Jump to content
  • 0

(Archived) Web clipper, Chrome: "authentication expired"


arriette

Idea

I installed the Evernote Web Clipper plugin for Chrome and it worked smoothly - for one week. After that I got the error message "authentication expired". I deactivated/deinstalled & reinstalled the plugin, but no change. Any ideas?

Link to comment

8 replies to this idea

Recommended Posts

Have you changed any of the security/privacy settings in your browser? In particular, have you changed the handling of "third party cookies" in your Chrome preferences?

If so, can you revert these back to the defaults?

Thanks

Link to comment

I am having the exact problem. I have set third party cookies to always block (and i have no intention to change it to anything else, as any intelligent user would). Does the clipper depend on this, if so i consider this a major security bug.

Link to comment

Yes, you must have "third party cookies" enabled.

You are viewing a web page on one site (e.g. nytimes.com) and you're asking another site (evernote.com) to clip content from that page. This is, by definition, a "third party" operation, since the main page you're viewing isn't evernote.com.

You're welcome to use the global "paste to Evernote" hotkey instead:

Select the part of the page you want to clip

Copy (Cmd+C)

Paste to Evernote (Ctrl+Cmd+V)

That goes through your local operating system, so doesn't require cookie changes.

Link to comment

Since "third party cookies" are supported in the default configuration of the major browsers, any actual security vulnerabilities would be causing problems for the 99% of people who don't tweak the advanced browser settings.

So these cookies themselves aren't opening a gaping security hole, although perhaps disabling may mitigate against the impact of some other security-related bug that may appear in the future.

Link to comment

"never permit 3rd party cookies" is a crude security policy that will block both undesirable and desirable behavior.

It would be similar to a personal policy of "never let anyone into my house that doesn't live there." That policy might prevent some bad things from happening to you, but it also means that you couldn't let the cable guy in, you couldn't have a housecleaner, you couldn't throw a dinner party, etc.

In 90% of cases, there's a trade-off between theoretical security and convenience. If you choose to change your computer environment away from the default security settings in order to block some potential theoretical risks, you may have to live with reduced functionality or increased inconvenience.

Link to comment

Archived

This topic is now archived and is closed to further replies.

×
×
  • Create New...