summaryrefslogtreecommitdiff
path: root/Userland
diff options
context:
space:
mode:
authorTimothy Flynn <trflynn89@pm.me>2022-11-28 11:24:04 -0500
committerAndreas Kling <kling@serenityos.org>2022-12-08 17:14:48 +0100
commitbf060adcf973b3f1017f4ce4679816f4be589f9b (patch)
tree47304dc4575c44e81ba3fb22f21a5eb7f0d73b8a /Userland
parent949f5460fb8ab73512b7f721cee99440fa956e56 (diff)
downloadserenity-bf060adcf973b3f1017f4ce4679816f4be589f9b.zip
Browser+LibWebView+WebContent: Do not domain match on cookie updates
Updating cookies through these hooks happens in one of two manners: 1. Through the Browser's storage inspector. 2. Through WebDriver's delete-cookies operation. In (1), we should not restrict ourselves to being able to delete cookies for the current page. For example, it's handy to open the inspector from the welcome page and be able to delete cookies for any domain. In (2), we already are only interacting with cookies that have been matched against the document URL.
Diffstat (limited to 'Userland')
-rw-r--r--Userland/Applications/Browser/BrowserWindow.cpp4
-rw-r--r--Userland/Applications/Browser/CookieJar.cpp10
-rw-r--r--Userland/Applications/Browser/CookieJar.h2
-rw-r--r--Userland/Applications/Browser/Tab.cpp6
-rw-r--r--Userland/Applications/Browser/Tab.h2
-rw-r--r--Userland/Libraries/LibWeb/Page/Page.h2
-rw-r--r--Userland/Libraries/LibWebView/OutOfProcessWebView.cpp4
-rw-r--r--Userland/Libraries/LibWebView/OutOfProcessWebView.h4
-rw-r--r--Userland/Libraries/LibWebView/ViewImplementation.h2
-rw-r--r--Userland/Libraries/LibWebView/WebContentClient.cpp4
-rw-r--r--Userland/Libraries/LibWebView/WebContentClient.h2
-rw-r--r--Userland/Services/WebContent/PageHost.cpp4
-rw-r--r--Userland/Services/WebContent/PageHost.h2
-rw-r--r--Userland/Services/WebContent/WebContentClient.ipc2
-rw-r--r--Userland/Services/WebContent/WebDriverConnection.cpp2
15 files changed, 22 insertions, 30 deletions
diff --git a/Userland/Applications/Browser/BrowserWindow.cpp b/Userland/Applications/Browser/BrowserWindow.cpp
index 1f1fe0846e..8b4cfeba8d 100644
--- a/Userland/Applications/Browser/BrowserWindow.cpp
+++ b/Userland/Applications/Browser/BrowserWindow.cpp
@@ -603,8 +603,8 @@ void BrowserWindow::create_new_tab(URL url, bool activate)
m_cookie_jar.dump_cookies();
};
- new_tab.on_update_cookie = [this](auto const& url, auto cookie) {
- m_cookie_jar.update_cookie(url, move(cookie));
+ new_tab.on_update_cookie = [this](auto cookie) {
+ m_cookie_jar.update_cookie(move(cookie));
};
new_tab.on_get_cookies_entries = [this]() {
diff --git a/Userland/Applications/Browser/CookieJar.cpp b/Userland/Applications/Browser/CookieJar.cpp
index 434ea18708..681370339e 100644
--- a/Userland/Applications/Browser/CookieJar.cpp
+++ b/Userland/Applications/Browser/CookieJar.cpp
@@ -51,16 +51,8 @@ void CookieJar::set_cookie(const URL& url, Web::Cookie::ParsedCookie const& pars
// This is based on https://www.rfc-editor.org/rfc/rfc6265#section-5.3 as store_cookie() below
// however the whole ParsedCookie->Cookie conversion is skipped.
-void CookieJar::update_cookie(URL const& url, Web::Cookie::Cookie cookie)
+void CookieJar::update_cookie(Web::Cookie::Cookie cookie)
{
- auto domain = canonicalize_domain(url);
- if (!domain.has_value())
- return;
-
- // 6. If the canonicalized request-host does not domain-match the domain-attribute: Ignore the cookie entirely and abort these steps.
