El vie, 16-09-2016 a las 20:31 -0500, Michael Catanzaro escribió:
> Hi,
>
> In [1] a user discovered that Google Inbox is broken in Epiphany only
> when used as a web app. The problem is that when creating a web app,
> we
> copy all cookies for the web app's domain into the web app profile
> dir,
> but no other cookies. Turns out Inbox depends on third-party cookies
> (actually cookies from a different google domain) and breaks if Inbox
> cookies are present without those other cookies. It uses frames,
> which
> must be why our normal cookie policy (block third party cookies by
> default) doesn't break Inbox.
>
> Possible fixes:
>
> * Copy no cookies. User needs to log in again the first time the web
> app is opened. One time cost. I'm leaning toward this right now, but
> it
> seems a shame to remove this feature to work around a Google bug.
> * Copy all cookies. Almost all the cookies saved in the web app's
> profile directory will then be unnecessary, and it will be impossible
> to ever clear them.
> * Copy cookies only from the second-level domain (google.com). I
> expect it would fix this case, but what if other sites have the same
> problem. Also, this seems strange because it doesn't parallel the
> normal security model for the web; subdomains are not trusted by
> parent
> domains.
>
> Thoughts, preferences, suggestions?
If it's a gmail specific issue I would handle that as such, so when the
web app is for gmail I would not copy any cookie.
> Michael
>
> [1] https://bugzilla.gnome.org/show_bug.cgi?id=771540
> ___
> epiphany-list mailing list
> epiphany-list@gnome.org
> https://mail.gnome.org/mailman/listinfo/epiphany-list
--
Carlos Garcia Campos
http://pgp.rediris.es:11371/pks/lookup?op=get=0xF3D322D0EC4582C3
signature.asc
Description: This is a digitally signed message part
___
epiphany-list mailing list
epiphany-list@gnome.org
https://mail.gnome.org/mailman/listinfo/epiphany-list
