1

I am trying to override document.cookie in my Chrome extension and I'm having a lot of trouble getting the original document.cookie functionality to work at the same time. Currently I have this:

var _cookie = document.cookie; 
document.__defineSetter__("cookie", function(the_cookie) {_cookie=the_cookie;} );
document.__defineGetter__("cookie", function() {return _cookie;} );

I am injecting the JS from a content script using the technique from here.

The behavior I'm seeing is that my re-defined setter and getter get called, but the original function is no longer working. For example, I can check _cookie and document.cookie using the Developer Tools and see that they have the same, expected value, but no cookies ever appear in Chrome's cookie store.

Can anyone tell me how I am breaking the original document.cookie functionality? Is the problem that document.cookie is a property, so I'm not actually getting a pointer to the original setter?

Community
  • 1
  • 1
bryophyte
  • 11
  • 1
  • 3

2 Answers2

3

var _cookie = document.cookie; is not saving the original getter and setter for cookie, it is just calling the getter and saving the result.

This page (original link, now broken) has an example of how to save the cookie setter and getter:

var cookie_setter = document.__lookupSetter__ ('cookie');
var cookie_getter = document.__lookupGetter__ ('cookie');
rjmunro
  • 27,203
  • 20
  • 110
  • 132
  • Thanks for pointing that out. I already tried that approach and unfortunately it does not work in Chrome. It always returns undefined. What I ended up doing was re-implementing both the getter and setter by myself storing cookie strings in a hidden div. It's a mess but it works. You can see the end result [here](https://github.com/rjwalls/CookieMonster/blob/master/contentscript.js) – bryophyte May 16 '12 at 16:05
  • Broken link, what happened to that github repo with that file? – Stefan Wallin May 21 '15 at 05:57
  • @StefanWallin I've added a link to the wayback machine capture of the original URL. – rjmunro May 21 '15 at 14:59
1

You have redefined the orignal cookie getter and setter functions, and there might be a chance that you could have forgotten an important part or implementation of the original functions in the new functions

A Person
  • 1,350
  • 12
  • 23
  • I understand that, but my hope was that assigning the unchanged document.cookie to a variable and then referencing it in my override would call the original setter. Can you explain what is wrong about that assumption or how I can access the unchanged setter? – bryophyte Apr 13 '12 at 14:54
  • allow me to further understand, why would you want to override the get/set methods in the first place? – A Person Apr 13 '12 at 14:55
  • I am writing an extension that renames cookies to prevent cross-domain cookie tracking. Basically, it intercepts cookie headers in transit and decides whether to send them or not. HTTP cookies are easy to handle using the Chrome extension webrequest API but I don't get an incoming "Set-Cookie" header for JS cookies. My solution (which may be crazy) is to override the document.cookie methods so that I can catch and rename cookies when the setter is called. – bryophyte Apr 13 '12 at 15:41