I have been stuck on this for a couple of weeks now and this is a follow on from SO question Delphi REST Debugger Returns Error 429 Too Many Requests but Browser Returns JSON as Expected
I was wanting to get the content of a url response using the TNetHTTPRequest and TNetHTTPClient components. I was continually getting 429 errors “too many requests”. When using Firefox Inspect Element to look at network and storage, I discovered that I needed to receive cookies and then send those cookies with my request. Unfortunately, one of the cookies essential to the website content seems to be dependent (I think) on the execution of javascript. I went back to first principles and dropped a TWebbrowser on a form (VCL) and sure enough browser shows a javascript error “Expected Identifier”.
When I use the TWebbrowser in FMX it does not throw an error it just does not return the website contents at all and remains blank. I need FMX as I will be in a cross platform mobile environment.
The URL is https://shop.coles.com.au/a/national/home
I use Delphi Community Edition 10.3.3 Rio.
The URL returns perfectly in commercial browsers Firefox, Safari, Chrome and even CEF4Delphi. Unfortunately, I can’t use CEF as I need cross platform.
I would like to know how to get the website content returned to the browser (or even better NetHTTPClient) without script errors and how to access the browsers current cookies.
Any help will be most appreciated.
Thanks,
John.
URL returns perfectly in commercial browsers ... without script errors and how to access the browsers current cookies
If you'd inspect the network traffic (F12 > Network, then requesting your URL) or use uMatrix (to block everything that doesn't belong to the domain by default) you'd see the JS does at least one XHR to amazonaws.com. Your HTTP transfer alone (as done by TNetHTTP*) works fine and you get the same resource that each internet browser gets.
However, you don't operate with what you got (in contrast to the internet browser, which also automatically parses the HTML, sees JS resources, and executes them). TWebbrowser does not what you take for granted most likely due to security settings (try to get an error console in there, preferably F12 again). You need to do the same: parse the HTML resource for JS URIs, requesting those and executing what you get, while still providing the same cookie environment.
For executing JS you could use Chakra or mORMot or BESEN. It's challenging at first, but the more you understand about HTTP (including cookies) and a JS engine, the more you'll see why "things work" in one situation and not in another. There's a reason why an internet browser is a very complex software and not just a downloader.
As per this forcing IE11 Quirks mode might cure your problem already when using TWebBrowser:
TBrowserEmulationAdjuster.SetBrowserEmulationDWORD(TBrowserEmulationAdjuster.IE11_Quirks);
I want to get the OS username with JavaScript for cross browser. I had been trying the different solutions for this but none actually worked. I don't actually want to install 3rd party plugin as according to my requirement I can't do that.
This is so far I get on the web while surfing for the solution
var wshshell = new ActiveXObject("wscript.shell");
var username = wshshell.ExpandEnvironmentStrings("%username%");
alert(username);
Sorry, this is impossible. Webpages cannot access the OS (Operating System) because this would be an issue for security.
The code you found only works in IE and when the user sets your page to the lowest security level (you cannot rely on this).
Ran into something lovely, and intermittent, while trying to write cookies today in an Iframe via javascript.
So say I assign a new cookie:
document.cookie = "key=value;";
Calling said cookie returns as:
document.cookie = "";
I've tried this across both IE 9 and IE10, and it's working for some users, and not others. Same browser versions.
Furthermore, it seems to be machine specific, we're in an enterprise network, and users can log into one machine, and be okay, whilest another station and we'll see this behavior.
I've thought about some group policy, but that last point has me at something of a loss.
Edit: More extra details.
Cookies are allowed on these machines.
This isn't a Session/Persistent Cookie mix up; literally trying to write to the document.cookie object returns "", even if you call it right after assignment.
Here's a big one I missed, I'm trying to assign these as an Iframe, and there doesn't seem to be an issue with P3P headers, as there are machines that are viewing it just fine; same browser versions.
I was experiencing the same problem and found that the users with IE that could not take the cookie had protected mode enabled.
Internet Options/Security/Enable Protected Mode (uncheck)
I've searched around here and there is a couple threads on it; but with normal javascript it seems near impossible to get the local machine name in Firefox.
I couldn't get a clear answer but would assume the same applies to Greasemonkey scripts too?
This GM script will run only on my browsers; is there any special settings or privileges I could give it or Firefox to get the local machine name?
Second question:
Is it possible to get which Firefox profile I'm running under?
No. You cannot read the local machine name, nor Firefox profile name, nor Firefox profile directory using javascript or Greasemonkey.
If you could access this information, it would be at least a "sec-moderate" security breach. So, if you figure out a hack for this, let us know immediately, so we can shut you down. ;)
I'm trying to set session cookie in javascript like this:
document.cookie = 'name=alex; path=/'
But Chrome doesn't delete it even if I quit browser and launch it again.
I checked in Firefox and Opera and both work as intended - they delete session cookie on browser exit.
Is Chrome just ignoring expiration rules?
I checked in multiple OSes and found out that session cookie gets removed on Chrome in Windows XP and Ubuntu, but NOT in Mac OSX Lion.
This can be caused by having Chrome set to Continue where you left off.
Further reading
Bug report: Chrome is not deleting temporary cookies – i.e. not logging me out automatically when I close all browser Windows
Issue 128513 in Chromium: Session Cookies not cleared when Chrome processes closed
Issue 128567: Session only cookies don't delete
I just had the same problem with a cookie which was set to expire on "Browsing session end".
Unfortunately it did not so I played a bit with the settings of the browser.
Turned out that the feature that remembers the opened tabs when the browser is closed was the root of the problem. (The feature is named "On startup" - "Continue where I left off". At least on the current version of Chrome).
This also happens with Opera and Firefox.
I just had this issue.
I noticed that even after I closed my browser I had many Chrome processes running. Turns out these were each from my Chrome extension.
Under advanced settings I unchecked 'Continue running background apps when Google Chrome is closed' and my session cookies started working as they should.
Still a pain in the rear for all of us developers that have been coding expecting that session cookies would get cleared when the user is done browsing.
I had to both, unchecked, under advanced settings of Chrome :
'Continue running background apps when Google Chrome is closed'
"Continue where I left off", "On startup"
This maybe because Chrome is still running in background after you close the browser. Try to disable this feature by doing following:
Open chrome://settings/
Click "Show advanced settings ..."
Navigate down to System section and disable "Continue running background apps when Google Chrome is closed".
This will force Chrome to close completely and then it will delete session cookies.
However, I think Chrome should check and delete previous session cookies at it starting instead of closing.
A simple alternative is to use the new sessionStorage object. Per the comments, if you have 'continue where I left off' checked, sessionStorage will persist between restarts.
This issue is caused because you are using Continue where I left off and Continue running background apps when Google Chrome is closed feature of chrome (currently my version is 96).
Please consider setting those off (to test functionality).
I had the same problem with "document.cookie" in Windows 8.1, the only way that Chrome deletes the cookie was shutting it from task manager (not a really fancy way), so I decided to manage the cookies from the backend or use something like "js-cookie".
Have you tried to Remove hangouts extension in Google Chrome? because it forces chrome to keep running even you close all the windows.
I was also facing the problem but it resolved now.
Go to chrome://settings/content/cookies?search=cookies
Enable Clear cookies and site data when you quit Chrome.
Worked for me
If you set the domain for the php session cookie, browsers seem to hold on to it for 30 seconds or so. It doesn't seem to matter if you close the tab or browser window.
So if you are managing sessions using something like the following it may be causing the cookie to hang in the browser for longer than expected.
ini_set("session.cookie_domain", 'www.domain.com');
The only way I've found to get rid of the hanging cookie is to remove the line of code that sets the session cookie's domain. Also watch out for session_set_cookie_params() function. Dot prefixing the domain seems to have no bearing on the issue either.
This might be a php bug as php sends a session cookie (i.e. PHPSESSID=b855ed53d007a42a1d0d798d958e42c9) in the header after the session has been destroyed. Or it might be a server propagation issue but I don't thinks so since my test were on a private servers.
I just had this problem of Chrome storing a Session ID but I do not like the idea of disabling the option to continue where I left off. I looked at the cookies for the website and found a Session ID cookie for the login page. Deleting that did not correct my problem. I search for the domain and found there was another Session ID cookie on the domain. Deleting both Session ID cookies manually fixed the problem and I did not close and reopen the browser which could have restored the cookies.
The solution would be to use sessionStorage, FYI: https://developer.mozilla.org/en-US/docs/Web/API/Window/sessionStorage
Google chrome has a problem if you set and unset cookie improper way. This is php code. Thought this will give you idea.
Set cookie
setcookie('userLoggedIn', 1, 0, PATH);
Wrong way and will not work (notice PATH is missing)
setcookie('userLoggedIn', 0, time()-3600);
Correct way fixes issue on google chrome
setcookie('userLoggedIn', 0, time()-3600, PATH);