Changeset 120145 in webkit

Timestamp:

Jun 12, 2012 5:33:03 PM (12 years ago)

Author:

commit-queue@webkit.org

Message:

[soup] Prevent setting or editing httpOnly cookies from JavaScript
​https://bugs.webkit.org/show_bug.cgi?id=88760

Patch by Christophe Dumez <Christophe Dumez> on 2012-06-12
Reviewed by Gustavo Noronha Silva.

Source/WebCore:

Prevent setting or overwriting httpOnly cookies from JavaScript.
Fix setCookies() so that it parses all the cookies and not just
the first one.

Test: http/tests/cookies/js-get-and-set-http-only-cookie.html

• platform/network/soup/CookieJarSoup.cpp:

(WebCore::httpOnlyCookieExists):
(WebCore):
(WebCore::setCookies):

Tools:

Update libsoup to v2.39.2, glib to v2.33.2 and glib-networking
to v2.33.2 for both GTK and EFL ports.

• efl/jhbuild.modules:
• gtk/jhbuild.modules:

LayoutTests:

Unskip http/tests/cookies/js-get-and-set-http-only-cookie.html for
both GTK and EFL ports now that that we don't allow overwriting
httpOnly cookies from JavaScript anymore.

• platform/efl/TestExpectations:
• platform/gtk/TestExpectations:

Location:

trunk

Files:

• LayoutTests/ChangeLog (modified) (1 diff)
• LayoutTests/platform/efl/TestExpectations (modified) (1 diff)
• LayoutTests/platform/gtk/TestExpectations (modified) (1 diff)
• Source/WebCore/ChangeLog (modified) (1 diff)
• Source/WebCore/platform/network/soup/CookieJarSoup.cpp (modified) (2 diffs)
• Tools/ChangeLog (modified) (1 diff)
• Tools/efl/jhbuild.modules (modified) (3 diffs)
• Tools/gtk/jhbuild.modules (modified) (3 diffs)

trunk/LayoutTests/ChangeLog

@@ +1 @@
+2012-06-12  Christophe Dumez  <christophe.dumez@intel.com>
+
+        [soup] Prevent setting or editing httpOnly cookies from JavaScript
+        https://bugs.webkit.org/show_bug.cgi?id=88760
+
+        Reviewed by Gustavo Noronha Silva.
+
+        Unskip http/tests/cookies/js-get-and-set-http-only-cookie.html for
+        both GTK and EFL ports now that that we don't allow overwriting
+        httpOnly cookies from JavaScript anymore.
+
+        * platform/efl/TestExpectations:
+        * platform/gtk/TestExpectations:
+
 2012-06-12  Christophe Dumez  <christophe.dumez@intel.com>
 

trunk/LayoutTests/platform/efl/TestExpectations

@@ -698 +698 @@
 BUGWK86637 : editing/spelling/spelling-marker-description.html = TEXT
 
-// New test added in r119947 which fails on almost all ports
-BUGWK87208 : http/tests/cookies/js-get-and-set-http-only-cookie.html = TEXT
-
 // It is unclear whether a new baseline is needed or it is a JSC failure
 BUGWK77413 : fast/parser/nested-fragment-parser-crash.html = TEXT

trunk/LayoutTests/platform/gtk/TestExpectations

@@ -1249 +1249 @@
 BUGWK88727 : http/tests/xmlhttprequest/origin-exact-matching.html = TEXT
 
-// New test introduced in r119947 failing on GTK port
-BUGWK88760 : http/tests/cookies/js-get-and-set-http-only-cookie.html = TEXT
-
 // Started failing after it was added in r116473
 BUGWK85969 : http/tests/loading/post-in-iframe-with-back-navigation.html = TEXT

trunk/Source/WebCore/ChangeLog

@@ +1 @@
+2012-06-12  Christophe Dumez  <christophe.dumez@intel.com>
+
+        [soup] Prevent setting or editing httpOnly cookies from JavaScript
+        https://bugs.webkit.org/show_bug.cgi?id=88760
+
+        Reviewed by Gustavo Noronha Silva.
+
+        Prevent setting or overwriting httpOnly cookies from JavaScript.
+        Fix setCookies() so that it parses all the cookies and not just
+        the first one.
+
+        Test: http/tests/cookies/js-get-and-set-http-only-cookie.html
+
+        * platform/network/soup/CookieJarSoup.cpp:
+        (WebCore::httpOnlyCookieExists):
+        (WebCore):
+        (WebCore::setCookies):
+
 2012-06-12  Christophe Dumez  <christophe.dumez@intel.com>
 

