What does google CheckCookie link do? - cookies

I've found a code which opens this link after logging in to google account programmatically.
What's the purpose this link?
https://www.google.com/accounts/CheckCookie?chtml=LoginDoneHtml

After Successfully logged in this url gets all old cookiees which stored in browser in request header and verify with server and update it if any changes.
generally this cookie always changed during each request
1. __utma,
2. __utmb,
3. __utmc,
4. __utmz.
to see live demo of changing cookie use firecookie addon in firefox.

Related

link preview not working (shows 301) on shortened bitly links on Facebook

When posting a link on Facebook, after setting the open graph meta tags (e.g. og:title, og:image) it successfully shows a link preview as I intend it to. However after shortening the link with bit.ly, when I post it on Facebook the link preview becomes "301 moved permanently" with no image. I get the same with tinyurl, are there any specific tags I should be adding here? I have tried refreshing with the sharing debugger, re crawling, trying iterations of the url with http and https and it's all the same result with the short url
Answering my own question here for all those in the future who may also have this problem,
I had to actually go into my site settings and turn https redirecting off, and enable both http and https

Postman cookies not set for subdomain (Postman Inceptor, Postman Native App)

i am playing around with Postman to get some insight on how things work behind the curtain and ran into, what I believe, is an issue but wanted to ask before I create a new issue on GitHub.
I am intercepting the request from my browser to the same site using the Postman Interceptor to use the request values in the native app. I have cookies enabled and the site (the whole domain) whitelisted.
When I use the history to resend the same request that was captured I get an auth error that is caused by the fact that the cookies are not included in the request (found that out by checking the cURL code snippet). I believe the reason for that is, that the cookies are set under another sub domain than that the request is send to.
I will try to include some pictures to clarify. My question here is:
Am I missing something/did I set something up in the wrong way
or is this an issue and I should create an issue in the official Postman Github page
cURL request
Cookies in Postman Native App
you should see if cookie is being send not using code snippet but the console :
its indeed sending cookies ,

IE7 & IE8, JSESSIONID cookie breaks file download

Is there a way to prevent websphere from sending cookies in a response on a per request/url basis?
Our users get a link which allows them to download a file. Works fine in all major browsers except for IE8 & IE7. In IE7 & IE8, the file download breaks when cookies are sent with the response.
When a new session is created, the WebSphere sends a JSESSIONID cookie, and sets Cache-control to no-cache=set-cookie. This causes the download process to break in IE8 and lower.
Things I tried:
1) I know that no-cache=set-cookie can be turned off in Websphere admin console, but it's not an option.
2) The websphere is fronted by a web server, so the response headers can be changed using the web server, but it's not really an option.
3) I created a servlet filter, but it seems like whatever websphere does happens after the filter runs.
4) I created a JSP page that would prompt file download on load. The idea was that the cookie will be exchanged on page load, so that it won't interfere with the download. Unfortunately, because the download is triggered through JavaScript, IE blocks the download, and a user needs to manually approve it.
Is there any way to make it work?
IE8 has bug that may connected with your problem. Bug description. stackoverflow
I solved similar problem using good article.

How to set a cookie for iframe on the same domain

I'm trying to make integration of etherpad-lite in the CMS Plone, following Example 1 of the official documentation http://etherpad.org/doc/v1.2.7/
Portal places the cookie "sessionID" with the given value on the client and creates an iframe including the pad.
Everythings goes well except for the cookie. Reading documentation the best pratice seems to make etherpad-lite in the same domain under a specific path. This is what I have done using /pad/ path.
Plone side if no session has been created, I created on, I add a cookie and then I'm doing a redirect to the same page to be sure the cookie is in the browser.
As a results my cookie is added to the request of the main page but not ob the iframe request.
Here is the google chrome console network tab for the main page and the iframe:
http://toutpt.makina-corpus.org/en/images/cookie-in-iframe/
The code corresponding to the setCookie is at https://github.com/toutpt/collective.etherpad/blob/master/collective/etherpad/archetypes.py#L100
For posterity, here's the answer from #AskoSoukka identified and "accepted" in the comments above:
How does the actual cookie stored in you browser look like? Probably, you need to explicitly specify path="/" in setCookie kwargs to make it work for the whole domain.

Cookie set serverside but not displaying in document.cookie

I'm trying to implement an answer from another question on this site:
Detect when browser receives file download
I've followed all of the steps and everything is working up to the point where I try to retrieve the cookie. When I use Firebug I can see the cookie that I created in the header response, along with a cookie that was created earlier in the app by javascript.
The info in firebug for the two cookies is:
name:earlierCookie,value:1234,Domain:localhost,Path:/,Expires:Session,HttpOnly:false
name:cookiefromServer,value:5678,Domain:localhost,Path:/resource/upload/file,Expires:Session,HttpOnly:false
So, you can see that the cookies are in the same domain (they have different paths). When looking at document.cookie, only earlierCookie is present.
Why can I see cookieFromServer in Firebug and not in document.cookie?
Also, please tell me if I need to post more info.
I figured this out on my own. The problem is the path. Setting path to / from the server allows the cookie to show up in document.cookie I have no idea why this is and can't find good resources explaining it.