[webkit-reviews] review granted: [Bug 238202] Computation of Document siteForCookies is buggy in case document is created by window.open : [Attachment 455381] Patch
bugzilla-daemon at webkit.org
bugzilla-daemon at webkit.org
Tue Mar 22 11:02:41 PDT 2022
John Wilander <wilander at apple.com> has granted youenn fablet
<youennf at gmail.com>'s request for review:
Bug 238202: Computation of Document siteForCookies is buggy in case document is
created by window.open
https://bugs.webkit.org/show_bug.cgi?id=238202
Attachment 455381: Patch
https://bugs.webkit.org/attachment.cgi?id=455381&action=review
--- Comment #5 from John Wilander <wilander at apple.com> ---
Comment on attachment 455381
--> https://bugs.webkit.org/attachment.cgi?id=455381
Patch
View in context: https://bugs.webkit.org/attachment.cgi?id=455381&action=review
r=me based on enhancing the tests (and getting green EWS bots).
> LayoutTests/http/tests/cookies/resources/testharness-helpers.js:38
> + document.cookie = LAX_DOM + "=1; SameSite=Lax; Max-Age=100; path=/";
Please add a SameSite=Strict cookie too and make sure it works as expected.
> LayoutTests/http/tests/cookies/resources/testharness-helpers.js:68
> + document.cookie = LAX_DOM + "=1; SameSite=Lax; Max-Age=100; path=/";
Ditto on a SameSite=Strict cookie.
>
LayoutTests/http/tests/cookies/same-site/popup-from-iframe-same-site-with-post-
form-expected.txt:2
> +PASS popup opened as 'about:blank', then post navigation to 127.0.0.1, so
samesite cookies are sent.
This output should be more specific and say whether SameSite Lax and SameSite
Strict cookies were sent.
>
LayoutTests/http/tests/cookies/same-site/popup-from-iframe-same-site-with-post-
form-expected.txt:3
> +PASS popup opened as '127.0.0.1', then post navigation to 127.0.0.1, so
samesite cookies are sent.
Ditto.
>
LayoutTests/http/tests/cookies/same-site/popup-from-iframe-same-site-with-post-
form-expected.txt:4
> +PASS popup loaded as '127.0.0.1', then post navigation to 127.0.0.1, so
samesite cookies are sent.
Ditto, plus I would like if this test output was distinct from the one above.
Could we add more details so that it's clear what's being tested?
>
LayoutTests/http/tests/cookies/same-site/popup-same-site-with-post-form-expecte
d.txt:2
> +PASS popup opened as 'about:blank', then post navigation to 127.0.0.1, so
samesite cookies are sent.
Ditto on cookie details.
>
LayoutTests/http/tests/cookies/same-site/popup-same-site-with-post-form-expecte
d.txt:3
> +PASS popup opened as '127.0.0.1', then post navigation to 127.0.0.1, so
samesite cookies are sent.
Ditto.
>
LayoutTests/http/tests/cookies/same-site/popup-same-site-with-post-form-expecte
d.txt:4
> +PASS popup loaded as '127.0.0.1', then post navigation to 127.0.0.1, so
samesite cookies are sent.
Ditto, plus the comment on making it distinct.
More information about the webkit-reviews
mailing list