X
Tap here to go to the mobile version of the site.

Support Forum

HTML5 Audio player skipping cookies

Posted

I am using Firefox latest version to test my website running mp3 files fetched via proxy We are using cookie authentication to validate user and play audio file Here is our current implementation

We send a request to our media proxy with a user token and it validates and set a cookie in response with a mp3 URL We set this mp3 URL in audio src and cookie is saved in browser

The problem is that <audio> player fetch media from src but it does not send the cookie we saved for that media proxy instead it does not send a single request cookie although in our XHR call we were sending many cookies

When no cookie is sent to our media proxy a 401 response is sent and audio player stops

Here are some requests from workflow

XHR Response


HTTP/2.0 200 OK date: Mon, 03 Jun 2019 07:21:45 GMT content-type: text/plain;charset=UTF-8 content-length: 10 access-control-allow-credentials: true access-control-allow-origin: https://consumer.example.com set-cookie: x-id-token=********** expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary: Accept-Encoding server: cloudflare cf-ray: 4e0fe97e6ccfd791-MRS X-Firefox-Spdy: h2

XHR Request


Host: media.example.com User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10.14; rv:67.0) Gecko/20100101 Firefox/67.0 Accept: application/json, text/plain, */* Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Referer: https://consumer.example.com/listen/uuid Origin: https://consumer.example.com Connection: keep-alive Cookie: ajs_anonymous_id=%22f6ae4eca-8ea9-4560-86e3-627457ef4a81%22; _gat=1; __cfduid=d695230e812d89679db4755d7f0b1cc311559546465; optimizelyEndUserId=oeu1559546469968r0.12488801925201709; tracking-preferences={%22version%22:1%2C%22destinations%22:{%22Amazon%20Kinesis%22:true%2C%22Branch%20Metrics%22:true%2C%22Google%20Analytics%22:true%2C%22MailChimp%22:true%2C%22Optimizely%22:true}%2C%22custom%22:{%22marketingAndAnalytics%22:true%2C%22advertising%22:true%2C%22functional%22:true}}; ajs_user_id=%221bd49c39-b295-4e31-87af-1ac3745190fb%22; ajs_group_id=null; _ga=GA1.2.1103036539.1559546471; _gid=GA1.2.2051257759.1559546471; fbsstage=*****

After this request i see that X-Id-Token cookie set in browser but in a subsequent call to same URL not even a single cookie is sent although in above request 4-5 cookies were sent

Subsequent Request


Host: media.example.com User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10.14; rv:67.0) Gecko/20100101 Firefox/67.0 Accept: audio/webm,audio/ogg,audio/wav,audio/*;q=0.9,application/ogg;q=0.7,video/*;q=0.6,*/*;q=0.5 Accept-Language: en-US,en;q=0.5 Referer: https://consumer.example.com/listen/uuid Range: bytes=0- Origin: https://consumer.example.com Connection: keep-alive TE: Trailers expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" server: cloudflare cf-ray: 4e0fe9823aecd791-MRS X-Firefox-Spdy: h2

This works fine in chrome as the cookie is sent in all requests but not in firefox. There is no CORS issue in browser console. I see only these errors from audio player AbortError: The fetching process for the media resource was aborted by the user agent at the user's request. AbortError: The operation was aborted. AbortError: The operation was aborted.

This happened because the media fetch call returned 401 because cookie was not present Can anyone tell me whats wrong here?

