I am working on "Keep Me Log in" part of a site.However, when I close the chrome, only local cookies that I am working on are deleted. Other cookies from other sites remains. Does it have to be like that or is there any option for not-deleting the local cookies?. Thanks.
You need to be more specific.
There's cookies and localStorage, it's 2 different client persistance option. Neither get delete by navigator (Unless you're in private browse).
Cookies have a lifetime, maybe you don't set it right. Are you using a framework that can interferr here ?
Moreover, Chrome doesn't support cookies on localhost.
Related
I have a web application and we are calling a third party to process some data. Once it's done, the third party will redirect back to my application (It's a post redirection). To keep the session, we are using cookies. After the google chrome update, where the default values for samesite=Lax, I've updated our cookies to pass as samesite=None; Secure to overcome this issue. Now after google chrome version 91, this implementation is not working and I'm getting a session expiry issue. Can somebody help to fix this issue for google chrome version 91 and after? I'm using java
The best that we have been able to come up with is a client side meta refresh. When the third party posts back to our application, we have a page filter that will send it to a "refreshMeta" page similar to https://www.w3.org/TR/WCAG20-TECHS/H76.html. This has to happen without calling .getSession() anywhere because that will cause a new session to be created. This causes the page to refresh in the browser and send all original cookies back to the server because its coming from the same domain and a new session wasnt created.
I will say this worked for a while but it looks like there was change in Tomcat that's preventing this approach from working like it did on earlier versions, which is why I'm back looking for another solution.
I have set a cookie from an api and returned it as a response. But the latest version of chrome beta is not letting me to store the cookie. I have also set the SameSite="None" and Secure for considering third party cookies. But this is not getting stored.
Check chrome://settings/content/cookies. You want to ensure that:
"Allow sites to save and read cookie data (recommended)" is enabled
"Block third-party cookies" is disabled
Check the other settings there to ensure that the site is not on the "Block" list.
You should also check that you don't have any extensions that are affecting cookie behaviour. A quick way of generally testing this is to try in Incognito Mode or by creating a new Chrome profile.
I notice that certain cookies saved in my chrome browser are getting deleted automatically without any manual intervention. I have the some extensions installed in chrome. I want to know if anybody has faced the same issue. Do certain extension delete cookies on a regular basis? Any information would be helpful
I think I know the answer! Google chrome has a cap on the number of cookies it allowed per domain . Once the total number of cookies in that domain exceeds that count, it deletes cookies! Verified!
It must be due to some extension that you have installed. Extensions can have access to clear the cookies.
So, If you have not deleted the cookies manually, then the other extensions installed, are the responsible for clearing the cookies.
I have also observed something similar. After updating to Chrome 67 stable about two weeks ago some cookies disappeared. No matter if I set them again, after restarting chrome they are not there. Like the blocking cookie of web statistics/hit counter.
I don't know details, but looks like it may be related to http/https issue, I see in the site info that for some of the http pages background data is not synced in Chrome.
Or, if the cookie has no expiration time.
They're still being deleted without my consent and it's not due to extensions.
I have created several virtual hosts for my development processes. They were working just fine till yesterday. But in my chrome app, today they stopped working. Chrome shows: NET::ERR_CERT_AUTHORITY_INVALID
All my vhosts end with .dev. I changed one .dev to .work and its again working. But I can not do this for all vhosts as there are too many of them. What do I do?
PS:
They are working fine in firefox.
The error remains same in chrome incognito mode.
I tried clearing cache and hard reload, deleted my history and cache, restarting chrome even windows multiple time, nothing works.
In one solution, I found an exception can be included in chrome://net-internals/#hsts. I tried deleting domain in there but somehow it still appears in Query Domain search.
Chrome have switched the .dev sub domain to HTTPS only.
They have done this by turning on HSTS for this top level domain, but by preloading this in the Chrome code rather than sending the HSTS header. This means it cannot be switched off in the chrome://net-internals/#hsts screen.
More info:
https://ma.ttias.be/chrome-force-dev-domains-https-via-preloaded-hsts/
So you’re only options are:
Update you’re vhosts to a different TLD (e.g. .test). And yes this might be painful because you have so many.
Move to HTTPS by creating a certificate and updating your URLs. A self signed certificate that you can create yourself will do, however note that HSTS not only blocks accessing the site over plaintext HTTP, but also prevents you clicking through certificate errors. So you’ll need to manually accept any certificate to your trust store before it can be used.
The chrome team have been pushing HTTPS more and more and certain features are now HTTPS-only so even dev envs will need it now. So maybe it’s finally time take the effort to make the switch.
I just want to know how does Multi Login Extension works. I already read all the documentation in chrome but I didn't see any Session duplication like multilogin does.
This is the link of this extension.
https://chrome.google.com/webstore/detail/multilogin/nccllfnllopfpcbjdgjdlfmomnfgnnbk?hl=en
Thanks.
With MultiLogin installed, there is still a single CookieStore like before. But MultiLogin has its own persistent storage for the cookies that belong to each profile. When a cookie is set, MultiLogin records it and remembers the associated profile. When a link is clicked, MultiLogin intercepts the request and creates an HTTP header for only the cookies in that profile. And when some JavaScript evaluates document.cookie, MultiLogin provides a getter that knows the cookies for that profile.