From b469b1cd21c1f6fc211fb503ca875b77915a2785 Mon Sep 17 00:00:00 2001
From: Dimitris Dafnis <68849116+jim-daf@users.noreply.github.com>
Date: Sat, 25 Apr 2026 21:11:22 +0200
Subject: [PATCH 1/2] feat(webview): accept third-party cookies for embeds

Refs #526
---
 .../src/main/java/com/ferg/awfulapp/webview/AwfulWebView.java    | 1 +
 1 file changed, 1 insertion(+)

diff --git a/Awful.apk/src/main/java/com/ferg/awfulapp/webview/AwfulWebView.java b/Awful.apk/src/main/java/com/ferg/awfulapp/webview/AwfulWebView.java
index eddc3b230..71beec0c8 100644
--- a/Awful.apk/src/main/java/com/ferg/awfulapp/webview/AwfulWebView.java
+++ b/Awful.apk/src/main/java/com/ferg/awfulapp/webview/AwfulWebView.java
@@ -5,6 +5,7 @@
 import androidx.annotation.NonNull;
 import androidx.annotation.Nullable;
 import android.util.AttributeSet;
+import android.webkit.CookieManager;
 import android.webkit.WebSettings;
 import android.webkit.WebView;
 

From 453faa9b6d6e4645c56ade13368bc2d8a52ce5ea Mon Sep 17 00:00:00 2001
From: Dimitris Dafnis <68849116+jim-daf@users.noreply.github.com>
Date: Sat, 25 Apr 2026 21:11:25 +0200
Subject: [PATCH 2/2] feat(webview): accept third-party cookies for embeds

Refs #526
---
 .../main/java/com/ferg/awfulapp/webview/AwfulWebView.java  | 7 ++++++-
 1 file changed, 6 insertions(+), 1 deletion(-)

diff --git a/Awful.apk/src/main/java/com/ferg/awfulapp/webview/AwfulWebView.java b/Awful.apk/src/main/java/com/ferg/awfulapp/webview/AwfulWebView.java
index 71beec0c8..afdf8a79e 100644
--- a/Awful.apk/src/main/java/com/ferg/awfulapp/webview/AwfulWebView.java
+++ b/Awful.apk/src/main/java/com/ferg/awfulapp/webview/AwfulWebView.java
@@ -5,7 +5,6 @@
 import androidx.annotation.NonNull;
 import androidx.annotation.Nullable;
 import android.util.AttributeSet;
-import android.webkit.CookieManager;
 import android.webkit.WebSettings;
 import android.webkit.WebView;
 
@@ -102,6 +101,12 @@ private void init() {
         webSettings.setAllowUniversalAccessFromFileURLs(true);
         webSettings.setAllowFileAccess(true);
         webSettings.setAllowContentAccess(true);
+
+        // Issue #526: third-party embeds (Twitter, Facebook, Imgur,
+        // Instagram) load their iframe content from a different origin
+        // and need their session cookie to render. Without this the
+        // embed area shows a blank box or a "log in" stub.
+        CookieManager.getInstance().setAcceptThirdPartyCookies(this, true);
     }