Added in API level 1

Summary: Ctors | Methods | Protected Methods | Inherited Methods

CookieManager

Kotlin |Java

public abstract class CookieManager
extends Object

java.lang.Object
↳	android.webkit.CookieManager

Manages the cookies used by an application's WebView instances.

CookieManager represents cookies as strings in the same format as the HTTP Cookie and Set-Cookie header fields (defined in RFC6265bis).

Summary

Public constructors
`CookieManager()` This constructor is deprecated. This class should not be constructed by applications, use `getInstance()` instead to fetch the singleton instance.

Public methods
`abstract boolean`	`acceptCookie()` Gets whether the application's `WebView` instances send and accept cookies.
`abstract boolean`	`acceptThirdPartyCookies(WebView webview)` Gets whether the `WebView` should allow third party cookies to be set.
`static boolean`	`allowFileSchemeCookies()` Gets whether the application's `WebView` instances send and accept cookies for file scheme URLs.
`abstract void`	`flush()` Ensures all cookies currently accessible through the getCookie API are written to persistent storage.
`abstract String`	`getCookie(String url)` Gets all the cookies for the given URL.
`static CookieManager`	`getInstance()` Gets the singleton CookieManager instance.
`abstract boolean`	`hasCookies()` Gets whether there are stored cookies.
`abstract void`	`removeAllCookie()` This method was deprecated in API level 21. Use `removeAllCookies(android.webkit.ValueCallback)` instead.
`abstract void`	`removeAllCookies(ValueCallback<Boolean> callback)` Removes all cookies.
`abstract void`	`removeExpiredCookie()` This method was deprecated in API level 21. The WebView handles removing expired cookies automatically.
`abstract void`	`removeSessionCookie()` This method was deprecated in API level 21. use `removeSessionCookies(android.webkit.ValueCallback)` instead.
`abstract void`	`removeSessionCookies(ValueCallback<Boolean> callback)` Removes all session cookies, which are cookies without an expiration date.
`abstract void`	`setAcceptCookie(boolean accept)` Sets whether the application's `WebView` instances should send and accept cookies.
`static void`	`setAcceptFileSchemeCookies(boolean accept)` This method was deprecated in API level 30. This setting is not secure, please use androidx.webkit.WebViewAssetLoader instead.
`abstract void`	`setAcceptThirdPartyCookies(WebView webview, boolean accept)` Sets whether the `WebView` should allow third party cookies to be set.
`abstract void`	`setCookie(String url, String value, ValueCallback<Boolean> callback)` Sets a single cookie (key-value pair) for the given URL.
`abstract void`	`setCookie(String url, String value)` Sets a single cookie (key-value pair) for the given URL.

Protected methods
`Object`	`clone()` Creates and returns a copy of this object.

Inherited methods

From class


        
          java.lang.Object

`Object`	`clone()` Creates and returns a copy of this object.
`boolean`	`equals(Object obj)` Indicates whether some other object is "equal to" this one.
`void`	`finalize()` Called by the garbage collector on an object when garbage collection determines that there are no more references to the object.
`final Class<?>`	`getClass()` Returns the runtime class of this `Object`.
`int`	`hashCode()` Returns a hash code value for the object.
`final void`	`notify()` Wakes up a single thread that is waiting on this object's monitor.
`final void`	`notifyAll()` Wakes up all threads that are waiting on this object's monitor.
`String`	`toString()` Returns a string representation of the object.
`final void`	`wait(long timeoutMillis, int nanos)` Causes the current thread to wait until it is awakened, typically by being notified or interrupted, or until a certain amount of real time has elapsed.
`final void`	`wait(long timeoutMillis)` Causes the current thread to wait until it is awakened, typically by being notified or interrupted, or until a certain amount of real time has elapsed.
`final void`	`wait()` Causes the current thread to wait until it is awakened, typically by being notified or interrupted.

Public constructors

CookieManager

Added in API level 22

public CookieManager ()

This constructor is deprecated.
This class should not be constructed by applications, use getInstance() instead to fetch the singleton instance.

Public methods

acceptCookie

Added in API level 1

public abstract boolean acceptCookie ()

Gets whether the application's WebView instances send and accept cookies.

