This is also in Radar as <rdar://problem/4079527>
behavior is the creation of a cookie that is reusable later (and ideally reusable by Safari when it directly
hits the same domain). However, that does not happen. It appears that XMLHttpRequest is not handing
the set-cookie headers that come back from such an action.
Attached cookiebug.zip. It's a teardown of a 3rd-party Dashboard widget. To reproduce:
0) Turn off popup blocking.
1) Load CRSX.html. Username is dashboard, password 'tiger'
2) click "Log in normally" you'll be redirected to forums.clubrsx.com. Notice that the front page says
"Welcome, dashboard", acknowledging you've logged in.
3) Reload CRSX.html and click the "Clear all cookies" link to start over.
4) Log in again this time using the "Log in using XMLHttpRequest" link
The debug div will walk through the submission of the post. The login confirmation from the server will
appear as a popup and you'll see the debug div throw out the set-cookie headers that the
XMLHttpRequest received. It will also send a 2nd request to the forum FAQ page, which should have a
div saying "Welcome, dashboard" assuming the session was persisted. It does not. You can also
confirm that cookies.xml has none of the entries listed in the debug div.
You can also to go clubrsx.com in a new window after the XMLHttpRequest login and see that it does
not recognize that you've logged in.
Created attachment 2227
Comment on attachment 2227
Removed attachment as it contained login information.
Created attachment 12186 [details]
I cannot reproduce this problem with shipping Safari or TOT. Here is a test case, since we didn't have this behavior covered.
Test committed revision 18549.
I'm seeing this test failing locally in a debug build of r18568.
--- /Users/mrowe/Documents/Source/SVN/WebKit-Nightlies/LayoutTests/http/tests/xmlhttprequest/cookies-expected.txt 2007-01-04 10:51:32.000000000 +1100
+++ /tmp/layout-test-results/http/tests/xmlhttprequest/cookies-actual.txt 2007-01-04 12:57:04.000000000 +1100
@@ -1,4 +1,4 @@
Tests for bug 3420: XMLHttpRequest does not handle set-cookie headers.
+FAIL: the cookie was not set
Could you please tell more about the failure?
1. Is this on Tiger or Leopard?
2. Does this test fail with shipping Safari?
3. Does it fail with a nightly build (without DRT)?
I'm on Tiger. I've narrowed the problem down somewhat -- the test fails when the URL is <http://127.0.0.1:8000/xmlhttprequest/cookies.html>, but passes when it is <http://localhost:8000/xmlhttprequest/cookies.html>. The same behaviour occurs in DRT, Safari with WebKit 418.9.1, and Safari with ToT WebKit.
Created attachment 12241 [details]
fix the test
The test failed if there were other cookies already present for 127.0.0.1. I accounted for that in .html, but not in .cgi; fixed.
Comment on attachment 12241 [details]
fix the test
Committed revision 18620.