[webkit-changes] [WebKit/WebKit] ea42e8: Check for invalid characters in name and value whe...

Rupin Mittal noreply at github.com
Fri Sep 13 08:34:32 PDT 2024 

  Branch: refs/heads/main
  Home:   https://github.com/WebKit/WebKit
  Commit: ea42e80465ced88ed7a4d396eb4aacffcae500f0
      https://github.com/WebKit/WebKit/commit/ea42e80465ced88ed7a4d396eb4aacffcae500f0
  Author: Rupin Mittal <rupin at apple.com>
  Date:   2024-09-13 (Fri, 13 Sep 2024)

  Changed paths:
    M LayoutTests/imported/w3c/web-platform-tests/cookie-store/cookieStore_set_arguments.https.any-expected.txt
    M LayoutTests/imported/w3c/web-platform-tests/cookie-store/cookieStore_set_arguments.https.any.js
    M LayoutTests/imported/w3c/web-platform-tests/cookie-store/cookieStore_set_arguments.https.any.serviceworker-expected.txt
    M Source/WebCore/Modules/cookie-store/CookieStore.cpp

  Log Message:
  -----------
  Check for invalid characters in name and value when setting a cookie
https://bugs.webkit.org/show_bug.cgi?id=279151
rdar://135304982

Reviewed by Chris Dumez.

As per the CookieStore API spec (https://wicg.github.io/cookie-store/#set-a-cookie),
we must return a type error when setting a cookie if:
(1) Certain invalid characters are in the name or value
(2) Name is empty and Value contains a '=' (signifies that user is trying to set
    both the name and value in the value field with "name=value" syntax)
(3) Name and Value are both empty

Currently, the WPT tests only test (2). This test was passing before this change--but
for the wrong reason. It was not passing because the CookieStore returns a type error
on empty name and '=' in value, but rather because the CookieStore allows this call and
eventually reaches the CFNetwork function to set a cookie--which incorrectly rejects
the request to set a cookie with an empty name (a bug has been filed for this).

This test for (2) now passes for the right reason, and we also add tests for (1) and (3).
A future patch will add them to the WPT repo as well.

* LayoutTests/imported/w3c/web-platform-tests/cookie-store/cookieStore_set_arguments.https.any-expected.txt:
* LayoutTests/imported/w3c/web-platform-tests/cookie-store/cookieStore_set_arguments.https.any.js:
(promise_test.async testCase):
(promise_test.async testCase.async const):
* LayoutTests/imported/w3c/web-platform-tests/cookie-store/cookieStore_set_arguments.https.any.serviceworker-expected.txt:
* Source/WebCore/Modules/cookie-store/CookieStore.cpp:
(WebCore::containsInvalidCharacters):
(WebCore::CookieStore::set):

Canonical link: https://commits.webkit.org/283624@main



To unsubscribe from these emails, change your notification settings at https://github.com/WebKit/WebKit/settings/notifications

More information about the webkit-changes mailing list