Re: How to get all cookies using chrome.cookies.getAll from chrome extension?

6,928 views
Skip to first unread message

Antony Sargent

unread,
Oct 27, 2016, 7:10:47 PM10/27/16
to Felipe Forbeck, Chromium-extensions
Hmm, I wonder if it has something to do with the httpOnly property (the extra ones have httpOnly set to true). What happens if you do the following?


function printCookies(msg) {
  return function() {
    console.log(msg);
    chrome.cookies.getAll({}, cookies => console.log(JSON.stringify(cookies));
  }
}

var callback = function() {
  setTimeout(printCookies("from callback:"), 10000);  
};
chrome.tabs.executeScript(tabId, {file: 'login.js'}, callback);
setTimeout(printCookies("not from callback:"), 10000);


and then also manually call:

printCookies("manual")();

from the devtools on the background page?

Do the cookies printed "from callback" and "not from callback" both agree?



[moving apps...@chromium.org to BCC, since that list is for discussing internal implementation details of apps APIs, and adding chromium-...@chromium.org to CC which is the right place to ask these sorts of questions]


On Thu, Oct 27, 2016 at 2:28 PM, Felipe Forbeck <felipe....@gmail.com> wrote:

If I call chrome.cookies.getAll from chrome debug console with my extension enabled I get different cookies than the ones that I get when call the same function but from my extension code. Any idea why?

My chrome extension populates a login form and them hit submit. This call is fired from my main script called intercept.js.


Login call:

 chrome.tabs.executeScript(tabId, {file: 'login.js'}, callback);


Then, in the callback function I have a timeout call to wait for X seconds, assuming the login went fine:

setTimeout(getCookies, 10000);


The getCookies function looks like this:

chrome.cookies.getAll({}, function (cookies) {
            var a = [];
            log("@getCookies. Cookies found " +  cookies.length);
            cookies.forEach(function(cookie) {
                log("[COOKIE] => " + JSON.stringify(cookie));
                a.push({
                    name: cookie.name,
                    value: cookie.value,
                    domain: cookie.domain,
                    secure: cookie.secure,
                    path: cookie.path
                });
            });
            results[tabId].cookies = a;
        }
    );


The same call returns 2 different results. If I executed getCookies from my extension I have only this cookie:

{"domain":".mydomain.com","expirationDate":1509134405.49222,"hostOnly":false,"httpOnly":false,"name":"token_x","path":"/","sameSite":"no_restriction","secure":true,"session":false,"storeId":"0","value":"..."}


However, if I execute the same function via debug tools from chrome with my extension enabled, I see 3 cookies:

{"domain":".mydomain.com","expirationDate":1509134405.49222,"hostOnly":false,"httpOnly":false,"name":"token_x","path":"/","sameSite":"no_restriction","secure":true,"session":false,"storeId":"0","value":"..."}

{"domain":".mydomain.com","expirationDate":1480190782.506759,"hostOnly":false,"httpOnly":true,"name":"accesstoken","path":"/","sameSite":"no_restriction","secure":true,"session":false,"storeId":"0","value":"..."}

{"domain":".mydomain.com","expirationDate":1480190782.50701,"hostOnly":false,"httpOnly":true,"name":"refreshtoken","path":"/","sameSite":"no_restriction","secure":true,"session":false,"storeId":"0","value":"..."}


I thought it could be something related to permissions, but did not find anything related. I do have the tabs and cookies permissions enabled. Here is my manifest file:

  {
      "name": "DOM/LINK extractor",
      "version": "1.0",
      "manifest_version": 2,
      "description": "DOM/LINK extractor plugin",
      "minimum_chrome_version": "55",
      "permissions": [
        "webRequest",
        "webRequestBlocking",
        "tabs",
        "cookies",
        "browsingData",
        "storage",
        "processes",
        "<all_urls>"
      ],
      "background": {
        "page": "background.html"
      }
    }


The documentation says that I can call chrome.cookies.getAll from my extension code, but only in the background.html. My background.html loads the main script intercept.js `

<!doctype html>
<script src="intercept.js"></script>
<body></body>


Any idea why I am not able to see the same cookies for both calls?

Thank you!


Reply all
Reply to author
Forward
0 new messages