WebView Integration — ProtonDrive Wiki

# WebView Integration Layer How the Tauri WebView connects with Proton's WebClients frontend and the Rust backend. ## Components | Module | Lines | Purpose | |---|---|---| | `webview_cookies.rs` | 329 | Cookie bridge between WebKit native store and reqwest HTTP client | | `webview_storage.rs` | 11 | Creates persistent WebView data directory (`app_data/webview/`) | | `url_log.rs` | 8 | Strips query params/fragments from URLs for safe log output | ## Cookie Management (`webview_cookies.rs`) The app maintains cookies in two stores that must stay in sync: 1. **WebKit's native cookie store** — persisted by the WebView across restarts (handles "Keep me signed in") 2. **`reqwest::cookie::Jar`** — the in-process HTTP client jar for proxied API requests The critical function is `combined_cookie_header` which merges both stores, with the client jar taking precedence (it has the freshest auth state after login/2FA):

sequenceDiagram
    participant WEB as WebView
    participant WK as WebKit Cookie Store
    participant JAR as reqwest Cookie Jar
    participant MERGE as combined_cookie_header
    participant API as Proton API
    
    WEB->>WK: Read persisted cookies
    JAR->>JAR: Auth tokens from login response
    MERGE->>WK: Get WebKit cookies
    MERGE->>JAR: Get client jar cookies
    Note over MERGE: Client jar wins for duplicates
    MERGE->>API: Merged Cookie header

### Auth Cookie Handling - Auth cookies are identified by `AUTH-` or `REFRESH-` prefix - `store_webview_cookie` persists `Set-Cookie` response headers into WebKit - Legacy blank-domain cookies (from older builds) are automatically cleaned up - Default cookie scope is applied per RFC 6265 §5.1.4 ### Test Coverage 7 tests covering: cookie header merging, RFC 6265 path defaults, host-only cookie scoping, blank-domain cleanup, explicit domain preservation, and empty/malformed cookie handling. ## Data Directory (`webview_storage.rs`) Two functions managing the persistent WebView storage path: ```rust pub fn persistent_webview_data_dir(app_data_dir: PathBuf) -> PathBuf { app_data_dir.join("webview") } pub fn ensure_webview_data_dir(dir: &Path) -> std::io::Result<()> { std::fs::create_dir_all(dir) } ``` ## URL Logging (`url_log.rs`) A single function that strips sensitive query parameters and fragments from URLs before logging: ```rust pub fn sanitize_url_for_log(url: &str) -> String ``` Used throughout the codebase to safely log URLs without leaking auth tokens, session data, or other sensitive parameters.