Added in API level 1

CookieManager


abstract class CookieManager
kotlin.Any
   ↳ android.webkit.CookieManager

Manages the cookies used by an application's WebView instances.

CookieManager represents cookies as strings in the same format as the HTTP Cookie and Set-Cookie header fields (defined in RFC6265bis).

Summary

Public constructors

Public methods
abstract Boolean

Gets whether the application's WebView instances send and accept cookies.

abstract Boolean

Gets whether the WebView should allow third party cookies to be set.

open static Boolean

Gets whether the application's WebView instances send and accept cookies for file scheme URLs.

abstract Unit

Ensures all cookies currently accessible through the getCookie API are written to persistent storage.

abstract String!

Gets all the cookies for the given URL.

open static CookieManager!

Gets the singleton CookieManager instance.

abstract Boolean

Gets whether there are stored cookies.

abstract Unit

Removes all cookies.

abstract Unit

Removes all cookies.

abstract Unit

Removes all expired cookies.

abstract Unit

Removes all session cookies, which are cookies without an expiration date.

abstract Unit

Removes all session cookies, which are cookies without an expiration date.

abstract Unit

Sets whether the application's WebView instances should send and accept cookies.

open static Unit

Sets whether the application's WebView instances should send and accept cookies for file scheme URLs.

abstract Unit

Sets whether the WebView should allow third party cookies to be set.

abstract Unit
setCookie(url: String!, value: String!)

Sets a single cookie (key-value pair) for the given URL.

abstract Unit
setCookie(url: String!, value: String!, callback: ValueCallback<Boolean!>?)

Sets a single cookie (key-value pair) for the given URL.

Protected methods
open Any!

Public constructors

CookieManager

Added in API level 22
CookieManager()

Deprecated: This class should not be constructed by applications, use getInstance instead to fetch the singleton instance.

Public methods

acceptCookie

Added in API level 1
abstract fun acceptCookie(): Boolean

Gets whether the application's WebView instances send and accept cookies.

Return
Boolean true if WebView instances send and accept cookies

acceptThirdPartyCookies

Added in API level 21
abstract fun acceptThirdPartyCookies(webview: WebView!): Boolean

Gets whether the WebView should allow third party cookies to be set.

Parameters
webview WebView!: the WebView instance to get the cookie policy for
Return
Boolean true if the WebView accepts third party cookies

allowFileSchemeCookies

Added in API level 12
open static fun allowFileSchemeCookies(): Boolean

Gets whether the application's WebView instances send and accept cookies for file scheme URLs.

Return
Boolean true if WebView instances send and accept cookies for file scheme URLs

flush

Added in API level 21
abstract fun flush(): Unit

Ensures all cookies currently accessible through the getCookie API are written to persistent storage. This call will block the caller until it is done and may perform I/O.

getCookie

Added in API level 1
abstract fun getCookie(url: String!): String!

Gets all the cookies for the given URL. This may return multiple key-value pairs if multiple cookies are associated with this URL, in which case each cookie will be delimited by "; " characters (semicolon followed by a space). Each key-value pair will be of the form "key=value".

Note: Any cookies set with the "Partitioned" attribute will only be returned for the top-level partition of url.

Parameters
url String!: the URL for which the cookies are requested
Return
String! value the cookies as a string, using the format of the 'Cookie' HTTP request header

getInstance

Added in API level 1
open static fun getInstance(): CookieManager!

Gets the singleton CookieManager instance.

Return
CookieManager! the singleton CookieManager instance

hasCookies

Added in API level 1
abstract fun hasCookies(): Boolean

Gets whether there are stored cookies.

Return
Boolean true if there are stored cookies

removeAllCookie

Added in API level 1
Deprecated in API level 21
abstract fun removeAllCookie(): Unit

Deprecated: Use removeAllCookies(android.webkit.ValueCallback) instead.

Removes all cookies.

removeAllCookies

Added in API level 21
abstract fun removeAllCookies(callback: ValueCallback<Boolean!>?): Unit

Removes all cookies.

This method is asynchronous. If a ValueCallback is provided, android.webkit.ValueCallback#onReceiveValue(T) will be called on the current thread's android.os.Looper once the operation is complete. The value provided to the callback indicates whether any cookies were removed. You can pass null as the callback if you don't need to know when the operation completes or whether any cookies were removed, and in this case it is safe to call the method from a thread without a Looper.

Parameters
callback ValueCallback<Boolean!>?: a callback which is executed when the cookies have been removed This value may be null.

removeExpiredCookie

Added in API level 1
Deprecated in API level 21
abstract fun removeExpiredCookie(): Unit

Deprecated: The WebView handles removing expired cookies automatically.

Removes all expired cookies.

removeSessionCookie

Added in API level 1
Deprecated in API level 21
abstract fun removeSessionCookie(): Unit

Deprecated: use removeSessionCookies(android.webkit.ValueCallback) instead.

Removes all session cookies, which are cookies without an expiration date.

removeSessionCookies

Added in API level 21
abstract fun removeSessionCookies(callback: ValueCallback<Boolean!>?): Unit

Removes all session cookies, which are cookies without an expiration date.

