[chromium-bugs] Issue 14734 in chromium: twitter relogin doesn't work on Linux&Mac

Fri, 26 Jun 2009 17:26:47 -0700 

Updates:
        Summary: twitter relogin doesn't work on Linux&Mac
        Status: Started
        Labels: -Area-Misc Area-BrowserBackend OS-Mac

Comment #6 on issue 14734 by willc...@chromium.org: twitter relogin doesn't  
work on Linux&Mac
http://code.google.com/p/chromium/issues/detail?id=14734

Hm, I don't know if it's for all cookies or just the code path in this  
case, but cookies on Linux (and probably Mac too)
aren't getting expired.  I confirmed that this bug repros on my dev channel  
mac chrome release.

So, when one signs out of twitter, the browser gets headers like so:
Set-Cookie: _twitter_sess=; path=/; expires=Thu, 01 Jan 1970 00:00:00 GMT
...
Set-Cookie:
_twitter_sess=BAh7DDoJdXNlcjA6DnJldHVybl90bzA6DGNzcmZfaWQiJTM5Mzk0MTI0ZjJl%250AZTA0ZWJmZDc2YTBhMWY0MzhkODdiOhNwYXNzd29yZF
90b2tlbjAiCmZsYXNo%250ASUM6J0FjdGlvbkNvbnRyb2xsZXI6OkZsYXNoOjpGbGFzaEhhc2h7AAY6CkB1%250Ac2VkewA6B2lkIiUwNTAwMGMzMjVhMTY5M
zRjMjI1ZmQ4NDk1NjAzMmI1ZDoN%250AYWRtaW5faWQw--c48da353cc7d28f0bc57f9825b7f98fdb788e796;
  
domain=.twitter.com;  
path=/

The first is on twitter.com and has an expires set to the year 1970 to  
delete the cookie.  The second is on .twitter.com
and does not have expires set.  Our posix time code contains a bug that  
causes the twitter.com _twitter_sess cookie _not_
to get deleted.  When one tries to sign in again within the same browser  
session, the _twitter_sess cookie for both
twitter.com and .twitter.com get sent to twitter.com, which chokes on this  
(most likely it just reads the first one with
the empty value) and returns a 403 Forbidden.

CookieMonster::ParseCookieTime() parses the expiry time correctly, but then  
passes the Time::Exploded object to
Time::FromUTCExploded() which returns Time(0).  Apparently this is because  
time_posix.cc:68 has this line:

seconds = timegm(&timestruct)

which sets seconds to 0.  I'm not sure why timegm() is doing that, but that  
seems broken, and is causing the
CookieMonster code to think there is no expiry time, so cookies don't  
expire which is unfortunate.

--
You received this message because you are listed in the owner
or CC fields of this issue, or because you starred this issue.
You may adjust your issue notification preferences at:
http://code.google.com/hosting/settings

--~--~---------~--~----~------------~-------~--~----~
Automated mail from issue updates at http://crbug.com/
Subscription options: http://groups.google.com/group/chromium-bugs
-~----------~----~----~----~------~----~------~--~---

Reply via email to