mirrors/ladybird
0
0
Fork 0
mirror of https://github.com/LadybirdBrowser/ladybird.git synced 2025-07-29 04:09:13 +00:00
Code Issues Projects Releases Packages Wiki Activity Actions 9

Browser+LibWeb+WebContent: Track the source of document.cookie requests

Browse source 
To implement the HttpOnly attribute, the CookieJar needs to know where a
request originated from. Namely, it needs to distinguish between HTTP /
non-HTTP (i.e. JavaScript) requests. When the HttpOnly attribute is set,
requests from JavaScript are to be blocked.
This commit is contained in:
Timothy Flynn 2021-04-13 17:30:41 -04:00 committed by Andreas Kling
commit c00760c5f9
Notes: sideshowbarker 2024-07-18 20:22:16 +09:00
20 changed files with 54 additions and 47 deletions
Download patch file Download diff file Expand all files Collapse all files

4
Userland/Libraries/LibWeb/WebContentClient.cpp
View file

@ -199,13 +199,13 @@ void WebContentClient::handle(const Messages::WebContentClient::DidChangeFavicon
OwnPtr<Messages::WebContentClient::DidRequestCookieResponse> WebContentClient::handle(const Messages::WebContentClient::DidRequestCookie& message)
{
auto result = m_view.notify_server_did_request_cookie({}, message.url());
auto result = m_view.notify_server_did_request_cookie({}, message.url(), static_cast<Cookie::Source>(message.source()));
return make<Messages::WebContentClient::DidRequestCookieResponse>(result);
}
void WebContentClient::handle(const Messages::WebContentClient::DidSetCookie& message)
{
m_view.notify_server_did_set_cookie({}, message.url(), message.cookie());
m_view.notify_server_did_set_cookie({}, message.url(), message.cookie(), static_cast<Cookie::Source>(message.source()));
}
}