Opened 7 years ago

Closed 5 years ago

#7781 closed defect (worksforme)

[CHROME] gmail cookie mutation

Reported by: kargig Owned by: dtauerbach
Priority: Medium Milestone:
Component: HTTPS Everywhere/EFF-HTTPS Everywhere Version: HTTPS-E chrome 2013.1.18
Severity: Keywords:
Cc: Actual Points:
Parent ID: Points:
Reviewer: Sponsor:


Using the dev version of https-everywhere google chrome extension upon entering Gmail, a cookie called GMAIL_STAT_xxxx is stored. This cookie grows larger and larger while doing stuff inside Gmail. Upon the cookie reaching a certain size, Gmail becomes unavailable and replies with error 400.
Sometimes there are 2 versions stored of this cookie, one that has the secure flag on and one that doesn't.
The issue goes away by removing those GMAIL_STAT_xxxx cookies, but after some activity inside Gmail it re-appears.

That cookie doesn't get stored using an xpi for Firefox built from the same git repo version (HEAD). So it's a google-chrome specific issue.

The problem also goes away when one removes the 'mail' entry from the securecookie regexp inside GoogleServices.xml

Google Chrome version: 23.0.1271.97

Child Tickets

Change History (2)

comment:1 Changed 7 years ago by pde

Owner: changed from pde to dtauerbach
Status: newassigned
Summary: problem with Gmail and https-everywhere chrome extension[CHROME] gmail cookie mutation
Version: HTTPS-E 4.0dev3HTTPS-E chrome 2013.1.18

Dan, this looks potentially related to the other cookie bug we have on Chrome

comment:2 Changed 5 years ago by jsha

Resolution: worksforme
Status: assignedclosed
Note: See TracTickets for help on using tickets.