Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Security exception when cookies are fully blocked #118

Closed
AstRonin opened this issue Jun 5, 2019 · 8 comments · Fixed by #119 or #128
Closed

Security exception when cookies are fully blocked #118

AstRonin opened this issue Jun 5, 2019 · 8 comments · Fixed by #119 or #128
Assignees
@cyrilletuzi
Labels
bug

Comments

@AstRonin
Copy link

AstRonin commented Jun 5, 2019

I looked on documentation but not found an answer.
How will behave this library when the cookies disabled?
In generally, for native localStorage In Chrome we can see such error:
DOMException: Failed to read the 'localStorage' property from 'Window': Access is denied for this document. In Edge it looks SCRIPT5022: SecurityError.
Will your library switch to some In Memory storage or just say "I cannot work" and show error?

Thanks
@cyrilletuzi
Copy link
Owner

As a general answser, this lib try to check the availability of the different APIs, to fallback to another API when necessary. It goes like this:

  • try indexedDB
  • if not possible, try localStorage
  • if not possible, try in memory storage

As a more specific answser, there are already many API availability checks, but it's not impossible that some edgy cases are not yet managed.

But if it's the case, a detailed report would be needed to take action. Currently I'm quite puzzled with your question, as I don't see the link between cookies and localStorage.

@AstRonin
Copy link
Author

AstRonin commented Jun 5, 2019

I did not see also, before my client disable cookies and said me what a site did not loading...
You can try, it is easy, just switch off as I highlighted on printscreen:
image
(Second for iframe)

By the way, thanks for your answer, very good.

@cyrilletuzi cyrilletuzi mentioned this issue Jun 5, 2019
Merged
@cyrilletuzi cyrilletuzi changed the title When disabled cookies or Block third-party cookies in iframe Security exception when cookies are fully blocked Jun 5, 2019
@cyrilletuzi cyrilletuzi self-assigned this Jun 5, 2019
@cyrilletuzi cyrilletuzi added the bug label Jun 5, 2019
@cyrilletuzi
Copy link
Owner

Indeed, you're right. Fixed via #119, released in v8.0.1.

Thanks for reporting. 👍

@AstRonin
Copy link
Author

AstRonin commented Jun 5, 2019
edited
Loading

thanks, but can this work for 6 version also? I use Angular 7 and you recommended use 6 version...

@cyrilletuzi
Copy link
Owner

Released in v6.2.4.

@AstRonin
Copy link
Author

AstRonin commented Jun 5, 2019
edited
Loading

I updated to 6.2.4

in modules I see your changes:
image

but I see this error:
image

As I understand these changes not enough, when library try open indexedDB this catch error and set:
this.fallback = new LocalStorageDatabase(prefix); and again try use native localStorage...

So... indexedDB can be in window but cannot open through cookies block...

image

@cyrilletuzi cyrilletuzi reopened this Jun 6, 2019
@cyrilletuzi
Copy link
Owner

I've reopened the issue.

But I won't be able to take care of this now, expect a fix in 2 weeks.

@cyrilletuzi cyrilletuzi mentioned this issue Jun 19, 2019
Merged
@cyrilletuzi
Copy link
Owner

cyrilletuzi commented Jun 19, 2019
edited
Loading

Fix released in 8.0.2 and 6.2.5.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees

@cyrilletuzi cyrilletuzi

Labels
bug
Projects
None yet
Milestone
No milestone
2 participants
@cyrilletuzi @AstRonin