I want to make an application, deployed on ios, android and web, which embed a webview, the webview will render a wordpress site that i own, and the user must be connected to this website, without login again in the webview.
While i figured out how to create the connection cookies for ios and android, i'm stuck on the web implementation.
The web implementation use an iframe, the flutterflow app and the wordpress app are both subdomains of the same domain, so the iframe and the website can share cookies, but they're not considered as same origin, so my set-cookie header sent by the wordpress server aren't set by default by the browser (i've configured the wordpress server to allow orgin and frame from my flutter flow web app)
I've noticed that my auth ApiCall (which should set-cookie for the web app embedding the iframe) is an XMLHttpRequest, in case of Cross-Origin XMLHttpRequest that should accept cookies from the server response, it's a mandatory to set the parameter 'withCredentials: true' but i didn't find a way to do it with flutter flow app, is it possible?