Closed
Bug 533985
Opened 15 years ago
Closed 15 years ago
If third party cookies are disabled, extensions can't set cookies via the cookie manager
Categories
(Core :: Networking: Cookies, defect)
Tracking
()
RESOLVED
INVALID
People
(Reporter: mkaply, Unassigned)
Details
Our extension (Optout) sets optout cookies via an addon so a user doesn't have to visit different sites to set them.
We received a report that it wasn't working for some people and when we debugged, we found that if third party cookies are disabled, the cookie APIs silently fail when writing cookies.
Code like fails:
var now = new Date();
var expired = new Date(Date.parse("January 1, " + (now.getFullYear() + 10) + " 12:00:00"));
var cookie = name + "=" + value +
";expires=" + expired;
// if (domain.charAt(0) == '.') {
cookie += ";domain=" + domain;
// }
var uri = ioService.newURI("http://" + domain + "/", null, null);
cookieService.setCookieString(uri, null, cookie, null);
There is another extension that ran into this problem as well:
https://addons.mozilla.org/en-US/firefox/addon/3255
|
||
Comment 1•15 years ago
|
||
You are passing a null channel, which is strongly discouraged for just this reason -- that's how we check whether it's a third party cookie or not http://mxr.mozilla.org/mozilla-central/source/netwerk/cookie/public/nsICookieService.idl#116 But for this use you probably want the nsICookieManager2::add() backdoor instead. The CookieSafe addon (2497) used this, for example. http://mxr.mozilla.org/mozilla-central/source/netwerk/cookie/public/nsICookieManager2.idl
Status: NEW → RESOLVED
Closed: 15 years ago
Resolution: --- → INVALID
|
|
||
Comment 2•15 years ago
|
||
If you use the direct CookieManager interfaces you are expected to do all the preference checking and sanity checking yourself, use carefully!
You need to log in
before you can comment on or make changes to this bug.
Description
•