I store some info in cookies in my Javascript code. I have had no problem to set and read them from local drive until Firefox Quantum installed.
Now it seems that the cookies are set (been checked among the cookies), but cannot be read if I open the html file. The document.cookie.length value is always zero. Yet if I set the cookies and refresh the browser (or open the file again not closing the first file) the cookies can be read.
So far Firefox stored and read cookies all right using file:///, but this twist is new for me. Some setting has to be changed, I guess.
Can anybody tell me a solution, how to allow to read the cookies again from local drive?
Thank you.
Firefox Quantum (as with Google Chrome and others) has disabled storing cookies for local files due to security issues and other problems. The HTML5 web storage commands are taking over what used to be done with cookies for both server and local web pages. See "https://www.w3schools.com/html/html5_webstorage.asp"
Related
I prefer to work in Google Chrome but it doesn't save my cookies of a project I'm working on right now.
When I open the (local) path in Safari the cookies will be stored correctly but Chrome doesn't save them.
How do I allow cookies of projects directly accessed from my hard-drive? Adding the exact local path to Chromes cookie settings won't work.
I thought about something like files:///[*], but it wouldn't work out for me.
Looking for advice/options for having persistent local storage using both Firefox and Chrome allowing me to save 50MB+ data. I would be storing dynamic terrain data for a WebGL game, so it wouldn't be necessary for the server to send the whole data every time the player connects. I could just update the old parts.
I thought about using an IndexedDB however Chrome doesn't allow you to increase the quota (unlike Firefox) so I wouldn't be able to store any large data. Chrome allows you to use the FileSystem API which would solve my issue however Firefox does not support it.
So it seems either way it wouldn't work. Is my only option to use the FileSystem API for Chrome and the IndexedDB for Firefox? Does anyone have any better ideas?
This info is what I've read from Mozilla's Blog and Google's Dev Site but that may be outdated now, so please feel free to correct me. Thanks!
I agree with the other comments about caching and the Chrome/Firefox marketplaces, and they may ultimately be better solutions for you. However, to answer your original question...
IndexedDB in Chrome is definitely not limited to 5 MB. You can store far more than 50 MB in IndexedDB in both Firefox and Chrome, assuming the user has enough hard drive space. Higher amounts of IndexedDB storage are regularly reached in this game I wrote. On my computer, I currently have over 500 MB stored in IndexedDB in Chrome for that one domain.
You did correctly link to https://developers.google.com/chrome/whitepapers/storage and it is quite confusing, but as I understand it, basically the upper limit is 10% of the free space on the hard drive. Another caveat described on that page is that IndexedDB is technically "temporary" storage that the browser might delete if space is running low, but in practice this seems to rarely happen (YMMV).
localStorage is limited to 5 MB (I think this was on Chrome) and you can request more space for every new 5 MB through dialog boxes.
Both localStorage and IndexedDb are created for interactive data. Because it looks like the data is not modified on the client-side your options are
Using the application cache (as mentioned in the comment)
Serving the data with cache forever HTTP headers (like 10 years), have unique URLs for new resource versions and let the browser re-download the data when it goes out of the cache (recommended)
Deploy your HTML5 application as a web app, downloads available from Chrome Store and Firefox Marketplace
I'm trying to store a value on another domain using an iframe (actually, I'm using the xauth library at http://xauth.org/info/). However, when I try to store anything using Chrome, it comes back with "QUOTA_EXCEEDED_ERR: DOM Exception 22", which I've come to recognize as an access error. I've mocked up a couple of very simple pages below to duplicate the effect:
File 1.html:
<html>
<head/>
<iframe src='http://127.0.0.1/2.html' />
</html>
File 2.html:
<html>
<head/>
<script>
console.log(localStorage);
localStorage.setItem('test', '123');
</script>
</html>
If I place both of these on my local server and access localhost/1.html it embeds a frame from 127.0.0.1 (which Chrome considers a separate domain), and I get the same access error as above. At a guess, it looks like even though I'm embedding an iframe from another domain, and the script inside that iframe references the localStorage for that domain properly (as I can see with the console.log(localStorage) line), the permissions for writing to localStorage are coming from the top page's domain.
In short, it looks like no iframe can write to localStorage in Chrome. Does anybody know if there's a way around this particular security "feature"? Or am I doing something wrong?
The problem only occurs when third-party cookies are disabled. Newer versions of Firefox and Opera are also blocking it. In IE and Edge it is still possible although third-party cookies are disabled. If the localStorage would not be blocked in the iframe, a web tracker could simply include a iframe, read the cookie, send it to the parent script, and then send it to the server.
The reason why this is not blocked in IE and Edge is that these browser allow websites to send third-party cookies, which were previously set as first-party cookies, to the server although third-party cookies are blocked. For example, if a user visits facebook on a regular basis, he gets first-party cookies from facebook. When he then visits other websites with facebook's share button, facebook can track him although third-party cookies are disabled. I really do not know why IE and Edge do not block third-party cookie sending, but I would not use these browsers anyway.
The errors the browsers show when third-party cookies are disabled:
Chrome and Opera: Uncaught DOMException: Failed to read the 'localStorage' property from 'Window': Access is denied for this document.
Firefox: SecurityError: The operation is insecure.
IE and Edge: No error, access to localStorage in iframe is possible although third-party cookies are disabled.
So in conclusion, it is not possible to bypass this security feature (in Chrome, Firefox, Opera) and this is good in order to ensure users' privacy.
This is an old post, but if someone else see it- you can use postMessage
https://stackoverflow.com/a/40469196/4836581
Well, localStorage is domain-based and there is no reason for your example code to fail. What it actually does is to set the test item to 123 for 127.0.0.1 whereas it will leave the localhost localStorage empty.
This might not be the answer to your initial problem of QUOTA_EXCEEDED_ERR, but just try to switch to private browsing on Chrome (Ctrl+Shift+N) to see if you still have the error. Without further information on what you were initially doing, I can't tell much but I believe that quota exceeded means what it means...
And I think Chrome's quota is 2.5mb unlike FF which has 5mb of localStorage quota.
I created an HTML file on my desktop and added some JavaScript to set and clear cookies.
Now my question is, will the cookie be saved in my browser? Can I read it back?
if Yes,
For which domain will it be saved?
How can I see it in Google Chrome? (HTML run on Chrome)
Unfortunately some browsers including Google Chrome do not store cookies from local web pages:
Why does Chrome ignore local jQuery cookies?
Firefox has great developer plugins for cookie management, which report their domains, access paths and expiry:
https://addons.mozilla.org/en-US/firefox/addon/view-cookies/
https://addons.mozilla.org/en-US/firefox/addon/firecookie/ (Personal Favourite - Requires FireBug)
For local development purposes you can setup a development domain like "localhost" or "myfakedomain.com" and run your files on a local server.
Search:
Editing Hosts File [operating system]
Setup Local server on [operating system] (I use xampp)
If you're running the 'site' on a local webserver then it should be stored in your browser under 'localhost'. If however you're just opening a static HTML file Chrome will not store the cookie.
In Chrome you can use the Chrome Developer Tools and look under the 'Resources' tab.
There is a known issue where webkit browsers throw you a login popup with https sites under certain conditions. I notice it if my cookie is no longer valid.
I have an extension that accesses your Google sites but this login prompt thing is a bear to overcome. I can login to Goog's sites via perl/php and libcurl, save the needed cookies to a text file and go forward.
Can Safari extensions and XHR do the same? Can I save a cookie and its data to either memory or a variable? Can I use the cookie data in said variable in an XHR request? This would potentially overcome my problem.