"nsICookieManager.remove()" has been changed, passing of correct originAttributes is now needed

[ghost]

I am running Ubuntu GNOME 16.04 with GNOME 3.20, Firefox 47 and the latest stable version of HTTPS Everywhere made available. I was looking through my Firefox log today and found this message which I thought I should report:

[Vednier]

If you can turn off signing verification, then changing lines 164 and 165 from cookieManager.remove(c.host, c.name, c.path, false); cookieManager.add(c.host, c.path, c.name, c.value, true, c.isHTTPOnly, c.isSession, expiry); to cookieManager.remove(c.host, c.name, c.path, false, c.originAttributes); cookieManager.add(c.host, c.path, c.name, c.value, true, c.isHTTPOnly, c.isSession, expiry, c.originAttributes); in https-everywhere-eff@eff.org/chrome/content/code/HTTPS.js will solve your problem

[salty-horse]

Do you have an example website that triggers the warning? I assume it only shows up when a website serves cookies over HTTP...?

[ghost]

@salty-horse, Seemingly whenever I am in one of the chat rooms on the following site: https://chat.stackexchange.com/

[rugk]

I think the site does not matter. Also on GitHub I can reproduce this error.

These errors spam my browser console:

"nsICookieManager.remove()" wurde verändert. Aktualisieren Sie Ihren Code und übergeben Sie die korrekten originAttributes. Lesen Sie mehr auf MDN: https://developer.mozilla.org/docs/Mozilla/Tech/XPCOM/Reference/Interface/nsICookieManagerHTTPS.js:164:6
"nsICookieManager2.add()" wurde verändert. Aktualisieren Sie Ihren Code und übergeben Sie die korrekten originAttributes. Lesen Sie mehr auf MDN: https://developer.mozilla.org/docs/Mozilla/Tech/XPCOM/Reference/Interface/nsICookieManager2HTTPS.js:165:6
Allowing request to domain NOT in the block-list.(unbekannt)
"nsICookieManager.remove()" wurde verändert. Aktualisieren Sie Ihren Code und übergeben Sie die korrekten originAttributes. Lesen Sie mehr auf MDN: https://developer.mozilla.org/docs/Mozilla/Tech/XPCOM/Reference/Interface/nsICookieManagerHTTPS.js:164:6
"nsICookieManager2.add()" wurde verändert. Aktualisieren Sie Ihren Code und übergeben Sie die korrekten originAttributes. Lesen Sie mehr auf MDN: https://developer.mozilla.org/docs/Mozilla/Tech/XPCOM/Reference/Interface/nsICookieManager2HTTPS.js:165:6

The errors point to this file.

[rugk]

I also get TypeError: uri is undefined here.

And again. It seriously spams my whole console:

[salty-horse]

Can't reproduce it consistently. I only got the errors once while refreshing this page. :(

[wbt]

Buzzfeed makes the errors go nuts. (Warning: Content at the following links may be upsetting to some readers; you can just look at the console.) Check out https://www.buzzfeed.com/danvergano/trump-on-nukes or https://www.buzzfeed.com/williamalden/a-tech-mogul-said-hed-push-for-california-to-secede-if-trump to see if you can reproduce it there. There are two errors that alternate back and forth (so it doesn't accumulate with the red number):

HTTPS.js:165:6: “nsICookieManager2.add()” is changed. Update your code and pass the correct originAttributes. Read more on MDN: https://developer.mozilla.org/docs/Mozilla/Tech/XPCOM/Reference/Interface/nsICookieManager2

HTTPS.js:164:6: “nsICookieManager.remove()” is changed. Update your code and pass the correct originAttributes. Read more on MDN: https://developer.mozilla.org/docs/Mozilla/Tech/XPCOM/Reference/Interface/nsICookieManager

HBR does this too, e.g. https://hbr.org/2016/11/what-artificial-intelligence-can-and-cant-do-right-now

[Vednier]

Same here, gettin a lot of warnings on https://www.buzzfeed.com/danvergano/trump-on-nukes, can confirm.

[Forkest]

It actively spams the browser console, very annoying. Could somebody merge that PR please?