diff options
author | Siwei Li <siwei.li@live.com> | 2023-01-16 12:31:10 -0800 |
---|---|---|
committer | Patrick Griffis <pgriffis@igalia.com> | 2023-01-16 20:42:46 -0600 |
commit | 8d85d110d9e79c0d04a0f09e384fe98e5f60db1e (patch) | |
tree | 078013e7199db36dbb16bfa9dcc0fa12c90908e3 /libsoup | |
parent | 493e04bb007db1f0af5416e33f3912261e8afde6 (diff) | |
download | libsoup-8d85d110d9e79c0d04a0f09e384fe98e5f60db1e.tar.gz |
cookies: Add support for cookie prefixes
This is a spec that Firefox and Chrome implement:
https://datatracker.ietf.org/doc/html/draft-ietf-httpbis-cookie-prefixes-00
Closes #349
Closes #326
Co-authored-by: Patrick Griffis <pgriffis@igalia.com>
Diffstat (limited to 'libsoup')
-rw-r--r-- | libsoup/cookies/soup-cookie-jar.c | 20 |
1 files changed, 20 insertions, 0 deletions
diff --git a/libsoup/cookies/soup-cookie-jar.c b/libsoup/cookies/soup-cookie-jar.c index 2cc1d410..f02a76c7 100644 --- a/libsoup/cookies/soup-cookie-jar.c +++ b/libsoup/cookies/soup-cookie-jar.c @@ -624,6 +624,26 @@ soup_cookie_jar_add_cookie_full (SoupCookieJar *jar, SoupCookie *cookie, GUri *u return; } + /* See https://datatracker.ietf.org/doc/html/draft-ietf-httpbis-cookie-prefixes-00 for handling the prefixes, + * which has been implemented by Firefox and Chrome. */ +#define MATCH_PREFIX(name, prefix) (!g_ascii_strncasecmp (name, prefix, strlen(prefix))) + + /* Cookies with a "__Secure-" prefix should have Secure attribute set and it must be for a secure host. */ + if (MATCH_PREFIX (soup_cookie_get_name (cookie), "__Secure-") && (!soup_cookie_get_secure (cookie) || !uri)) { + soup_cookie_free (cookie); + return; + } + /* Path=/ and Secure attributes are required; Domain attribute must not be present. + Note that SoupCookie always sets the domain so we do exact host matches instead of subdomain matches. */ + if (MATCH_PREFIX (soup_cookie_get_name (cookie), "__Host-")) { + if ((!soup_cookie_get_secure (cookie) || !uri) || + strcmp (soup_cookie_get_path (cookie), "/") != 0 || + g_ascii_strcasecmp (soup_cookie_get_domain (cookie), g_uri_get_host (uri)) != 0) { + soup_cookie_free (cookie); + return; + } + } + g_mutex_lock (&priv->mutex); old_cookies = g_hash_table_lookup (priv->domains, soup_cookie_get_domain (cookie)); |