Missing cookies
I have an issue with Firefox 127 not accepting a session cookie that I use for user authentication. I have an ASP.NET application with a login form that includes fields for login and password, and a submit button. When the button is clicked, an HTTPS/POST request is sent to the server. The server responds and sends back a session cookie named .Cookie.Name with the parameter httpOnly set to true.
When I check in Firefox's Developer Tools under the Network tab, I can see .Cookie.Name in the server response. However, in the Developer Tools under the Storage tab, .Cookie.Name is missing, which prevents the user from logging in. This problem does not occur in other browsers like Chrome or Edge, nor does it occur in Firefox version 126. The configurations for Firefox 126 and 127 are identical.
Could you please assist with this issue?
被采纳的解决方案
Thank you for the link to the mozregression tool. It led us to the commit that changed Firefox's behavior regarding cookies, specifically to commit: "Reject cookies that end in a terminator character." This will allow for further diagnostics and help resolve the issue. Thanks again!
定位到答案原位置 👍 0所有回复 (6)
Can it be something with case sensivity? We treat cookie name prefixes in a case-insensitive manner since Fx127.
由TyDraniu于修改
It's a little hard to tell what .Cookie.Name actually is. The problem is with the cookies whose names start with a dot? The other cookies are set successfully?
选择的解决方案
Thank you for the link to the mozregression tool. It led us to the commit that changed Firefox's behavior regarding cookies, specifically to commit: "Reject cookies that end in a terminator character." This will allow for further diagnostics and help resolve the issue. Thanks again!
由LukaszRoki于修改
In version 127.0.1, it works correctly. We experienced the exact behavior mentioned: Fixed an issue causing Firefox to incorrectly reject cookies for certain websites (bug 1901325). Thank you for your help and quick response.