Summary: | [SOUP] Update cookie jar implementation to filter out secure cookies | ||||||
---|---|---|---|---|---|---|---|
Product: | WebKit | Reporter: | Michael Catanzaro <mcatanzaro> | ||||
Component: | Platform | Assignee: | Michael Catanzaro <mcatanzaro> | ||||
Status: | RESOLVED FIXED | ||||||
Severity: | Normal | CC: | berto, bfulgham, bugs-noreply, buildbot, cgarcia, danw, gustavo, mcatanzaro, webkit-bug-importer | ||||
Priority: | P2 | Keywords: | InRadar | ||||
Version: | Other | ||||||
Hardware: | PC | ||||||
OS: | Linux | ||||||
Bug Depends on: | 175846 | ||||||
Bug Blocks: | 175932 | ||||||
Attachments: |
|
Description
Michael Catanzaro
2017-08-22 13:48:58 PDT
Created attachment 319130 [details]
Patch
Comment on attachment 319130 [details] Patch View in context: https://bugs.webkit.org/attachment.cgi?id=319130&action=review > Source/WebCore/platform/network/soup/CookieJarSoup.cpp:92 > + while (item) { I guess I should probably only enter this loop if url.protocolIs("https"), since it doesn't do anything otherwise. (libsoup should not return secure cookies except in that case.) Comment on attachment 319130 [details] Patch View in context: https://bugs.webkit.org/attachment.cgi?id=319130&action=review >> Source/WebCore/platform/network/soup/CookieJarSoup.cpp:92 >> + while (item) { > > I guess I should probably only enter this loop if url.protocolIs("https"), since it doesn't do anything otherwise. (libsoup should not return secure cookies except in that case.) Makes sense. > LayoutTests/platform/gtk/TestExpectations:-3375 > - Yay! Committed r221226: <http://trac.webkit.org/changeset/221226> |