Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

[Gecko Bug 1627653] document.cookie should expose all the cookies, ignoring sameSite limitations - part 4 - WPTs #23113

Merged
merged 1 commit into from
Apr 22, 2020
Merged

[Gecko Bug 1627653] document.cookie should expose all the cookies, ignoring sameSite limitations - part 4 - WPTs #23113

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
1 commit
Select commit
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Jump to
Jump to file
Failed to load files.
Diff view
Diff view
22 changes: 22 additions & 0 deletions cookies/resources/cookie-helper.sub.js
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -168,6 +168,10 @@ function verifySameSiteCookieStateLegacy(expectedStatus, expectedValue, cookies)
assert_equals(cookies["samesite_strict"], expectedValue, "SameSite=Strict cookies are sent with strict requests.");
assert_equals(cookies["samesite_lax"], expectedValue, "SameSite=Lax cookies are sent with strict requests.");
}

if (cookies["domcookies"]) {
verifyDocumentCookie(expectedStatus, expectedValue, cookies["domcookies"]);
}
}

// Same as above except this expects samesite_unspecified to act the same as
Expand All @@ -188,6 +192,24 @@ function verifySameSiteCookieStateWithSameSiteByDefault(expectedStatus, expected
assert_equals(cookies["samesite_lax"], expectedValue, "SameSite=Lax cookies are sent with strict requests.");
assert_equals(cookies["samesite_unspecified"], expectedValue, "Unspecified-SameSite cookies are are sent with strict requests.")
}

if (cookies["domcookies"]) {
verifyDocumentCookie(expectedStatus, expectedValue, cookies["domcookies"]);
}
}

function verifyDocumentCookie(expectedStatus, expectedValue, domcookies) {
const cookies = domcookies.split(";")
.map(cookie => cookie.trim().split("="))
.reduce((obj, cookie) => {
obj[cookie[0]] = cookie[1];
return obj;
}, {});

assert_equals(cookies["samesite_none"], expectedValue, "SameSite=None cookies are always included in document.cookie.");
assert_equals(cookies["samesite_unspecified"], expectedValue, "Unspecified-SameSite cookies are always included in document.cookie.");
assert_equals(cookies["samesite_strict"], expectedValue, "SameSite=Strict cookies are always included in document.cookie.");
assert_equals(cookies["samesite_lax"], expectedValue, "SameSite=Lax cookies are always included in document.cookie.");
}

function isLegacySameSite() {
Expand Down
4 changes: 4 additions & 0 deletions cookies/resources/postToParent.py
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -12,6 +12,10 @@ def main(request, response):
var data = %s;
data.type = "COOKIES";

try {
data.domcookies = document.cookie;
} catch (e) {}

if (window.parent != window) {
window.parent.postMessage(data, "*");
if (window.top != window.parent)
Expand Down