[webkit-changes] [WebKit/WebKit] 44f403: [Cookie Store API] Ensure secure property defaults...

Rupin Mittal noreply at github.com
Mon Jan 13 16:25:10 PST 2025 

  Branch: refs/heads/main
  Home:   https://github.com/WebKit/WebKit
  Commit: 44f403689534bcd565dfeebea93c1dd68f63a9ab
      https://github.com/WebKit/WebKit/commit/44f403689534bcd565dfeebea93c1dd68f63a9ab
  Author: Rupin Mittal <rupin at apple.com>
  Date:   2025-01-13 (Mon, 13 Jan 2025)

  Changed paths:
    A LayoutTests/http/tests/cookies/cookie-store-get-secure.https-expected.txt
    A LayoutTests/http/tests/cookies/cookie-store-get-secure.https.html
    A LayoutTests/http/tests/cookies/cookie-store-set-secure.https-expected.txt
    A LayoutTests/http/tests/cookies/cookie-store-set-secure.https.html
    M LayoutTests/imported/w3c/web-platform-tests/cookie-store/cookieListItem_attributes.https.any-expected.txt
    M LayoutTests/imported/w3c/web-platform-tests/cookie-store/cookieListItem_attributes.https.any.js
    M LayoutTests/imported/w3c/web-platform-tests/cookie-store/cookieListItem_attributes.https.any.serviceworker-expected.txt
    M LayoutTests/imported/w3c/web-platform-tests/cookie-store/cookieStore_special_names.https.any-expected.txt
    M LayoutTests/imported/w3c/web-platform-tests/cookie-store/cookieStore_special_names.https.any.serviceworker-expected.txt
    M LayoutTests/imported/w3c/web-platform-tests/cookies/partitioned-cookies/partitioned-cookies.tentative.https-expected.txt
    M LayoutTests/platform/glib/TestExpectations
    M LayoutTests/platform/mac-wk1/TestExpectations
    M LayoutTests/platform/win/TestExpectations
    M Source/WebCore/Modules/cookie-store/CookieListItem.h
    M Source/WebCore/Modules/cookie-store/CookieStore.cpp
    M Source/WebCore/testing/Internals.cpp
    M Source/WebCore/testing/Internals.h
    M Source/WebCore/testing/Internals.idl

  Log Message:
  -----------
  [Cookie Store API] Ensure secure property defaults to true
https://bugs.webkit.org/show_bug.cgi?id=285623
rdar://142442877

Reviewed by Chris Dumez and Sihui Liu.

The Cookie Store API spec (https://wicg.github.io/cookie-store/#secure-cookies)
says this API should only set cookies as secure and when fetching/modifying non-secure
cookies, it should modify them to be secure as well.

With this patch:
1. CookieStore::set() will now set the secure propety to true when setting a cookie.
2. CookieListItem (which is what is constructed from a cookie and returned when this API
   fetches cookies) will always have secure as true.
3. As a consequence of (2), if CookieStore::get() or getAll() are used to fetch an un-secure
   cookie, they will set it to secure.

Testing:
1. New layout test confirms that CookieListItem defaults to true (will be upstreamed to WPT)
2. New layout test confirms that CookieStore::set always sets a secure cookie
3. New layout test confirms that if CookieStore::get is used to get a un-secure cookie, it
   will set that cookie to be secure.

* LayoutTests/http/tests/cookies/cookie-store-get-secure.https-expected.txt: Added.
* LayoutTests/http/tests/cookies/cookie-store-get-secure.https.html: Added.
* LayoutTests/http/tests/cookies/cookie-store-set-secure.https-expected.txt: Added.
* LayoutTests/http/tests/cookies/cookie-store-set-secure.https.html: Added.
* LayoutTests/imported/w3c/web-platform-tests/cookie-store/cookieListItem_attributes.https.any-expected.txt:
* LayoutTests/imported/w3c/web-platform-tests/cookie-store/cookieListItem_attributes.https.any.js:
(async set promise_test):
* LayoutTests/imported/w3c/web-platform-tests/cookie-store/cookieListItem_attributes.https.any.serviceworker-expected.txt:
* LayoutTests/imported/w3c/web-platform-tests/cookie-store/cookieStore_special_names.https.any-expected.txt:
* LayoutTests/imported/w3c/web-platform-tests/cookie-store/cookieStore_special_names.https.any.serviceworker-expected.txt:
* LayoutTests/imported/w3c/web-platform-tests/cookies/partitioned-cookies/partitioned-cookies.tentative.https-expected.txt:
* LayoutTests/platform/glib/TestExpectations:
* LayoutTests/platform/mac-wk1/TestExpectations:
* LayoutTests/platform/win/TestExpectations:
* Source/WebCore/Modules/cookie-store/CookieListItem.h:
(WebCore::CookieListItem::CookieListItem):
* Source/WebCore/Modules/cookie-store/CookieStore.cpp:
(WebCore::CookieStore::set):
* Source/WebCore/testing/Internals.cpp:
(WebCore::Internals::setCookie):
* Source/WebCore/testing/Internals.h:
* Source/WebCore/testing/Internals.idl:

Canonical link: https://commits.webkit.org/288824@main



To unsubscribe from these emails, change your notification settings at https://github.com/WebKit/WebKit/settings/notifications

More information about the webkit-changes mailing list