RGBCube/serenity
1
Fork 0
mirror of https://github.com/RGBCube/serenity synced 2025-10-31 16:12:44 +00:00
Code Issues Activity Actions

Browser: Process Secure and HttpOnly cookie attributes

Browse source
This commit is contained in:
Timothy Flynn 2021-04-11 23:49:33 -04:00 committed by Andreas Kling
parent db24186309
commit e0f9ed01c7
2 changed files with 10 additions and 6 deletions
Download patch file Download diff file Expand all files Collapse all files

10
Userland/Applications/Browser/CookieJar.cpp
View file

@ -221,9 +221,9 @@ void CookieJar::process_attribute(Cookie& cookie, StringView attribute_name, Str
} else if (attribute_name.equals_ignoring_case("Path")) {
on_path_attribute(cookie, attribute_value);
} else if (attribute_name.equals_ignoring_case("Secure")) {
on_secure_attribute(cookie, attribute_value);
on_secure_attribute(cookie);
} else if (attribute_name.equals_ignoring_case("HttpOnly")) {
on_http_only_attribute(cookie, attribute_value);
on_http_only_attribute(cookie);
}
}
@ -291,14 +291,16 @@ void CookieJar::on_path_attribute(Cookie& cookie, StringView attribute_value)
cookie.path = attribute_value;
}
void CookieJar::on_secure_attribute([[maybe_unused]] Cookie& cookie, [[maybe_unused]] StringView attribute_value)
void CookieJar::on_secure_attribute(Cookie& cookie)
{
// https://tools.ietf.org/html/rfc6265#section-5.2.5
cookie.secure = true;
}
void CookieJar::on_http_only_attribute([[maybe_unused]] Cookie& cookie, [[maybe_unused]] StringView attribute_value)
void CookieJar::on_http_only_attribute(Cookie& cookie)
{
// https://tools.ietf.org/html/rfc6265#section-5.2.6
cookie.http_only = true;
}
}

6
Userland/Applications/Browser/CookieJar.h
View file

@ -40,6 +40,8 @@ struct Cookie {
Core::DateTime expiry_time {};
String domain {};
String path {};
bool secure { false };
bool http_only { false };
};
class CookieJar {
@ -57,8 +59,8 @@ private:
static void on_max_age_attribute(Cookie& cookie, StringView attribute_value);
static void on_domain_attribute(Cookie& cookie, StringView attribute_value);
static void on_path_attribute(Cookie& cookie, StringView attribute_value);
static void on_secure_attribute(Cookie& cookie, StringView attribute_value);
static void on_http_only_attribute(Cookie& cookie, StringView attribute_value);
static void on_secure_attribute(Cookie& cookie);
static void on_http_only_attribute(Cookie& cookie);
HashMap<String, Vector<Cookie>> m_cookies;
};