Avatar for Username

搜索 | 用户支持

防范以用户支持为名的诈骗。我们绝对不会要求您拨打电话或发送短信,及提供任何个人信息。请使用“举报滥用”选项报告涉及违规的行为。

详细了解

话题已存档。 如果需要帮助请提出新问题。

Cookie cannot be deleted by API

  • 6 个回答
  • 1 人有此问题
  • 9 次查看
  • 最后回复者为 cor-el

SpaceClick
SpaceClick
more options

I have a cookie that is set by https://www.kinguin.net/ that cannot be deleted via the API. I discovered it while using the Cookie AutoDelete add-on. It would continually try to delete the cookie but was never successful.

I posted a bug report for the add-on and it was discovered to be a problem with the way the cookie was being set (not capitalizing the first letter in the "Expires" directive).

You can see the report here: https://github.com/Cookie-AutoDelete/Cookie-AutoDelete/issues/538

I know that the problem is that the website is setting the cookie improperly, but should it be possible for a website to create a cookie that cannot b deleted by the Firefox API?

I have a cookie that is set by https://www.kinguin.net/ that cannot be deleted via the API. I discovered it while using the Cookie AutoDelete add-on. It would continually try to delete the cookie but was never successful. I posted a bug report for the add-on and it was discovered to be a problem with the way the cookie was being set (not capitalizing the first letter in the "Expires" directive). You can see the report here: https://github.com/Cookie-AutoDelete/Cookie-AutoDelete/issues/538 I know that the problem is that the website is setting the cookie improperly, but should it be possible for a website to create a cookie that cannot b deleted by the Firefox API?

所有回复 (6)

WestEnd
WestEnd
more options

If your using their site then you agreed to their TOS and cookie and tracking usage. You should contact their site support about the issue your having.

由WestEnd于修改

SpaceClick
SpaceClick 提问者
more options

My problem is not with the site setting the cookie improperly, it is with the browser allowing the cookie to be set improperly or not enforcing proper syntax (shouldn't it just ignore any directive that has improper syntax?)

cor-el
cor-el
  • Moderator
  • Top 10 Contributor
more options

This looks more like a case where a semicolon has been omitted between path=/ and expires=. 

remove: function (e) {
 if (!l.canUseDOM) return null;
  document.cookie = ''.concat(e, '=; path=/ expires=Thu, 01 Jan 1970 00:00:01 GMT;')
}

Should be: 

remove: function (e) {
 if (!l.canUseDOM) return null;
  document.cookie = ''.concat(e, '=; path=/; expires=Thu, 01 Jan 1970 00:00:01 GMT;')
}

Document.cookies is a list of key=value pairs separated by semicolons.

You can contact the website about this error.

由cor-el于修改

cor-el
cor-el
  • Moderator
  • Top 10 Contributor
more options

Note that you can use the Storage Inspector to remove these cookies.

SpaceClick
SpaceClick 提问者
more options

Thanks for all the responses!

I am able to delete the cookie using Firefox's Options - Privacy & Security - Manage Data, that is not my problem.

It appears that you cannot delete the cookie via the Firefox API.

Is this not a problem?

So far, the answers here have either been how to fix the website so that it sets the cookie properly, or how to delete the cookie in another manner.

Neither of these was what my concern is.

My concern is being able to delete this cookie using the Firefox API. Is it possible? If not, is it a bug in Firefox? Should a website be able to set a cookie that cannot be deleted via the Firefox API? Should a bug report be made to fix this in Firefox?

Thanks.

cor-el
cor-el
  • Moderator
  • Top 10 Contributor
more options

You mean that an extension isn't able to remove this specific cookie? If that is confirmed by its developer then he should file a bug report to get this fixed. I don't know the specifics of how this cookie API works.