ChromeXt icon indicating copy to clipboard operation
ChromeXt copied to clipboard
verified publisher icon JingMatrix

Design principles of `GM_cookie` API

Open JingMatrix opened this issue 2 years ago • 0 comments

Here is the current design of the GM_cookie API

  1. If GM_cookie is granted, then by default, cookies stored by the browser application are added for same origin GM_xmlhttpRequest requests.
  2. If the cookie property of details is found in the request GM_xmlhttpRequest(details), then it will be turned into an array of Set-Cookie headers to be passed to HttpCookie.parse. ChromeXt will then call CookieStore.add, and finally send the resulted cookies.
  3. If the anonymous property of details is set to true, then for current request no cookies will be sent by ChromeXt, and response cookies are ignored.
  4. With GM_cookie granted, the UserScript can and only can change the cookie store in the browser of current origin. No third party cookies can be saved into the browser by a UserScript. This design is due to the privacy protection of users.
  5. Cookies during GM_xmlhttpRequest are managed internally in each session of browser. They will be reset when the browser is restarted.

JingMatrix avatar Sep 20 '23 13:09 JingMatrix