For development/debug purpose, instead of disable chrome from reopening tab of previous session (and therefore retained session cookie), close chrome and reopen, or manually look for that session cookie in dev tool and delete it. I want to be able to delete session cookies ONLY on chrome without deleting other cookies (preferentially only the session cookie for site in current tab), technically simulate the browser has closed and reopen to the same page again.
is such function exist in dev tool or extension to do just that?
Since you need this clearing method specifically for one browser may I suggest the use of a bookmark script?
I wrote this little script that will prompt you for the cookie's name and then delete it. Create a new bookmark in Chrome and add the code below as the URL:
javascript:(function(){var cName=prompt("Enter the name of the cookie to delete.");if( typeof(cName) == 'undefined' ) return; document.cookie = cName +"=;domain="+ (document.location.host).replace('http://', '').replace('www','') + ";path=/;expires=Thu, 01 Jan 2001 00:00:00 GMT";})()
Do note that while the script works immediately upon clicking it, if the cookies tab was your active console tab while running the script you will need to switch to another tab and return to the cookies tab to see the visual representation of the cookie being deleted.
If you intend to use this script to delete one specific cookie in one specific environment you can hard-code the cookie name and location, thus minimizing the required code even further and removing the user interaction element. And as an added bonus if you have a Google account this bookmark will carry over to any device you have that is connected to it.
Chrome is auto-filling the credentials, but not log me in until I click login. How to automate? (windows, non-google websites).
Using the Chrome Identity API you can have Chrome (on desktop and Android) automatically attempt to log in the user when they hit your page, even if their session has expired.
Following is a workflow diagram of how it works, but the details can be found in the Google Authentication API: Let the user automatically sign back in section:
It is not the browser's responsibility to auto-login to websites. This is the responsibility of the website you are accessing. The browser can remember form data and auto-fill for you, as can various extensions like LastPass.
However, in order to actually auto-login, you must first login to the website you are trying to access and enable the option they provide, often called 'Remember me?'. The website would typically use a cookie to store the credentials (securely with a hash + salt), and if the cookie still exists (not cleared from the browser or expired), and the hash of real password in database matches the one in the cookie, the website will auto-login.
You could force the browser to try and auto-login with extensions, which are essentially macros. You could try Auto Login or iMacros extensions for this. I would generally avoid this though.
Anyone else stumbling into this thread from a google search.... you can do this with autohotkey. If you browse to yourbankhere.com and chrome fills in the user/pass, you can have autohotkey perform a mousemove then a mouseclick to click the login button.
I am currently trying to port a Chrome extension to Firefox.
The Chrome extension has a "Login" page, which is opened in a new tab as an HTML document. The HTML document is stored in the local directory with other extension files. The user inputs a URL which should represent a server running our application, where the user will be asked to login. After a successful login, the user is redirected back to the options.html page, which is updated to show the user's preferences.
I would like to duplicate this in the Firefox extension, i.e. I would love to avoid writing anything in XUL to build an options page.
I tried opening a new tab with my HTML page like this:
var url = "chrome://myextension/content/options.html";
var win = Components.classes['#mozilla.org/appshell/window-mediator;1']
.getService(Components.interfaces.nsIWindowMediator)
.getMostRecentWindow('navigator:browser');
win.gBrowser.selectedTab = win.gBrowser.addTab(url);
But I don't like this for a few reasons: 1) The navbar in the new tab displays the "chrome:// ..." URL, and 2) it breaks the authentication process. The authentication is done using an OAuth type system, and the current URL is passed into the API so that the user can be redirected back upon successful authentication. The authentication fails with "chrome://" as part of the URL.
Just out of curiosity, I tried hardcoding the URL like this:
http://myextension/content/options.html
And the user is actually successfully authenticated, but then the redirect obviously fails afterward.
The Chrome extension seems to work with no problems or weird hacks. From what I can tell, opening it works like this:
chrome.tabs.create({"url":chrome.extension.getURL("options.html"), "selected":true});
And referencing the URL of the tab later so we can be redirected back to it just works like this:
var options_url = chrome.extension.getURL('options.html');
So, I'm wondering: what is the best way to open a local HTML document in a new tab with a Firefox extension, without using the "chrome://" "protocol"? Is there a similar way to how it can be done with Google Chrome extensions?
UPDATE 23/5/12
So this article says that chrome:// URLs are not accessible from the web, only locally.
http://adblockplus.org/blog/web-pages-accessing-chrome-is-forbidden
I think this could be the reason why my authentication was failing. I'm definitely looking for a way for my extension to display a local HTML file in a window or tab without using chrome://.
