gapi.auth2.ExternallyVisibleError: Invalid cookiePolicy

Question

I'm trying to add a Google Sign In Authentication system to my app, but I keep getting a strange error that I haven't seen anyone get. I'm using EXACTLY the google example code.

I thought it could be some mistake when loading the api, so I checked the async loading and everything seems to be loading properly, but I keep getting this error in the console:

gapi.auth2.ExternallyVisibleError: Invalid cookiePolicy

I searched everywhere for people with the same problem, but I could not find anything similar.

Any ideas?

EDIT: I tried to create a page with ONLY the code of the tutorial, but the error still occurs.

score 102 · Answer 1 · answered Oct 01 '15 at 22:49

102

Well, turns out I was trying to test the API by directly acessing my files locally (index.html). The Google Sign In API only works in a running web server. I started a simple node.js server, ran my app trhough this server, and everthing worked just fine.

answered Oct 01 '15 at 22:49

KoJoVe

1,553
2
10
9

4

I am having the exact same problem. Now if I just knew how to start a simple node.js server :) – Rob3C Jun 10 '16 at 21:24
8

I used to think this was complicated but it isn't. install python. cd to the directory of your html file then run "python -m http.server 8000" – Robert3452 Mar 24 '17 at 14:41
Thanks this worked after running it on a node server. – Kulasangar Mar 15 '18 at 06:46
I got same error on chrome extension, web is working fine. Please tell me how to solved this issue. – Harleen Kaur Arora Jul 22 '21 at 18:06
Will this work on Xampp? Or limited just for NodeJs Server – Extraterrestrial Jul 17 '22 at 03:53

score 9 · Answer 2 · answered Sep 17 '17 at 16:24

9

As already answered by KoJoVe, you need to run inside a web server. If you are using Python 2.7 you might use python -m SimpleHTTPServer 8000 and then use localhost:8000 on your browser

answered Sep 17 '17 at 16:24

Shreyas Gaonkar

265
2
5

neaumusic · Answer 3 · 2020-02-06T08:20:48.167

4

I've been trying to get a chrome extension to work for a very long time, and I recently decided to click into the error. The reason is because the google platform script checks window.location.protocol (which isn't https for chrome extension) and throws the error 'invalid cookie policy'.

My theory as to why Google won't fix this:

They want to drive people into using paid OAuth2 endpoints
They want to know who received the tokens, if possible (via certificate authorities)

edited Feb 06 '20 at 08:20

answered Feb 06 '20 at 08:14

neaumusic

10,027
9
55
83

Have you figured it out how to implement auth2 in chrome-extension because i'm strugling with this too – Naveen Kashyap Oct 26 '20 at 18:58
@NaveenKashyap I gave up, and there's a difference between OAuth and OpenID which is what I wanted to use. https://stackoverflow.com/questions/59556339/can-chrome-extensions-steal-oauth-tokens-from-redirect-uri – neaumusic Oct 26 '20 at 23:50

score 2 · Answer 4 · answered Nov 26 '21 at 00:39

I was having this problem using react-google-login in a create-react-app, and I found that I was accessing the page with http://[::1]:3000/sign_in instead of localhost.

I think google does not like 127.0.0.1 or ::1 since we expose the IP directly or something

When I change to localhost:3000 and it worked.

Ahtisham · Answer 5 · 2020-10-31T10:48:39.850

0

This worked in my case with python 3:

open python terminal and write the following code:

from http.server import SimpleHTTPRequestHandler as handler
import socketserver as socket
httpd = socket.TCPServer(("",8000),handler)
httpd.serve_forever()

edited Oct 31 '20 at 10:48

answered Oct 31 '20 at 09:26

Ahtisham

9,170
4
43
57

gapi.auth2.ExternallyVisibleError: Invalid cookiePolicy

5 Answers5

Linked