Unable to set-cookie with ;
ryanbr opened this issue · 11 comments
Prerequisites
- This is NOT a YouTube, Facebook, Twitch or a shortener/hosting site report. These sites MUST be reported by clicking their respective links.
- I read and understand the policy about what is a valid filter issue.
- I verified that this issue is not a duplicate. (Use this button to find out.)
- I did not remove any of the default filter lists, or I have verified that the issue was not caused by removing any of the default lists.
- I did not enable additional filter lists, or I have verified that the issue still occurs without enabling additional filter lists.
- I do not have custom filters/rules, or I have verified that the issue still occurs without custom filters/rules.
- I am not using uBlock Origin along with other content blockers.
- I have verified that the web browser's built-in content blocker/tracking protection, network wide/DNS blocking, or my VPN is not causing the issue.
- I have verified that other extensions are not causing the issue.
- If this is about a breakage or detection, I have verified that it is caused by uBlock Origin and isn't a site issue.
- I did not answer truthfully to ALL the above checkboxes.
URL address of the web page
dach-shop24.de
Category
nuisance
Description
Trying to set-cookie to fix the cookie consent on dach-shop24.de for essential and external media only
Suggested rule:
! essential and external media only
dach-shop24.de##+js(trusted-set-cookie, datenschutz, 'a:4:{s:10:"essenziell";i:1;s:9:"statistik";s:1:"0";s:9:"marketing";s:1:"0";s:6:"medien";s:1:"1";}')
set-cookie stops on essenziell" in ignores the rest of the filter rule.
Other extensions used
N/A
Screenshot(s)
N/A
Configuration
N/A
dach-shop24.de##+js(trusted-set-cookie, datenschutz, 'a%3A4%3A%7Bs%3A10%3A%22essenziell%22%3Bi%3A1%3Bs%3A9%3A%22statistik%22%3Bs%3A1%3A%220%22%3Bs%3A9%3A%22marketing%22%3Bs%3A1%3A%220%22%3Bs%3A6%3A%22medien%22%3Bs%3A1%3A%221%22%3B%7D')
With reload:
dach-shop24.de##+js(trusted-set-cookie, datenschutz, 'a%3A4%3A%7Bs%3A10%3A%22essenziell%22%3Bi%3A1%3Bs%3A9%3A%22statistik%22%3Bs%3A1%3A%220%22%3Bs%3A9%3A%22marketing%22%3Bs%3A1%3A%220%22%3Bs%3A6%3A%22medien%22%3Bs%3A1%3A%221%22%3B%7D',,, reload, 1)
; is a special character in cookie values. Use raw value, not what the dev tools shows in beautified form.
Use raw value, not what the dev tools shows in beautified form.
For sake of convenience I think I will add detection of special characters in cookie name/value and encode with encodeURIComponent when detected.
ryanbr : Trying to set-cookie to fix the cookie consent on dach-shop24.de for essential and external media only
gwarser :
;is a special character in cookie values. Use raw value, not what the dev tools shows in beautified form.
Which is already mentioned in Wiki :
https://github.com/uBlockOrigin/uBlock-issues/wiki/Resources-Library#trusted-set-cookiejs- : The scriptlet does not encode cookie names and values. As a result, if a cookie's name or value includes
;, the scriptlet will not set the cookie since this may cause the cookie to break.
However:
ryanbr : set-cookie stops on essenziell" in ignores the rest of the filter rule.
Seems like a bug / unexpected behavior, because according to Wiki - the trusted-set-cookie scriptlet should not set the cookie and should just decline it as a whole, but instead it sets a partial/broken cookie.
Also related :
With reload
Right, I just tested the changes to automatically encode if needed and a reload was necessary for the cookie notice to go away.
Does this fix the option ; in the trusted-set-cookie example above?
Yes, with the change, your original filter works, no need to encode as pointed out by @gwarser.
white.market##+js(trusted-set-cookie, cookie-consent, '{"required":true,"optional":false,"analytics":false}')
Doesn’t work as expected with uBlock Origin 1.56.1rc5 Firefox. Instead of
{"required":true,"optional":false,"analytics":false}
It set
%7B%22required%22%3Atrue%2C%22optional%22%3Afalse%2C%22analytics%22%3Afalse%7D
and this will make the filter failing.
Test site: https://white.market/
As per RFC 6265 the characters ", should be encoded but apparently browsers don't care. I will prevent those characters from triggering encoding.
Given you are already editing the trusted-set-cookie doc in Wiki, and you have updated it in the previous issue accordingly to the previous issue: https://github.com/uBlockOrigin/uBlock-issues/issues/3191#issuecomment-2029851635
this part still needs to be updated accordingly to the current issue, as now the scriptlet encodes automatically :
https://github.com/uBlockOrigin/uBlock-issues/wiki/Resources-Library#trusted-set-cookiejs- : The scriptlet does not encode cookie names and values. As a result, if a cookie's name or value includes
;, the scriptlet will not set the cookie since this may cause the cookie to break.
I'm using 1.57.3b0. At this site, there's a newsletter popup when you first open: https://srajagopalan.substack.com/
I tried to set
srajagopalan.substack.com##+js(trusted-set-cookie, intro_popup_last_hidden_at, $currentDate$)but it returns Wed%2C%2010%20Apr%202024%2007%3A49%3A18%20GMT.
When I use
srajagopalan.substack.com##+js(trusted-set-cookie, intro_popup_last_hidden_at, $currentISODate$)it returns literal string $currentISODate$ (not the date as expected).
Would it be possible to have a vararg to determine when to encode the value? trusted-set-cookie is being used a lot, I'm afraid there could be more unseen bugs due to this change.