Closed Bug 443150 Opened 17 years ago Closed 17 years ago

Cookies not sent from "Save Link As..."

Categories

(Toolkit :: Downloads API, defect)

Product:
Toolkit
Component:
Downloads API
Platform:
x86
Windows XP
Type:
defect
Priority:
Not set
Severity:
major

Tracking

()

Status:
VERIFIED DUPLICATE of bug 437174

People

(Reporter: sutton, Unassigned)

Details

Attachments

(1 file)

Simple PHP script that shows the problem
827 bytes, text/plain
Details
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 5.1; en-GB; rv:1.9) Gecko/2008052906 Firefox/3.0 Build Identifier: Mozilla/5.0 (Windows; U; Windows NT 5.1; en-GB; rv:1.9) Gecko/2008052906 Firefox/3.0 When downloading a file via the "Save Link As..." context menu, the Cookie header is not submitted. Selecting "Open Link in New Window" from the same menu for the same link does result in the cookie being submitted. Naturally, this prevents the saving of any file, which is dependent on a cookie. Bug 426902 is probably caused by this problem, as perhaps some others which report odd "Save Link As..." behaviour. Reproducible: Always Steps to Reproduce: 1.Find a link to a file on a site which uses cookies, and open HTTP request/header capture window (e.g. proxomitron). 2.Select "Save Link As..." from context menu. 3.Watch the request go without the Cookie header. 4.Try "Open Link in New Window" for the same link. 5.Watch as this time, the Cookie header is sent. NB: this is not sequence dependent, 2/3 and 4/5 can be performed in any order, any number of times with the same results. Actual Results: No cookie sent in step 3, cookie sent in step 5 Expected Results: Cookie should be sent in step 3 Comparison with Firefox 2 on the same site did result in correct sending of the cookie (I didn't actually examine the headers but the cookie dependent download was successful with 2)
Version: unspecified → 3.0 Branch
Version: 3.0 Branch → Trunk
Can you provide us an example link?
WFM. I see the cookies sent in the HTTP request with Save Link As. Do you see this problem when you run Firefox in Safe Mode?
Example URL: http://www.mozilla-europe.org/en/firefox/ Using the "Free Download" link -----------------------------First up is the "Save Link As...." *** Log Reset *** +++GET 1652+++ GET /?product=firefox-3.0&os=win&lang=en-GB HTTP/1.1 Host: download.mozilla.org User-Agent: Mozilla/5.0 (Windows; U; Windows NT 5.1; en-GB; rv:1.9) Gecko/2008052906 Firefox/3.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8 Accept-Language: en-gb,en;q=0.5 Accept-Encoding: gzip,deflate Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7 Keep-Alive: 300 Referer: http://www.mozilla-europe.org/en/firefox/ Pragma: no-cache Cache-Control: no-cache Connection: keep-alive Browser reload detected... +++RESP 1652+++ HTTP/1.1 302 Found Date: Mon, 07 Jul 2008 11:32:19 GMT Server: Apache/2.2.3 (Red Hat) Set-Cookie: dmo=10.2.81.4.1215430339680852; path=/; expires=Tue, 07-Jul-09 11:32:19 GMT X-Powered-By: PHP/5.1.6 Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0, private Pragma: no-cache Location: http://mozilla.mirror.pop-sc.rnp.br/mirror/mozilla.org//firefox/releases/3.0/win32/en-GB/Firefox%20Setup%203.0.exe Content-Length: 0 Content-Type: text/html; charset=UTF-8 +++CLOSE 1652+++ +++GET 1653+++ GET /mirror/mozilla.org//firefox/releases/3.0/win32/en-GB/Firefox%20Setup%203.0.exe HTTP/1.1 Host: mozilla.mirror.pop-sc.rnp.br User-Agent: Mozilla/5.0 (Windows; U; Windows NT 5.1; en-GB; rv:1.9) Gecko/2008052906 Firefox/3.