Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

CLI: Add ability to catch exempted cookies #712

Merged
merged 8 commits into from
Jun 19, 2024
Merged

CLI: Add ability to catch exempted cookies #712

merged 8 commits into from
Jun 19, 2024

Conversation

ayushnirwal
Copy link
Contributor

@ayushnirwal ayushnirwal commented Jun 14, 2024
edited by mohdsayed
Loading

Description

This PR updates packages cli and cli-dashboard so that while analyzing websites any exempted cookies and their exemption reason can be caught.

Relevant Technical Choices

  • Update responseReceivedExtraInfoListener event handler to get exemption reason for any exempted cookie.
  • Update reshapeCookies utility in cli-dashboard to handle exemption reason.
  • Add a new section named ExemptedCookiesSection similar to extension for visualizing exemption data.
  • Add ExemptedCookiesSection to CookiesLandingContainer.

Testing Instructions

The CLI can be used to analyze any of the following websites -

They have been known to have cookie exemptions. If any cookie exemptions are detected the exemption section in the cookie landing should reflect that.

Additional Information

Caveats:

  • CDP implementation of Puppeteer doesn't show the set-cookie header for the accounts.google.com request URL.

  • If we open the network request in the browser in non-headless mode we can see a cookie NID being associated with
    the request but CDP fails to show this cookie in the responseExtraInfo details for the same request.

  • In the below image, you can see accounts.google.com request has an extra info event but the extra info event response doesn't contain the set-cookie header which contains the cookie information.
    Screenshot 2024-06-18 at 23 34 43

  • Another caveat is some cookies will be sent once the initial frame is set with the origin-trial then the cookies sent in response will be set.

  • On refreshing such sites the cookies will be exempted.

Checklist

  • I have thoroughly tested this code to the best of my abilities.
  • I have reviewed the code myself before requesting a review.
  • [ ] This code is covered by unit tests to verify that it works as intended.
  • The QA of this PR is done by a member of the QA team (to be checked by QA).

Partially Fixes #656

@ayushnirwal ayushnirwal self-assigned this Jun 14, 2024
@ayushnirwal ayushnirwal linked an issue Jun 14, 2024 that may be closed by this pull request
CLI Feature Parity #656
Closed
3 tasks
@ayushnirwal ayushnirwal mentioned this pull request Jun 14, 2024
Closed
3 tasks
@ayushnirwal ayushnirwal marked this pull request as ready for review June 17, 2024 04:59
@mohdsayed mohdsayed added this to the v1.0.0 milestone Jun 18, 2024
@amovar18 amovar18 force-pushed the feat/exemption-cli branch from 013d531 to 5220a9c Compare June 18, 2024 18:50
@mohdsayed
Copy link
Collaborator

mohdsayed commented Jun 19, 2024
edited
Loading

Let's create an issue for the puppeteer problem.

@mohdsayed mohdsayed merged commit dcf8327 into develop Jun 19, 2024
4 checks passed
@mohdsayed mohdsayed deleted the feat/exemption-cli branch June 19, 2024 14:02
@mohdsayed mohdsayed mentioned this pull request Jun 25, 2024
Merged
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@mohdsayed mohdsayed mohdsayed approved these changes

@mayan-000 mayan-000 Awaiting requested review from mayan-000

Assignees

@ayushnirwal ayushnirwal

Labels
None yet
Projects
None yet
Milestone
v0.9
Development

Successfully merging this pull request may close these issues.

CLI Feature Parity
3 participants
@ayushnirwal @mohdsayed @amovar18