- if (!domain_matches(domain.value(), cookie.domain))
- return;
-
// 11. If the cookie store contains a cookie with the same name, domain, and path as the newly created cookie:
CookieStorageKey key { cookie.name, cookie.domain, cookie.path };
diff --git a/Userland/Applications/Browser/CookieJar.h b/Userland/Applications/Browser/CookieJar.h
index eada4c9fc1..6019ffa65f 100644
--- a/Userland/Applications/Browser/CookieJar.h
+++ b/Userland/Applications/Browser/CookieJar.h
@@ -28,7 +28,7 @@ class CookieJar {
public:
DeprecatedString get_cookie(const URL& url, Web::Cookie::Source source);
void set_cookie(const URL& url, Web::Cookie::ParsedCookie const& parsed_cookie, Web::Cookie::Source source);
- void update_cookie(URL const&, Web::Cookie::Cookie);
+ void update_cookie(Web::Cookie::Cookie);
void dump_cookies() const;
Vector<Web::Cookie::Cookie> get_all_cookies() const;
Vector<Web::Cookie::Cookie> get_all_cookies(URL const& url);
diff --git a/Userland/Applications/Browser/Tab.cpp b/Userland/Applications/Browser/Tab.cpp
index db097a87eb..8c88b000ec 100644
--- a/Userland/Applications/Browser/Tab.cpp
+++ b/Userland/Applications/Browser/Tab.cpp
@@ -397,9 +397,9 @@ Tab::Tab(BrowserWindow& window)
on_set_cookie(url, cookie, source);
};
- view().on_update_cookie = [this](auto& url, auto& cookie) {
+ view().on_update_cookie = [this](auto& cookie) {
if (on_update_cookie)
- on_update_cookie(url, cookie);
+ on_update_cookie(cookie);
};
view().on_get_source = [this](auto& url, auto& source) {
@@ -695,7 +695,7 @@ void Tab::show_storage_inspector()
m_storage_widget = storage_window->set_main_widget<StorageWidget>();
m_storage_widget->on_update_cookie = [this](Web::Cookie::Cookie cookie) {
if (on_update_cookie)
- on_update_cookie(url(), move(cookie));
+ on_update_cookie(move(cookie));
};
}
diff --git a/Userland/Applications/Browser/Tab.h b/Userland/Applications/Browser/Tab.h
index e24e73646b..80fba79e86 100644
--- a/Userland/Applications/Browser/Tab.h
+++ b/Userland/Applications/Browser/Tab.h
@@ -69,7 +69,7 @@ public:
Function<DeprecatedString(const URL&, Web::Cookie::Source source)> on_get_cookie;
Function<void(const URL&, Web::Cookie::ParsedCookie const& cookie, Web::Cookie::Source source)> on_set_cookie;
Function<void()> on_dump_cookies;
- Function<void(URL const&, Web::Cookie::Cookie)> on_update_cookie;
+ Function<void(Web::Cookie::Cookie)> on_update_cookie;
Function<Vector<Web::Cookie::Cookie>()> on_get_cookies_entries;
Function<OrderedHashMap<DeprecatedString, DeprecatedString>()> on_get_local_storage_entries;
Function<OrderedHashMap<DeprecatedString, DeprecatedString>()> on_get_session_storage_entries;
diff --git a/Userland/Libraries/LibWeb/Page/Page.h b/Userland/Libraries/LibWeb/Page/Page.h
index 2313089a49..8e8418c1d0 100644
--- a/Userland/Libraries/LibWeb/Page/Page.h
+++ b/Userland/Libraries/LibWeb/Page/Page.h
@@ -182,7 +182,7 @@ public:
virtual Optional<Web::Cookie::Cookie> page_did_request_named_cookie(AK::URL const&, DeprecatedString const&) { return {}; }
virtual DeprecatedString page_did_request_cookie(const AK::URL&, Cookie::Source) { return {}; }
virtual void page_did_set_cookie(const AK::URL&, Cookie::ParsedCookie const&, Cookie::Source) { }
- virtual void page_did_update_cookie(AK::URL const&, Web::Cookie::Cookie) { }
+ virtual void page_did_update_cookie(Web::Cookie::Cookie) { }
virtual void page_did_update_resource_count(i32) { }
virtual void page_did_close_browsing_context(HTML::BrowsingContext const&) { }
diff --git a/Userland/Libraries/LibWebView/OutOfProcessWebView.cpp b/Userland/Libraries/LibWebView/OutOfProcessWebView.cpp
index 675ec6cffe..bd614c1239 100644
--- a/Userland/Libraries/LibWebView/OutOfProcessWebView.cpp
+++ b/Userland/Libraries/LibWebView/OutOfProcessWebView.cpp
@@ -461,10 +461,10 @@ void OutOfProcessWebView::notify_server_did_set_cookie(Badge<WebContentClient>,
on_set_cookie(url, cookie, source);
}
-void OutOfProcessWebView::notify_server_did_update_cookie(Badge<WebContentClient>, AK::URL const& url, Web::Cookie::Cookie const& cookie)
+void OutOfProcessWebView::notify_server_did_update_cookie(Badge<WebContentClient>, Web::Cookie::Cookie const& cookie)
