I have a Chrome extension which is working correctly in Chrome. When converting it to a Safari extension, I've run into an issue.
When the user first opens the extension popup, the extension opens a new tab where the user needs to sign in. After signing in, the user has a cookie with a session token. The issue is that when I make a POST request using fetch from the extension service worker, it doesn't send the cookie.
It does work when I disable the "Prevent cross-site tracking" checkbox in Safari preferences, but we can't ask users to do that.
It also works when I send the request from a script in the extension popup, but I need to make periodic requests in the background, without user interaction.
Is there documentation that explains this behavior? Is there a way to make it work?