- Forum posts: 15
Sep 16, 2015, 8:29:14 AM via Website
Sep 16, 2015 8:29:14 AM via Website
I am working on an Android App, Using a SQLIte browser on a rooted device, the application session id cookie is being written in plain text into a SQLite table named COOKIES. I have tried some steps:
- Using Cache-Control no-cache=\"Set-Cookie\".
- Setting the Set-Cookie secure and httpOnly header attributes.
According to many blog entries, Chromium is suppose to encrypt cookies https://codereview.chromium.org/24734007 and indeed, I've observed an "encrypted_value" column within the COOKIES table. I read some blogs from few android developer forum related to this but unfortunately, none of the above attempts have succeeded in configuring Android WebView to encrypt stored cookies. Please help me to resolve my query.