{
if (on_update_cookie)
- on_update_cookie(url, cookie);
+ on_update_cookie(cookie);
}
void OutOfProcessWebView::notify_server_did_update_resource_count(i32 count_waiting)
diff --git a/Userland/Libraries/LibWebView/OutOfProcessWebView.h b/Userland/Libraries/LibWebView/OutOfProcessWebView.h
index 2800e98d03..890793fa2c 100644
--- a/Userland/Libraries/LibWebView/OutOfProcessWebView.h
+++ b/Userland/Libraries/LibWebView/OutOfProcessWebView.h
@@ -103,7 +103,7 @@ public:
Function<Optional<Web::Cookie::Cookie>(AK::URL const& url, DeprecatedString const& name)> on_get_named_cookie;
Function<DeprecatedString(const AK::URL& url, Web::Cookie::Source source)> on_get_cookie;
Function<void(const AK::URL& url, Web::Cookie::ParsedCookie const& cookie, Web::Cookie::Source source)> on_set_cookie;
- Function<void(AK::URL const& url, Web::Cookie::Cookie const& cookie)> on_update_cookie;
+ Function<void(Web::Cookie::Cookie const& cookie)> on_update_cookie;
Function<void(i32 count_waiting)> on_resource_status_change;
Function<void()> on_restore_window;
Function<Gfx::IntPoint(Gfx::IntPoint)> on_reposition_window;
@@ -175,7 +175,7 @@ private:
virtual Optional<Web::Cookie::Cookie> notify_server_did_request_named_cookie(Badge<WebContentClient>, AK::URL const& url, DeprecatedString const& name) override;
virtual DeprecatedString notify_server_did_request_cookie(Badge<WebContentClient>, const AK::URL& url, Web::Cookie::Source source) override;
virtual void notify_server_did_set_cookie(Badge<WebContentClient>, const AK::URL& url, Web::Cookie::ParsedCookie const& cookie, Web::Cookie::Source source) override;
- virtual void notify_server_did_update_cookie(Badge<WebContentClient>, AK::URL const& url, Web::Cookie::Cookie const& cookie) override;
+ virtual void notify_server_did_update_cookie(Badge<WebContentClient>, Web::Cookie::Cookie const& cookie) override;
virtual void notify_server_did_update_resource_count(i32 count_waiting) override;
virtual void notify_server_did_request_restore_window() override;
virtual Gfx::IntPoint notify_server_did_request_reposition_window(Gfx::IntPoint) override;
diff --git a/Userland/Libraries/LibWebView/ViewImplementation.h b/Userland/Libraries/LibWebView/ViewImplementation.h
index ba13dc3bab..eede9c8ef8 100644
--- a/Userland/Libraries/LibWebView/ViewImplementation.h
+++ b/Userland/Libraries/LibWebView/ViewImplementation.h
@@ -57,7 +57,7 @@ public:
virtual Optional<Web::Cookie::Cookie> notify_server_did_request_named_cookie(Badge<WebContentClient>, AK::URL const& url, DeprecatedString const& name) = 0;
virtual DeprecatedString notify_server_did_request_cookie(Badge<WebContentClient>, const AK::URL& url, Web::Cookie::Source source) = 0;
virtual void notify_server_did_set_cookie(Badge<WebContentClient>, const AK::URL& url, Web::Cookie::ParsedCookie const& cookie, Web::Cookie::Source source) = 0;
- virtual void notify_server_did_update_cookie(Badge<WebContentClient>, AK::URL const& url, Web::Cookie::Cookie const& cookie) = 0;
+ virtual void notify_server_did_update_cookie(Badge<WebContentClient>, Web::Cookie::Cookie const& cookie) = 0;
virtual void notify_server_did_update_resource_count(i32 count_waiting) = 0;
virtual void notify_server_did_request_restore_window() = 0;
virtual Gfx::IntPoint notify_server_did_request_reposition_window(Gfx::IntPoint) = 0;
diff --git a/Userland/Libraries/LibWebView/WebContentClient.cpp b/Userland/Libraries/LibWebView/WebContentClient.cpp
index 7ce11767e8..ee0ba762e3 100644
--- a/Userland/Libraries/LibWebView/WebContentClient.cpp
+++ b/Userland/Libraries/LibWebView/WebContentClient.cpp
@@ -235,9 +235,9 @@ void WebContentClient::did_set_cookie(AK::URL const& url, Web::Cookie::ParsedCoo
m_view.notify_server_did_set_cookie({}, url, cookie, static_cast<Web::Cookie::Source>(source));
}
-void WebContentClient::did_update_cookie(AK::URL const& url, Web::Cookie::Cookie const& cookie)
+void WebContentClient::did_update_cookie(Web::Cookie::Cookie const& cookie)
{
- m_view.notify_server_did_update_cookie({}, url, cookie);
+ m_view.notify_server_did_update_cookie({}, cookie);
}
void WebContentClient::did_update_resource_count(i32 count_waiting)
