Branch: refs/heads/main
Home: https://github.com/WebKit/WebKit
Commit: f9cc03148c7fce295e58191df2725cbc8062733d
https://github.com/WebKit/WebKit/commit/f9cc03148c7fce295e58191df2725cbc8062733d
Author: Rupin Mittal <[email protected]>
Date: 2025-01-23 (Thu, 23 Jan 2025)
Changed paths:
M Source/WebCore/Modules/cookie-store/CookieStore.cpp
M Tools/TestWebKitAPI/Tests/WebKitCocoa/CookieStoreAPI.mm
Log Message:
-----------
[Cookie Store API] Throw error on attempt to set cookies for a public suffix
domain
https://bugs.webkit.org/show_bug.cgi?id=286382
rdar://143095098
Reviewed by Chris Dumez.
If there is an attempt to set a cookie with a public-suffix domain (like
"com"), and
the current host is "*.com", then "com" passes the domain rules in the Cookie
Store spec.
But CFNetwork does not set the cookie--and since the CFNetwork API for setting
the cookie
does not return an error, CookieStore::set() returns a success even though the
cookie wasn't set.
The spec does not say anything about checking for public-suffix domains, but
Chrome
does return an error for this. To match Chrome, we alter CookieStore::set() to
return
an error if the domain is a public-suffix.
This is tested by a new API test in CookieStoreAPI.mm.
* Source/WebCore/Modules/cookie-store/CookieStore.cpp:
(WebCore::CookieStore::set):
* Tools/TestWebKitAPI/Tests/WebKitCocoa/CookieStoreAPI.mm:
(TestWebKitAPI::TEST(WebKit, CookieStoreSetCookieForPublicSuffixDomain)):
Canonical link: https://commits.webkit.org/289296@main
To unsubscribe from these emails, change your notification settings at
https://github.com/WebKit/WebKit/settings/notifications
_______________________________________________
webkit-changes mailing list
[email protected]
https://lists.webkit.org/mailman/listinfo/webkit-changes
