search

Tampermonkey / tampermonkey

Tampermonkey is the most popular userscript manager, with over 10 million users. It's available for Chrome, Microsoft Edge, Safari, Opera Next, and Firefox.
GNU General Public License v3.0
4.03k stars 413 forks source link

The value of a `GM_xmlhttpRequest` response cookie is incorrect #2067

Closed double-beep closed 14 hours ago

double-beep commented 1 month ago

Consider this script:

// ==UserScript==
// @name         Test script
// @version      0.1
// @author       You
// @match        https://example.com
// @grant        GM_xmlhttpRequest
// ==/UserScript==

(function() {
    GM_xmlhttpRequest({
        url: 'https://stackoverflow.com',
        onload: a => console.log(a.responseHeaders)
    });
})();

which runs on https://example.com making a request to Stack Overflow's homepage and printing the response headers of that request.

The problem with the script, that although I'm logged in to Stack Overflow, the value of the acct cookie (the only one used for authentication) is shown as t&s, while it should be t=oq9zBs0.....&s=66SXR3f%2fb......

I've noticed this problem occurs since I've updated Tampermonkey to v5.2.6196.

derjanb commented 1 month ago

Thanks for reporting. Should be at 5.2.6197 (crx|xpi in review)

Please download the crx file linked above and drag and drop it to the extensions page chrome://extensions (after you've enabled 'Developer Mode').