May 2006 | Main | July 2006

June 5, 2006

Creating Sandboxed HTTP Connections

In my Gmail notifier, I use JavaScript/XPCOM to create HTTP connections to mimic a user logging into Gmail (which has no API, unlike the new Yahoo Mail Beta). One of the biggests problems is that creating those HTTP connections affects the user's cookies. For example, if the user asks Gmail to keep him logged in for two weeks, Gmail stores a cookie. When the notifier then accessed Gmail, the returning cookies ended up being set to expire after the session is done, which would mean that when the browser is closed, the user's cookies were removed, even if the user asked to keep them around. Some work was involved figuring out the correct ways to get the notifier to not mess up the cookies that way, and even then it wasn't perfect.

When users started begging for multiple account support, this becomes a big job if one has to muck with user cookies. So I thought that there has to be a way to intercept cookies and create "Sandboxed" http connections. And indeed there was, but a bug caused one of the notifications to be sent too late (after the response cookies were already processed).

So being a good citizen, I filed a bug, and now in Gecko 1.8.1 (Firefox 2), you can finally do true sandboxed connections where one can intercept and store/load ones own cookies without messing with the user's cookies. And being an even better citizen, I wrote up a basic article on how to do this on the MDC.

Posted by doron at 10:23 AM | Comments (4)