I'm stuck with this weird issue in Safari. I'm storing a user selection data in a cookie using javascript.
I create the cookie using following code -
document.cookie = cookieName +
"=" + encodeURIComponent(cookieValue) +
"; expires=" + jsDate.toGMTString();
and its read using -
var cookie = document.cookie;
if(cookie.length !== 0){
var theCookie=" "+document.cookie;
var ind=theCookie.indexOf(" "+cookieName+"=");
if (ind==-1) ind=theCookie.indexOf(";"+cookieName+"=");
if (ind==-1 || cookieName=="") return "";
var ind1=theCookie.indexOf(";",ind+1);
if (ind1==-1) ind1=theCookie.length;
return unescape(theCookie.substring(ind+cookieName.length+2,ind1));}
else { return '';}
This code works fine in Firefox and IE but when I access this cookie's data in Safari - an empty string is returned. The weird thing is, if i REPEAT my selection and try again, i can access the data. In other words, the first time i access my site, the cookie data is unavailable but in subsequent attempts the data is available!
To see this issue again, i have to clear Safari's cache, history and delete the cookies from the "Show cookies" section and reopen the browser.
Another observation - when i fail to read the cookie data, we can see the cookie when we look under Safari > Preferences > Security > Show cookies
ps:
facing this with Safari version 4 & 5
Related
I'm working on some cookie consent and terms etc.. So I made a JS function to set a cookie after user clicks "Agree" button:
...html
<button onclick="setCookie('law_cookie', 'agree_all', 90)">
...js
function setCookie(name, value, daysToLive) {
// Encode value in order to escape semicolons, commas, and whitespace
let cookie = name + "=" + encodeURIComponent(value);
if (typeof daysToLive === "number") {
/* Sets the max-age attribute so that the cookie expires
after the specified number of days */
cookie += ";max-age=" + (daysToLive * 24 * 60 * 60) + ';Secure;path=/';
document.cookie = cookie;
cookie_set = true
}
}
Now I tested in chrom and firefox, everything works great! BUT, safari isn't able to set a cookie. I tried to initialise by clicking on the button but after reload safari hasn't set the cookie.
I checked if javascript was enabled (it was) and I also tried to set cookie = encodeURIComponent(cookie); but nothing works.
Someone has an idea what I'm doing wrong?
Safari version 15.2, unlike Chrome and Firefox, refuses to set Secure cookies on the localhost origin, so you'll need to add a workaround just for Safari.
Have you tried using a private tab on safari? It may be possible that it didn’t load your new files. On my website I use the same method to write cookies and it works on Safari.
Encoding the value is good
let cookie = name + "=" + encodeURIComponent(value);
But encoding the whole sting not:
cookie = encodeURIComponent(cookie);
I modified your script I removed the 'secure' entry as that will limit it to working only with HTTPS, when you are troubleshooting give it the best chances, and add security only when everything works. In the past the might have worked with some browsers:
https://developer.mozilla.org/en-US/docs/web/api/document/cookie
;secure Cookie to only be transmitted over secure protocol as https. Before Chrome 52, this flag could appear with cookies from http domains.
And I added window.alert so you will see 3 things:
Proof that your button/event actually hit
Check that you provided the age argument (without age your condition will not save cookie)
Will show you what values are going to save so you can confirm if it's ok.
The modified JS:
function setCookie(name, value, daysToLive) {
// Encode value in order to escape semicolons, commas, and whitespace
let cookie = name + "=" + encodeURIComponent(value);
if (typeof daysToLive === "number") {
/* Sets the max-age attribute so that the cookie expires
after the specified number of days */
cookie += ";max-age=" + (daysToLive * 24 * 60 * 60) + ';path=/';
window.alert(cookie);
document.cookie = cookie;
cookie_set = true
}
}
setCookie('law_cookie', 'agree_all', 90)
Often using a lot of console.log helps with troubleshooting as well
Do you use some other frameworks which could interfere with this? Something might be doing stuff with cookies behind your back. Did you try saving cookies from the HTTP header as well?
https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Set-Cookie
Did you try to minimalize the replicator, make smallest project which can still replicate the problem? Or start with a small self-contained JS fiddle:
https://jsfiddle.net/ao9p7e4j/1/
Here I added a function to show cookies to see what you have
(Note: I believe I'm asking about the same problem as this unanswered question, which is less specific than mine partly because it didn't include an MWE. Per discussion on this meta page and this one, I believe it's OK to post a better version of an existing question that has not been answered.)
