mirror of
https://github.com/RGBCube/serenity
synced 2025-07-25 20:27:45 +00:00
Browser+LibWeb+WebContent: Track the source of document.cookie requests
To implement the HttpOnly attribute, the CookieJar needs to know where a request originated from. Namely, it needs to distinguish between HTTP / non-HTTP (i.e. JavaScript) requests. When the HttpOnly attribute is set, requests from JavaScript are to be blocked.
This commit is contained in:
parent
7193e518d1
commit
c00760c5f9
20 changed files with 54 additions and 47 deletions
|
@ -219,12 +219,12 @@ int main(int argc, char** argv)
|
|||
});
|
||||
};
|
||||
|
||||
new_tab.on_get_cookie = [&](auto& url) -> String {
|
||||
return cookie_jar.get_cookie(url);
|
||||
new_tab.on_get_cookie = [&](auto& url, auto source) -> String {
|
||||
return cookie_jar.get_cookie(url, source);
|
||||
};
|
||||
|
||||
new_tab.on_set_cookie = [&](auto& url, auto& cookie) {
|
||||
cookie_jar.set_cookie(url, cookie);
|
||||
new_tab.on_set_cookie = [&](auto& url, auto& cookie, auto source) {
|
||||
cookie_jar.set_cookie(url, cookie, source);
|
||||
};
|
||||
|
||||
new_tab.on_dump_cookies = [&]() {
|
||||
|
|
Loading…
Add table
Add a link
Reference in a new issue