diff options
| author | Timothy Flynn <trflynn89@pm.me> | 2021-04-13 17:30:41 -0400 |
|---|---|---|
| committer | Andreas Kling <kling@serenityos.org> | 2021-04-14 16:07:46 +0200 |
| commit | c00760c5f9ca72b89b39feb7042978da2f15eef3 (patch) | |
| tree | fcec9f5b592b3472593c4f136c90e2f5595eac67 /Userland/Services/WebContent | |
| parent | 7193e518d1190e54ba3a94cc42c4905a7be786a1 (diff) | |
| download | serenity-c00760c5f9ca72b89b39feb7042978da2f15eef3.zip | |
Browser+LibWeb+WebContent: Track the source of document.cookie requests
To implement the HttpOnly attribute, the CookieJar needs to know where a
request originated from. Namely, it needs to distinguish between HTTP /
non-HTTP (i.e. JavaScript) requests. When the HttpOnly attribute is set,
requests from JavaScript are to be blocked.
Diffstat (limited to 'Userland/Services/WebContent')
| -rw-r--r-- | Userland/Services/WebContent/PageHost.cpp | 8 | ||||
| -rw-r--r-- | Userland/Services/WebContent/PageHost.h | 4 | ||||
| -rw-r--r-- | Userland/Services/WebContent/WebContentClient.ipc | 4 |
3 files changed, 8 insertions, 8 deletions
diff --git a/Userland/Services/WebContent/PageHost.cpp b/Userland/Services/WebContent/PageHost.cpp index c470295a13..f7ae26e18f 100644 --- a/Userland/Services/WebContent/PageHost.cpp +++ b/Userland/Services/WebContent/PageHost.cpp @@ -208,14 +208,14 @@ void PageHost::page_did_request_image_context_menu(const Gfx::IntPoint& content_ m_client.post_message(Messages::WebContentClient::DidRequestImageContextMenu(content_position, url, target, modifiers, bitmap->to_shareable_bitmap())); } -String PageHost::page_did_request_cookie(const URL& url) +String PageHost::page_did_request_cookie(const URL& url, Web::Cookie::Source source) { - return m_client.send_sync<Messages::WebContentClient::DidRequestCookie>(url)->cookie(); + return m_client.send_sync<Messages::WebContentClient::DidRequestCookie>(url, static_cast<u8>(source))->cookie(); } -void PageHost::page_did_set_cookie(const URL& url, const String& cookie) +void PageHost::page_did_set_cookie(const URL& url, const String& cookie, Web::Cookie::Source source) { - m_client.post_message(Messages::WebContentClient::DidSetCookie(url, cookie)); + m_client.post_message(Messages::WebContentClient::DidSetCookie(url, cookie, static_cast<u8>(source))); } } diff --git a/Userland/Services/WebContent/PageHost.h b/Userland/Services/WebContent/PageHost.h index aaa41b61be..6872a51a13 100644 --- a/Userland/Services/WebContent/PageHost.h +++ b/Userland/Services/WebContent/PageHost.h @@ -79,8 +79,8 @@ private: virtual String page_did_request_prompt(const String&, const String&) override; virtual void page_did_change_favicon(const Gfx::Bitmap&) override; virtual void page_did_request_image_context_menu(const Gfx::IntPoint&, const URL&, const String& target, unsigned modifiers, const Gfx::Bitmap*) override; - virtual String page_did_request_cookie(const URL&) override; - virtual void page_did_set_cookie(const URL&, const String&) override; + virtual String page_did_request_cookie(const URL&, Web::Cookie::Source) override; + virtual void page_did_set_cookie(const URL&, const String&, Web::Cookie::Source) override; explicit PageHost(ClientConnection&); diff --git a/Userland/Services/WebContent/WebContentClient.ipc b/Userland/Services/WebContent/WebContentClient.ipc index c9b7bfc6cf..a93fd8ed7c 100644 --- a/Userland/Services/WebContent/WebContentClient.ipc +++ b/Userland/Services/WebContent/WebContentClient.ipc @@ -25,6 +25,6 @@ endpoint WebContentClient = 90 DidGetSource(URL url, String source) =| DidJSConsoleOutput(String method, String line) =| DidChangeFavicon(Gfx::ShareableBitmap favicon) =| - DidRequestCookie(URL url) => (String cookie) - DidSetCookie(URL url, String cookie) =| + DidRequestCookie(URL url, u8 source) => (String cookie) + DidSetCookie(URL url, String cookie, u8 source) =| } |