They have been known to have cookie exemptions. If any cookie exemptions are detected the exemption section in the cookie landing should reflect that.
Additional Information
Caveats:
CDP implementation of Puppeteer doesn't show the set-cookie header for the accounts.google.com request URL.
If we open the network request in the browser in non-headless mode we can see a cookie NID being associated with
the request but CDP fails to show this cookie in the responseExtraInfo details for the same request.
In the below image, you can see accounts.google.com request has an extra info event but the extra info event response doesn't contain the set-cookie header which contains the cookie information.
Another caveat is some cookies will be sent once the initial frame is set with the origin-trial then the cookies sent in response will be set.
On refreshing such sites the cookies will be exempted.
Checklist
[x] I have thoroughly tested this code to the best of my abilities.
[x] I have reviewed the code myself before requesting a review.
~[ ] This code is covered by unit tests to verify that it works as intended.~
[x] The QA of this PR is done by a member of the QA team (to be checked by QA).
Description
This PR updates packages
cli
andcli-dashboard
so that while analyzing websites any exempted cookies and their exemption reason can be caught.Relevant Technical Choices
responseReceivedExtraInfoListener
event handler to get exemption reason for any exempted cookie.reshapeCookies
utility incli-dashboard
to handle exemption reason.ExemptedCookiesSection
similar to extension for visualizing exemption data.ExemptedCookiesSection
toCookiesLandingContainer
.Testing Instructions
The CLI can be used to analyze any of the following websites -
They have been known to have cookie exemptions. If any cookie exemptions are detected the exemption section in the cookie landing should reflect that.
Additional Information
Caveats:
CDP implementation of Puppeteer doesn't show the set-cookie header for the accounts.google.com request URL.
If we open the network request in the browser in non-headless mode we can see a cookie NID being associated with the request but CDP fails to show this cookie in the responseExtraInfo details for the same request.
In the below image, you can see accounts.google.com request has an extra info event but the extra info event response doesn't contain the set-cookie header which contains the cookie information.
Another caveat is some cookies will be sent once the initial frame is set with the
origin-trial
then the cookies sent in response will be set.On refreshing such sites the cookies will be exempted.
Checklist
Partially Fixes #656