diff --git a/Userland/Libraries/LibWebView/WebContentClient.h b/Userland/Libraries/LibWebView/WebContentClient.h
index 2609772f25..ffdbdfb7c9 100644
--- a/Userland/Libraries/LibWebView/WebContentClient.h
+++ b/Userland/Libraries/LibWebView/WebContentClient.h
@@ -67,7 +67,7 @@ private:
virtual Messages::WebContentClient::DidRequestNamedCookieResponse did_request_named_cookie(AK::URL const&, DeprecatedString const&) override;
virtual Messages::WebContentClient::DidRequestCookieResponse did_request_cookie(AK::URL const&, u8) override;
virtual void did_set_cookie(AK::URL const&, Web::Cookie::ParsedCookie const&, u8) override;
- virtual void did_update_cookie(AK::URL const&, Web::Cookie::Cookie const&) override;
+ virtual void did_update_cookie(Web::Cookie::Cookie const&) override;
virtual void did_update_resource_count(i32 count_waiting) override;
virtual void did_request_restore_window() override;
virtual Messages::WebContentClient::DidRequestRepositionWindowResponse did_request_reposition_window(Gfx::IntPoint) override;
diff --git a/Userland/Services/WebContent/PageHost.cpp b/Userland/Services/WebContent/PageHost.cpp
index 4bbafade65..4f5a83c303 100644
--- a/Userland/Services/WebContent/PageHost.cpp
+++ b/Userland/Services/WebContent/PageHost.cpp
@@ -359,9 +359,9 @@ void PageHost::page_did_set_cookie(const URL& url, Web::Cookie::ParsedCookie con
m_client.async_did_set_cookie(url, cookie, static_cast<u8>(source));
}
-void PageHost::page_did_update_cookie(URL const& url, Web::Cookie::Cookie cookie)
+void PageHost::page_did_update_cookie(Web::Cookie::Cookie cookie)
{
- m_client.async_did_update_cookie(url, move(cookie));
+ m_client.async_did_update_cookie(move(cookie));
}
void PageHost::page_did_update_resource_count(i32 count_waiting)
diff --git a/Userland/Services/WebContent/PageHost.h b/Userland/Services/WebContent/PageHost.h
index 7aeca9d20b..ad494c05f8 100644
--- a/Userland/Services/WebContent/PageHost.h
+++ b/Userland/Services/WebContent/PageHost.h
@@ -92,7 +92,7 @@ private:
virtual Optional<Web::Cookie::Cookie> page_did_request_named_cookie(URL const&, DeprecatedString const&) override;
virtual DeprecatedString page_did_request_cookie(const URL&, Web::Cookie::Source) override;
virtual void page_did_set_cookie(const URL&, Web::Cookie::ParsedCookie const&, Web::Cookie::Source) override;
- virtual void page_did_update_cookie(URL const&, Web::Cookie::Cookie) override;
+ virtual void page_did_update_cookie(Web::Cookie::Cookie) override;
virtual void page_did_update_resource_count(i32) override;
virtual void request_file(NonnullRefPtr<Web::FileRequest>&) override;
diff --git a/Userland/Services/WebContent/WebContentClient.ipc b/Userland/Services/WebContent/WebContentClient.ipc
index 6f5af5ee37..455377b83c 100644
--- a/Userland/Services/WebContent/WebContentClient.ipc
+++ b/Userland/Services/WebContent/WebContentClient.ipc
@@ -43,7 +43,7 @@ endpoint WebContentClient
did_request_named_cookie(URL url, DeprecatedString name) => (Optional<Web::Cookie::Cookie> cookie)
did_request_cookie(URL url, u8 source) => (DeprecatedString cookie)
did_set_cookie(URL url, Web::Cookie::ParsedCookie cookie, u8 source) =|
- did_update_cookie(URL url, Web::Cookie::Cookie cookie) =|
+ did_update_cookie(Web::Cookie::Cookie cookie) =|
did_update_resource_count(i32 count_waiting) =|
did_request_restore_window() =|
did_request_reposition_window(Gfx::IntPoint position) => (Gfx::IntPoint window_position)
diff --git a/Userland/Services/WebContent/WebDriverConnection.cpp b/Userland/Services/WebContent/WebDriverConnection.cpp
index dd5a46d144..94bc6990d7 100644
--- a/Userland/Services/WebContent/WebDriverConnection.cpp
+++ b/Userland/Services/WebContent/WebDriverConnection.cpp
@@ -1752,7 +1752,7 @@ void WebDriverConnection::delete_cookies(Optional<StringView> const& name)
if (!name.has_value() || name.value() == cookie.name) {
// Set the cookie expiry time to a Unix timestamp in the past.
cookie.expiry_time = Core::DateTime::from_timestamp(0);
- m_page_client.page_did_update_cookie(document->url(), move(cookie));
+ m_page_client.page_did_update_cookie(move(cookie));
}
// -> Otherwise
// Do nothing.