DEV Community

Cover image for Hacking Cookies and PWA on Ubuntu

Hacking Cookies and PWA on Ubuntu

Stolen from this stackoverflow

The below techniques are intended only for you to use on yourself on your own browsers with your own accounts.

So I think a lot of developers get called lazy, or at least the good ones. In reality it's our inability to be inefficient; seriously I take a moral stand against it and will find any solution to automate or make tasks: easier, more efficient, less error prone, or automated.

So my latest personal challenge/quirk was finding the best PWA system for Ubuntu/Pop-os circa 2024.

I've talked a little about this before here a few years ago it was introduced by Chrome(ish) browsers the ability to pin PWA's but also any webpage as a Desktop like app. They called it "Create Shortcut" and you could select open as a window, the site didn't have to be configured as a PWA to make use of this feature.

They've moved it from "More Tools" to "Save and Share"
Image description

This works in Windows, MacOS, Linux; and browsers like Chrome, Chromium, Brave, and Edge. It's not too shabby.

I explored Ubuntu flavoured options to see the best though and found the tightest integration was with "Gnome Web" or Epiphany Browser

Image description A shot of how install any page as any app

Why do I think it's the best option, well look at all these options not available with the Chrome based solution

Image description

Image description

Image description

Adding custom JS or CSS to your Web App is like 🤯 powerful.

Ok so the one quirk I found was say I was logged into gmail.com and I added it as a webapp with Gnome Web, it lost the sign in it is also sandboxed doesn't have saved passwords or sessions. I need to completely login and do 2FA, open my phone accept the login use my thumb blah blah for every google app I install. No way josé.

So finally the hacky creative lazy solution, as linked above.

  • Open devtools on your signedin instance ctrl shift i
  • refresh on the network tab and click the main doc.
  • click headers
  • copy the Cookie value
  • make sure to remove "Cookie:" if it was coppied
  • open devtools on your webapp or website to login to
  • on console run 'copiedvalue'.split(';').forEach(c => document.cookie=c); where copiedvalue is the unquoted string from the previous step

Image description

You are now logged in, enjoy!

Top comments (1)

Collapse
 
jswhisperer profile image
Greg, The JavaScript Whisperer

Unfortunately haven't found a way to automate copying the Cookie: headers, document.cookie only grabs insecure ones. If I was to expend any effort I'd spin up a server to do it I guess. 🤷‍♂️