Cookies do not seem to be evicted when using document.cookie
Categories
(Core :: Networking: Cookies, defect, P3)
Tracking
()
People
(Reporter: bingler, Unassigned)
References
(Blocks 1 open bug)
Details
(Whiteboard: [necko-triaged])
Steps to reproduce:
As far as I can tell from looking at the code [1] by default Firefox should allow a maximum of 180 cookies per domain. However, running the test on [2] and my own test seem to contradict that. Funny enough the cookie log shows an eviction but that isn't reflected on the page itself.
-
Enable cookie logging: https://www-archive.mozilla.org/projects/netlib/cookies/cookie-log.html
-
Navigate to https://example.com
-
In the developer tools console execute:
for ( var i = 0; i < 200 ; i++) { document.cookie = 'a'+i+'=b; Secure; SameSite=Lax';}; -
Execute
document.cookieand observe all 200 cookies. -
Go to the Storage Tab and (maybe) view all 200 cookies there as well.
I'm not able to repro consistently but this view occasionally shows all 200 and other times only cookies 30-199. Maybe a race condition? -
Close Firefox and examine the cookie log to find "===== COOKIE EVICTED =====" entries for multiple cookies.
Tested today on 98.0.2 (64-bit) Windows 10
[1] https://searchfox.org/mozilla-central/source/netwerk/cookie/CookieStorage.cpp#552
[2] http://www.ruslog.com/tools/cookies.html
Actual results:
All 200 cookies set are returned by document.cookie and are (sometimes) visible within the developer tools Storage tab.
Expected results:
<=180 cookies should be returned/visible.
|
||
Comment 1•3 years ago
|
||
The Bugbug bot thinks this bug should belong to the 'Core::Networking: Cookies' component, and is moving the bug to that component. Please correct in case you think the bot is wrong.
|
||
Updated•3 years ago
|
|
||
Updated•3 years ago
|
I believe this has since been fixed by some other patch in the cookie component as I can no longer reproduce.
Please re-open with new Steps to reproduce the issue is persisting.
Thanks!
Description
•