Missing cookies
I have an issue with Firefox 127 not accepting a session cookie that I use for user authentication. I have an ASP.NET application with a login form that includes fields for login and password, and a submit button. When the button is clicked, an HTTPS/POST request is sent to the server. The server responds and sends back a session cookie named .Cookie.Name with the parameter httpOnly set to true.
When I check in Firefox's Developer Tools under the Network tab, I can see .Cookie.Name in the server response. However, in the Developer Tools under the Storage tab, .Cookie.Name is missing, which prevents the user from logging in. This problem does not occur in other browsers like Chrome or Edge, nor does it occur in Firefox version 126. The configurations for Firefox 126 and 127 are identical.
Could you please assist with this issue?
Ausgewählte Lösung
Thank you for the link to the mozregression tool. It led us to the commit that changed Firefox's behavior regarding cookies, specifically to commit: "Reject cookies that end in a terminator character." This will allow for further diagnostics and help resolve the issue. Thanks again!
Diese Antwort im Kontext lesen 👍 0Alle Antworten (6)
Can it be something with case sensivity? We treat cookie name prefixes in a case-insensitive manner since Fx127.
Geändert am
It's a little hard to tell what .Cookie.Name actually is. The problem is with the cookies whose names start with a dot? The other cookies are set successfully?
Ausgewählte Lösung
Thank you for the link to the mozregression tool. It led us to the commit that changed Firefox's behavior regarding cookies, specifically to commit: "Reject cookies that end in a terminator character." This will allow for further diagnostics and help resolve the issue. Thanks again!
Geändert am
In version 127.0.1, it works correctly. We experienced the exact behavior mentioned: Fixed an issue causing Firefox to incorrectly reject cookies for certain websites (bug 1901325). Thank you for your help and quick response.