Cookie not sent on websocket

Hi,


The Safari (MacOS/iOS) does not seem to process the cookies on websocket? We use secure websocket (wss) from javascript to open a connection to the wss server. On reply of the handshake negotiation, we attach cookies as part of the response for Connection Upgrade (http response code 101). We have double checked the response in the safari developer tools's network traffic and confirm that the cookies are part of the response. When we connect to the same wss server the second time, the request is not sending the previously received cookies. The attributes for the cookies are HttpOnly, Secure, SameSite=Strict. Is this behavior documented somewhere?


We can confirm that the above setup works fine on Chrome/Firefox.


Thanks.


EDIT: If we remove the HttpOnly flag, then Safari (MacOS/iOS) works as expected, but we do need HttpOnly to prevent script access of the cookie.

Cookie not sent on websocket
 
 
Q