[Webkit-unassigned] [Bug 191645] [Curl] Implement Cookie Accept Policy.

bugzilla-daemon at webkit.org bugzilla-daemon at webkit.org
Thu Feb 21 19:25:12 PST 2019


https://bugs.webkit.org/show_bug.cgi?id=191645

--- Comment #24 from Takashi Komori <Takashi.Komori at sony.com> ---
(In reply to Fujii Hironori from comment #19)
> Comment on attachment 362484 [details]
> Patch
> 
> View in context:
> https://bugs.webkit.org/attachment.cgi?id=362484&action=review
> 
> > Source/WebCore/platform/network/curl/CookieJarCurl.cpp:122
> > +    if (auto cookies = cookieJarDB.searchCookies(firstParty, firstParty, WTF::nullopt, WTF::nullopt, WTF::nullopt)) {
> 
> Why don't you pass the fourth argument (URL) to the second parameter of
> searchCookies?
> Is there a test case for this?

There is no test cases for searchCookies() now.
I'll add test cases in another ticket.

> > Source/WebCore/platform/network/curl/CookieJarDB.cpp:333
> > +    String urlHost = url.host().toString().convertToASCIILowercase();
> 
> This can be "url.host().convertToASCIILowercase()".

Fixed.

> > Source/WebCore/platform/network/curl/CookieJarDB.cpp:346
> > +            statement.bindText(2, String("*.") + topPrivateDomain);
> 
> I think "*.example.com" doesn't match "example.com". Is this OK?

"example.com" matches the SQL query below.
>#define CHECK_EXISTS_COOKIE_SQL \
>    "SELECT domain FROM Cookie WHERE ((domain = ?) OR (domain GLOB ?));"

> > Source/WebCore/platform/network/curl/CookieJarDB.cpp:362
> > +    String requestHost = requestUrl.host().toString().convertToASCIILowercase();
> 
> This can be requestUrl.host().convertToASCIILowercase().

Fixed.

> > Source/WebCore/platform/network/curl/CookieJarDB.cpp:471
> > +    if (!checkCookieAcceptPolicy(firstParty, cookieDomainUrl))
> 
> Do you need make a new URL? How about checkCookieAcceptPolicy(firstParty,
> url)?

Fixed.

> > Source/WebCore/platform/network/curl/CookieUtil.cpp:93
> > +    if (index != WTF::notFound && index + firstPartyDomain.length() == urlHost.length())
> 
> This doesn't seem right. "example.com" can match "xexample.com".

Fixed.

-- 
You are receiving this mail because:
You are the assignee for the bug.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.webkit.org/pipermail/webkit-unassigned/attachments/20190222/e0aff2d5/attachment.html>


More information about the webkit-unassigned mailing list