Extension in incognito mode
282 views
Skip to first unread message
Виталий Хатламаджиян
May 18, 2017, 12:03:44 PM5/18/17
to Chromium-discuss
I have an extension for Chrome that makes ajax request to my site. The site uses sessions.
So, in response of the ajax request to the site, the Set-Cookie header is returned with some session identifier and a this entry appears in the cookie section of the extension DevPanel (of the backgroud page).
But, session id in the DevPanel browser for the site is a completely different.
Extension is allowed for incognito mode.
In normal mode, the cookies are identical in the DevPanels of the extension and the browser.
I understand that cookies for normal and incognito modes should be different, but why are these values different for the extension allowed for incognito mode?
Am I right and extensions allowed for incognito mode, work in normal mode?
There is a similar thread, but...So, in response of the ajax request to the site, the Set-Cookie header is returned with some session identifier and a this entry appears in the cookie section of the extension DevPanel (of the backgroud page).
But, session id in the DevPanel browser for the site is a completely different.
Extension is allowed for incognito mode.
In normal mode, the cookies are identical in the DevPanels of the extension and the browser.
I understand that cookies for normal and incognito modes should be different, but why are these values different for the extension allowed for incognito mode?
Am I right and extensions allowed for incognito mode, work in normal mode?
PhistucK
May 18, 2017, 12:36:11 PM5/18/17
to vita...@gmail.com, Chromium-discuss
Yes, allowing extensions in incognito mode does not affect the normal mode.
Perhaps this page contains some relevant information -
Sorry, I am not so sure I completely understand the issue at hand...
Also, what are "DevPanels"? You mean the Chrome Developer Tools (generally shortened to "DevTools")?
How do you make that AJAX request? From a content script? From an extension tab? From the background page?
☆PhistucK
--
--
Chromium Discussion mailing list: chromium...@chromium.org
View archives, change email options, or unsubscribe:
http://groups.google.com/a/chromium.org/group/chromium-discuss
---
You received this message because you are subscribed to the Google Groups "Chromium-discuss" group.
To unsubscribe from this group and stop receiving emails from it, send an email to chromium-discuss+unsubscribe@chromium.org.
Виталий Хатламаджиян
May 18, 2017, 4:31:13 PM5/18/17
to Chromium-discuss, vita...@gmail.com
четверг, 18 мая 2017 г., 19:36:11 UTC+3 пользователь PhistucK написал:
Yes, allowing extensions in incognito mode does not affect the normal mode.Perhaps this page contains some relevant information -Sorry, I am not so sure I completely understand the issue at hand...Also, what are "DevPanels"? You mean the Chrome Developer Tools (generally shortened to "DevTools")?
Yes, I meant DevTools.
Generally, session id in the DevTools of the Browser and in the DevTools of my extension are differenet.
The browser launched in Incognito mode and the extension is allowed for incognito mode.
Session ID created on the extension button click. It doesn't exist before.
Then, as I thought, session ids in both DevTools must be equal.
My extension does an ajax request to my site in incognito mode and got wrong session id.
However, if I do the same in normal mode, session ids equal in both DevTools.
How do you make that AJAX request? From a content script? From an extension tab? From the background page?
☆PhistucK
On Thu, May 18, 2017 at 9:02 AM, Виталий Хатламаджиян <vita...@gmail.com> wrote:
Session cookies created in chrome.browserAction.onClicked handler only. I don't use old cookies.If I open the Chrome browser initially in incognito mode (not switch from normal mode) with my extension already allowed for incognito mode, the cookies are again different.I have an extension for Chrome that makes ajax request to my site. The site uses sessions.There is a similar thread, but...
So, in response of the ajax request to the site, the Set-Cookie header is returned with some session identifier and a this entry appears in the cookie section of the extension DevPanel (of the backgroud page).
But, session id in the DevPanel browser for the site is a completely different.
Extension is allowed for incognito mode.
In normal mode, the cookies are identical in the DevPanels of the extension and the browser.
I understand that cookies for normal and incognito modes should be different, but why are these values different for the extension allowed for incognito mode?
Am I right and extensions allowed for incognito mode, work in normal mode?
--
--
Chromium Discussion mailing list: chromium...@chromium.org
View archives, change email options, or unsubscribe:
http://groups.google.com/a/chromium.org/group/chromium-discuss
---
You received this message because you are subscribed to the Google Groups "Chromium-discuss" group.
To unsubscribe from this group and stop receiving emails from it, send an email to chromium-discu...@chromium.org.
PhistucK
May 18, 2017, 6:03:14 PM5/18/17
to vita...@gmail.com, Chromium-discuss
You have not answered my question. What makes the AJAX request? A background page? A content script? An extension tab?
Are you using the "split" mode or the "spanning" mode?
How is this session ID created? The server generates it when the browser does not send it a cookie and from there on, as long as the browsers sends the same cookie, a session ID is not generated but instead reused. Is that correct?
☆PhistucK
To unsubscribe from this group and stop receiving emails from it, send an email to chromium-discuss+unsubscribe@chromium.org.
Виталий Хатламаджиян
May 19, 2017, 8:31:32 AM5/19/17
to Chromium-discuss, vita...@gmail.com
пятница, 19 мая 2017 г., 1:03:14 UTC+3 пользователь PhistucK написал:
You have not answered my question. What makes the AJAX request? A background page? A content script? An extension tab?
Background page.
Are you using the "split" mode or the "spanning" mode?
Hmm. I don't specified the manifest incognito key. By default "spanning".
How is this session ID created? The server generates it when the browser does not send it a cookie and from there on, as long as the browsers sends the same cookie, a session ID is not generated but instead reused. Is that correct?
The background page
make an ajax request, get a session id and redirect to the site. Now the
site have to get the generated session id, but it doesn't exist and a
new session id is generated.
As
I understand, extensions (no matter allowed or not for incognito mode)
work always in normal mode. And when the ajax request is call, it'll be
made in normal mode, not in incognito. ☆PhistucK
To unsubscribe from this group and stop receiving emails from it, send an email to chromium-discu...@chromium.org.
Виталий Хатламаджиян
May 19, 2017, 8:32:40 AM5/19/17
to Chromium-discuss
I've just set the manifest "incognito" key to "split" and it works.
Good key, I haven't noticed it before.PhistucK
May 19, 2017, 8:54:06 AM5/19/17
to Виталий Хатламаджиян, Chromium-discuss
On Fri, May 19, 2017 at 3:31 PM, Виталий Хатламаджиян <vita...@gmail.com> wrote:
The background page make an ajax request, get a session id and redirect to the site. Now the site have to get the generated session id, but it doesn't exist and a new session id is generated.
Yes, you need "split" mode, like you discovered. I am glad it worked.
Since you open the page in an incognito tab, it does not share the cookies of a normal tab (but the background page does share cookies with normal tabs). "split" creates two background pages - one for normal mode and one for incognito mode, each of them shares their cookies with the tabs of that mode.
☆PhistucK
Reply all
Reply to author
Forward
0 new messages