Summary: | all cookies are treated as session cookies independed of settings | ||
---|---|---|---|
Product: | [Applications] konqueror | Reporter: | Mathias Homann <Mathias.Homann> |
Component: | kcookiejar | Assignee: | David Faure <faure> |
Status: | RESOLVED FIXED | ||
Severity: | normal | CC: | adawit, claudiu, d.scheftelowitsch, phep-lists, vdboor |
Priority: | NOR | ||
Version: | 4.2.2 | ||
Target Milestone: | --- | ||
Platform: | openSUSE | ||
OS: | Linux | ||
Latest Commit: | Version Fixed In: | ||
Sentry Crash Report: |
Description
Mathias Homann
2009-05-02 09:46:04 UTC
seems that under certain conditions cookies don't work at all, i cannot sign in to deutsche bank online banking, with the error message from the site "Your browser does not accept cookies". I am able to reproduce this bug on openSUSE 11.1 / KDE 4.2.2 / Qt 4.5.1+4.5.2 20090506 snapshot (from openSUSE repository). It also looks like (after some testing) that the Arora browser (Which should be KDE independent) and the Qt demo browser are affected in a similar way and do not accept cookies from some websites. Thus, I suppose that this bug could be Qt-specific. See also the Qt tracker entry #229874 http://www.qtsoftware.com/developer/task-tracker/index_html?method=entry&id=228974 (In reply to comment #2) The Qt bug seems fixed as of the 20090508 snapshot. At least the Qt demo browser behaves properly now. I confirm this bug in konqueror on Debian testing / KDE 4.2.2 / Qt 4.5.1 . Please note that this bug is present in konqueror (even with a freshly created account) _BUT_ it is not present in the QtDemo browser (this one behaves normally) hence this does not seem to be related to Qt. More precisely and this surely indicates the source of the bug, I noticed that the cookies are all marked by konqueror as expiring at the end of the session (when visiting settings->...->cookies) while those cookies that are sent by the web apps have an expiration date set in the past. This is the contents of my kcookiejarrc: [$Version] update_info=kcookiescfg.upd:kde2.2/b1,kcookiescfg.upd:kde3.1/cvs [Cookie Dialog] PreferredPolicy=1 ShowCookieDetails=true [Cookie Policy] AcceptSessionCookies=true CookieDomainAdvice=.kde.org:Accept CookieGlobalAdvice=Accept Cookies=true IgnoreExpirationDate=false RejectCrossDomainCookies=false By the way, although this might only be a transient artifact, while I tried different tricks to make it work, I once noticed a message telling about a "cookie engine not running" (translated, and out of memory). If telled the name of the process I could check this. HTH this bug still exists in konqueror 4.3.00. how about someone actually looks at it. cookies not working properly = browser unusable. Under 4.3.1 this bug does not show anymore. Merci David ! I'm a bit confused because I'm not sure which fix would have fixed this. All the confusion about domains starting with a dot was in the cookies configuration module (which uses fromAce/toAce), not in the cookie handling itself (kcookiejar). There was also bug 190394, but that one is only for "localhost", while in this report you're talking about any website, right? Anyway; glad to hear it works, but waiting for confirmation from others before closing. Confirm this bug for Konqueror/KDE 4.3.3 on site: http://www.tvtorrents.com The KDE system is from openSUSE repository, running openSUSE 11.2. Can anyone use another browser and check the expiration date for cookies left behind when you elect to have the website "remember your login" ? If the expiration date is beyond 2038, then the bug reported here is as a result Y2K38 problem that was recently fixed. See http://websvn.kde.org/?view=revision&revision=1062414 Yes. Seems that the cookie tvtorrents.com set to remember login has year in 2077 (in firefox). In konqueror is not present at all, after select "remember login", just the session id cookie (in FF there is an additional cookie with variable named "login". Great. Then this particular issue is fixed in both KDE 4.4 and the KDE 4.3 branch. For reference here is the link to the patch applied to address the problem: http://lists.kde.org/?l=kde-core-devel&m=126071469307860&w=2 Leaving the ticket open until other related cookie expiration date related bugs are resolved.... SVN commit 1063612 by adawit: - Fixed parsing of cookie expiration dates. This resolves the problem of non-session cookies being treated as session ones. - Fixed problems with the recent Y2K38 fix. CCBUG: 145244 CCBUG: 176731 CCBUG: 187792 CCBUG: 191318 M +36 -40 kcookiejar.cpp M +5 -1 kcookiejar.h M +9 -4 tests/cookie.test WebSVN link: http://websvn.kde.org/?view=rev&revision=1063612 See commit in comment #12 *** Bug 192749 has been marked as a duplicate of this bug. *** |