Returns
`boolean`	`true` if `WebView` instances send and accept cookies

acceptThirdPartyCookies

Added in API level 21

public abstract boolean acceptThirdPartyCookies (WebView webview)

Gets whether the WebView should allow third party cookies to be set.

Parameters
`webview`	`WebView`: the `WebView` instance to get the cookie policy for

Returns
`boolean`	`true` if the `WebView` accepts third party cookies

allowFileSchemeCookies

Added in API level 12

public static boolean allowFileSchemeCookies ()

Gets whether the application's WebView instances send and accept cookies for file scheme URLs.

Returns
`boolean`	`true` if `WebView` instances send and accept cookies for file scheme URLs

flush

Added in API level 21

public abstract void flush ()

Ensures all cookies currently accessible through the getCookie API are written to persistent storage. This call will block the caller until it is done and may perform I/O.

getCookie

Added in API level 1

public abstract String getCookie (String url)

Gets all the cookies for the given URL. This may return multiple key-value pairs if multiple cookies are associated with this URL, in which case each cookie will be delimited by "; " characters (semicolon followed by a space). Each key-value pair will be of the form "key=value".

Note: Any cookies set with the "Partitioned" attribute will only be returned for the top-level partition of url.

Parameters
`url`	`String`: the URL for which the cookies are requested

Returns
`String`	value the cookies as a string, using the format of the 'Cookie' HTTP request header

getInstance

Added in API level 1

public static CookieManager getInstance ()

Gets the singleton CookieManager instance.

Returns
`CookieManager`	the singleton CookieManager instance

hasCookies

Added in API level 1

public abstract boolean hasCookies ()

Gets whether there are stored cookies.

Returns
`boolean`	`true` if there are stored cookies

removeAllCookie

Added in API level 1
Deprecated in API level 21

public abstract void removeAllCookie ()

This method was deprecated in API level 21.
Use removeAllCookies(android.webkit.ValueCallback) instead.

Removes all cookies.

removeAllCookies

Added in API level 21

public abstract void removeAllCookies (ValueCallback<Boolean> callback)

Removes all cookies.

This method is asynchronous. If a ValueCallback is provided, onReceiveValue() will be called on the current thread's Looper once the operation is complete. The value provided to the callback indicates whether any cookies were removed. You can pass null as the callback if you don't need to know when the operation completes or whether any cookies were removed, and in this case it is safe to call the method from a thread without a Looper.

Parameters
`callback`	`ValueCallback`: a callback which is executed when the cookies have been removed This value may be `null`.

removeExpiredCookie

Added in API level 1
Deprecated in API level 21

public abstract void removeExpiredCookie ()

This method was deprecated in API level 21.
The WebView handles removing expired cookies automatically.

Removes all expired cookies.

removeSessionCookie

Added in API level 1
Deprecated in API level 21

public abstract void removeSessionCookie ()

This method was deprecated in API level 21.
use removeSessionCookies(android.webkit.ValueCallback) instead.

Removes all session cookies, which are cookies without an expiration date.

removeSessionCookies

Added in API level 21

public abstract void removeSessionCookies (ValueCallback<Boolean> callback)

Removes all session cookies, which are cookies without an expiration date.

This method is asynchronous. If a ValueCallback is provided, onReceiveValue() will be called on the current thread's Looper once the operation is complete. The value provided to the callback indicates whether any cookies were removed. You can pass null as the callback if you don't need to know when the operation completes or whether any cookie were removed, and in this case it is safe to call the method from a thread without a Looper.

Parameters
`callback`	`ValueCallback`: a callback which is executed when the session cookies have been removed This value may be `null`.

setAcceptCookie

Added in API level 1

public abstract void setAcceptCookie (boolean accept)

Sets whether the application's WebView instances should send and accept cookies. By default this is set to true and the WebView accepts cookies.

When this is true setAcceptThirdPartyCookies and setAcceptFileSchemeCookies can be used to control the policy for those specific types of cookie.

Parameters
`accept`	`boolean`: whether `WebView` instances should send and accept cookies

setAcceptFileSchemeCookies

Added in API level 12
Deprecated in API level 30

public static void setAcceptFileSchemeCookies (boolean accept)

This method was deprecated in API level 30.
This setting is not secure, please use androidx.webkit.WebViewAssetLoader instead.

