Closed Bug 1663281 Opened 5 years ago Closed 5 years ago

Add Search Engine request does not send session cookies

Categories

(Firefox :: Search, defect)

Product:
Firefox
Component:
Search
Version:
80 Branch
Type:
defect

Tracking

()

Status:
RESOLVED DUPLICATE of bug 1624457

People

(Reporter: lensam69, Unassigned)

Details

User Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/85.0.4183.83 Safari/537.36

Steps to reproduce:

Navigate to a site that includes a valid OpenSearch <link> element, click on the elipsis on the URL bar, and click on "Add Search Engine".

This site is behind a login, thus a session cookie (and certs) are required)

Actual results:

The <link> element points to a page that hosts the search engine XML, however, the session cookies were not included in the request, so the target page 302-redirects the browser to a login page. The browser then tries to interpret this login page as if it were XML, and throws the following errors.

OpenSearchEngine: _onLoad: Failed to init engine!
Exception { name: "NS_ERROR_FILE_CORRUPTED", message: "https://www.internalfb.com/intern/bunny/opensearch/ is not a valid search plugin.", result: 2152857611, filename: "resource://gre/modules/OpenSearchEngine.jsm", lineNumber: 386, columnNumber: 0, data: null, stack: "_initFromData@resource://gre/modules/OpenSearchEngine.jsm:386:24\n_onLoad@resource://gre/modules/OpenSearchEngine.jsm:295:14\nonStopRequest@resource://gre/modules/SearchUtils.jsm:74:10\n", location: XPCWrappedNative_NoHelper }
OpenSearchEngine.jsm:297:18

Invalid search plugin due to namespace not matching. OpenSearchEngine.jsm:385
_initFromData resource://gre/modules/OpenSearchEngine.jsm:385
_onLoad resource://gre/modules/OpenSearchEngine.jsm:295
onStopRequest resource://gre/modules/SearchUtils.jsm:74

Expected results:

When the browser attempts to retrieve the Search Engine XML specification, it should include available cookies.

As far as I can tell, the request is set up in resource://gre/modules/SearchUtils.jsm:211. ( MakeChannel(url) {... )

According to this file [ https://searchfox.org/mozilla-central/source/netwerk/base/nsILoadInfo.idl#136 ] Cookies should be included by default, but it doesn't seem to be the case for me.

Hi Lenny,

Thanks for your report.

Can you please share with us a specific site we can use to validate this issue? Include, if possible, if there are any login/password. In case this is private information, can you share a video recording showing the issue? If there is another site where we can test, which does not include login information, please also let us know.

Also, check if you are able to reproduce this issue on the latest Firefox Nightly version, you can get it from here:
https://nightly.mozilla.org/

Thanks,
Vir

Component: Untriaged → Search
Flags: needinfo?(lensam69)

Duplicate of bug 1624457. One work around would be to open up the xml file so that it isn't protected as it is unlikely it contains sensitive information.

Status: UNCONFIRMED → RESOLVED
Closed: 5 years ago
Flags: needinfo?(lensam69)
Resolution: --- → DUPLICATE
You need to log in before you can comment on or make changes to this bug.