I have some trouble working with cookies via chrome extension from popup script.
popup.js content:
document.addEventListener('DOMContentLoaded', () => {
function cookieinfo() {
chrome.cookies.getAll({url: 'http://localhost:8080'}, function(cookie) {
console.log('Found cookie: ', cookie)
if (cookie == null)
return;
fetch('http://localhost:8080', {credentials: 'include'}).then((response) => {
// do some stuff
return response;
});
});
}
window.onload=cookieinfo;
}, false);
Steps that I perform:
Maybe someone knows what I'm doing wrong?
Edit:
It seems that the reason is that my cookie has parameters HttpOnly=true and SameSite=Lax (related link). I can see another cookies in the server log. But due to this thread all cookies will be sent if credentials parameter is set to include, even httpOnly cookies. Also I tried to send it to 127.0.0.1 instead of localhost due to this answer with the same result.
I can't set httpOnly to false. This is forced by framework. Somebody know how to fix it?
Edit2:
I finally installed Cookie editor and found out that the SameSite=Lax is the reason. If I set it to No Restriction then I will see it on the server side. Unfortunately, the framework I'm using only allows Lax and Strict options (Chrome extension fails with both). Does anyone know how to send Lax cookies from the Chrome extension?
This was the issue with extensions in Chromium till version 77. When cross-site cookie was set to SameSite=Lax or SameSite=Strict, the cookie was not sent with the cross-site request.
This has been fixed in version 78 in all platforms. Now chrome extension sends cookies when SameSite=Lax or SameSite=Strict.
References:
https://bugs.chromium.org/p/chromium/issues/detail?id=1007973
https://chromium-review.googlesource.com/c/chromium/src/+/1827503
https://bugs.chromium.org/p/chromium/issues/detail?id=617198