Closed
Bug 436471
Opened 16 years ago
Closed 6 years ago
Disabling third-party cookies also prevents cookies being sent by XMLHttpRequest from parent domain to subdomain
Categories
(Firefox :: Extension Compatibility, defect)
Tracking
()
RESOLVED
INVALID
People
(Reporter: jonasnockert, Unassigned)
References
Details
User-Agent: Mozilla/5.0 (Macintosh; U; Intel Mac OS X 10.5; en-US; rv:1.9) Gecko/2008051202 Firefox/3.0 Build Identifier: Mozilla/5.0 (Macintosh; U; Intel Mac OS X 10.5; en-US; rv:1.9) Gecko/2008051202 Firefox/3.0 I maintain a site-specific extension that sends API requests via XMLHttpRequest. In this case, a user's main page is on #####.com but other pages are located on username.#####.com. Some API requests therefore cross over from the main domain to the subdomain (andr vice versa) and depend on cookies being included in the XMLHttpRequest. Cookie information: Host .#####.com Path / This all works fine until I uncheck the "Accept third-party cookies" from the Privacy tab in the Firefox 3 RC1 preferences. When I do that, the cookies are no longer included and the API calls in question fail. Is this the expected behavior and, if so, is this documented anywhere? Reproducible: Always Steps to Reproduce: 1. 2. 3.
|
Reporter | |
Updated•16 years ago
|
Version: unspecified → 3.0 Branch
|
||
Comment 1•16 years ago
|
||
Seems to be reproducible. In my extension(LiveJournal Addons) XMLHttpRequest don't send cookies to server, if "Accept third-party cookies" don't checked.
|
||
Comment 2•16 years ago
|
||
Confirming, based on comments.
Status: UNCONFIRMED → NEW
Ever confirmed: true
I am facing the exact same issue where cookies set by a parent domain are not being sent with an XHR request to a subdomain if "Accept third-party cookie" is unchecked. Is there any workaround or something else that I need to do before making the XHR request which will enable me to send the cookies of my parent domain (even with "Accept third-party cookie" unchecked) OR checking the "Accept third-party cookie" is the only option that I have. Is Mozilla planning to resolve this issue in any of the coming releases soon?
|
||
Updated•16 years ago
|
Flags: wanted-firefox3.1?
Similar issue for myvidoop.com plugin. Disabling third-party cookies in Firefox 3 causes all cookies to not be sent in AJAX calls to https://myvidoop.com.
|
||
Comment 5•15 years ago
|
||
The behavior where cookies are only sent back to the domain that originated the request is correct. Different domains are different domains; subdomains don't change that... That said, I'm a little confused. XHR can only be done to the same origin in Firefox 3. So how are these requests being done to a different domain to start with, exactly?
My problem is not a parent domain to a subdomain. We are making XMLHttpRequests to our website (myvidoop.com) in privileged Javascript running in chrome. If the user disables third party cookies, then myvidoop.com cookies are not sent with the request. So although we can make XMLHttpRequests to any domain in chrome, that doesn't necessarily mean we'll be able to get/set cookies.
|
|
||
Comment 7•15 years ago
|
||
Benjamin, it sounds like your problem is not related to this bug, as reported, then; see comment 0. Based on your problem description, it sounds like once bug 437174 is fixed you'll want to change your extension to set the appropriate flags on the XHR channel. I'd still like a clear description of the situation THIS bug is about.
|
||
Comment 9•6 years ago
|
||
With WebExtensions being the only valid way of doing extensions in Firefox 57, I don't think this bug is still relevant. If it is, let's re-open this bug and move to WebExtensions.
Status: NEW → RESOLVED
Closed: 6 years ago
Resolution: --- → INVALID
You need to log in
before you can comment on or make changes to this bug.
Description
•