I am using Firefox latest version to test my website running mp3 files fetched via proxy We are using cookie authentication to validate user and play audio file Here is our current implementation We send a request to our media proxy with a user token and it validates and set a cookie in response with a mp3 URL We set this mp3 URL in audio src and cookie is saved in browser The problem is that <audio> player fetch media from src but it does not send the cookie we saved for that media proxy instead it does not send a single request cookie although in our XHR call we were sending many cookies When no cookie is sent to our media proxy a 401 response is sent and audio player stops Here are some requests from workflow XHR Response ----------------------- HTTP/2.0 200 OK date: Mon, 03 Jun 2019 07:21:45 GMT content-type: text/plain;charset=UTF-8 content-length: 10 access-control-allow-credentials: true access-control-allow-origin: https://consumer.example.com set-cookie: x-id-token=********** expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary: Accept-Encoding server: cloudflare cf-ray: 4e0fe97e6ccfd791-MRS X-Firefox-Spdy: h2 XHR Request ---------------------------- Host: media.example.com User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10.14; rv:67.0) Gecko/20100101 Firefox/67.0 Accept: application/json, text/plain, */* Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Referer: https://consumer.example.com/listen/uuid Origin: https://consumer.example.com Connection: keep-alive Cookie: ajs_anonymous_id=%22f6ae4eca-8ea9-4560-86e3-627457ef4a81%22; _gat=1; __cfduid=d695230e812d89679db4755d7f0b1cc311559546465; optimizelyEndUserId=oeu1559546469968r0.12488801925201709; tracking-preferences={%22version%22:1%2C%22destinations%22:{%22Amazon%20Kinesis%22:true%2C%22Branch%20Metrics%22:true%2C%22Google%20Analytics%22:true%2C%22MailChimp%22:true%2C%22Optimizely%22:true}%2C%22custom%22:{%22marketingAndAnalytics%22:true%2C%22advertising%22:true%2C%22functional%22:true}}; ajs_user_id=%221bd49c39-b295-4e31-87af-1ac3745190fb%22; ajs_group_id=null; _ga=GA1.2.1103036539.1559546471; _gid=GA1.2.2051257759.1559546471; fbsstage=***** After this request i see that X-Id-Token cookie set in browser but in a subsequent call to same URL not even a single cookie is sent although in above request 4-5 cookies were sent Subsequent Request --------------------------------- Host: media.example.com User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10.14; rv:67.0) Gecko/20100101 Firefox/67.0 Accept: audio/webm,audio/ogg,audio/wav,audio/*;q=0.9,application/ogg;q=0.7,video/*;q=0.6,*/*;q=0.5 Accept-Language: en-US,en;q=0.5 Referer: https://consumer.example.com/listen/uuid Range: bytes=0- Origin: https://consumer.example.com Connection: keep-alive TE: Trailers expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" server: cloudflare cf-ray: 4e0fe9823aecd791-MRS X-Firefox-Spdy: h2 This works fine in chrome as the cookie is sent in all requests but not in firefox. There is no CORS issue in browser console. I see only these errors from audio player AbortError: The fetching process for the media resource was aborted by the user agent at the user's request. AbortError: The operation was aborted. AbortError: The operation was aborted. This happened because the media fetch call returned 401 because cookie was not present Can anyone tell me whats wrong here?
Quote

Additional System Details

Application

  • User Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_3) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

More Information

TyDraniu
  • Top 25 Contributor
293 solutions 1639 answers

Helpful Reply

I think that you should report this issue on the https://bugzilla.mozilla.org/enter_bug.cgi page.

I think that you should report this issue on the https://bugzilla.mozilla.org/enter_bug.cgi page.
Was this helpful to you? 1
Quote
cor-el
  • Top 10 Contributor
  • Moderator
17278 solutions 156183 answers

You can create a new profile to test if your current profile is causing the problem.

See "Creating a profile":

If the new profile works then you can transfer files from a previously used profile to the new profile, but be cautious not to copy corrupted files to avoid carrying over problems.

You can create a new profile to test if your current profile is causing the problem. See "Creating a profile": *https://support.mozilla.org/en-US/kb/profile-manager-create-and-remove-firefox-profiles *http://kb.mozillazine.org/Standard_diagnostic_-_Firefox#Profile_issues If the new profile works then you can transfer files from a previously used profile to the new profile, but be cautious not to copy corrupted files to avoid carrying over problems. *https://support.mozilla.org/en-US/kb/recovering-important-data-from-an-old-profile
Was this helpful to you? 0
Quote
jscher2000
  • Top 10 Contributor
8516 solutions 69604 answers

Okay, so what domain/path is this cookie set for:

hassnainalvi said

XHR Response

HTTP/2.0 200 OK date: Mon, 03 Jun 2019 07:21:45 GMT content-type: text/plain;charset=UTF-8 content-length: 10 access-control-allow-credentials: true access-control-allow-origin: https://consumer.example.com set-cookie: x-id-token=********** expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary: Accept-Encoding server: cloudflare cf-ray: 4e0fe97e6ccfd791-MRS X-Firefox-Spdy: h2

If you are viewing a page on consumer.example.com and open the Storage Inspector using Shift+F9, can you check the domain and see whether the cookie was set for the base site (example.com) or only for the specific host (consumer.example.com) or even worse, for a specific path?

