Thread: Cross-site cookies warnings

Cross-site cookies warnings

From

Fabio

Date:

15 July 2020, 12:34:52

I'm using python 3.7.4, django 3.0.6, javascript, Postgres 12.3.1 pgadmin 4.21 windows7. When my page loads on the console there are these warnings:

Cookie “PGADMIN_KEY” will be soon treated as cross-site cookie against “http://127.0.0.1:8000/lists/list-name/” because the scheme does not match. list-name
Cookie “PGADMIN_LANGUAGE” will be soon treated as cross-site cookie against “http://127.0.0.1:8000/lists/list-name/” because the scheme does not match. list-name
Cookie “PGADMIN_KEY” will be soon treated as cross-site cookie against “http://127.0.0.1:8000/lists/list-name/” because the scheme does not match. list-name
Cookie “PGADMIN_LANGUAGE” will be soon treated as cross-site cookie against “http://127.0.0.1:8000/lists/list-name/” because the scheme does not match. list-name
Cookie “PGADMIN_KEY” will be soon treated as cross-site cookie against “http://127.0.0.1:8000/static/lists/js/lists.js” because the scheme does not match. lists.js
Cookie “PGADMIN_LANGUAGE” will be soon treated as cross-site cookie against “http://127.0.0.1:8000/static/lists/js/lists.js” because the scheme does not match. lists.js
Cookie “PGADMIN_KEY” will be soon treated as cross-site cookie against “http://127.0.0.1:8000/jsi18n/” because the scheme does not match. jsi18n
Cookie “PGADMIN_LANGUAGE” will be soon treated as cross-site cookie against “http://127.0.0.1:8000/jsi18n/” because the scheme does not match. jsi18n
Cookie “PGADMIN_KEY” will be soon treated as cross-site cookie against “http://127.0.0.1:8000/static/js/common.js” because the scheme does not match. common.js
Cookie “PGADMIN_LANGUAGE” will be soon treated as cross-site cookie against “http://127.0.0.1:8000/static/js/common.js” because the scheme does not match. common.js
Cookie “PGADMIN_KEY” will be soon treated as cross-site cookie against “http://127.0.0.1:8000/static/icons/favicon.png” because the scheme does not match. favicon.png
Cookie “PGADMIN_LANGUAGE” will be soon treated as cross-site cookie against “http://127.0.0.1:8000/static/icons/favicon.png” because the scheme does not match. favicon.png

They should come from the new policy about cookies. The problem is 
PGADMIN_KEY and PGADMIN_LANGUAGE are cookies of PGAdmin and I don't use 
them explicitly (I mean evidently the database himself use them but 
in my code they don't appear). Is this a bug of pgadmin?


Then I upgraded to pgadmin 4.23 and now I have only these warnings:


Cookie “PGADMIN_KEY” will be soon treated as cross-site cookie against “http://127.0.0.1:8000/lists/list-name/” because the scheme does not match. 2 list-name

Cookie “PGADMIN_KEY” will be soon treated as cross-site cookie against “http://127.0.0.1:8000/jsi18n/” because the scheme does not match. jsi18n

Cookie “PGADMIN_KEY” will be soon treated as cross-site cookie against “http://127.0.0.1:8000/static/js/common.js” because the scheme does not match. common.js

Cookie “PGADMIN_KEY” will be soon treated as cross-site cookie against “http://127.0.0.1:8000/static/lists/js/lists.js” because the scheme does not match. lists.js

Cookie “PGADMIN_KEY” will be soon treated as cross-site cookie against “http://127.0.0.1:8000/static/icons/favicon.png” because the scheme does not match. favicon.png

Also I see a new cookie (PGADMIN_INT_KEY) but it doesn't give problems.
So there's some way to solve this problem or I just have to wait the new update?

thank you

Re: Cross-site cookies warnings

From

Adrian Klaver

Date:

