SFSafariViewController Remove OAuth2 Cookie

Question

I have an iOS application that authenticates with Uber API using OAuth2 in a UIWebView. When upgrading to iOS 9, I run in to the issue of ATS blocking the http

Answer 1

For iOS 9 and onwards the best choice is to use the WKWebView class available in the WebKit Framework

which provides a WKWebsiteDataStore that can be used to delete cookies/caches used by the webview, see for example: https://stackoverflow.com/a/31803708/313113 or https://stackoverflow.com/a/32491271/313113

According to the docs: SFSafariViewController shares cookies and other website data with Safari and because it runs outside your app's process (for security reasons) you cannot modify it's state from inside your app. See this answer: https://stackoverflow.com/a/34136074/313113 from someone who contacted Apple customer support and got the following reply:

SFSafariViewController runs outside of my App's process and in order to be secure my App can not modify SFSafariViewController's state. In other words, my App can not clear credentials stored by SFSafariViewController.