Browser+WebContent+WebDriver: Move Get All Cookies to WebContent

There are a couple changes here from the existing Get All Cookies implementation. 1. Previously, WebDriver actually returned *all* cookies in the cookie jar. The spec dictates that we only return cookies that match the document's URL. Specifically, it calls out that we must run just the first step of RFC 6265 section 5.4 to perform domain matching. This change adds a special mode to our implementation of that section to skip the remaining steps. 2. We now fill in the SameSite cookie attribute when serializing the cookie to JSON (this was a trival FIXME that didn't get picked up when SameSite was implemented).
2025-07-28 16:47:34 +00:00 · 2022-11-11 09:24:07 -05:00 · 2022-11-11 09:24:07 -05:00 · c77260c480
commit c77260c480
parent d2c1957d8f
11 changed files with 89 additions and 29 deletions
--- a/Userland/Applications/Browser/BrowserWindow.cpp
+++ b/Userland/Applications/Browser/BrowserWindow.cpp
@ -575,6 +575,10 @@ void BrowserWindow::create_new_tab(URL url, bool activate)
        });
    };

+    new_tab.on_get_all_cookies = [this](auto& url) {
+        return m_cookie_jar.get_all_cookies(url);
+    };
+
    new_tab.on_get_cookie = [this](auto& url, auto source) -> String {
        return m_cookie_jar.get_cookie(url, source);
    };
--- a/Userland/Applications/Browser/CookieJar.cpp
+++ b/Userland/Applications/Browser/CookieJar.cpp
@ -116,6 +116,24 @@ Vector<Web::Cookie::Cookie> CookieJar::get_all_cookies() const
    return cookies;
 }

+// https://w3c.github.io/webdriver/#dfn-associated-cookies
+Vector<Web::Cookie::Cookie> CookieJar::get_all_cookies(URL const& url)
+{
+    auto domain = canonicalize_domain(url);
+    if (!domain.has_value())
+        return {};
+
+    auto cookie_list = get_matching_cookies(url, domain.value(), Web::Cookie::Source::Http, MatchingCookiesSpecMode::WebDriver);
+
+    Vector<Web::Cookie::Cookie> cookies;
+    cookies.ensure_capacity(cookie_list.size());
+
+    for (auto const& cookie : cookie_list)
+        cookies.unchecked_append(cookie);
+
+    return cookies;
+}
+
 Optional<String> CookieJar::canonicalize_domain(const URL& url)
 {
    // https://tools.ietf.org/html/rfc6265#section-5.1.2
@ -281,7 +299,7 @@ void CookieJar::store_cookie(Web::Cookie::ParsedCookie const& parsed_cookie, con
    m_cookies.set(key, move(cookie));
 }

-Vector<Web::Cookie::Cookie&> CookieJar::get_matching_cookies(const URL& url, String const& canonicalized_domain, Web::Cookie::Source source)
+Vector<Web::Cookie::Cookie&> CookieJar::get_matching_cookies(const URL& url, String const& canonicalized_domain, Web::Cookie::Source source, MatchingCookiesSpecMode mode)
 {
    // https://tools.ietf.org/html/rfc6265#section-5.4

@ -310,6 +328,12 @@ Vector<Web::Cookie::Cookie&> CookieJar::get_matching_cookies(const URL& url, Str
        if (cookie.value.http_only && (source != Web::Cookie::Source::Http))
            continue;

+        // NOTE: The WebDriver spec expects only step 1 above to be executed to match cookies.
+        if (mode == MatchingCookiesSpecMode::WebDriver) {
+            cookie_list.append(cookie.value);
+            continue;
+        }
+
        // 2.  The user agent SHOULD sort the cookie-list in the following order:
        //   - Cookies with longer paths are listed before cookies with shorter paths.
        //   - Among cookies that have equal-length path fields, cookies with earlier creation-times are listed before cookies with later creation-times.
--- a/Userland/Applications/Browser/CookieJar.h
+++ b/Userland/Applications/Browser/CookieJar.h
@ -31,6 +31,7 @@ public:
    void update_cookie(URL const&, Web::Cookie::Cookie);
    void dump_cookies() const;
    Vector<Web::Cookie::Cookie> get_all_cookies() const;
+    Vector<Web::Cookie::Cookie> get_all_cookies(URL const& url);

 private:
    static Optional<String> canonicalize_domain(const URL& url);
@ -38,8 +39,13 @@ private:
    static bool path_matches(String const& request_path, String const& cookie_path);
    static String default_path(const URL& url);

+    enum class MatchingCookiesSpecMode {
+        RFC6265,
+        WebDriver,
+    };
+
    void store_cookie(Web::Cookie::ParsedCookie const& parsed_cookie, const URL& url, String canonicalized_domain, Web::Cookie::Source source);
-    Vector<Web::Cookie::Cookie&> get_matching_cookies(const URL& url, String const& canonicalized_domain, Web::Cookie::Source source);
+    Vector<Web::Cookie::Cookie&> get_matching_cookies(const URL& url, String const& canonicalized_domain, Web::Cookie::Source source, MatchingCookiesSpecMode mode = MatchingCookiesSpecMode::RFC6265);
    void purge_expired_cookies();

    HashMap<CookieStorageKey, Web::Cookie::Cookie> m_cookies;
--- a/Userland/Applications/Browser/Tab.cpp
+++ b/Userland/Applications/Browser/Tab.cpp
@ -351,6 +351,12 @@ Tab::Tab(BrowserWindow& window)
            on_favicon_change(icon);
    };

+    view().on_get_all_cookies = [this](auto& url) -> Vector<Web::Cookie::Cookie> {
+        if (on_get_all_cookies)
+            return on_get_all_cookies(url);
+        return {};
+    };
+
    view().on_get_cookie = [this](auto& url, auto source) -> String {
        if (on_get_cookie)
            return on_get_cookie(url, source);
--- a/Userland/Applications/Browser/Tab.h
+++ b/Userland/Applications/Browser/Tab.h
@ -64,6 +64,7 @@ public:
    Function<void(Tab&)> on_tab_close_request;
    Function<void(Tab&)> on_tab_close_other_request;
    Function<void(Gfx::Bitmap const&)> on_favicon_change;
+    Function<Vector<Web::Cookie::Cookie>(AK::URL const& url)> on_get_all_cookies;
    Function<String(const URL&, Web::Cookie::Source source)> on_get_cookie;
    Function<void(const URL&, Web::Cookie::ParsedCookie const& cookie, Web::Cookie::Source source)> on_set_cookie;
    Function<void()> on_dump_cookies;