UPDATE 07/6/12
Here is my (hopefully temporary) solution:
The user enters the URL of the server running our application. He/she is redirected to the application login page, but instead of passing "chrome://myextension/content/options.html" as the URL to be redirected back to after authentication, I pass a phony URL, i.e. "http://myextension/thisis/madeup.html".
In my extension's overlay.js, I set up an HTTP request listener which listens for the phony URL being requested. When a GET happens for the phony URL, I cancel the request, and open the real, locally stored page at "chrome://myextension/content/options.html".
See the following references:
https://developer.mozilla.org/en/XPCOM_Interface_Reference/nsIObserver
https://developer.mozilla.org/en/XUL_School/Intercepting_Page_Loads#HTTP_Observers
If you're trying to do this redirect for an OAuth call you should try using OAuthorizer from Mozilla instead of doing the redirect work yourself. Hope that helps!
I'm working on a site that uses basic authentication. Using Chrome I've logged in using the basic auth. I now want to remove the basic authentication details from the browser and try a different login.
How do you clear the current basic authentication details when using Chrome?
It seems chrome will always show you the login prompt if you include a username in the url e.g.
http://me#example.com
This is not a real full solution, see Mike's comment below.
You can open an incognito window Ctrl+Shift+n each time you are doing a test. The incognito window will not remember the username and password the last time you entered.
To use this trick, make sure to close all incognito windows. All incognito windows share the same cache. In other words, you cannot open multiple independent incognito windows. If you login in one of them and open another one, those two are related and you will see that the new window remembers the authentication information from the first window.
all you need to do is to type chrome://restart in the address bar and chrome, with all its apps that are running in background, will restart and the Auth password cache will be cleaned.
The authentication is cleared when you exit Chrome.
Note however, that by default Chrome is running apps in the background, so it may not really exit even if you close all Chrome windows. You can either change this behavior under advanced setting, or e.g. under Windows, you can completely exit Chrome by using the Chrome icon in the systray. There should be an icon if Chrome is still running, but maybe you'll find it only in the popup with the hidden icons. The context menu of the Chrome icon has an entry to completely exit Chrome, and you can also change the setting for running apps in the background using that menu.
Open the Chrome menu
Select Settings
Scroll to the bottom
Click Show advanced settings...
Scroll to the bottom
Under System uncheck the box labeled: Continue running background apps when Google Chrome is closed
function logout(url){
var str = url.replace("http://", "http://" + new Date().getTime() + "#");
var xmlhttp;
if (window.XMLHttpRequest) xmlhttp=new XMLHttpRequest();
else xmlhttp=new ActiveXObject("Microsoft.XMLHTTP");
xmlhttp.onreadystatechange=function()
{
if (xmlhttp.readyState==4) location.reload();
}
xmlhttp.open("GET",str,true);
xmlhttp.setRequestHeader("Authorization","Basic YXNkc2E6")
xmlhttp.send();
return false;
}
Right click on your Bookmark Bar -> Add Page...
Set the name as Logout Basic Auth
Set the URL as:
javascript: (function() {
var xmlhttp = new XMLHttpRequest();
xmlhttp.onreadystatechange = function() {
if (xmlhttp.readyState == 4) {
location.reload()
}
};
xmlhttp.open("GET", location.origin, true);
xmlhttp.setRequestHeader("Authorization", "Basic aW52YWxpZDoK");
xmlhttp.send();
return false;
})()
On any webpage you need to logout of Basic Auth, click the bookmark.
This isn't exactly what the question is asking for but in case you accidentally saved basic auth credentials and want to clear them or update them:
https://support.google.com/accounts/answer/6197437
Open Chrome.
At the top right, click More > and then Settings.
At the bottom, click Advanced.
Under "Passwords and forms," click Manage passwords.
Under "Saved Passwords", click Remove on the site you want to clear saved basic auth credentials.
Steps 1-4 can be quickly navigated with this link: chrome://settings/passwords
This worked in Chrome Version 59.0.3071.115
There is no way to do this in Chrome as yet (Chrome 58)
I have found the best solution is to open the url in an Incognito window, which will force you to re-enter the basic authentication credentials.
When you want to change the credentials, close the Incognito window and launch another Incognito window.
Just do
https://newUsername:newPassword#example.com
...to override your old credentials.
I am using Chrome Version 83 and this is how I did it. Before following the steps make sure the tab of the site, whose Auth Details you want to delete is closed.
First, go to Settings >> Privacy and security.
Then click on Site settings option
Then click on View permissions and data stored across sites option
Search for the site whose Auth info you want to delete. In this example, I am using Stack Overflow.
Now click on the site and then click the Clear data button.
Now restart your browser and you will be asked for a fresh login. For restarting you can type chrome://restart in the address bar.
This is a quick trick.
For example you already input basic auth to url https://example.com by user1:password1. To clear it just open new tab then:
Goto: https://any:any#example.com then your password will be removed.
any:any is any string.
As mentioned by #SalCelli, chrome://restart works. However, this relaunches all the tabs.
Another method is to launch in incognito mode as suggested by CEGRD
However, if you could not like to restart & use incognito, on Chrome 86 (Mac), I found that the answer provided by #opsb & Mike only works with the below additional steps.
Enter the wrong username in the url without the resources
eg: if the url is http://mywebsite.com/resources/, it will not work if I enter http://wrong#mywebsite.com/resources/, but will work if I enter only http://wrong#mywebsite.com/
it clears the Basic Auth credentials
prompt for the credentials again
However, entering the valid credentials will not work, as in the background, chrome still send the wrong user as part of the url, even though the url appears right in the address bar When prompted for credentials you would need to Cancel, and click the address bar and reload the page from pressing enter. Now enter the correct password
May be old thread but thought of adding answer to help others.
I had the same issue with Advanced ReST Client App, I'm not able to clear basic authentication from Chrome neither from app. It simply stopped asking for credentials!
However, I managed to make it work by relaunching Chrome using About Google Chrome -> Relaunch.
Once Chrome is relaunched, when I accessed ReST service, it will ask for user name and password using basic authentication popup.
Hope this helps!
A lot of great suggestions here, I'll give the one that I found the most efficient:
Just change your password in the site. The old authentication will became outdated and Chrome will request it again.
Since I had a terminal open, I did a simple script to change the password and in two keypresses it were incremented.
Press the key combination Ctrl+Shift+Delete
You will see popup in chrome
Check the above options and click clear data and you are done.
I'm using Chrome 75. What I've found is that restarting Chrome doesn't work. But restarting Chrome AND opening the developer tools does work. I don't have any explanation why this should be.
In Chrome, on the right-hand side of the URL bar when you are at a password protected URL, you should see a small key symbol. Click the symbol and it will take you directly to the Password Management area where you can remove the entry. That will ensure you receive future prompts or have an opportunity to enter a new password and save it.
If you do not see the key symbol, that same Password Management area can be accessed by going to Chrome -> Settings -> Passwords and forms -> Manage Passwords. Or more simply, this URL – chrome://settings/passwords.
For Chrome 66 I found the relevant option under:
Top right ... menu -> More Tools -> Clear Browsing Data
Click the "Advanced" tab
Check the "Passwords" box (and uncheck others you don't want cleared)
Click "Clear Data"
Using a new Incognito window is probably easier, but for those times you forget and want to clear the saved password, this does the trick without having to restart Chrome (which also works)
For Windows 10: What worked for me was clearing the credentials in the Windows Credentials in the Credential Manager.
I was using LastPass password manager, deleting credentials in LastPass solved the issue.
Weirdest thing, but in my case, I was trying to access a page with basic auth and Chrome was sending invalid credentials without even prompting for it. After I logged out from my LastPass plugin, everything was back to normal. So I think LastPass is starting to support Basic Auth but it's not giving the option of what password to use, it looks like it's just sending a random password for a domain that matches (which is very problematic in my case).
Thought it might help someone.
In my case (Win Chrome v100) it worked when using https://#domain.com to delete the credentials. Verify in the dev tools and querying document.URL.
Chrome uses the same Internet Options as IE.
Try opening your Internet Options and removing the URL from "Trusted Sites." This should regenerate a 401 call for credentials when you restart the browser and visit the URL again.
You may need to remove it from "Intranet Sites" as well.
Things changed a lot since the answer was posted.
Now you will see a small key symbol on the right hand side of the URL bar.
Click the symbol and it will take you directly to the saved password dialog where you can remove the password.
Successfully tested in Chrome 49
You can also do it via the settings page, chrome://chrome/settings
Under The Hood
Advanced Settings
Passwords and Forms
Then click the link Manage saved passwords.
You should be able to clear your credentials from your browser via "Clear Browsing Data..." in chrome://settings/advanced