* Ted Mielczarek:

> On Tue, Jan 20, 2015, at 07:22 AM, Florian Weimer wrote:
>> I would like to extract session cookies from a running Firefox
>> instance.  Is there are a supported mechanism to do this?
> I don't know the definitive answer, but I strongly suspect the answer is
> "no". We don't really have any supported APIs for communicating with a
> running Firefox by default.


> If you have control over the client configuration you may be able to
> use marionette-client[1], which is a Python library for
> communicating with Firefox using our implementation of the WebDriver
> protocol. This would let you execute arbitrary JavaScript in the
> browser context. However, Marionette is not enabled by default so
> you'd have to configure Firefox to enable it first.

Fortunately, both the SQLite database schema and the JSON file format
storing the session cookies on disk (whose existence is rather
suprising, but it's apparently for crash-recovery purposes) are very
stable.  I've been using this for a while, and it beats the
alternative (such as using Silenium).

I understand that malware could abuse this, but on the other hand, it
enables interested users to programmatically access web applications,
even these web applications use convoluted authentication mechanisms.
dev-platform mailing list

Reply via email to