Cookie clobbering script injection in Chrome is broken.

EFForg / privacybadger

Privacy Badger is a browser extension that automatically learns to block invisible trackers.

https://privacybadger.org

Other

3.13k stars 380 forks source link

Cookie clobbering script injection in Chrome is broken. #87

Closed jonathanmayer closed 10 years ago

jonathanmayer commented 10 years ago

The chrome.tabs.executeScript API is very limited. We can only inject a script into either the top-level frame or all frames. That's a problem, since we want the cookie / local storage clobbering script to only run in certain frames.

A hacky solution would be to inject the script into all frames, with a dynamically generated part of the script testing for whether the current frame is third party and, if so, whether it's whitelisted. Blech.

pde commented 10 years ago

I have just been talking to Cooper about this further. It seems like our dirty hacks are going to suck a lot (for instance, they will require us to perform a cookie clear at install time).

The best "correct" solution is to do your injection into all frames, with the current list of yellow domains targetted and the current first party origin removed. That should hopefully be more like a ~50 entry object injected into each frame, rather than a ~500 entry object.

cooperq commented 10 years ago

Ended up doing this with a fake cookie store and the cookies api. It all seems to be working.