The following HTML contains an MWE version of a script that worked for years in Firefox but suddenly failed in Firefox 57.0. The MWE simply displays an integer, incrementing it each time the file is loaded. The script works in Safari, displaying a different integer each time if I set this file to load when Safari starts. It works in FF if I repeatedly load the file from the menu using File/Open in the same session. However in FF 57 it always displays 0 if I load the file when the browser starts. Examination of document.cookie and miscellaneous console.log() statements show that this happens because FF 57 loses the cookie between sessions. Why?
Is this a bug in FF 57? Is there something subtly wrong with my code that's causing it to fail in FF 57? Maybe because FF 57 is stricter about Javascript in some way? (I've checked to see if there's a report about this, but haven't found anything, and have checked to see any of the config settings in Preferences or in about:config that might control this behavior, but I haven't found anything.)
<html>
<head>
<script type="text/javascript">
<!--
function incrementCookie() {
lastfooStr = getCookie("foo");
if (lastfooStr == null || lastfooStr == NaN) { // if first time, start the indexes at 0
nextfoo = 0;
} else {
nextfoo = 1 + parseInt(lastfooStr); //increment it
}
setCookie("foo", nextfoo, 365);
document.write("<head><body>" + nextfoo + "</body></head>");
}
function setCookie(cookie_name, value, expire_days) {
var expire_date=new Date(); // get now
expire_date.setDate(expire_date.getDate() + expire_days); // expiration date
var cookie = cookie_name + "=" + value +
"; expires=" + expire_date.toUTCString() +
"; path=/";
document.cookie = cookie;
}
function getCookie(cookie_name) {
var doc_cookie = " " + document.cookie;
var cookie_value = null;
var cookie_start = doc_cookie.indexOf(" " + cookie_name + "=");
if (cookie_start != -1) { // found it; now get the value.
var cookie_val_start = doc_cookie.indexOf("=", cookie_start) + 1;
var cookie_val_end = doc_cookie.indexOf(";", cookie_val_start);
if (cookie_val_end == -1) { // must be the last cookie
cookie_val_end = doc_cookie.length;
}
cookie_value = doc_cookie.substring(cookie_val_start, cookie_val_end);
}
return cookie_value;
}
window.onload=incrementCookie();
//-->
</script>
</head>
</html>
Full disclosure: In FF 57, I get the following (irrelevant, I believe) messages in the console when I run this script:
An unbalanced tree was written using document.write() causing data from the network to be reparsed. For more information https://developer.mozilla.org/en/Optimizing_Your_Pages_for_Speculative_Parsing
cookietest.html:48
Line 48 is the second to last line of the file; it's the one containing the </script> tag.
And:
The character encoding of the HTML document was not declared. The document will render with garbled text in some browser configurations if the document contains characters from outside the US-ASCII range. The character encoding of the page must be declared in the document or in the transfer protocol.
In Safari, I only get this message when I run it:
Not allowed to load local resource: file:///favicon.ico
Step 1: My client from his OSX/Windows comes to my site using Google chrome , and downloads a trial key such as: LICENSE.cert file, which contains some unique keys: xyz-zsd-cdfd-xfdfd-1212
Step 2: i have a cookie written (for Step 1)
function setCookie(cname,cvalue,exdays) {
var d = new Date();
d.setTime(d.getTime()+(exdays*24*60*60*1000));
var expires = "expires="+d.toGMTString();
document.cookie = cname + "=" + cvalue + "; " + expires;
}
Step 3: NEXT day or Day after, again he comes back to the same site but this time he came from Safari or Firefox or IE (not using same Google chrome)
How do i read the cookie which was stored on his Google chrome in day 1? (is there anyway to write once for all? so that i suggest him?)
Cookies are managed separately by each browser - it isn't possible for you to access cookies created by other browser.
