Note: There are a few cases of duplicates in user autocompletion which are being worked on.

WebExtension cookies API does not work in private browsing

RESOLVED DUPLICATE of bug 1354229

Status

()

Toolkit
WebExtensions: Untriaged
P1
normal
RESOLVED DUPLICATE of bug 1354229
8 months ago
16 days ago

People

(Reporter: Jesper Kristensen, Assigned: kmag)

Tracking

({dev-doc-complete})

unspecified
dev-doc-complete
Points:
---

Firefox Tracking Flags

(Not tracked)

Details

(Whiteboard: triaged[cookies])

MozReview Requests

()

Submitter Diff Changes Open Issues Last Updated
Loading...
Error loading review requests:

Attachments

(1 attachment)

(Reporter)

Description

8 months ago
WebExtension cookies API does not work in private browsing. I am not sure when it stopped working.
Comment hidden (mozreview-request)
(Reporter)

Comment 2

8 months ago
I uploaded a patch. There are no unit tests yet. I could not find any unit tests that test if the cookies seen by the WebExtension API are the same as the cookies seen by websites. I am not sure how to create such a unit test.
Comment hidden (mozreview-request)
(Reporter)

Comment 4

8 months ago
I made an attempt at a unit test, but it does not show the cookie header. I can't figure out why.

Updated

8 months ago
Assignee: nobody → kmaglione+bmo
Priority: -- → P1
Whiteboard: triaged
Comment hidden (mozreview-request)
I was hoping this might address bug 1309637 but it doesn't appear to.

Updated

8 months ago
Whiteboard: triaged → triaged[cookies]

Updated

4 months ago
webextensions: --- → ?

Updated

4 months ago
webextensions: ? → +

Comment 7

4 months ago
I encountered this issue while creating a cookie manager (https://addons.mozilla.org/en-US/firefox/addon/a-cookie-manager/) and independently discovered that privateBrowsingId is missing from OriginAttributes. The fix in the patch looks good to me (but I would create a separate variable to store {userContextId,privateBrowsingId} instead of duplicating the dictionary).
Why has this not landed yet?

(In reply to Jesper Kristensen from comment #4)
> I made an attempt at a unit test, but it does not show the cookie header. I
> can't figure out why.

Jesper, what can I do to help you with finishing this patch?
Flags: needinfo?(bugzilla)
(Reporter)

Comment 8

4 months ago
As I said in comment #2 I could not find out how to make a unit test that tests what cookies a website would actually see and set.
Flags: needinfo?(bugzilla)

Updated

4 months ago
See Also: → bug 1354229

Comment 9

4 months ago
You can use a content script (or just a normal web page) and use the document.cookie DOM API to read/write cookies.

See the test case in comment 2 at bug 1354229 for an example of writing cookies.

Comment 10

a month ago
I've submitted a patch for 1354229 that is going to fix this.

If you are interested in seeing how to access document.cookie as I suggested in my previous comment (comment 9), look at the getDocumentCookie function in the test in the second patch.
Status: NEW → RESOLVED
Last Resolved: a month ago
Resolution: --- → DUPLICATE
Duplicate of bug: 1354229

Comment 11

a month ago
Now bug 1354229 has landed, the documentation needs to be updated:

https://developer.mozilla.org/en-US/Add-ons/WebExtensions/API/cookies/set
https://developer.mozilla.org/en-US/Add-ons/WebExtensions/API/cookies/remove

needs to mention that writing/removing private browsing cookies was broken up until Firefox 55.
As of Firefox 56, writing private browsing cookies works as expected.
Keywords: dev-doc-needed
Keywords: dev-doc-needed
oops, sorry!
Keywords: dev-doc-needed
Keywords: dev-doc-needed
Keywords: dev-doc-needed
I've updated the compat notes for those 2 pages:
https://developer.mozilla.org/en-US/Add-ons/WebExtensions/API/cookies/set#Browser_compatibility
https://developer.mozilla.org/en-US/Add-ons/WebExtensions/API/cookies/remove#Browser_compatibility

Since this seems like a straightforward change, I'm marking it as dev-doc-complete, but let me know if we need anything else here.
Keywords: dev-doc-needed → dev-doc-complete
You need to log in before you can comment on or make changes to this bug.