Javascript Extensions for IE | Main | If you need full W3C Webservices Support in Mozilla

June 5, 2006

Creating Sandboxed HTTP Connections

In my Gmail notifier, I use JavaScript/XPCOM to create HTTP connections to mimic a user logging into Gmail (which has no API, unlike the new Yahoo Mail Beta). One of the biggests problems is that creating those HTTP connections affects the user's cookies. For example, if the user asks Gmail to keep him logged in for two weeks, Gmail stores a cookie. When the notifier then accessed Gmail, the returning cookies ended up being set to expire after the session is done, which would mean that when the browser is closed, the user's cookies were removed, even if the user asked to keep them around. Some work was involved figuring out the correct ways to get the notifier to not mess up the cookies that way, and even then it wasn't perfect.

When users started begging for multiple account support, this becomes a big job if one has to muck with user cookies. So I thought that there has to be a way to intercept cookies and create "Sandboxed" http connections. And indeed there was, but a bug caused one of the notifications to be sent too late (after the response cookies were already processed).

So being a good citizen, I filed a bug, and now in Gecko 1.8.1 (Firefox 2), you can finally do true sandboxed connections where one can intercept and store/load ones own cookies without messing with the user's cookies. And being an even better citizen, I wrote up a basic article on how to do this on the MDC.

Posted by doron at June 5, 2006 10:23 AM


Regarding Gmail's lack of an API: does the Atom feed that it exports not fulfill that need (as far notifiers are concerned)? I believe it's what the (official) Mac Gmail notifier uses.

Posted by: Mihai Parparita at June 5, 2006 2:20 PM

The atom feed doesn't give me a list of labels (at least I can't figure out how), which is the missing part.

Posted by: doron [TypeKey Profile Page] at June 6, 2006 5:14 AM

Awesome tutorial! I'll make good use of the functionality it describes some day in the near future, I reckon.

Posted by: Myk Melez at June 6, 2006 3:34 PM

[quote]When users started begging for multiple account support, this becomes a big job if one has to muck with user cookies.[/quote]

I was one of the users who begged for multiple account support :p
But your new update (Gmail Notifier makes it one accoutn only.

When i meant multiple account support, I didnt mean that u could check 3 accounts at the same time. I just meant that the notifier could check multiple accounts status so that i can see that my 3 mail accounts have how many unread messages.
After that i can sign into each account individually and read them up.

The main attraction earlier was the same.. That i could see my multiple accounts mail status and could then sign into my mail account individually.

Hopefully the next update will bring that feature back for us ppl who cant program ourself :(

Posted by: Anonymous at July 17, 2006 10:53 AM