mirror of
https://github.com/RGBCube/serenity
synced 2025-07-27 04:17:35 +00:00
Browser+LibWeb+WebContent: Track the source of document.cookie requests
To implement the HttpOnly attribute, the CookieJar needs to know where a request originated from. Namely, it needs to distinguish between HTTP / non-HTTP (i.e. JavaScript) requests. When the HttpOnly attribute is set, requests from JavaScript are to be blocked.
This commit is contained in:
parent
7193e518d1
commit
c00760c5f9
20 changed files with 54 additions and 47 deletions
|
@ -208,14 +208,14 @@ void PageHost::page_did_request_image_context_menu(const Gfx::IntPoint& content_
|
|||
m_client.post_message(Messages::WebContentClient::DidRequestImageContextMenu(content_position, url, target, modifiers, bitmap->to_shareable_bitmap()));
|
||||
}
|
||||
|
||||
String PageHost::page_did_request_cookie(const URL& url)
|
||||
String PageHost::page_did_request_cookie(const URL& url, Web::Cookie::Source source)
|
||||
{
|
||||
return m_client.send_sync<Messages::WebContentClient::DidRequestCookie>(url)->cookie();
|
||||
return m_client.send_sync<Messages::WebContentClient::DidRequestCookie>(url, static_cast<u8>(source))->cookie();
|
||||
}
|
||||
|
||||
void PageHost::page_did_set_cookie(const URL& url, const String& cookie)
|
||||
void PageHost::page_did_set_cookie(const URL& url, const String& cookie, Web::Cookie::Source source)
|
||||
{
|
||||
m_client.post_message(Messages::WebContentClient::DidSetCookie(url, cookie));
|
||||
m_client.post_message(Messages::WebContentClient::DidSetCookie(url, cookie, static_cast<u8>(source)));
|
||||
}
|
||||
|
||||
}
|
||||
|
|
|
@ -79,8 +79,8 @@ private:
|
|||
virtual String page_did_request_prompt(const String&, const String&) override;
|
||||
virtual void page_did_change_favicon(const Gfx::Bitmap&) override;
|
||||
virtual void page_did_request_image_context_menu(const Gfx::IntPoint&, const URL&, const String& target, unsigned modifiers, const Gfx::Bitmap*) override;
|
||||
virtual String page_did_request_cookie(const URL&) override;
|
||||
virtual void page_did_set_cookie(const URL&, const String&) override;
|
||||
virtual String page_did_request_cookie(const URL&, Web::Cookie::Source) override;
|
||||
virtual void page_did_set_cookie(const URL&, const String&, Web::Cookie::Source) override;
|
||||
|
||||
explicit PageHost(ClientConnection&);
|
||||
|
||||
|
|
|
@ -25,6 +25,6 @@ endpoint WebContentClient = 90
|
|||
DidGetSource(URL url, String source) =|
|
||||
DidJSConsoleOutput(String method, String line) =|
|
||||
DidChangeFavicon(Gfx::ShareableBitmap favicon) =|
|
||||
DidRequestCookie(URL url) => (String cookie)
|
||||
DidSetCookie(URL url, String cookie) =|
|
||||
DidRequestCookie(URL url, u8 source) => (String cookie)
|
||||
DidSetCookie(URL url, String cookie, u8 source) =|
|
||||
}
|
||||
|
|
Loading…
Add table
Add a link
Reference in a new issue