Uploaded image for project: 'Qt'
  1. Qt
  2. QTBUG-71393

Redirect loop on GMail when disabling third-party cookies

    XMLWordPrintable

    Details

    • Type: Bug
    • Status: Closed
    • Priority: P2: Important
    • Resolution: Done
    • Affects Version/s: 5.11.2, 5.12
    • Fix Version/s: 5.11.3, 5.12.0 Beta 4
    • Component/s: WebEngine
    • Labels:
      None
    • Commits:
      efa90d944170f0a2f98c482825b9809c77e7792c (qt/qtwebengine/5.11)

      Description

      When patching simplebrowser to disallow third-party cookies:
       

      diff --git a/examples/webenginewidgets/simplebrowser/browser.cpp b/examples/webenginewidgets/simplebrowser/browser.cpp
      index 5c6dbd35..f516bf15 100644
      --- a/examples/webenginewidgets/simplebrowser/browser.cpp
      +++ b/examples/webenginewidgets/simplebrowser/browser.cpp
      @@ -52,6 +52,7 @@
       #include "browserwindow.h"
       
       #include <QWebEngineProfile>
      +#include <QWebEngineCookieStore>
       
       Browser::Browser()
       {
      @@ -64,6 +65,9 @@ Browser::Browser()
           QObject::connect(
               &m_otrProfile, &QWebEngineProfile::downloadRequested,
               &m_downloadManagerWidget, &DownloadManagerWidget::downloadRequested);
      +
      +    QWebEngineProfile::defaultProfile()->cookieStore()->setCookieFilter(
      +        [](const QWebEngineCookieStore::FilterRequest &request) { return !request.thirdParty; });
       }
       
       BrowserWindow *Browser::createWindow(bool offTheRecord)
      

      and then doing the following:

      • Go to mail.google.com
      • Log in
      • Wait a bit to make sure cookies are set (not sure if QTBUG-58675 is really fixed, but that's a different story )
      • Close simplebrowser
      • Reopen it and go to mail.google.com again
      • If you get a login prompt again, try to log in

      you end up with this:

      Now this seems like a bug in the new GMail - however, when disallowing third-party cookies in Chromium (Settings -> Advanced -> Content settings -> Cookies -> Block third-party cookies) or Firefox (Preferences -> Privacy & Security -> Accept third-party cookies and site data -> Never) things work just fine.

      I wonder whether https://codereview.qt-project.org/#/c/220503/ or https://codereview.qt-project.org/#/c/224984/ causes this somehow - is this the same behaviour that Chromium has?

        Attachments

        For Gerrit Dashboard: QTBUG-71393
        # Subject Branch Project Status CR V

          Activity

            People

            Assignee:
            allan.jensen Allan Sandfeld Jensen
            Reporter:
            the compiler Florian Bruhin
            Votes:
            1 Vote for this issue
            Watchers:
            2 Start watching this issue

              Dates

              Created:
              Updated:
              Resolved:

                Gerrit Reviews

                There are no open Gerrit changes