Adblocker seems to be blocking middleware from setting cookies
Answered
Barn Swallow posted this in #help-forum
Barn SwallowOP
I've got some code that checks to see if there are some specific URL parameters, and if so, set a couple of cookies that can be used across subdomains. Looks a bit like this in the middleware:
On localhost, works fine. In incognito, works great. But on production with uBlock origin installed, these are not set. I've also tested and confirmed this with no array, just pure cookie set, it still is prevented in the window with an adblocker.
I'm absolutely perplexed at this problem, since it's clear the cookies are being set correctly in non-adblocked contexts. Am I missing something?
const utmsToCheck = ["example_id", "example_key"]
utmsToCheck.forEach((utm) => {
const utmValue = urlPath.searchParams.get(utm)
if (utmValue) {
res.cookies.set(utm, utmValue, {
httpOnly: true,
secure: true,
path: "/",
domain: isProduction() ? ".mydomain.com" : "",
maxAge: 60 * 60 * 24 * 90,
})
}
})On localhost, works fine. In incognito, works great. But on production with uBlock origin installed, these are not set. I've also tested and confirmed this with no array, just pure cookie set, it still is prevented in the window with an adblocker.
I'm absolutely perplexed at this problem, since it's clear the cookies are being set correctly in non-adblocked contexts. Am I missing something?
Answered by Barn Swallow
Looks like it had to do with attempting to set cross-domain cookies, so that a cookie set at the main domain would also be accessible at
app.mydomain.com. Google strikes again 🤦♂️2 Replies
@Barn Swallow I've got some code that checks to see if there are some specific URL parameters, and if so, set a couple of cookies that can be used across subdomains. Looks a bit like this in the middleware:
const utmsToCheck = ["example_id", "example_key"]
utmsToCheck.forEach((utm) => {
const utmValue = urlPath.searchParams.get(utm)
if (utmValue) {
res.cookies.set(utm, utmValue, {
httpOnly: true,
secure: true,
path: "/",
domain: isProduction() ? ".mydomain.com" : "",
maxAge: 60 * 60 * 24 * 90,
})
}
})
On localhost, works fine. In incognito, works great. But on production with uBlock origin installed, these are not set. I've also tested and confirmed this with no array, just pure cookie set, it still is prevented in the window with an adblocker.
I'm absolutely perplexed at this problem, since it's clear the cookies _are_ being set correctly in non-adblocked contexts. Am I missing something?
what next version are you using? I have uBlock origin installed and I don't see issue with setting cookies
Barn SwallowOP
Looks like it had to do with attempting to set cross-domain cookies, so that a cookie set at the main domain would also be accessible at
app.mydomain.com. Google strikes again 🤦♂️Answer