search

gingerbeur / google-cast-sdk

Automatically exported from code.google.com/p/google-cast-sdk
0 stars 0 forks source link

Cookie based authorization support #430

Closed GoogleCodeExporter closed 9 years ago

GoogleCodeExporter commented 9 years ago 
What steps will reproduce the problem?
1. Try to stream token authorized HLS content from akamai. 
2. Server responds with Set-Cookie: 
hdntl=exp=1415964436~acl=%2xx%2fxxxx1_1*~data=hdntl~hmac=xxxxb3959dff4a3cb322ad1
8b57675b8a; path=/; domain=xxx-lh.akamaihd.net;, _alid_=7DEw5GrDgT8XYuxxxx==; 
path=/i/xxx1_1@60281/; 
3. Chromecast doesn't show any set-cookie header when inspecting using 
developer tools and the cookie information isn't sent in the following requests.

What is the expected output? What do you see instead?
Cookie should be saved and the cookie should be used for the sequential 
requests.

What version of the product are you using? On what operating system?
Chromecast with the latest updates

Please provide any additional information below.

Even if the request is made to same origin, chromecast won't save the incoming 
cookies. 
Response from the local server:
HTTP 200 No Error

Access-Control-Allow-Origin: xxx.ngrok.com
X-Powered-By: Express
Set-Cookie: _alid_=qxxxxxvrowrBKtJ10lFA==; path=/i/xx1_1@50481/; 
domain=xxx.ngrok.com
Access-Control-Allow-Methods: GET,PUT,POST,DELETE
Server: nginx/1.6.2
Access-Control-Expose-Headers: *
Transfer-Encoding: Identity
Access-Control-Allow-Headers: *
Date: Thu, 13 Nov 2014 11:44:23 GMT
Access-Control-Allow-Credentials: true
Connection: Keep-alive
Accept-Ranges: bytes

Headers from the next request to the same local server (No cookie header 
available):
{ host: 'xxx.ngrok.com',
  'x-real-ip': 'xxx.xxx.xx.145',
  'x-forwarded-proto': 'http',
  connection: 'close',
  pragma: 'no-cache',
  'cache-control': 'no-cache',
  'user-agent': 'Mozilla/5.0 (Unknown; Linux armv7l) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/37.0.2062.0 Safari/537.36 CrKey/22062',
  'x-devtools-emulate-network-conditions-client-id': 'xxx-CA84-xxxx-90A8-xxxx',
  accept: '*/*',
  referer: 'http://xxx.ngrok.com/mpl.html',
  'accept-encoding': 'gzip,deflate',
  'accept-language': 'en-US,en;q=0.8' }

Only way the chromecast seems to send cookie headers if the cookie is saved 
manually using developer tools, e.g. 
document.cookie = "foo=bar ;path=/" -> request –> cookie header is present

Original issue reported on code.google.com by lyyti...@gmail.com on 13 Nov 2014 at 11:49

GoogleCodeExporter commented 9 years ago 
Have you set "withCredentials" to be true?
https://developers.google.com/cast/docs/reference/player/cast.player.api.Request
Info#withCredentials

Original comment by and...@google.com on 17 Nov 2014 at 11:02

GoogleCodeExporter commented 9 years ago 
Yes I have set withCrendentials=true, but it won't resolve the issue that the 
cookie isn't being saved. 
The issue can be replicated by doing a xhr request from the chromecast 
development console, or inserting the same custom xhr request logic to resource 
loaded by the custom receiver. Network requests can be seen in the development 
console, but no set-cookie headers are shown, and the cookies won't be send if 
doing sequential requests.

var xhr = new XMLHttpRequest()
xhr.open( 'GET', 'http://test.bar', true)
xhr.withCredentials = true
xhr.onreadystatechange = function() {
    console.log( xhr.status, xhr.statusText )
}
xhr.send()

Chromecast firmware: 22062

Original comment by lyyti...@gmail.com on 18 Nov 2014 at 8:51

GoogleCodeExporter commented 9 years ago 
Do you have a repro page that works in desktop Chrome, but not in Chromecast? 
If so, please share it so that we can investigate it.

Original comment by vadi...@google.com on 19 Nov 2014 at 5:29

GoogleCodeExporter commented 9 years ago 
Closed due to lack of response

Original comment by anad...@google.com on 5 Dec 2014 at 5:42