Modified: trunk/Source/WebCore/ChangeLog (258324 => 258325)
--- trunk/Source/WebCore/ChangeLog 2020-03-12 14:05:13 UTC (rev 258324)
+++ trunk/Source/WebCore/ChangeLog 2020-03-12 14:09:40 UTC (rev 258325)
@@ -1,3 +1,21 @@
+2020-03-12 Pavel Feldman <[email protected]>
+
+ [Curl] sort out MS vs Seconds confusion in Cookies
+ https://bugs.webkit.org/show_bug.cgi?id=208964
+
+ Reviewed by Don Olmstead.
+
+ Making sure curl parser is storing expires using millis in the code. Using consistent time
+ functions around the changed code.
+
+ * platform/network/curl/CookieJarDB.cpp:
+ (WebCore::CookieJarDB::searchCookies):
+ (WebCore::CookieJarDB::getAllCookies):
+ (WebCore::CookieJarDB::setCookie):
+ * platform/network/curl/CookieUtil.cpp:
+ (WebCore::CookieUtil::parseExpiresMS):
+ (WebCore::CookieUtil::parseCookieAttributes):
+
2020-03-12 youenn fablet <[email protected]>
Move AudioSession interruption listener code to AudioSession
Modified: trunk/Source/WebCore/platform/network/curl/CookieJarDB.cpp (258324 => 258325)
--- trunk/Source/WebCore/platform/network/curl/CookieJarDB.cpp 2020-03-12 14:05:13 UTC (rev 258324)
+++ trunk/Source/WebCore/platform/network/curl/CookieJarDB.cpp 2020-03-12 14:09:40 UTC (rev 258325)
@@ -30,11 +30,13 @@
#include "PublicSuffix.h"
#include "RegistrableDomain.h"
#include "SQLiteFileSystem.h"
+#include <wtf/DateMath.h>
#include <wtf/FileSystem.h>
#include <wtf/MonotonicTime.h>
#include <wtf/Optional.h>
#include <wtf/URL.h>
#include <wtf/Vector.h>
+#include <wtf/WallTime.h>
#include <wtf/text/StringConcatenateNumbers.h>
namespace WebCore {
@@ -377,7 +379,7 @@
const String sql =
"SELECT name, value, domain, path, expires, httponly, secure, session FROM Cookie WHERE "\
- "(NOT ((session = 0) AND (datetime(expires, 'unixepoch') < datetime('now')))) "\
+ "(NOT ((session = 0) AND (expires < ?)))"
"AND (httponly = COALESCE(NULLIF(?, -1), httponly)) "\
"AND (secure = COALESCE(NULLIF(?, -1), secure)) "\
"AND (session = COALESCE(NULLIF(?, -1), session)) "\
@@ -389,15 +391,16 @@
return WTF::nullopt;
pstmt->prepare();
- pstmt->bindInt(1, httpOnly ? *httpOnly : -1);
- pstmt->bindInt(2, secure ? *secure : -1);
- pstmt->bindInt(3, session ? *session : -1);
- pstmt->bindText(4, requestHost);
+ pstmt->bindInt64(1, WallTime::now().secondsSinceEpoch().milliseconds());
+ pstmt->bindInt(2, httpOnly ? *httpOnly : -1);
+ pstmt->bindInt(3, secure ? *secure : -1);
+ pstmt->bindInt(4, session ? *session : -1);
+ pstmt->bindText(5, requestHost);
if (CookieUtil::isIPAddress(requestHost) || !requestHost.contains('.') || registrableDomain.isEmpty())
- pstmt->bindNull(5);
+ pstmt->bindNull(6);
else
- pstmt->bindText(5, String("*.") + registrableDomain.string());
+ pstmt->bindText(6, String("*.") + registrableDomain.string());
if (!pstmt)
return WTF::nullopt;
@@ -413,7 +416,7 @@
String cookieValue = pstmt->getColumnText(1);
String cookieDomain = pstmt->getColumnText(2).convertToASCIILowercase();
String cookiePath = pstmt->getColumnText(3);
- double cookieExpires = (double)pstmt->getColumnInt64(4) * 1000;
+ double cookieExpires = (double)pstmt->getColumnInt64(4);
bool cookieHttpOnly = (pstmt->getColumnInt(5) == 1);
bool cookieSecure = (pstmt->getColumnInt(6) == 1);
bool cookieSession = (pstmt->getColumnInt(7) == 1);
@@ -434,7 +437,8 @@
cookie.value = cookieValue;
cookie.domain = cookieDomain;
cookie.path = cookiePath;
- cookie.expires = cookieExpires;
+ if (cookieExpires)
+ cookie.expires = cookieExpires;
cookie.httpOnly = cookieHttpOnly;
cookie.secure = cookieSecure;
cookie.session = cookieSession;
@@ -461,7 +465,9 @@
cookie.value = pstmt->getColumnText(1);
cookie.domain = pstmt->getColumnText(2).convertToASCIILowercase();
cookie.path = pstmt->getColumnText(3);
- cookie.expires = (double)pstmt->getColumnInt64(4) * 1000;
+ double cookieExpires = (double)pstmt->getColumnInt64(4);
+ if (cookieExpires)
+ cookie.expires = cookieExpires;
cookie.httpOnly = (pstmt->getColumnInt(5) == 1);
cookie.secure = (pstmt->getColumnInt(6) == 1);
cookie.session = (pstmt->getColumnInt(7) == 1);
@@ -505,7 +511,7 @@
bool CookieJarDB::setCookie(const Cookie& cookie)
{
auto expires = cookie.expires.valueOr(0.0);
- if (!cookie.session && MonotonicTime::fromRawSeconds(expires) <= MonotonicTime::now())
+ if (!cookie.session && MonotonicTime::fromRawSeconds(expires / WTF::msPerSecond) <= MonotonicTime::now())
return deleteCookieInternal(cookie.name, cookie.domain, cookie.path);
auto& statement = preparedStatement(SET_COOKIE_SQL);
Modified: trunk/Source/WebCore/platform/network/curl/CookieUtil.cpp (258324 => 258325)
--- trunk/Source/WebCore/platform/network/curl/CookieUtil.cpp 2020-03-12 14:05:13 UTC (rev 258324)
+++ trunk/Source/WebCore/platform/network/curl/CookieUtil.cpp 2020-03-12 14:09:40 UTC (rev 258325)
@@ -31,6 +31,7 @@
#include <wtf/DateMath.h>
#include <wtf/Optional.h>
+#include <wtf/WallTime.h>
#include <wtf/text/WTFString.h>
/* This is the maximum line length we accept for a cookie line. RFC 2109
@@ -79,13 +80,13 @@
return false;
}
-static Optional<double> parseExpires(const char* expires)
+static Optional<double> parseExpiresMS(const char* expires)
{
double tmp = WTF::parseDateFromNullTerminatedCharacters(expires);
if (isnan(tmp))
return { };
- return Optional<double> {tmp / WTF::msPerSecond};
+ return Optional<double> {tmp};
}
static void parseCookieAttributes(const String& attribute, bool& hasMaxAge, Cookie& result)
@@ -117,9 +118,9 @@
} else if (equalIgnoringASCIICase(attributeName, "max-age")) {
bool ok;
- time_t expiryTime = time(0) + attributeValue.toInt64(&ok);
+ double maxAgeSeconds = attributeValue.toInt64(&ok);
if (ok) {
- result.expires = (double)expiryTime;
+ result.expires = (WallTime::now().secondsSinceEpoch().value() + maxAgeSeconds) * WTF::msPerSecond;
result.session = false;
// If there is a max-age attribute as well as an expires attribute
@@ -127,7 +128,7 @@
hasMaxAge = true;
}
} else if (equalIgnoringASCIICase(attributeName, "expires") && !hasMaxAge) {
- if (auto expiryTime = parseExpires(attributeValue.utf8().data())) {
+ if (auto expiryTime = parseExpiresMS(attributeValue.utf8().data())) {
result.expires = expiryTime.value();
result.session = false;
}
