[Webkit-unassigned] [Bug 211092] New: shouldBlockCookies() in WebCookieJar.cpp allows third-party cookie access
bugzilla-daemon at webkit.org
bugzilla-daemon at webkit.org
Mon Apr 27 14:41:19 PDT 2020
https://bugs.webkit.org/show_bug.cgi?id=211092
Bug ID: 211092
Summary: shouldBlockCookies() in WebCookieJar.cpp allows
third-party cookie access
Product: WebKit
Version: WebKit Nightly Build
Hardware: Unspecified
OS: Unspecified
Status: NEW
Severity: Normal
Priority: P2
Component: WebKit2
Assignee: webkit-unassigned at lists.webkit.org
Reporter: drousso at apple.com
The early return if the given `WebFrame` is the main frame means that if a third-party resource is loaded into the main frame, and cookies are queried for that third-party's resource in the main frame, we will allow cookie access even though it's a third-party resource simply because it was loaded into the main frame. This is incorrect, as we should always verify that the domain of the url being used to query for cookies matches the first-party domain before granting access.
--
You are receiving this mail because:
You are the assignee for the bug.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.webkit.org/pipermail/webkit-unassigned/attachments/20200427/4aecc576/attachment.htm>
More information about the webkit-unassigned
mailing list