Okay, so what domain/path is this cookie set for: ''hassnainalvi [[#question-1260873|said]]'' <blockquote><pre> XHR Response ----------------------- HTTP/2.0 200 OK date: Mon, 03 Jun 2019 07:21:45 GMT content-type: text/plain;charset=UTF-8 content-length: 10 access-control-allow-credentials: true access-control-allow-origin: https://consumer.example.com '''set-cookie: x-id-token=**********''' expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary: Accept-Encoding server: cloudflare cf-ray: 4e0fe97e6ccfd791-MRS X-Firefox-Spdy: h2</pre> </blockquote> If you are viewing a page on consumer.example.com and open the Storage Inspector using Shift+F9, can you check the domain and see whether the cookie was set for the base site (example.com) or only for the specific host (consumer.example.com) or even worse, for a specific path?
Was this helpful to you?
Quote

Question owner

jscher2000 said

Okay, so what domain/path is this cookie set for: hassnainalvi said
XHR Response

HTTP/2.0 200 OK date: Mon, 03 Jun 2019 07:21:45 GMT content-type: text/plain;charset=UTF-8 content-length: 10 access-control-allow-credentials: true access-control-allow-origin: https://consumer.example.com set-cookie: x-id-token=********** expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary: Accept-Encoding server: cloudflare cf-ray: 4e0fe97e6ccfd791-MRS X-Firefox-Spdy: h2

If you are viewing a page on consumer.example.com and open the Storage Inspector using Shift+F9, can you check the domain and see whether the cookie was set for the base site (example.com) or only for the specific host (consumer.example.com) or even worse, for a specific path?

The cookie is set for media.example.com domain because the set cookie response is received from media domain

''jscher2000 [[#answer-1227450|said]]'' <blockquote> Okay, so what domain/path is this cookie set for: ''hassnainalvi [[#question-1260873|said]]'' <blockquote><pre> XHR Response ----------------------- HTTP/2.0 200 OK date: Mon, 03 Jun 2019 07:21:45 GMT content-type: text/plain;charset=UTF-8 content-length: 10 access-control-allow-credentials: true access-control-allow-origin: https://consumer.example.com '''set-cookie: x-id-token=**********''' expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary: Accept-Encoding server: cloudflare cf-ray: 4e0fe97e6ccfd791-MRS X-Firefox-Spdy: h2</pre> </blockquote> If you are viewing a page on consumer.example.com and open the Storage Inspector using Shift+F9, can you check the domain and see whether the cookie was set for the base site (example.com) or only for the specific host (consumer.example.com) or even worse, for a specific path? </blockquote> The cookie is set for media.example.com domain because the set cookie response is received from media domain

Modified by hassnainalvi

Was this helpful to you?
Quote
cor-el
  • Top 10 Contributor
  • Moderator
17278 solutions 156183 answers

You would have to set a domain cookie for domain=.example.com to make Firefox send this cookie.

You would have to set a domain cookie for domain=.example.com to make Firefox send this cookie.
Was this helpful to you?
Quote

Question owner

cor-el said

You would have to set a domain cookie for domain=.example.com to make Firefox send this cookie.

I tried it settings it but it still does not work The cookie is present when i check site-data but firefox does not send it with .mp3 (media) requests. Everything works fine in Chrome

''cor-el [[#answer-1229233|said]]'' <blockquote> You would have to set a domain cookie for domain=.example.com to make Firefox send this cookie. </blockquote> I tried it settings it but it still does not work The cookie is present when i check site-data but firefox does not send it with .mp3 (media) requests. Everything works fine in Chrome
Was this helpful to you?
Quote

Question owner

Here is what i understand from my testing This specific issue happens when the media call is sent with bytes range Everything works fine and all cookies are attached to the request when the call is made with the header below: Range: bytes=0-

But as soon as the next chunk is fetched and header change to anything like > Range: bytes=18644992-

It just stop working and does not send a single cookie although in the working scenario it sends all five cookies for example.com domain

Here is what i understand from my testing This specific issue happens when the media call is sent with bytes range Everything works fine and all cookies are attached to the request when the call is made with the header below: Range: bytes=0- But as soon as the next chunk is fetched and header change to anything like > Range: bytes=18644992- It just stop working and does not send a single cookie although in the working scenario it sends all five cookies for example.com domain
Was this helpful to you?
Quote
Ask a question

You must log in to your account to reply to posts. Please start a new question, if you do not have an account yet.