Previous implementation was dealing with IP addresses like a regular domain. This led to possible cross domain attacks. This patch fixes this problem.
Created attachment 161320 [details] Patch
Comment on attachment 161320 [details] Patch View in context: https://bugs.webkit.org/attachment.cgi?id=161320&action=review Looks good, still cleanup to do. > Source/WebCore/platform/blackberry/CookieManager.h:117 > + CookieMap* findOrCreateCookieMap(CookieMap* protocolMap, const String& domain, bool isDomainIPAddress, bool findOnly); This would be better to just use candidateCookie. And I think passing by const & is preferred then to *. > Source/WebCore/platform/blackberry/ParsedCookie.h:66 > + void setDomain(const String& domain, bool domainIsIPAddress = false) { m_domain = domain.lower(); m_domainIsIPAddress= domainIsIPAddress; } Please add a space character before =.
Created attachment 161476 [details] Patch
Comment on attachment 161476 [details] Patch Looks good.
Comment on attachment 161476 [details] Patch Clearing flags on attachment: 161476 Committed r127150: <http://trac.webkit.org/changeset/127150>
All reviewed patches have been landed. Closing bug.