Your best bet would probably to persist the required data into some kind of database and access it when needed, if that's possible in your case.
Using IE11, I can display the content of all cookies, write out a cookie, find it, and delete it using JavaScript, even though I have my Privacy set to "Block All Cookies". (And actually, no matter what version I set my IE emulation to, the document.cookie still works.) It works as it should on Chrome with cookies disabled - i.e. document.cookie returns empty/nothing when I try to reference it in the same JavaScript.
I'm trying to detect whether the user has cookies turned off in their IE. (Old ASP app that requires IE with cookies. No JQuery. No Modernizr.) To do that, I'm attempting to write out a cookie, find it, and then delete it. That either works or it doesn't - which should tell me whether cookies are turned ON or OFF. Any ideas? I thought this was the safest way to detect a user's IE cookie setting.
My code:
<script language=javascript>
cookiesON = false;
if ("cookie" in document ) {
alert("1. document.cookie (before add): " + document.cookie);
var dateNow = new Date();
document.cookie = "testcookie=" + new Date()
alert("2. document.cookie (after add): " + document.cookie);
if (document.cookie.indexOf("testcookie=") > -1) {
cookiesON = true;
} else {
cookiesON = false;
}
// delete cookie: set cookie to expire 2 minutes ago
document.cookie="testcookie=xx; expires=" + (new Date(dateNow.getTime() - 2*60000).toGMTString());
alert("3. document.cookie (after delete): " + document.cookie);
}
On IE:
All 3 alerts show values for document.cookie, no matter whether cookies are turned on or off. You can see the testcookie being added and deleted back off.
On Chrome:
All 3 alerts show blank for document.cookie when cookies are off. Works as described for IE when cookies are turned on.
I need (for practice) to set a cookie via bookmarklet in website X, and read him with another bookmarklet from website Y.
For example, set a cookie named "user" with value of "Guy" in Google, and read this from YouTube.
I managed to set the cookie, but can't think of any idea how to read him from website b.
Thanks!
You need two bookmarklets, a getter and a setter.
You go to site X and use the getter bookmarklet to read the cookie and let the user copy it to his clipboard.
Then you go to site Y and use the setter. The setter will prompt the user for the bookmarklet and the user will then paste it into the prompt. The code will then set the cookie accordingly.
You can of course combine these two bookmarklets into a single getter/setter. The prompt will contain the current cookie for the page. The user can then choose to either copy the cookie and cancel (using it as a getter) or choose to to alter the cookie and click "OK" (using it as a setter).
I was looking for a way to share cookies of a specific website with a friend (reading them in my browser via bookmarklet and my friend setting them on his browser also via bookmarklet). Not quite what you asked for, but searching brought me here. This is my approach:
First there is a bookmarklet for exporting cookies. It will remove unnecessary white-spaces and encode your data in a base64 string for safe transport:
javascript:(
function(){
prompt("GET cookies encoded in base64", btoa(document.cookie.replace(/\s/ig, "")));
}
)
();
Then there is a second bookmarklet for importing all cookies encoded in the string. You can also set an optional lifetime here (thanks to https://www.quirksmode.org/js/cookies.html):
javascript:(
function(){
var inputstring = prompt("SET cookies decoded from base64");
var inputclean = atob(inputstring).replace(/\s/ig, "");
if (confirm("These cookies will be imported:\n\n" + inputclean.replace(/;/ig, "; "))) {
var days = prompt("Cookie lifetime in full days", "365");
var cookiearray = inputclean.split(";");
cookiearray.forEach(function(entry) {
var expires = "";
var split = entry.split("=");
if (days) {
var date = new Date();
date.setTime(date.getTime() + (days*24*60*60*1000));
expires = "; expires=" + date.toUTCString();
}
document.cookie = split[0] + "=" + (split[1] || "") + expires + "; path=/";
});
}
}
)
();
Do not forget you have to run those on a specific website or tab. It does NOT export the entire collection of the cookies your browser is storing.
According to this StackOverflow, how to get cookies from a different domain with php and javascript you can't get cookies from another domain UNLESS you have access to it, as it would be a huge security flaw.