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8 Accept-Language: en-gb,en;q=0.5 Accept-Encoding: gzip,deflate Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7 Keep-Alive: 300 Referer: http://www.mozilla-europe.org/en/firefox/ Pragma: no-cache Cache-Control: no-cache Connection: keep-alive Browser reload detected... +++RESP 1653+++ HTTP/1.1 200 OK Date: Mon, 07 Jul 2008 11:30:05 GMT Server: Apache/2.2.3 (Debian) Last-Modified: Wed, 11 Jun 2008 09:18:22 GMT ETag: "6c83f6-6fdc30-86b05380" Accept-Ranges: bytes Content-Length: 7330864 Content-Type: application/x-msdos-program -----------------------------And now the simple click *** Log Reset *** +++GET 1654+++ GET /img/__utm.gif?utmwv=6.1&utmn=2114029405&utmsr=1280x1024&utmsc=32-bit&utmul=en-gb&utmje=1&utmjv=1.5&utmfl=9.0%20%20r124&utmdt=Firefox%20web%20browser%20%7C%20Faster%2C%20more%20secure%2C%20%26%20customizable%20%7C%20Mozilla%20Europe&utmhn=www.mozilla-europe.org&utmp=/download-tracking/en-GB/firefox-3.0/win/using%3Agecko-other HTTP/1.1 Host: www.mozilla-europe.org User-Agent: Mozilla/5.0 (Windows; U; Windows NT 5.1; en-GB; rv:1.9) Gecko/2008052906 Firefox/3.0 Accept: image/png,image/*;q=0.8,*/*;q=0.5 Accept-Language: en-gb,en;q=0.5 Accept-Encoding: gzip,deflate Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7 Keep-Alive: 300 Referer: http://www.mozilla-europe.org/en/firefox/ Cookie: __utmz=210549513.1213877639.2.2.utmccn=(organic)|utmcsr=google|utmctr=firefox|utmcmd=organic; __utma=210549513.986463487.1213870538.1213877639.1215430023.3; __utmb=210549513; __utmc=210549513 Connection: keep-alive +++GET 1655+++ GET /?product=firefox-3.0&os=win&lang=en-GB HTTP/1.1 Host: download.mozilla.org User-Agent: Mozilla/5.0 (Windows; U; Windows NT 5.1; en-GB; rv:1.9) Gecko/2008052906 Firefox/3.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8 Accept-Language: en-gb,en;q=0.5 Accept-Encoding: gzip,deflate Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7 Keep-Alive: 300 Referer: http://www.mozilla-europe.org/en/firefox/ Cookie: __utma=150903082.1648270781.1189682091.1202819841.1214998321.8; dmo=10.2.81.4.1213870681109005; __utmz=150903082.1214998321.8.1.utmccn=(referral)|utmcsr=developer.mozilla.org|utmcct=/en/docs/Bug_writing_guidelines|utmcmd=referral Connection: keep-alive +++CLOSE 1654+++ +++RESP 1655+++ HTTP/1.1 302 Found Date: Mon, 07 Jul 2008 11:34:10 GMT Server: Apache/2.2.3 (Red Hat) X-Powered-By: PHP/5.1.6 Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0, private Pragma: no-cache Location: http://mozilla-east.superbhosting.net/firefox/releases/3.0/win32/en-GB/Firefox%20Setup%203.0.exe Content-Length: 0 Content-Type: text/html; charset=UTF-8 +++CLOSE 1655+++ +++GET 1656+++ GET /firefox/releases/3.0/win32/en-GB/Firefox%20Setup%203.0.exe HTTP/1.1 Host: mozilla-east.superbhosting.net User-Agent: Mozilla/5.0 (Windows; U; Windows NT 5.1; en-GB; rv:1.9) Gecko/2008052906 Firefox/3.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8 Accept-Language: en-gb,en;q=0.5 Accept-Encoding: gzip,deflate Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7 Keep-Alive: 300 Referer: http://www.mozilla-europe.org/en/firefox/ Range: bytes=0- If-Range: Wed, 11 Jun 2008 09:18:22 GMT Connection: keep-alive +++RESP 1656+++ HTTP/1.1 206 Partial Content Server: nginx/0.6.31 Date: Mon, 07 Jul 2008 11:33:58 GMT Content-Type: application/octet-stream Content-Length: 7330864 Last-Modified: Wed, 11 Jun 2008 09:18:22 GMT Connection: keep-alive Content-Range: bytes 0-7330863/7330864 ---------------------------------- Notice how the simple click sends cookies, but the Save link as did not. (note that my original testing was done on a separate site, I am developing internally, however the getfirefox page also demonstrates the same problem). Original testing was done in normal mode, but the above testing was done in safe mode. The above to tests both 'successfully' downloaded the file, as this site clearly doesn't require the cookie, but the site I am developing (and others, I'm sure) won't serve the file if the cookie is missing.
Mozilla/5.0 (Windows; U; Windows NT 5.2; en-US; rv:1.9) Gecko/2008052906 Firefox/3.0 I am seeing this bug as well. I have an invoicing system written in PHP with cookie-based verification. Attempting to download the invoices with "Save link as" is throwing validation errors now (as if the cookies didn't exist). This does not happen in FF 1.5, FF 2.0 or any other browser I have tried it in (they allow me to download the link properly). I created a very simple PHP sample that clearly demonstrates this problem: http://www.neuetech.com/sample-nocookies.php Clicking on the "Save this file!" link will say "Cookie found!". If you instead right click and choose "Save Link As...", save it to say "temp.txt", then view that file, it will say "No cookie was found!" from FF3.
