[Webkit-unassigned] [Bug 246858] http/tests/security/cookies/cookie-theft-with-javascript-doc.html crashing

bugzilla-daemon at webkit.org bugzilla-daemon at webkit.org
Fri Oct 21 08:20:11 PDT 2022


https://bugs.webkit.org/show_bug.cgi?id=246858

--- Comment #1 from Claudio Saavedra <csaavedra at igalia.com> ---
There are two web processes (due to the iframe in the test), one with identifier 7 and the other 12. One of them is adding 'nullOrigin' to the "allowedFirstPartyForCookies" list, not the other. When the other receives a call to get the cookies for the DOM, the check of whether 'nullOrigin' is an allowed first party for cookies fails, and the assertion with it:

NetworkProcess::addAllowedFirstPartyForCookies(identifier: 7, firstPartyForCookies: nullOrigin)

NetworkProcess::addAllowedFirstPartyForCookies(identifier: 12, firstPartyForCookies: 127.0.0.1)

NetworkProcess::allowsFirstPartyForCookies(identifier: 12, firstPartyForCookies: 127.0.0.1)

NetworkProcess::allowsFirstPartyForCookies(identifier: 12, firstPartyForCookies: 127.0.0.1)

NetworkProcess::allowsFirstPartyForCookies(identifier: 12, firstPartyForCookies: nullOrigin)
  --> ASSERTION FAILED: result


The crash doesn't happen always for me, so this might be a timing issue.

-- 
You are receiving this mail because:
You are the assignee for the bug.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.webkit.org/pipermail/webkit-unassigned/attachments/20221021/1aa7dd4c/attachment.htm>


More information about the webkit-unassigned mailing list