1
Fork 0
mirror of https://github.com/RGBCube/serenity synced 2025-07-28 04:37:44 +00:00

Browser+LibWeb+WebContent: Parse cookies in the OOP tab

To protect the main Browser process against nefarious cookies, parse the
cookies out-of-process and then send the parsed result over IPC to the
main process. This way, if the cookie parser blows up, only that tab
will be affected.
This commit is contained in:
Timothy Flynn 2021-04-15 10:36:20 -04:00 committed by Andreas Kling
parent 6e10c2cdb7
commit 2381b19719
19 changed files with 79 additions and 26 deletions

View file

@ -25,7 +25,10 @@
*/
#include "ParsedCookie.h"
#include <AK/StdLibExtras.h>
#include <AK/Vector.h>
#include <LibIPC/Decoder.h>
#include <LibIPC/Encoder.h>
#include <ctype.h>
namespace Web::Cookie {
@ -351,3 +354,39 @@ Optional<Core::DateTime> parse_date_time(StringView date_string)
}
}
bool IPC::encode(IPC::Encoder& encoder, const Web::Cookie::ParsedCookie& cookie)
{
encoder << cookie.name;
encoder << cookie.value;
encoder << cookie.expiry_time_from_expires_attribute;
encoder << cookie.expiry_time_from_max_age_attribute;
encoder << cookie.domain;
encoder << cookie.path;
encoder << cookie.secure_attribute_present;
encoder << cookie.http_only_attribute_present;
return true;
}
bool IPC::decode(IPC::Decoder& decoder, Web::Cookie::ParsedCookie& cookie)
{
if (!decoder.decode(cookie.name))
return false;
if (!decoder.decode(cookie.value))
return false;
if (!decoder.decode(cookie.expiry_time_from_expires_attribute))
return false;
if (!decoder.decode(cookie.expiry_time_from_max_age_attribute))
return false;
if (!decoder.decode(cookie.domain))
return false;
if (!decoder.decode(cookie.path))
return false;
if (!decoder.decode(cookie.secure_attribute_present))
return false;
if (!decoder.decode(cookie.http_only_attribute_present))
return false;
return true;
}

View file

@ -29,6 +29,7 @@
#include <AK/Optional.h>
#include <AK/String.h>
#include <LibCore/DateTime.h>
#include <LibIPC/Forward.h>
namespace Web::Cookie {
@ -46,3 +47,10 @@ struct ParsedCookie {
Optional<ParsedCookie> parse_cookie(const String& cookie_string);
}
namespace IPC {
bool encode(IPC::Encoder&, const Web::Cookie::ParsedCookie&);
bool decode(IPC::Decoder&, Web::Cookie::ParsedCookie&);
}

View file

@ -34,6 +34,7 @@
#include <LibWeb/Bindings/MainThreadVM.h>
#include <LibWeb/Bindings/WindowObject.h>
#include <LibWeb/CSS/StyleResolver.h>
#include <LibWeb/Cookie/ParsedCookie.h>
#include <LibWeb/DOM/Comment.h>
#include <LibWeb/DOM/DOMException.h>
#include <LibWeb/DOM/Document.h>
@ -828,10 +829,14 @@ String Document::cookie(Cookie::Source source)
return {};
}
void Document::set_cookie(String cookie, Cookie::Source source)
void Document::set_cookie(String cookie_string, Cookie::Source source)
{
auto cookie = Cookie::parse_cookie(cookie_string);
if (!cookie.has_value())
return;
if (auto* page = this->page())
page->client().page_did_set_cookie(m_url, cookie, source);
page->client().page_did_set_cookie(m_url, cookie.value(), source);
}
}

View file

@ -440,7 +440,7 @@ String InProcessWebView::page_did_request_cookie(const URL& url, Cookie::Source
return {};
}
void InProcessWebView::page_did_set_cookie(const URL& url, const String& cookie, Cookie::Source source)
void InProcessWebView::page_did_set_cookie(const URL& url, const Cookie::ParsedCookie& cookie, Cookie::Source source)
{
if (on_set_cookie)
on_set_cookie(url, cookie, source);

View file

@ -112,7 +112,7 @@ private:
virtual bool page_did_request_confirm(const String&) override;
virtual String page_did_request_prompt(const String&, const String&) override;
virtual String page_did_request_cookie(const URL&, Cookie::Source) override;
virtual void page_did_set_cookie(const URL&, const String&, Cookie::Source) override;
virtual void page_did_set_cookie(const URL&, const Cookie::ParsedCookie&, Cookie::Source) override;
void layout_and_sync_size();

View file

@ -372,7 +372,7 @@ String OutOfProcessWebView::notify_server_did_request_cookie(Badge<WebContentCli
return {};
}
void OutOfProcessWebView::notify_server_did_set_cookie(Badge<WebContentClient>, const URL& url, const String& cookie, Cookie::Source source)
void OutOfProcessWebView::notify_server_did_set_cookie(Badge<WebContentClient>, const URL& url, const Cookie::ParsedCookie& cookie, Cookie::Source source)
{
if (on_set_cookie)
on_set_cookie(url, cookie, source);

View file

@ -80,7 +80,7 @@ public:
void notify_server_did_js_console_output(const String& method, const String& line);
void notify_server_did_change_favicon(const Gfx::Bitmap& favicon);
String notify_server_did_request_cookie(Badge<WebContentClient>, const URL& url, Cookie::Source source);
void notify_server_did_set_cookie(Badge<WebContentClient>, const URL& url, const String& cookie, Cookie::Source source);
void notify_server_did_set_cookie(Badge<WebContentClient>, const URL& url, const Cookie::ParsedCookie& cookie, Cookie::Source source);
private:
OutOfProcessWebView();

View file

@ -112,7 +112,7 @@ public:
virtual bool page_did_request_confirm(const String&) { return false; }
virtual String page_did_request_prompt(const String&, const String&) { return {}; }
virtual String page_did_request_cookie(const URL&, Cookie::Source) { return {}; }
virtual void page_did_set_cookie(const URL&, const String&, Cookie::Source) { }
virtual void page_did_set_cookie(const URL&, const Cookie::ParsedCookie&, Cookie::Source) { }
protected:
virtual ~PageClient() = default;

View file

@ -27,6 +27,7 @@
#include "WebContentClient.h"
#include "OutOfProcessWebView.h"
#include <AK/Debug.h>
#include <LibWeb/Cookie/ParsedCookie.h>
namespace Web {

View file

@ -28,6 +28,7 @@
#include <AK/HashMap.h>
#include <LibIPC/ServerConnection.h>
#include <LibWeb/Cookie/ParsedCookie.h>
#include <WebContent/WebContentClientEndpoint.h>
#include <WebContent/WebContentServerEndpoint.h>

View file

@ -49,7 +49,7 @@ public:
Function<void(const URL&, const String&)> on_get_source;
Function<void(const String& method, const String& line)> on_js_console_output;
Function<String(const URL& url, Cookie::Source source)> on_get_cookie;
Function<void(const URL& url, const String& cookie, Cookie::Source source)> on_set_cookie;
Function<void(const URL& url, const Cookie::ParsedCookie& cookie, Cookie::Source source)> on_set_cookie;
};
}