This is a very simple test script that shows the problem.
It works for me. Can you install the latest trunk ( http://ftp.mozilla.org/pub/mozilla.org/firefox/nightly/latest-trunk/ ) and test this bug in safe mode, or better with a blank profile? Disable also all plugins temporary. If it works in this way, but not with your normal profile, probably it's a problem caused by an extension. So try to disable them one-by-one. When you find the problematic extension(s), inform us and its author, and change the resolution of this bug to invalid.
(In reply to comment #6) > It works for me. > Can you install the latest trunk ( > http://ftp.mozilla.org/pub/mozilla.org/firefox/nightly/latest-trunk/ ) and > test this bug in safe mode, or better with a blank profile? Disable also all > plugins temporary. I tried several things to get this to function in FF3. First, I disabled every plugin in FF3. Then, I downloaded the latest trunk file as you suggested. Then I tried disabling all plugins in that. Then I tried running it in safe mode. Not a single method allowed me to download the file properly. I installed the same trunk file on a different computer (running Windows XP SP3 instead of Windows XP x64 SP2) and it worked just fine.
(In reply to comment #7) > I installed the same trunk file on a different computer (running Windows XP SP3 > instead of Windows XP x64 SP2) and it worked just fine. > Can you test it in Windows Safe Mode?
(In reply to comment #8) > Can you test it in Windows Safe Mode? My system has never been able to boot into Safe Mode, but that is beside the point. I tried again for humor's sake, but still no go. I do not know what getting into Safe Mode will accomplish in any case. I do not have a spare Windows XP x64 system to test this on, but I tested on many other OSes (Windows XP SP2 and SP3, Windows 2003, Ubuntu 8.04 x86 and x64) and none of them have the problem. That's all fine and dandy, but this is my personal system and it is not functioning on it. FF1.5, FF2, Safari, Opera, IE6, IE7, etc. all work just fine on my system, but I don't want to have to revert back to FF2 for my primary browser. The fact that all prior versions work on this PC and it does NOT work on FF3 means that there is a problem with FF3. The fact that the person who posted this bug, Steve Sutton, also has this problem points to a potential issue in FF3, though he seems to be using Windows XP 32bit (Win NT 5.1)...
(In reply to comment #9) > I do not know what getting into Safe Mode will accomplish in any case. > This excludes problems with other running programs, for example a cookie blocker. Steve Sutton, can you do the test I suggested in Comment #6?
Keywords: qawanted
Ah, I forgot to say: test the bug with the testcase provided by Memso: https://bugzilla.mozilla.org/attachment.cgi?id=329547
I have discovered how to cause this bug. Go to "Tools > Options" ("Edit > Preferences" in Linux). Click on the "Privacy" section. Uncheck "Accept third-party cookies". Click OK. If I check that box, my browser will start sending the cookies when attempting to save the file. With me being a bit of a security nut turned this off the moment I installed FF3, just like I had in FF2. Go to the sample link. It stops sending the cookie when saving the file. It shouldn't be counting the link as a third party site, but it is. Tested on: Windows XP SP3, Windows XP Pro x64 SP2 and Ubuntu v8.04 x86
I'm duping this to a newer bug because it has more information on what the problem is.
Status: UNCONFIRMED → RESOLVED
Closed: 17 years ago
Resolution: --- → DUPLICATE
Status: RESOLVED → VERIFIED
Keywords: qawanted
Just to confirm, I turned 3rd party cookies on, and my site did then work correctly.
Product: Firefox → Toolkit
You need to log in before you can comment on or make changes to this bug.

Attachment

General

Creator:
Created:
Updated:
Size: