I'm testing some cookies that I'm creating via JavaScript. Is there a way to check if the cookie was set in Chrome Developer Tools or something similar?
To check the current page's cookies using Chrome:
Option 1
Open Developer Tools (usually F12)
Click the "Application" tab (used to be "Resources")
Expand the "Cookies" list item
Click any list item.
You can view cookies in detail here, and clear them out (click any list item under cookies then click the cancel icon on the bottom left of the table).
Option 2
Use the javascript console, e.g. document.cookie. Less sophisticated (graphically), but you can work with the data using javascript. Note that the results will be restricted based on how websites are allowed to access local data from other sites (see MDN Same-origin policy).
Option 3
There is also chrome://settings/siteData (was previously settings/cookies). Just put the url into Chrome's address field.
In your console, type document.cookie. It will return the active cookies for that page.
Latest version of Chrome (v52) has moved this functionality to the "Application" tab. So updated steps are:
Open Developer Tools
Click the "Application" tab
Cookies are listed under the "Storage" list item on the left sidebar
Another method is to type the following:
chrome://settings/cookies
in the address bar.
Then use the left click to see more details (content, expiration date, etc.).
On the latest version of chrome Chrome v85 the url is:
chrome://settings/siteData
On chrome version 61:
chrome://settings/content/cookies
You can also use web developer tool which not only helps you to view cookies but also helps you to display.delete (session,domain,path) cookies individually.
Related
I have cookie disappearing in my webapp when it shouldn't (expring date is a year ahead).
Can I set breakpoint on cookie change or something?
In Firebug you had the chance to stop the JavaScript execution on cookie changes. The current DevTools don't provide such a feature yet.
For Firefox it is requested in https://bugzil.la/895893, and I've just requested to add it to Chrome's DevTools in https://bugs.chromium.org/p/chromium/issues/detail?id=1171347.
What you can do right now is to search through the code within the Debugger to find the places where the cookies are changed.
To do that, you have to
Switch to the Debugger panel
Press Ctrl+Shift+F to search within all files
Enter document.cookie and hit Enter
Set a breakpoint for each found statement setting this variable
As there's currently only this way to add, remove or change cookies in JavaScript, this should allow you to find the place where the cookie you're searching is removed.
In order to triage a problem with a web browser I am trying to determine the initiator of the XXX-xsrfstatemanager.js file (the XXX part seems to be something dynamic like a nonce) that occurs as part of a Google Authentication flow (using OAuth).
When I use Chrome developer tools, it says the below URL is the initiator:
https://accounts.google.com/o/oauth2/v2/auth?approval_state=%21Ch[REDACTED]Q%E2%88%99AJ[REDACTED]xq&as=-aBk[REDACTED]
Looking at the result of the above page see a lot of Javascript, but the string "xsrfstatemanager" is nowhere to be found, nor do I see any other javascript pages being included. Unless there is some really cryptic code that is somehow building this URL, the call is actually coming from some other page.
Does anyone know how I can get the 'real' initiator? Or if the above URL might be correct, if I can get more information like what exact line number of the file initiated the call?
By the way, while I edited the above URL for security reasons, if you go to (for example) www.quora.com and quick "continue with google" it is easy to see the flow in question.
The flow includes a redirection, which is why you cannot see the source code that initiates/references that script.
If you view the source of the original URL that is opened when you click on "Continue with Google", you will see the <script src> that references it. This works in Chrome and probably Safari -
view-source:https://accounts.google.com/o/oauth2/auth?redirect_uri=storagerelay%3A%2F%2Fhttps%2Fwww.quora.com%3Fid%3Dauth488109&response_type=code%20permission%20id_token&scope=email%20profile%20openid&openid.realm=&client_id=917071888555.apps.googleusercontent.com&ss_domain=https%3A%2F%2Fwww.quora.com&access_type=offline&include_granted_scopes=true&prompt=select_account&origin=https%3A%2F%2Fwww.quora.com&gsiwebsdk=2
From the source code -
<script src='https://ssl.gstatic.com/accounts/o/532969778-xsrfstatemanager.js' nonce="IgiKmQiLZIHDwGvce7/q6Q"></script>
You can also use tools like Fiddler to see the source code of the redirect, or check "Preserve log" in the Network panel of the Developer Tools feature of Chrome, or by going to the original URL with JavaScript disabled.
so I set some cookies manually via Javascript by writing to document.cookie and they are getting written fine.
I checked using
console.log(document.cookie)
My issue is that even if I manually cleared my history via
Internet options => Browsing History => Delete (making sure "Cookies
and other website data" is ticked)
Making sure "Delete browsing
history on exit" is ticked and "Cookies and other website data" is
also ticked
document.cookie still shows the cookie values I manually created.
Things I've tried:
Close the tab. Manually clear my history. And then reopen my page on a new tab
Close IE11 completely. Reopen the app. And then open my page on a new tab
Any ideas what I could be doing wrong?
Thanks
ps. While I can expire my cookie via Javascript. I cannot expect end users to do same. :)
I've seen this happen if the website is "a favorite" in IE11. Can you try the following?
Go to Internet options => Browsing History => Delete (untick "Preserve Favorites website data"). Click delete, and close IE11.
If your website is not a favorite, let me know.
If you've already cleared your cookies the normal way, have you tried unchecking (if set) the Preserver Favorites Website Data option under Delete Browsing History? Tools > Safety > Delete Browsing History OR Ctrl + Shift + Delete.
If the above doesn't work, try pressing F12 and then Ctrl + R to clear browser cache, confirm you want to delete the browser cache. There is also an option to clear cookies for that specific domain under the Cache tab in Developer Tools Window.
I had the same problem with IE11 working under Windows 8.1: somehow the delete Browser Cookie didn't take effect. I could verify it using Burp: the cookies were still sent to the website.
I tried the various options:
Internet options => Browsing History => Delete (untick "Preserve Favorites website data"). Click delete, and close IE11.
Manually typing 'Document.cookie = ""' into the Developer Console
Resetting IE to default configuration
The only thing that actually worked for me was clearing the Browser Cookies through the Developer Console, as mentioned by lloan. For IE11, it looks a bit different so if you are looking for it, here it is:
Open the Developer Tools using F12
Go to Network
Click on "Clear cookies for domain"
For screenshot, see here
I'am working an a Grails app and create different cookies.
Some appears in the chrome console Resources TAB and some are not showing.
I need to get the value of these Cookies using Angularjs and can access only the one that are showing on console Resources TAB.
The other cookies are visible in the Chrome Content settings button.
In the Cookies section, but not in the Chrome console Resources TAB.
All cookies are created the same way:
Cookie cookie = new Cookie("username", username)
cookie.maxAge = 1209600 //14 days
cookie.httpOnly = true
response.addCookie(cookie)
Thanks for your help.
Ok the problem was the path. To be visible in all the page the path must be "/"
cookie.setPath("/")
MS CRM 2011 on premise.
No problems if accessed via internal address: crm:5555
Go to crm.ourcompany.co.uk:5555 in IE and load account page and the ribbon is totally grey. (Not disabled - every pixel is the colour grey.)
In Chrome and Firefox the ribbon is loaded fine.
Browser console in IE, Chrome and FF all say access errors.
I can see they are trying to access crm:5555.
IE says:
SCRIPT5: Access is denied.
PageLoader.js, line 1 character 1226
The second line above is presented as a link. Clicking it shows me this: http://pastebin.com/bBadk9HS
The full path is http://crm.ourcompany.co.uk:5555/_static/_common/scripts/PageLoader.js?ver=-1056260279
P.S. IE is "Browser Mode: IE10 Document Mode: IE9 standards".
After Long investigation I have found out the reason for same issue like this.
We had previous rollup activity feed solution.
After importing the new version of Activity feeds this hectic issue was sorted out.
Activity feed new solution is available with rollup up package.it can be found by exacting the rollup package. Previously this was available in Microsoft Dynamic market place.
It turns out that the problem is an address lookup plugin on the Account form.
This is trying to access http://crm:1999, which is a 404, and http://crm:5555, which isn't allowed.
Solutions are to fix the server on http://crm:1999 and set up proper managed internal and external URLs so it'll know whether http://crm:5555 or http://crm.ourcompany.co.uk:5555 or remove the plugin.