Sets whether the application's WebView instances should send and accept cookies for file scheme URLs.

Use of cookies with file scheme URLs is potentially insecure and turned off by default. All file:// URLs share all their cookies, which may lead to leaking private app cookies (ex. any malicious file can access cookies previously set by other (trusted) files).

Loading content via file:// URLs is generally discouraged. See the note in WebSettings#setAllowFileAccess. Using androidx.webkit.WebViewAssetLoader to load files over http(s):// URLs allows the standard web security model to be used for setting and sharing cookies for local files.

Note that calls to this method will have no effect if made after calling other CookieManager APIs.

Parameters
`accept`	`boolean`

setAcceptThirdPartyCookies

Added in API level 21

public abstract void setAcceptThirdPartyCookies (WebView webview, 
                boolean accept)

Sets whether the WebView should allow third party cookies to be set. Allowing third party cookies is a per WebView policy and can be set differently on different WebView instances.

Apps that target Build.VERSION_CODES.KITKAT or below default to allowing third party cookies. Apps targeting Build.VERSION_CODES.LOLLIPOP or later default to disallowing third party cookies.

Parameters
`webview`	`WebView`: the `WebView` instance to set the cookie policy on
`accept`	`boolean`: whether the `WebView` instance should accept third party cookies

setCookie

Added in API level 21

public abstract void setCookie (String url, 
                String value, 
                ValueCallback<Boolean> callback)

Sets a single cookie (key-value pair) for the given URL. Any existing cookie with the same host, path and name will be replaced with the new cookie. The cookie being set will be ignored if it is expired. To set multiple cookies, your application should invoke this method multiple times.

The value parameter must follow the format of the Set-Cookie HTTP response header. This is a key-value pair of the form "key=value", optionally followed by a list of cookie attributes delimited with semicolons (ex. "key=value; Max-Age=123"). For the header format and attributes supported by WebView, see the Set-Cookie documentation on MDN.

This method is asynchronous. If a ValueCallback is provided, ValueCallback#onReceiveValue will be called on the current thread's Looper once the operation is complete. The value provided to the callback indicates whether the cookie was set successfully. You can pass null as the callback if you don't need to know when the operation completes or whether it succeeded, and in this case it is safe to call the method from a thread without a Looper.

Notes:

If specifying a value containing the "Secure" attribute, url must use the "https://" scheme.
if specifying a value containing the "Partitioned" attribute, the cookie will be set for the top-level partition of the url.

Parameters
`url`	`String`: the URL for which the cookie is to be set
`value`	`String`: the cookie as a string, using the format of the 'Set-Cookie' HTTP response header
`callback`	`ValueCallback`: a callback to be executed when the cookie has been set This value may be `null`.

setCookie

Added in API level 1

public abstract void setCookie (String url, 
                String value)

Notes:

If specifying a value containing the "Secure" attribute, url must use the "https://" scheme.
if specifying a value containing the "Partitioned" attribute, the cookie will be set for the top-level partition of the url.

Parameters
`url`	`String`: the URL for which the cookie is to be set
`value`	`String`: the cookie as a string, using the format of the 'Set-Cookie' HTTP response header

Protected methods

clone

Added in API level 1

protected Object clone ()

Creates and returns a copy of this object. The precise meaning of "copy" may depend on the class of the object. The general intent is that, for any object x, the expression:

 x.clone() != x

will be true, and that the expression:

 x.clone().getClass() == x.getClass()

will be true, but these are not absolute requirements. While it is typically the case that:

 x.clone().equals(x)

will be true, this is not an absolute requirement.

By convention, the returned object should be obtained by calling super.clone. If a class and all of its superclasses (except Object) obey this convention, it will be the case that x.clone().getClass() == x.getClass().

By convention, the object returned by this method should be independent of this object (which is being cloned). To achieve this independence, it may be necessary to modify one or more fields of the object returned by super.clone before returning it. Typically, this means copying any mutable objects that comprise the internal "deep structure" of the object being cloned and replacing the references to these objects with references to the copies. If a class contains only primitive fields or references to immutable objects, then it is usually the case that no fields in the object returned by super.clone need to be modified.

Returns
`Object`	a clone of this instance.

Throws
`CloneNotSupportedException`