to redirect to the main page “/” on desktop works fine, but on android phone when it gets idle after a while (turning of the screen or open another app) and I come back to the web app and try to press the button to redirect to the main page instead of getting the data from an api request I get that html, I read that is for security reasons, to make sure that the requests are being made from a browser, but somehow react-router is not passing the test. What can I do? Thank you. The api request is a very simple request.
Access through Android or iOS mobile apps (MOBILE WEBSITE WORK FINE).
it seems that it doesn’t if the user gets idle on the website and then try to come back. Is like the connection to the server is lost and you need to refresh to gain it again. I’m just trying to understand what is happening.
Interesting, this shouldn’t happen. And I’m not sure why this doesn’t work.
When you first open the site, this Javascript code is sent to the browser to set a cookie. This cookie must be passed with every request or the server will block it. The cookie is set with an extremely long lifetime (almost 15 years) and should keep working for that long.
If you see this, it means that either the cookie is missing from the request or invalid, and I don’t understand why either of those things would be the case.
Just to be very clear: your application runs within a web browser, right? It’s not running in a web wrapper (like Cordova) or using React Native (i.e. without a browser entirely)?
The best solution I can think of right now is to integrate code in the application that detects responses like these. If it gets a response like this, it can reload the page, which should also get this Javascript code, generate a fresh cookie which can then be used to authenticate further requests.
Yes it is running in a normal browse, android chrome. Maybe is the htaccess redirections plus react-router? or a bug in react router? I do not know, also it happens randomly after idle, sometimes it doesnt happen. Thank you anyway!
This issue has to do with cookies either becoming invalid or not getting sent at all. I don’t know exactly which is the case, both explanations don’t really make sense to me. The cookies have a very long lifetime, and it wouldn’t make sense for a browser to just stop sending cookies in the background.
I’m very certain that this isn’t your code though. The browser validation system is applied before your website code is executed, so you can’t influence it with any PHP or .htaccess code. And seeing how the code does work at first, it means cookies are being passed along.
Regardless, all of this only tells you why the issue happens, it doesn’t yet provide a clear way to fix it. So I would still recommend to implement the workaround I recommended before:
It can really be anything,
from the fact that you have some maintenance application in the system that simply deletes cookies for your privacy, some changes in android v13, up to the point that when you update chrome or everything related to the network modules which then results in some cookies being deleted.
If I were you, I would try to explicitly emphasize in the browser settings that the “__test” cookie is not deleted, but always kept.
Or try to use another browser that is not chrome (one that did not come with the system).
Maybe it’s the fact that it tries to keep only secure=true cookies while it doesn’t like false.