Chrome cookie deprecations (fix/workaround)
Hi All,
I wanted to share my fix/workaround for the "Chrome cookie deprecation".
Put the following code above the closing body tag in the $XYMONHOME/web/stdnormal_footer template file.
<script type="text/javascript"> var metas = document.getElementsByTagName('meta');
for (var i=0; i<metas.length; i++) {
var type = metas[i].getAttribute("HTTP-EQUIV");
if (type == "Set-Cookie") {
var prop = metas[i].getAttribute("CONTENT");
document.cookie = prop;
}
}</script>
Chrome has disabled, as a security measure, the ability to set cookies using HTML tags. Xymon (as of v4.3.27) relies on HTML cookies to allow a user to go from a particular page of monitored hosts to either the "Acknowledge alert" or "Enable/Disable" pages and, based on the origin, filter the hosts/alerts for that page. I've noticed it, as have a few others in the Xymon community. This should get us by until a permanent fix can be implemented in a release version.
Erik D. Schminke | Associate Systems Programmer Hormel Foods Corporation | One Hormel Place | Austin, MN 55912 Phone: (507) 434-6817 edschminke at hormel.com | www.hormelfoods.com
This works well, Erik. Thank you! I offer the following, which I think makes it even better.
Rather than stuffing this directly into the stdnormal_footer template file, go to xymonserver.cfg and adjust the value of XYMONBODYFOOTER.
XYMONBODYFOOTER="<script type="text/javascript"> var metas = document.getElementsByTagName('meta'); for (var i=0; i<metas.length; i++) { var type = metas[i].getAttribute("HTTP-EQUIV"); if (type == "Set-Cookie") { var prop = metas[i].getAttribute("CONTENT"); document.cookie = prop; } } </script>" # HTML inserted at the bottom of all webpages.
I already had special stuff in my footer, so I appended (inside the double quotes) the new text to what was already there.
-- Do things because you should, not just because you can.
John Thurston 907-465-8591 John.Thurston at alaska.gov Department of Administration State of Alaska
Being in double quotes. You need to back-slash the double quotes in the line don't you?
-----Original Message----- From: Xymon <xymon-bounces at xymon.com> On Behalf Of John Thurston Sent: Tuesday, June 19, 2018 2:56 PM To: xymon at xymon.com Subject: Re: [Xymon] Chrome cookie deprecations (fix/workaround)
This works well, Erik. Thank you! I offer the following, which I think makes it even better.
Rather than stuffing this directly into the stdnormal_footer template file, go to xymonserver.cfg and adjust the value of XYMONBODYFOOTER.
XYMONBODYFOOTER="<script type="text/javascript"> var metas = document.getElementsByTagName('meta'); for (var i=0; i<metas.length; i++) { var type = metas[i].getAttribute("HTTP-EQUIV"); if (type == "Set-Cookie") { var prop = metas[i].getAttribute("CONTENT"); document.cookie = prop; } } </script>" # HTML inserted at the bottom of all webpages.
I already had special stuff in my footer, so I appended (inside the double quotes) the new text to what was already there.
-- Do things because you should, not just because you can.
John Thurston 907-465-8591 John.Thurston at alaska.gov Department of Administration State of Alaska
Xymon mailing list Xymon at xymon.com http://lists.xymon.com/mailman/listinfo/xymon This communication is the property of CenturyLink and may contain confidential or privileged information. Unauthorized use of this communication is strictly prohibited and may be unlawful. If you have received this communication in error, please immediately notify the sender by reply e-mail and destroy all copies of the communication and any attachments.
I hadn't even thought of that....but...
On one server I have backslashes, and other I do not. Both seem to arrive in my browser correctly structured with quotes. I have no idea how that happened or why it behaves this way.
Despite my experimental results, escaping those quotes seems prudent.
-- Do things because you should, not just because you can.
John Thurston 907-465-8591 John.Thurston at alaska.gov Department of Administration State of Alaska
On 6/19/2018 12:46 PM, Root, Paul T wrote:
Being in double quotes. You need to back-slash the double quotes in the line don't you?
Or just change the embedded double quotes to single quotes...not backslashes that way. I'm not aware of anything that would break.
=G=
On Tue, Jun 19, 2018 at 4:58 PM John Thurston <john.thurston at alaska.gov> wrote:
I hadn't even thought of that....but...
On one server I have backslashes, and other I do not. Both seem to arrive in my browser correctly structured with quotes. I have no idea how that happened or why it behaves this way.
Despite my experimental results, escaping those quotes seems prudent.
-- Do things because you should, not just because you can.
John Thurston 907-465-8591 John.Thurston at alaska.gov Department of Administration State of Alaska
On 6/19/2018 12:46 PM, Root, Paul T wrote:
Being in double quotes. You need to back-slash the double quotes in the line don't you?
Xymon mailing list Xymon at xymon.com http://lists.xymon.com/mailman/listinfo/xymon
participants (4)
-
EDSchminke@Hormel.com
-
john.thurston@alaska.gov
-
Paul.Root@CenturyLink.com
-
solitaryr@gmail.com