication to first node is made to get response containing the URI to second one). At present there is a sequence that consists of two servers. Each of them creates the session and return JSESSIONID cookie in the header. In the context of the created session the app creates different AMF based services represented by

RemoteObject flex class and GraniteDS consumers. Then the channels connected to second server break due to issued request headers doesn't have proper cookies set.

I enable server log where I see that on first server cookies are present and on second absent in request headers.

I found similar case Cookies working in Flex but not in Air

I rooted my Android device and see the 'cookies' file in /data/data/app-id-dir/cache/.AIR/cookies.

I also created another application that does login and subsequent request to one server and then does same requests to another address by using by URLLoader. Everything is working.

The 'cookie' file as expected has following content

---------------------------------------------- cookie ----------------------------------------------

# Netscape HTTP Cookie File

# http://curl.haxx.se/docs/http-cookies.html

# This file was generated by libcurl! Edit at your own risk.

#HttpOnly_192.168.0.5    FALSE    /lobby/    FALSE    0    JSESSIONID    BF5FF379560800F1D7CCB1512AC04BC1

#HttpOnly_192.168.0.35    FALSE    /lobby/    FALSE    0    JSESSIONID    3883CEE04995F37A16883495484E7D07

---------------------------------------------- cookie ----------------------------------------------

But for my production app where GraniteDS and RemoteObject is used I have file where second host's cookie missed!

---------------------------------------------- cookie ----------------------------------------------

# Netscape HTTP Cookie File

# http://curl.haxx.se/docs/http-cookies.html

# This file was generated by libcurl! Edit at your own risk.

#HttpOnly_192.168.0.5    FALSE    /game/    FALSE    0    JSESSIONID    7A2CF3E92942771A07EA5CBCA72479CE

---------------------------------------------- cookie ----------------------------------------------

So, every request to second server rufused with 403 Forbidden.

I see in logs, that server sends Set-Cookie header properly to each auth request.

Thanx in advance.