mirror of
https://github.com/RGBCube/serenity
synced 2025-07-26 01:47:34 +00:00
Browser+LibWeb+WebContent: Track the source of document.cookie requests
To implement the HttpOnly attribute, the CookieJar needs to know where a request originated from. Namely, it needs to distinguish between HTTP / non-HTTP (i.e. JavaScript) requests. When the HttpOnly attribute is set, requests from JavaScript are to be blocked.
This commit is contained in:
parent
7193e518d1
commit
c00760c5f9
20 changed files with 54 additions and 47 deletions
|
@ -33,7 +33,7 @@
|
|||
|
||||
namespace Browser {
|
||||
|
||||
String CookieJar::get_cookie(const URL& url)
|
||||
String CookieJar::get_cookie(const URL& url, Web::Cookie::Source)
|
||||
{
|
||||
purge_expired_cookies();
|
||||
|
||||
|
@ -55,7 +55,7 @@ String CookieJar::get_cookie(const URL& url)
|
|||
return builder.build();
|
||||
}
|
||||
|
||||
void CookieJar::set_cookie(const URL& url, const String& cookie_string)
|
||||
void CookieJar::set_cookie(const URL& url, const String& cookie_string, Web::Cookie::Source)
|
||||
{
|
||||
auto domain = canonicalize_domain(url);
|
||||
if (!domain.has_value())
|
||||
|
|
Loading…
Add table
Add a link
Reference in a new issue