15 July 2020, 17:27:48

On 7/15/20 2:34 AM, Fabio wrote:
> I'm using python 3.7.4, django 3.0.6, javascript, Postgres 12.3.1 
> pgadmin 4.21 windows7. When my page loads on the console there are these 
> warnings:
> 
> |Cookie“PGADMIN_KEY”will be soon treated ascross-site cookie against 
> “http://127.0.0.1:8000/lists/list-name/” because the scheme does not 
> match. list-nameCookie“PGADMIN_LANGUAGE”will be soon treated 
> ascross-site cookie against “http://127.0.0.1:8000/lists/list-name/” 
> because the scheme does not match. list-nameCookie“PGADMIN_KEY”will be 
> soon treated ascross-site cookie against 
> “http://127.0.0.1:8000/lists/list-name/” because the scheme does not 
> match. list-nameCookie“PGADMIN_LANGUAGE”will be soon treated 
> ascross-site cookie against “http://127.0.0.1:8000/lists/list-name/” 
> because the scheme does not match. list-nameCookie“PGADMIN_KEY”will be 
> soon treated ascross-site cookie against 
> “http://127.0.0.1:8000/static/lists/js/lists.js” because the scheme does 
> not match. lists.jsCookie“PGADMIN_LANGUAGE”will be soon treated 
> ascross-site cookie against 
> “http://127.0.0.1:8000/static/lists/js/lists.js” because the scheme does 
> not match. lists.jsCookie“PGADMIN_KEY”will be soon treated ascross-site 
> cookie against “http://127.0.0.1:8000/jsi18n/” because the scheme does 
> not match. jsi18nCookie“PGADMIN_LANGUAGE”will be soon treated 
> ascross-site cookie against “http://127.0.0.1:8000/jsi18n/” because the 
> scheme does not match. jsi18nCookie“PGADMIN_KEY”will be soon treated 
> ascross-site cookie against “http://127.0.0.1:8000/static/js/common.js” 
> because the scheme does not match. common.jsCookie“PGADMIN_LANGUAGE”will 
> be soon treated ascross-site cookie against 
> “http://127.0.0.1:8000/static/js/common.js” because the scheme does not 
> match. common.jsCookie“PGADMIN_KEY”will be soon treated ascross-site 
> cookie against “http://127.0.0.1:8000/static/icons/favicon.png” because 
> the scheme does not match. favicon.pngCookie“PGADMIN_LANGUAGE”will be 
> soon treated ascross-site cookie against 
> “http://127.0.0.1:8000/static/icons/favicon.png” because the scheme does 
> not match. favicon.png |They should come from thenew policy about cookies
<https://blog.chromium.org/2019/10/developers-get-ready-for-new.html>.The problem is|PGADMIN_KEY|
and|PGADMIN_LANGUAGE| are cookies of PGAdmin and I don't use
 
> them explicitly (I mean evidently the database himself use them but
> in my code they don't appear). Is this a bug of pgadmin?

As I said in my SO comment pgAdmin != Postgres and the database is not 
setting these. These are cookies set when you use pgAdmin. If you want 
this dealt with file an issue here: 
https://redmine.postgresql.org/projects/pgadmin4/issues.

> 
> 
> Then I upgraded to pgadmin 4.23 and now I have only these warnings:
> 
> 
> Cookie “PGADMIN_KEY” will be soon treated as cross-site cookie against 
> “http://127.0.0.1:8000/lists/list-name/” because the scheme does not 
> match. 2 list-name <http://127.0.0.1:8000/lists/list-name/>
> 
> Cookie “PGADMIN_KEY” will be soon treated as cross-site cookie against 
> “http://127.0.0.1:8000/jsi18n/” because the scheme does not match. 
> jsi18n <http://127.0.0.1:8000/jsi18n/>
> 
> Cookie “PGADMIN_KEY” will be soon treated as cross-site cookie against 
> “http://127.0.0.1:8000/static/js/common.js” because the scheme does not 
> match. common.js <http://127.0.0.1:8000/static/js/common.js>
> 
> Cookie “PGADMIN_KEY” will be soon treated as cross-site cookie against 
> “http://127.0.0.1:8000/static/lists/js/lists.js” because the scheme does 
> not match. lists.js <http://127.0.0.1:8000/static/lists/js/lists.js>
> 
> Cookie “PGADMIN_KEY” will be soon treated as cross-site cookie against 
> “http://127.0.0.1:8000/static/icons/favicon.png” because the scheme does 
> not match. favicon.png <http://127.0.0.1:8000/static/icons/favicon.png>
> 
> Also I see a new cookie (PGADMIN_INT_KEY) but it doesn't give problems.
> So there's some way to solve this problem or I just have to wait the new update?
> 
> thank you
> 
> ||
> 


-- 
Adrian Klaver
adrian.klaver@aklaver.com