subhra74
commented
4 years ago What exactly do mean by session support. If you meant that saved password for some servers, that is already provided. Is this working for you?
Open meichengg opened 4 years ago
subhra74
commented
4 years ago What exactly do mean by session support. If you meant that saved password for some servers, that is already provided. Is this working for you?
meichengg
commented
4 years ago doesn't session work through cookie? Since the authorization validates the current session is valid or not, they will have to check the cookie, i think you didn't pass the current cookie for the active Chrome tab so when XDM receive the request URL, there won't be any valid cookie (invalid session) so it cannot download the file right?
meichengg
commented
4 years ago This is my school server, it requires students to login with our Google Mail then it'll give us a valid cookie. The required cookie here to make the session valid is MoodleSession
subhra74
commented
4 years ago Cookies are forwarded to XDM at the time of intercepting the download. Can you try this from firefox, and check if this works. There is some permission issue in chrome extension at this moment, but if this works in firefox the we can be sure
meichengg
commented
4 years ago Sadly, the same for firefox 😭
subhra74
commented
4 years ago Can you debug the headers for XDM like you did for the browser. I think you are using some proxy based network inspector. You can set XDM to use that applications proxy, and check the difference between browser's request and XDM's request
meichengg
commented
4 years ago Hey @subhra74 , i found the problem as you said me to do. I think the problem is from your extension and add-on when passing multiple Cookie header in HTTP header. It's prohibited in HTTP/1 and allowed in HTTP/2 (https://stackoverflow.com/questions/16305814/are-multiple-cookie-headers-allowed-in-an-http-request)
Here are the requests i captured:
This one is from XDM, multiple Cookie header will overwrite the older cookie which resulted in MoodleSession was overwritten.
And this is a normal request i captured in a browser.
subhra74
commented
4 years ago Great debugging! Marking this issue as bug and adding to backlog.
Describe the bug In some cases, some websites requires authentication to download files and unfortunately, XDM doesn't this. Which this annoys a lot, since i have to turn off Browser monitoring and download the files with Google Chrome default downloader 🤦♂ . Please consider fixing this, thanks so muchhh.
By the way, session support is covered in many download managers nowadays.
Screenshots
Desktop: