New FF version 3.0.11 blocks cookie handling workaround for file://localhost/ URIs
2 views
Skip to first unread message
HeX
Jun 14, 2009, 7:12:07 AM6/14/09
to TiddlyWiki
After the upgrade to the latest FF version 3.0.11 I was kind of
suprised that now all my cookie settings for my TW were gone. Digging
into this I noticed that FF now automatically rewrites
file://localhost/Path/To/TW.html
to
file:///Path/To/TW.html
which in turn means that the cookie handler of FF can't safe cookie
exceptions any more (well it never did for "domain free" addresses
like file:///Path/To/TW.html ). Unfortunately this also means that the
workaround [1] does not work any more. It seems that this is caused by
FF people fixing [2].
I wonder if one knows of a simple solution to disable the URI rewrite
of FF 3.0.11. Of course I could use the workarounds number 2 and 3 of
[1] but neither of them are much appealing to me.
/HeX
[1] see first option in the cookie section of http://tiddlywiki.org/wiki/Firefox_3#Firefox_3
[2] Bugzilla #491801: Arbitrary domain cookie access from content
loaded via local file (file:/// URL) https://bugzilla.mozilla.org/show_bug.cgi?id=491801
suprised that now all my cookie settings for my TW were gone. Digging
into this I noticed that FF now automatically rewrites
file://localhost/Path/To/TW.html
to
file:///Path/To/TW.html
which in turn means that the cookie handler of FF can't safe cookie
exceptions any more (well it never did for "domain free" addresses
like file:///Path/To/TW.html ). Unfortunately this also means that the
workaround [1] does not work any more. It seems that this is caused by
FF people fixing [2].
I wonder if one knows of a simple solution to disable the URI rewrite
of FF 3.0.11. Of course I could use the workarounds number 2 and 3 of
[1] but neither of them are much appealing to me.
/HeX
[1] see first option in the cookie section of http://tiddlywiki.org/wiki/Firefox_3#Firefox_3
[2] Bugzilla #491801: Arbitrary domain cookie access from content
loaded via local file (file:/// URL) https://bugzilla.mozilla.org/show_bug.cgi?id=491801
HeX
Jun 16, 2009, 5:34:29 AM6/16/09
to TiddlyWiki
OK I settled for Eric Shulman's CookieSaverPlugin to overcome the
problem. There is however one problem with that:
If one opens a complete new session with FF and no TW cookie is
present then the settings in CookieJar won't be loading since the
CookieJar has some setting similar to this:
if (config.options.txtUserName=="HeX" &&
config.options.chkPortableCookies) {
config.options.chkAnimate=false;
config.options.chkPortableCookies=true;
config.options.chkMonitorCookieJar=true;
}
Well If there is no cookie present then the if condition will not be
satisfied and will be ignored and so will all portable cookies :(
I had to manually tweak my ConfigJar in order to work. I'm sure Eric
knows of a much better/nicer way of how to implement this as an option
into hies CookieSaverPlugin :-)
config.options.txtUserName="HeX"
config.options.chkPortableCookies=true;
config.options.chkAnimate=false;
config.options.chkMonitorCookieJar=true;
/HeX
[1] http://www.TiddlyTools.com/#CookieSaverPlugin
On 14 Jun, 13:12, HeX <HeX.ime...@googlemail.com> wrote:
> After the upgrade to the latest FF version 3.0.11 I was kind of
> suprised that now all my cookie settings for my TW were gone. Digging
> into this I noticed that FF now automatically rewrites
>
> file://localhost/Path/To/TW.html
> to
> file:///Path/To/TW.html
>
> which in turn means that the cookie handler of FF can't safe cookie
> exceptions any more (well it never did for "domain free" addresses
> like file:///Path/To/TW.html ). Unfortunately this also means that the
> workaround [1] does not work any more. It seems that this is caused by
> FF people fixing [2].
> I wonder if one knows of a simple solution to disable the URI rewrite
> of FF 3.0.11. Of course I could use the workarounds number 2 and 3 of
> [1] but neither of them are much appealing to me.
>
> /HeX
>
> [1] see first option in the cookie section ofhttp://tiddlywiki.org/wiki/Firefox_3#Firefox_3
problem. There is however one problem with that:
If one opens a complete new session with FF and no TW cookie is
present then the settings in CookieJar won't be loading since the
CookieJar has some setting similar to this:
if (config.options.txtUserName=="HeX" &&
config.options.chkPortableCookies) {
config.options.chkAnimate=false;
config.options.chkPortableCookies=true;
config.options.chkMonitorCookieJar=true;
}
Well If there is no cookie present then the if condition will not be
satisfied and will be ignored and so will all portable cookies :(
I had to manually tweak my ConfigJar in order to work. I'm sure Eric
knows of a much better/nicer way of how to implement this as an option
into hies CookieSaverPlugin :-)
config.options.txtUserName="HeX"
config.options.chkPortableCookies=true;
config.options.chkAnimate=false;
config.options.chkMonitorCookieJar=true;
/HeX
[1] http://www.TiddlyTools.com/#CookieSaverPlugin
On 14 Jun, 13:12, HeX <HeX.ime...@googlemail.com> wrote:
> After the upgrade to the latest FF version 3.0.11 I was kind of
> suprised that now all my cookie settings for my TW were gone. Digging
> into this I noticed that FF now automatically rewrites
>
> file://localhost/Path/To/TW.html
> to
> file:///Path/To/TW.html
>
> which in turn means that the cookie handler of FF can't safe cookie
> exceptions any more (well it never did for "domain free" addresses
> like file:///Path/To/TW.html ). Unfortunately this also means that the
> workaround [1] does not work any more. It seems that this is caused by
> FF people fixing [2].
> I wonder if one knows of a simple solution to disable the URI rewrite
> of FF 3.0.11. Of course I could use the workarounds number 2 and 3 of
> [1] but neither of them are much appealing to me.
>
> /HeX
>
Reply all
Reply to author
Forward
0 new messages