New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Security review notes for followup #55
Comments
Thanks! A lot of the issues you bring up are actually handled by
By default, yes. As you highlighted, there is an option to turn that off. This matches the default behavior of Apple's
Apple's
The default behavior for
Interesting suggestion. Rather complicated to do though at the library level, as it requires long-term storage of data, plus ideally supporting the HSTS preload list. This is normally only something that web browsers do.
Not really. It provides access to a couple of
Then you end up with a broken cookie header. This API just deals with string values, not structured cookies, so it can't keep you from shooting yourself in the foot by putting a badly-formatted cookie in there. But you can do that anyway by simply assigning the bad string to the cookie header instead of using
Caching is handled by
Most of the "unsafe" is just a micro-optimization to skip an unnecessary typecheck when invoking There is one kind-of sketchy use of "unsafe", which is all of the There's also some bitcasting between two enum types that are guaranteed to have identical representation. And there's a bit of use of manually-allocated heap buffers for reading data from streams but it's all appropriately length-checked.
It's only being used to provide the hash value for
As documented in the code you linked, it's a known prefix coupled with a UUID, which matches what WebKit itself does. The UUID is generated using Apple's |
I'm going to go ahead and close this. Feel free to reopen if you have any more concerns. |
I did a quick security-focused review and these are my notes. PTAL and assess if there's anything that makes sense to follow up on. (This is similar to my review of PMJSON).
The text was updated successfully, but these errors were encountered: