[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]

[tor-bugs] #7781 [EFF-HTTPS Everywhere]: problem with Gmail and https-everywhere chrome extension



#7781: problem with Gmail and https-everywhere chrome extension
----------------------------------+-----------------------------------------
 Reporter:  kargig                |          Owner:  pde            
     Type:  defect                |         Status:  new            
 Priority:  normal                |      Milestone:                 
Component:  EFF-HTTPS Everywhere  |        Version:  HTTPS-E 4.0dev3
 Keywords:                        |         Parent:                 
   Points:                        |   Actualpoints:                 
----------------------------------+-----------------------------------------
 Using the dev version of https-everywhere google chrome extension upon
 entering Gmail, a cookie called GMAIL_STAT_xxxx is stored. This cookie
 grows larger and larger while doing stuff inside Gmail. Upon the cookie
 reaching a certain size, Gmail becomes unavailable and replies with error
 400.
 Sometimes there are 2 versions stored of this cookie, one that has the
 secure flag on and one that doesn't.
 The issue goes away by removing those GMAIL_STAT_xxxx cookies, but after
 some activity inside Gmail it re-appears.

 That cookie doesn't get stored using an xpi for Firefox built from the
 same git repo version (HEAD). So it's a google-chrome specific issue.

 The problem also goes away when one removes the 'mail' entry from the
 securecookie regexp inside GoogleServices.xml

 Google Chrome version: 23.0.1271.97

-- 
Ticket URL: <https://trac.torproject.org/projects/tor/ticket/7781>
Tor Bug Tracker & Wiki <https://trac.torproject.org/>
The Tor Project: anonymity online
_______________________________________________
tor-bugs mailing list
tor-bugs@xxxxxxxxxxxxxxxxxxxx
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs