.png)
1 day ago
2
Issue
When Safari's "Block All Cookies" setting is enabled, the Application Insights SDK throws a SecurityError with message "The operation is insecure" when attempting to access localStorage or sessionStorage. This error blocks the execution of subsequent JavaScript code on the page.
Root Cause
Safari with "Block All Cookies" enabled prevents access to localStorage/sessionStorage by throwing a SecurityError when attempting to directly access these properties. The current implementation in _getVerifiedStorageObject() triggers this error before the try-catch block can handle it.
Solution
-
Added a new helper function _canSafelyAccessStorage() that:
- Uses Object.getOwnPropertyDescriptor() as a safer way to check for storage availability
- Falls back to a protected direct access attempt within its own try-catch block
- Returns false when storage cannot be safely accessed
-
Modified _getVerifiedStorageObject() to:
- First check if storage can be safely accessed before attempting any operations
- Use a multi-layered try-catch approach to handle different failure scenarios
- Properly document error conditions for better debugging
This change maintains compatibility with all browsers while ensuring Safari with "Block All Cookies" enabled gracefully degrades without throwing unhandled errors that block script execution.
Fixes #2494.
Warning
Firewall rules blocked me from connecting to one or more addressesI tried to connect to the following addresses, but was blocked by firewall rules:
- cdn.fwupd.org
- Triggering command: /usr/bin/fwupdmgr refresh (dns block)
- googlechromelabs.github.io
- Triggering command: node install.mjs (dns block)
- https://storage.googleapis.com/chrome-for-testing-public/136.0.7103.92/linux64/chrome-headless-shell-linux64.zip
- Triggering command: node install.mjs (http block)
- https://storage.googleapis.com/chrome-for-testing-public/136.0.7103.92/linux64/chrome-linux64.zip
- Triggering command: node install.mjs (http block)
If you need me to access, download, or install something from one of these locations, you can either:
- Configure Actions setup steps to set up my environment, which run before the firewall is enabled
- Add the appropriate URLs or hosts to my firewall allow list
💡 You can make Copilot smarter by setting up custom instructions, customizing its development environment and configuring Model Context Protocol (MCP) servers. Learn more Copilot coding agent tips in the docs.
![The Most Difficult Program to Compute: Ackermann's Function [video]](https://www.youtube.com/img/desktop/supported_browsers/opera.png)