This method is asynchronous. If a ValueCallback is provided, android.webkit.ValueCallback#onReceiveValue(T) will be called on the current thread's android.os.Looper once the operation is complete. The value provided to the callback indicates whether any cookies were removed. You can pass null as the callback if you don't need to know when the operation completes or whether any cookie were removed, and in this case it is safe to call the method from a thread without a Looper.

Parameters
callback ValueCallback<Boolean!>?: a callback which is executed when the session cookies have been removed This value may be null.

setAcceptCookie

Added in API level 1
abstract fun setAcceptCookie(accept: Boolean): Unit

Sets whether the application's WebView instances should send and accept cookies. By default this is set to true and the WebView accepts cookies.

When this is true setAcceptThirdPartyCookies and setAcceptFileSchemeCookies can be used to control the policy for those specific types of cookie.

Parameters
accept Boolean: whether WebView instances should send and accept cookies

setAcceptFileSchemeCookies

Added in API level 12
Deprecated in API level 30
open static fun setAcceptFileSchemeCookies(accept: Boolean): Unit

Deprecated: This setting is not secure, please use androidx.webkit.WebViewAssetLoader instead.

Sets whether the application's WebView instances should send and accept cookies for file scheme URLs.

Use of cookies with file scheme URLs is potentially insecure and turned off by default. All file:// URLs share all their cookies, which may lead to leaking private app cookies (ex. any malicious file can access cookies previously set by other (trusted) files).

Loading content via file:// URLs is generally discouraged. See the note in WebSettings.setAllowFileAccess. Using androidx.webkit.WebViewAssetLoader to load files over http(s):// URLs allows the standard web security model to be used for setting and sharing cookies for local files.

Note that calls to this method will have no effect if made after calling other CookieManager APIs.

setAcceptThirdPartyCookies

Added in API level 21
abstract fun setAcceptThirdPartyCookies(
    webview: WebView!,
    accept: Boolean
): Unit

Sets whether the WebView should allow third party cookies to be set. Allowing third party cookies is a per WebView policy and can be set differently on different WebView instances.

Apps that target android.os.Build.VERSION_CODES#KITKAT or below default to allowing third party cookies. Apps targeting android.os.Build.VERSION_CODES#LOLLIPOP or later default to disallowing third party cookies.

Parameters
webview WebView!: the WebView instance to set the cookie policy on
accept Boolean: whether the WebView instance should accept third party cookies

setCookie

Added in API level 1
abstract fun setCookie(
    url: String!,
    value: String!
): Unit

Sets a single cookie (key-value pair) for the given URL. Any existing cookie with the same host, path and name will be replaced with the new cookie. The cookie being set will be ignored if it is expired. To set multiple cookies, your application should invoke this method multiple times.

The value parameter must follow the format of the Set-Cookie HTTP response header. This is a key-value pair of the form "key=value", optionally followed by a list of cookie attributes delimited with semicolons (ex. "key=value; Max-Age=123"). For the header format and attributes supported by WebView, see the Set-Cookie documentation on MDN.

Notes:

  • If specifying a value containing the "Secure" attribute, url must use the "https://" scheme.
  • if specifying a value containing the "Partitioned" attribute, the cookie will be set for the top-level partition of the url.
Parameters
url String!: the URL for which the cookie is to be set
value String!: the cookie as a string, using the format of the 'Set-Cookie' HTTP response header

setCookie

Added in API level 21
abstract fun setCookie(
    url: String!,
    value: String!,
    callback: ValueCallback<Boolean!>?
): Unit

Sets a single cookie (key-value pair) for the given URL. Any existing cookie with the same host, path and name will be replaced with the new cookie. The cookie being set will be ignored if it is expired. To set multiple cookies, your application should invoke this method multiple times.

The value parameter must follow the format of the Set-Cookie HTTP response header. This is a key-value pair of the form "key=value", optionally followed by a list of cookie attributes delimited with semicolons (ex. "key=value; Max-Age=123"). For the header format and attributes supported by WebView, see the Set-Cookie documentation on MDN.

This method is asynchronous. If a ValueCallback is provided, ValueCallback.onReceiveValue will be called on the current thread's android.os.Looper once the operation is complete. The value provided to the callback indicates whether the cookie was set successfully. You can pass null as the callback if you don't need to know when the operation completes or whether it succeeded, and in this case it is safe to call the method from a thread without a Looper.

Notes:

  • If specifying a value containing the "Secure" attribute, url must use the "https://" scheme.
  • if specifying a value containing the "Partitioned" attribute, the cookie will be set for the top-level partition of the url.
Parameters
url String!: the URL for which the cookie is to be set
value String!: the cookie as a string, using the format of the 'Set-Cookie' HTTP response header
callback ValueCallback<Boolean!>?: a callback to be executed when the cookie has been set This value may be null.

Protected methods

clone

Added in API level 1
protected open fun clone(): Any!
Return
Any! a clone of this instance.
Exceptions
java.lang.CloneNotSupportedException if the object's class does not support the Cloneable interface. Subclasses that override the clone method can also throw this exception to indicate that an instance cannot be cloned.