I'm sure there are other solutions that we can think of, so I wanted to start this issue to figure out how we can finally bridge this gap between Connectors and Firefox Plug-in. I see that this would be possible in Chrome via okie API and in Firefox via nsICookieManager2, but I didn't find anything of the sort for Safari and I'm fairly certain this would be impossible for the bookmarklet. split up cookies for each level of the domain). Connectors could pass cookies to Zotero Standalone in a more granular fashion (i.e.This would allow Standalone to only request files that are listed as item attachments, so I think from a security standpoint, this would not be very bad. Zotero Standalone (or perhaps the connector) would provide an identifier to map requested attachments to items being saved. The connector would then send these files in a subsequent HTTP request.
I was thinking that we could solve this by having Zotero Standalone (or zotero translation server) determine which attachments (snapshots and/or PDFs) need to be fetched and then return a status code indicating that the connector should additionally supply attachments (with the list of attachments in the response). One thing that I was concerned with was how do we establish such communication without having the connector act as a server (listen on a set port)? I'm not sure if some of these are real concerns, but: I don't think you want the connector acting as a general proxy for a malicious program trying to communicate with the internet and I don't think listening on a particular port would be possible via bookmarklet.
The Connector would be able to handle all of the cookies natively. Instead of Zotero Standalone trying to fetch attachments directly, Zotero Standalone could use the Connector (and possibly the Bookmarklet) as a proxy to retrieve content. I don't think we want to be leaking any sensitive information.
While this would solve the problem at hand, I don't think it's a solution, since security is always a major concern. Zotero Standalone could relax the security and send cookies to different subdomains. The PDF fails to download, because Zotero does not attach a cookie. The actual entry for the article (after logging in or accessing through proxy) is located on the domain, but the PDF is stored on the domain. (Modernist Short Stories by Women by UTELL, JANINE) or any other EBSCOhost article with PDF Typically, if an attachment is at a different domain and a cookie is not attached, this is not a big deal, but when content is restricted and accessed via proxy (or by logging in on a website), this prevents the attachment from being downloaded. If the domain does not matched, no cookie is attached. It attaches the cookie that was passed down from the connector to any requests that have the same domain as the URL supplied by the connector. When Zotero Standalone receives the request to save the item, it attempts to fetch the attachments. Additionally, in this request Zotero includes the source URL and all the cookies for that domain (including cookies for higher level domains). In this request, Zotero sends all the info that it scrapped for the item, including urls for any attachments. When saving via connect, the connector sends an HTTP request to Standalone Zotero, which is acting as a server. Some more details from what I was able to figure out (and Simon and Dan certainly already know): This is a long-standing issue and a big reason preventing people from using Chrome or Safari connectors. When using Chrome/Safari connectors and saving certain items (typically while using a proxy), attachments are sometimes not downloaded.