Want to protect your cyber security and still get fast solutions? Ask a secure question today.Go Premium

x
  • Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 1406
  • Last Modified:

Why does Chrome browser not save to a cookie from off-line HTML/Javascript app. when IE and Firefox have no problem?

We have an HTML and Javascript site of statistical calculators that runs either from the web or directly from one's hard disk.  We use a cookie to save language and other preferences. This is fine either off-line or on-line in IE and Firefox, but the new Chrome browser will not save to the cookie when off line.  Is this deliberate, and is there a way around it in JavaScript?  The code is at www.openepi.com
0
Andy_in_Doral
Asked:
Andy_in_Doral
  • 7
  • 6
  • 2
  • +1
2 Solutions
 
agdean9Commented:
Perhaps my spelling of "cookie" as "cooke" is the problem.  
0
 
ZvonkoSystems architectCommented:
Is in the offline version the Google analytics script at bottm of code.html included?

0
 
agdean9Commented:
Thank you, Zvonko, for this suggestion, as I have had trouble with script being between the </body> tag and the </html>  tag before.  However the cookie problem is easily demonstrated by code from a tutorial on cookies.  Save the following demo to a disk file and then run it both from the net and from the disk copy with IE or Firefox and then with Google Chrome.

http://elated.com/res/File/articles/development/javascript/javascript-and-cookies/cookies_page.html

The demo page accepts a name and stores it in a cookie when run from a website, or from disk in IE or Firefox.  Chrome runs it correctly from the website, but when running the HTML from disk, fails to save the name in a cookie.  It asks repeatedly for your name because it can't save the answer to a cookie.  

This simple example should help to clarify the problem, and exclude the complexities..
0
Concerto Cloud for Software Providers & ISVs

Can Concerto Cloud Services help you focus on evolving your application offerings, while delivering the best cloud experience to your customers? From DevOps to revenue models and customer support, the answer is yes!

Learn how Concerto can help you.

 
ZvonkoSystems architectCommented:
Use this cookie control parameter: -enable-file-cookies
Like this:
C:\Users\Zvonko\AppData\Local\Google\Chrome\Application\chrome.exe --enable-file-cookies

The reason why you need that parameter is described here:
http://code.google.com/p/chromium/issues/detail?id=535


0
 
agdean9Commented:
Thank you Zvonko.  This is exactly the issue, and the documentation I need.  Now that I know not saving cookies in off-line mode was a decision of the Chromium team, how can I allow users to run our statistical calculators off-line in Chromium?  The way I see it, the choices are:
   1)  Ask them to learn how to run Chrome from the command line.
   2) Somehow give them a desktop shortcut that does so, only for Chrome and only in Windows
   3) Tell them not to use Chrome to run OpenEpi from disk.
   4) Detect Chrome in Javascript and pop a message about having no language or statistical settings
   5) Convince the Chromium team that whatever works in FF and IE should also work in Chrome, and not just fail mysteriously without further information.  

Any suggestions for a workaround?
0
 
Michel PlungjanIT ExpertCommented:
Why not do 4 + 1 ?

tell them that the current BETA (more like Alpha) version of Chromium needs a shortcut to allow offline cookies
I am sure the users of that browser are more than average technical...
0
 
agdean9Commented:
Could do this, at least in Windows, if life and limb depended on it, but it seems extreme in order to get Chrome to do what FF and IE do smoothly.

I'm no wizard on the details of security, but it seems like allowing a page from any website to save a cookie as long as the page is on-line is more dangerous than allowing a page that has been downloaded and saved to save a cookie in the absence of an Internet connection.  Perhaps the Chromium team will change their minds, as I'm sure there are lots of on-line/off-line internet applications that depend on cookies for settings.
0
 
Michel PlungjanIT ExpertCommented:
If I can get you to save MY page, I can in MY page read all cookies from all offline pages you have saved and which have saved cookies while offline and send them to MY server quite easily.

That is the reason
0
 
agdean9Commented:
IIt sounds like MY is spyware. In the current version of Chrome, runninng on-line, MY can read and write cookies, sending them wherever it wants.  How is this prevented by keeping it from reading and writing cookies when there is no Internet connection?   Even if you prevent IE and FF from writing cookies off-line, there will always be cookies to read, whether written off-line or on-line.

I hope the Chromium team will come up with a way to do what is safe without requiring  browser specific workarounds just to store the user's language preference.  Google has gone to great effort to enable offline applications (e.g., with Gears), and this seems to block that effort.
0
 
Michel PlungjanIT ExpertCommented:
I wrote "if MY page" as in "if the page you save on your harddisk" and I am of course talking about spyware
0
 
Michel PlungjanIT ExpertCommented:
0
 
agdean9Commented:
Thank you for the HTML5 draft document.  I'm afraid I must leave this to wiser heads than mine, but I think I have made my desires clear.  All I want is for the Chrome browser to let HTML/Javascript pages that are run from the local disk,  read and write their own cookies in order to save settings.  

Thanks to all for clarifying the issues.
0
 
agdean9Commented:
Please close this thread.  I hope the Google Chrome crew will fix the problem and allow offline apps to read and write their own cookies.
0
 
Michel PlungjanIT ExpertCommented:
You can close it by accepting your own comment as solution
0
 
Andy_in_DoralAuthor Commented:
It appears that new Chrome updates have fixed the problem.   Yeah!!!

0
 
Andy_in_DoralAuthor Commented:
Thanks, everybody, and to the Passage of Time, and especially to the Chrome Team for fixing the problem.  
0

Featured Post

Upgrade your Question Security!

Your question, your audience. Choose who sees your identity—and your question—with question security.

  • 7
  • 6
  • 2
  • +1
Tackle projects and never again get stuck behind a technical roadblock.
Join Now