Wildmyron wrote:^ New version released.
What was wrong? Well, basically, at some point, while studying how cookies work, I coded the session saving function to write the cookie to include "HttpOnly" ; I can't recall if I actually thought I understood what it was for, or if I just thought it should be there. It turns out that that's a flag to say "hey, no, don't let JavaScript muck about with this cookie", and Firefox just never paid attention to that before now.
http://community.livejournal.com/ljlogin/2675.html
Networking Landings, #1 (
bug 178993) caused the change, but my interpretation is that ljlogin was doing the wrong thing.
Good stuff. A couple of devs on IRC were trying to troubleshoot this too, but they didn't take it too far because the code was a bit weird in places. There were some funny bits when reading it tho, like:
Code: Select all
try { // Get the cookie
var yumcookie = handinjar.getNext();
if (!yumcookie) { // Oops. No actual cookie there.
return false;
}
and a bunch of else after returns, which apparently is a bit icky. And some comments like:
Code: Select all
// Now, go through the Password Manager and hopefully find a matching
// username/uid pair. I *would* use findPasswordEntry instead, except
// that whoever wrote it makes it throw an exception if there's no
// match, instead of doing something sane with return values. Cockbites.
Which is weird, since he's already shown he knows how to use try/catch to catch exceptions, etc. But hey, if the extension is now working, great stuff!