[Webkit-unassigned] [Bug 191645] [Curl] Implement Cookie Accept Policy.
bugzilla-daemon at webkit.org
bugzilla-daemon at webkit.org
Thu Feb 21 19:25:12 PST 2019
https://bugs.webkit.org/show_bug.cgi?id=191645
--- Comment #24 from Takashi Komori <Takashi.Komori at sony.com> ---
(In reply to Fujii Hironori from comment #19)
> Comment on attachment 362484 [details]
> Patch
>
> View in context:
> https://bugs.webkit.org/attachment.cgi?id=362484&action=review
>
> > Source/WebCore/platform/network/curl/CookieJarCurl.cpp:122
> > + if (auto cookies = cookieJarDB.searchCookies(firstParty, firstParty, WTF::nullopt, WTF::nullopt, WTF::nullopt)) {
>
> Why don't you pass the fourth argument (URL) to the second parameter of
> searchCookies?
> Is there a test case for this?
There is no test cases for searchCookies() now.
I'll add test cases in another ticket.
> > Source/WebCore/platform/network/curl/CookieJarDB.cpp:333
> > + String urlHost = url.host().toString().convertToASCIILowercase();
>
> This can be "url.host().convertToASCIILowercase()".
Fixed.
> > Source/WebCore/platform/network/curl/CookieJarDB.cpp:346
> > + statement.bindText(2, String("*.") + topPrivateDomain);
>
> I think "*.example.com" doesn't match "example.com". Is this OK?
"example.com" matches the SQL query below.
>#define CHECK_EXISTS_COOKIE_SQL \
> "SELECT domain FROM Cookie WHERE ((domain = ?) OR (domain GLOB ?));"
> > Source/WebCore/platform/network/curl/CookieJarDB.cpp:362
> > + String requestHost = requestUrl.host().toString().convertToASCIILowercase();
>
> This can be requestUrl.host().convertToASCIILowercase().
Fixed.
> > Source/WebCore/platform/network/curl/CookieJarDB.cpp:471
> > + if (!checkCookieAcceptPolicy(firstParty, cookieDomainUrl))
>
> Do you need make a new URL? How about checkCookieAcceptPolicy(firstParty,
> url)?
Fixed.
> > Source/WebCore/platform/network/curl/CookieUtil.cpp:93
> > + if (index != WTF::notFound && index + firstPartyDomain.length() == urlHost.length())
>
> This doesn't seem right. "example.com" can match "xexample.com".
Fixed.
--
You are receiving this mail because:
You are the assignee for the bug.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.webkit.org/pipermail/webkit-unassigned/attachments/20190222/e0aff2d5/attachment.html>
More information about the webkit-unassigned
mailing list