New issue
Advanced search Search tips
Note: Color blocks (like or ) mean that a user may not be available. Tooltip shows the reason.

Issue 788152 link

Starred by 1 user
Status: Archived
Owner: ----
Closed: Nov 26
Cc:
krajshree@chromium.org
Components:
EstimatedDays: ----
NextAction: ----
OS: Windows
Pri: 2
Type: Bug



Sign in to add a comment

Support secure context on chrome extensions

Reported by liuhao...@gmail.com, Nov 23 2017 
UserAgent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/62.0.3202.94 Safari/537.36

Steps to reproduce the problem:
1. install the chrome extension with attachment
2. inspect the background.html of this extension
3. open Network tab and refresh
4. see the cookie in request header of https://www.google.com/

What is the expected behavior?
cookie with property of "secure: true" will send to server together

What went wrong?
cookie with property of "secure: true" does not send to server together, because the extension is in insecure context.

WebStore page: 

Did this work before? N/A 

Chrome version: 62.0.3202.94  Channel: stable
OS Version: 10.0
Flash Version: 

how to send fetch/XHR with secure cookie if chrome does not provide secure context.

Comment 1 by liuhao...@gmail.com, Nov 23 2017 

add attach file
Tester.zip
994 bytes Download

Comment 2 by krajshree@chromium.org, Nov 24 2017

Cc: krajshree@chromium.org
Labels: Triaged-ET Needs-Triage-M62 Needs-Feedback
Tested the issue on Win-10 using chrome reported version #62.0.3202.94 and latest canary #64.0.3276.0.

Following are the steps followed to reproduce the issue.
------------
1. installed the chrome extension with attachment
2. inspected the background.html of this extension
3. opened Network tab and refresh
4. checked the cookie in request header of https://www.google.com/
5. Observed different behaviour in chrome reported version #62.0.3202.94 and latest canary #64.0.3276.0.

Attached a screen cast and screenshots for reference.

liuhao.me@ - Could you please check the attached screencast and screenshots and please let us know if anything missed from our side. Also please check the issue on latest canary #64.0.3276.0 by creating a new profile without any apps and extensions and please let us know if the issue still persist or not.

Thanks...!!
788152@M62stable.PNG
55.7 KB View Download
788152@M64canary.PNG
58.8 KB View Download
788152.mp4
1.6 MB View Download

Comment 3 by liuhao...@gmail.com, Nov 24 2017 

I test on chrome canary originally.
I test on chrome canary 64.0.3277.0(x64) again, and snip a screenshot.
secure cookies don't send togather.
2017-11-25_040717.png
29.1 KB View Download
Project Member

Comment 4 by sheriffbot@chromium.org, Nov 24 2017

Labels: -Needs-Feedback
Thank you for providing more feedback. Adding requester "krajshree@chromium.org" to the cc list and removing "Needs-Feedback" label.

For more details visit https://www.chromium.org/issue-tracking/autotriage - Your friendly Sheriffbot
Project Member

Comment 5 by sheriffbot@chromium.org, Nov 26

Status: Archived (was: Unconfirmed)
Issue has not been modified or commented on in the last 365 days, please re-open or file a new bug if this is still an issue.

For more details visit https://www.chromium.org/issue-tracking/autotriage - Your friendly Sheriffbot

Sign in to add a comment