Logo Questions Linux Laravel Mysql Ubuntu Git Menu
HTML CSS JAVASCRIPT SQL PYTHON PHP BOOTSTRAP JAVA JQUERY R React Kotlin
 

XMLHttpRequest without cookies

Tags:

javascript

cookies

greasemonkey

How can I send a request from javascript which would not use cookies? I want to do it from greasemonkey, so I don't care about same origin and can use both original xmlhttprequest or greamonkey's GM_xmlhttpRequest.

I need to fetch a page from the same website, but unauthentificated. Browser (Firefox) always sends all the cookies which FF have for that domain.

Background: I am working on a GM script which displays full size version of profile images. However the only way to know its URL, I must fetch the profile page for that user. This must be done unauthentificated, otherwise those users would be notified of me looking at their profile. Right now for development I use php on my server to fetch the profile page, but this is not scalable with the distribution of GM script for other users.

like image 386
Marki555 Avatar asked Apr 24 '15 13:04

Marki555

People also ask

Can XMLHttpRequest set cookie?

Note: XMLHttpRequest responses from a different domain cannot set cookie values for their own domain unless withCredentials is set to true before making the request, regardless of Access-Control- header values.

How do I bypass cookies on a server?

To send cookies to the server, you need to add the "Cookie: name=value" header to your request. To send multiple Cookies in one cookie header, you can separate them with semicolons. In this Send Cookies example, we are sending HTTP cookies to the ReqBin echo URL.

What does XHR mean?

XMLHttpRequest (XHR) is a JavaScript API to create AJAX requests. Its methods provide the ability to send network requests between the browser and a server.

1 Answers

You can set the mozAnon or anonymous flag on the request options to suppress sending/storing cookies.

Unfortunately these flags aren't documented in the wiki yet, but they seem to be available since Version 3.8beta3 (April 18, 2016).

GM_xmlhttpRequest({
   method: 'GET',
   url: url,
   anonymous: true, // remove original cookies
   headers: {
      cookie: 'whatever' // add custom cookies if necessary
   },
   onload: function(res) {
      // optionally parse the reponse cookies which are otherwise lost
      const cookieRegex = /^Set-Cookie: (.*)$/gm;
      const cookies = [];
      while (cookieRegex.exec(res.responseHeaders)) {
         cookies.push(RegExp.$1);
      }
      console.log(cookies);
   }
});
like image 158
Robert Avatar answered Sep 25 '22 18:09

Robert
Sign in to Comment

Related questions

How to manually update AngularJS view using ControllerAs syntax?
Chrome not detecting image sizes
How do i load my local json file just using JavaScript
Is the Access-Control-Allow-Origin CORS header required when doing a preflight request?
How to hide a highcharts pie slice programatically
How to use webpack for development without webpack dev server?
Highcharts labels cut off
NodeJS http module: what is requestListener?
TypeError: $(...).selectize is not a function
Sending an Error Object from a spawned child-process over an IPC-channel
Excessive Latency on CORS AJAX Request to Local WSGI Server in Chrome
RxJS: How can I event.preventDefault() a drop event?
Detect mouse+keyboard events in Angular for ng-repeat
Jquery datatables default filter multiple column
Event Source -> Server returns event stream in bulk rather then returning in chunk
How to use "ng-if" within the Html <a> tag?
Pure JavaScript fade in and out - fade in not working
Owl Carousel - width is calculated wrong
How do I save a jsreport render to file with nodeJs?
video.js - find the start time of a seek during playback

Donate For Us

If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!