Summary: | Remove <meta http-equiv=set-cookie> support | ||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|
Product: | WebKit | Reporter: | Anne van Kesteren <annevk> | ||||||||||
Component: | DOM | Assignee: | Daniel Bates <dbates> | ||||||||||
Status: | RESOLVED FIXED | ||||||||||||
Severity: | Normal | CC: | ap, bfulgham, cdumez, dbates, ddkilzer, esprehn+autocc, ews-watchlist, gyuyoung.kim, kangil.han, mkwst, webkit-bug-importer | ||||||||||
Priority: | P2 | Keywords: | InRadar | ||||||||||
Version: | WebKit Nightly Build | ||||||||||||
Hardware: | Unspecified | ||||||||||||
OS: | Unspecified | ||||||||||||
See Also: | https://bugs.webkit.org/show_bug.cgi?id=41285 | ||||||||||||
Attachments: |
|
Description
Anne van Kesteren
2018-04-27 09:51:08 PDT
Created attachment 344226 [details]
Patch
Comment on attachment 344226 [details] Patch Attachment 344226 [details] did not pass win-ews (win): Output: https://webkit-queues.webkit.org/results/8433122 New failing tests: http/tests/security/canvas-remote-read-remote-video-localhost.html Created attachment 344265 [details]
Archive of layout-test-results from ews206 for win-future
The attached test failures were seen while running run-webkit-tests on the win-ews.
Bot: ews206 Port: win-future Platform: CYGWIN_NT-6.1-2.9.0-0.318-5-3-x86_64-64bit
(In reply to Build Bot from comment #3) > Comment on attachment 344226 [details] > Patch > > Attachment 344226 [details] did not pass win-ews (win): > Output: https://webkit-queues.webkit.org/results/8433122 > > New failing tests: > http/tests/security/canvas-remote-read-remote-video-localhost.html I am unclear how this test failures is related to the code removal in this patch. The results.html file in the attached results archive indicates that the test crashed, but no crash log is included :( Comment on attachment 344226 [details] Patch View in context: https://bugs.webkit.org/attachment.cgi?id=344226&action=review r=me. The Windows-specific test failure is not related to this change. > Source/WebCore/ChangeLog:10 > + the HTML living standard was ammended to define this pragma as no-op. Chrome and Edge have also amended > Source/WebCore/dom/Document.cpp:-3376 > - downcast<HTMLDocument>(*this).setCookie(content); Do you think it would be useful to developers if we generated a console message here, rather than just ignoring it? (In reply to Brent Fulgham from comment #6) > > Source/WebCore/ChangeLog:10 > > + the HTML living standard was ammended to define this pragma as no-op. Chrome and Edge have also > > amended > Will fix before landing. > > Source/WebCore/dom/Document.cpp:-3376 > > - downcast<HTMLDocument>(*this).setCookie(content); > > Do you think it would be useful to developers if we generated a console > message here, rather than just ignoring it? I will update the patch to emit the following Security error message to the console when an HTML page tries to use the Set-Cookie meta tag: The Set-Cookie meta tag is obsolete and was ignored. Use the HTTP header Set-Cookie or document.cookie instead. Created attachment 357575 [details]
To Land
Created attachment 357576 [details]
To Land
Committed r239342: <https://trac.webkit.org/changeset/239342> |