[webkit-changes] [WebKit/WebKit] 58f6a2: Properly handle errors in the cookie's domain when...

Rupin Mittal noreply at github.com
Wed Jul 26 20:49:23 PDT 2023 

  Branch: refs/heads/main
  Home:   https://github.com/WebKit/WebKit
  Commit: 58f6a2dd0bf84e0bba186126c6474a0ff1064353
      https://github.com/WebKit/WebKit/commit/58f6a2dd0bf84e0bba186126c6474a0ff1064353
  Author: Rupin Mittal <rupin at apple.com>
  Date:   2023-07-26 (Wed, 26 Jul 2023)

  Changed paths:
    M LayoutTests/imported/w3c/web-platform-tests/cookie-store/cookieStore_delete_arguments.https.any-expected.txt
    M LayoutTests/imported/w3c/web-platform-tests/cookie-store/cookieStore_get_set_across_frames.https-expected.txt
    M LayoutTests/imported/w3c/web-platform-tests/cookie-store/cookieStore_opaque_origin.https-expected.txt
    M LayoutTests/imported/w3c/web-platform-tests/cookie-store/cookieStore_set_arguments.https.any-expected.txt
    M Source/WebCore/Modules/cookie-store/CookieStore.cpp

  Log Message:
  -----------
  Properly handle errors in the cookie's domain when setting a cookie with the Cookie Store API
https://bugs.webkit.org/show_bug.cgi?id=259529

Reviewed by Alex Christensen.

The spec (https://wicg.github.io/cookie-store/#set-cookie-algorithm)
dictates that in the set function, if the domain is not null, then if
the domain begins with a '.', the promise should be rejected with a
TypeError. If the domain does not begin with a '.' but the url's host
is not equal to domain and it does not end with a '.' followed by the
domain, the promise should be rejected with a TypeError. Additionally,
if the byte sequence length of the domain (in UTF8 format) is greater
than the maximum attribute value size (current 1024 bytes according to
https://wicg.github.io/cookie-store/#cookie-maximum-attribute-value-size),
then the promise should be rejected with a TypeError. This patch adds
these checks.

* LayoutTests/imported/w3c/web-platform-tests/cookie-store/cookieStore_delete_arguments.https.any-expected.txt:
* LayoutTests/imported/w3c/web-platform-tests/cookie-store/cookieStore_get_set_across_frames.https-expected.txt:
* LayoutTests/imported/w3c/web-platform-tests/cookie-store/cookieStore_opaque_origin.https-expected.txt:
* LayoutTests/imported/w3c/web-platform-tests/cookie-store/cookieStore_set_arguments.https.any-expected.txt:
* Source/WebCore/Modules/cookie-store/CookieStore.cpp:
(WebCore::CookieStore::set):

Canonical link: https://commits.webkit.org/266351@main

More information about the webkit-changes mailing list