[tor-bugs] #7781 [EFF-HTTPS Everywhere]: problem with Gmail and https-everywhere chrome extension
Tor Bug Tracker & Wiki
blackhole at torproject.org
Sat Dec 22 10:29:46 UTC 2012
#7781: problem with Gmail and https-everywhere chrome extension
----------------------------------+-----------------------------------------
Reporter: kargig | Owner: pde
Type: defect | Status: new
Priority: normal | Milestone:
Component: EFF-HTTPS Everywhere | Version: HTTPS-E 4.0dev3
Keywords: | Parent:
Points: | Actualpoints:
----------------------------------+-----------------------------------------
Using the dev version of https-everywhere google chrome extension upon
entering Gmail, a cookie called GMAIL_STAT_xxxx is stored. This cookie
grows larger and larger while doing stuff inside Gmail. Upon the cookie
reaching a certain size, Gmail becomes unavailable and replies with error
400.
Sometimes there are 2 versions stored of this cookie, one that has the
secure flag on and one that doesn't.
The issue goes away by removing those GMAIL_STAT_xxxx cookies, but after
some activity inside Gmail it re-appears.
That cookie doesn't get stored using an xpi for Firefox built from the
same git repo version (HEAD). So it's a google-chrome specific issue.
The problem also goes away when one removes the 'mail' entry from the
securecookie regexp inside GoogleServices.xml
Google Chrome version: 23.0.1271.97
--
Ticket URL: <https://trac.torproject.org/projects/tor/ticket/7781>
Tor Bug Tracker & Wiki <https://trac.torproject.org/>
The Tor Project: anonymity online
More information about the tor-bugs
mailing list