diff options
author | Siwei Li <siwei.li@live.com> | 2023-01-14 16:14:26 -0800 |
---|---|---|
committer | Siwei Li <siwei.li@live.com> | 2023-01-14 17:35:03 -0800 |
commit | 81242200168043bd71295845df10206cd47a227a (patch) | |
tree | 05165e3cd5dfdea6541a0911b84a239ac04f2dfe /libsoup | |
parent | c009aefa3749f99fcbacac050ee3e0cf779be463 (diff) | |
download | libsoup-81242200168043bd71295845df10206cd47a227a.tar.gz |
SameSite=None cookies should be rejected unless the Secure attribute is set.
Diffstat (limited to 'libsoup')
-rw-r--r-- | libsoup/cookies/soup-cookie-jar.c | 6 |
1 files changed, 6 insertions, 0 deletions
diff --git a/libsoup/cookies/soup-cookie-jar.c b/libsoup/cookies/soup-cookie-jar.c index 35c1d7b3..2cc1d410 100644 --- a/libsoup/cookies/soup-cookie-jar.c +++ b/libsoup/cookies/soup-cookie-jar.c @@ -618,6 +618,12 @@ soup_cookie_jar_add_cookie_full (SoupCookieJar *jar, SoupCookie *cookie, GUri *u return; } + /* SameSite=None cookies are rejected unless the Secure attribute is set. */ + if (soup_cookie_get_same_site_policy (cookie) == SOUP_SAME_SITE_POLICY_NONE && !soup_cookie_get_secure (cookie)) { + soup_cookie_free (cookie); + return; + } + g_mutex_lock (&priv->mutex); old_cookies = g_hash_table_lookup (priv->domains, soup_cookie_get_domain (cookie)); |