Bug 175850

Summary: [SOUP] Update cookie jar implementation to filter out secure cookies
Product: WebKit Reporter: Michael Catanzaro <mcatanzaro>
Component: PlatformAssignee: Michael Catanzaro <mcatanzaro>
Status: RESOLVED FIXED    
Severity: Normal CC: berto, bfulgham, bugs-noreply, buildbot, cgarcia, danw, gustavo, mcatanzaro, webkit-bug-importer
Priority: P2 Keywords: InRadar
Version: Other   
Hardware: PC   
OS: Linux   
Bug Depends on: 175846    
Bug Blocks: 175932    
Attachments:
Description Flags
Patch bfulgham: review+

Michael Catanzaro
Reported 2017-08-22 13:48:58 PDT
Filter secure cookies in cookiesForDOM in CookieJarSoup.cpp. See bug #157053 and bug #175846.
Attachments
Patch (5.50 KB, patch)
2017-08-25 20:22 PDT, Michael Catanzaro 		bfulgham: review+
DetailsFormatted DiffDiff
View All Add attachment proposed patch, testcase, etc.
Michael Catanzaro
Comment 1 2017-08-25 20:22:42 PDT
Created attachment 319130 [details] Patch
Michael Catanzaro
Comment 2 2017-08-25 20:51:40 PDT
Comment on attachment 319130 [details] Patch View in context: https://bugs.webkit.org/attachment.cgi?id=319130&action=review > Source/WebCore/platform/network/soup/CookieJarSoup.cpp:92 > + while (item) { I guess I should probably only enter this loop if url.protocolIs("https"), since it doesn't do anything otherwise. (libsoup should not return secure cookies except in that case.)
Brent Fulgham
Comment 3 2017-08-26 09:29:23 PDT
Comment on attachment 319130 [details] Patch View in context: https://bugs.webkit.org/attachment.cgi?id=319130&action=review >> Source/WebCore/platform/network/soup/CookieJarSoup.cpp:92 >> + while (item) { > > I guess I should probably only enter this loop if url.protocolIs("https"), since it doesn't do anything otherwise. (libsoup should not return secure cookies except in that case.) Makes sense. > LayoutTests/platform/gtk/TestExpectations:-3375 > - Yay!
Michael Catanzaro
Comment 4 2017-08-26 09:50:03 PDT
Committed r221226: <http://trac.webkit.org/changeset/221226>
Radar WebKit Bug Importer
Comment 5 2017-08-26 09:50:34 PDT
<rdar://problem/34097762>
Note You need to log in before you can comment on or make changes to this bug.