trunk/Source/WebCore/platform/network/soup/CookieJarSoup.cpp

@@ -73 +73 @@
 }
 
+static inline bool httpOnlyCookieExists(const GSList* cookies, const gchar* name, const gchar* path)
+{
+    for (const GSList* iter = cookies; iter; iter = g_slist_next(iter)) {
+        SoupCookie* cookie = static_cast<SoupCookie*>(iter->data);
+        if (!strcmp(soup_cookie_get_name(cookie), name)
+            && !g_strcmp0(soup_cookie_get_path(cookie), path)) {
+            if (soup_cookie_get_http_only(cookie))
+                return true;
+            break;
+        }
+    }
+    return false;
+}
+
 void setCookies(Document* document, const KURL& url, const String& value)
 {
@@ -81 +95 @@
     GOwnPtr<SoupURI> origin(soup_uri_new(url.string().utf8().data()));
     GOwnPtr<SoupURI> firstParty(soup_uri_new(document->firstPartyForCookies().string().utf8().data()));
-    soup_cookie_jar_set_cookie_with_first_party(jar, origin.get(), firstParty.get(), value.utf8().data());
+
+    // Get existing cookies for this origin.
+    GSList* existingCookies = soup_cookie_jar_get_cookie_list(jar, origin.get(), TRUE);
+
+    Vector<String> cookies;
+    value.split('\n', cookies);
+    const size_t cookiesCount = cookies.size();
+    for (size_t i = 0; i < cookiesCount; ++i) {
+        GOwnPtr<SoupCookie> cookie(soup_cookie_parse(cookies[i].utf8().data(), origin.get()));
+        if (!cookie)
+            continue;
+
+        // Make sure the cookie is not httpOnly since such cookies should not be set from JavaScript.
+        if (soup_cookie_get_http_only(cookie.get()))
+            continue;
+
+        // Make sure we do not overwrite httpOnly cookies from JavaScript.
+        if (httpOnlyCookieExists(existingCookies, soup_cookie_get_name(cookie.get()), soup_cookie_get_path(cookie.get())))
+            continue;
+
+        soup_cookie_jar_add_cookie_with_first_party(jar, firstParty.get(), cookie.release());
+    }
+
+    soup_cookies_free(existingCookies);
 }
 

trunk/Tools/ChangeLog

@@ +1 @@
+2012-06-12  Christophe Dumez  <christophe.dumez@intel.com>
+
+        [soup] Prevent setting or editing httpOnly cookies from JavaScript
+        https://bugs.webkit.org/show_bug.cgi?id=88760
+
+        Reviewed by Gustavo Noronha Silva.
+
+        Update libsoup to v2.39.2, glib to v2.33.2 and glib-networking
+        to v2.33.2 for both GTK and EFL ports.
+
+        * efl/jhbuild.modules:
+        * gtk/jhbuild.modules:
+
 2012-06-12  Christophe Dumez  <christophe.dumez@intel.com>
 

trunk/Tools/efl/jhbuild.modules

@@ -111 +111 @@
       <dep package="libffi"/>
     </dependencies>
-    <branch module="/pub/GNOME/sources/glib/2.32/glib-2.32.2.tar.xz" version="2.32.2"
+    <branch module="/pub/GNOME/sources/glib/2.33/glib-2.33.2.tar.xz" version="2.33.2"
             repo="ftp.gnome.org"
-            hash="sha256:b1764abf00bac96e0e93e29fb9715ce75f3583579acac40648e18771d43d6136"
-            md5sum="5bfdb6197afb90e4dbc7b1bb98f0eae0"/>
+            hash="sha256:b7163e9f159775d13ecfb433d67c3f0883e0e518e85b2e970d4ad9773d7cd0b4"
+            md5sum="06ef0099fed22afcf34ade39ddff9a5b"/>
   </autotools>
 
@@ -121 +121 @@
       <dep package="gnutls"/>
     </dependencies>
-    <branch module="/pub/GNOME/sources/glib-networking/2.31/glib-networking-2.31.2.tar.xz" version="2.31.2"
+    <branch module="/pub/GNOME/sources/glib-networking/2.33/glib-networking-2.33.2.tar.xz" version="2.33.2"
             repo="ftp.gnome.org"
-            hash="sha256:03e3a2881d2626d1206e72972531661037fe0d32e745bf9b2f63c0d6f5e32a9c"
-            md5sum="b649b457bd9fd5e0e9b9c4dcb1a74a37"/>
+            hash="e298cff3935eb752be290bbf734e457f1870bdb5370ee292606e6040a82074e7"
+            md5sum="5abb364f2a0babe2ec1e3a6d59f69043"/>
   </autotools>
 
@@ -144 +144 @@
       <dep package="glib-networking"/>
     </dependencies>
-    <branch module="libsoup" version="2.38.1"
+    <branch module="libsoup" version="2.39.2"
             repo="git.gnome.org"
-            tag="LIBSOUP_2_38_1"/>
+            tag="LIBSOUP_2_39_2"/>
   </autotools>
 

trunk/Tools/gtk/jhbuild.modules

@@ -132 +132 @@
       <dep package="libffi"/>
     </dependencies>
-    <branch module="/pub/GNOME/sources/glib/2.32/glib-2.32.0.tar.xz" version="2.32.0"
-            repo="ftp.gnome.org"
-            hash="sha256:cde9d9f25ed648069c547e323897ad9379974e1f936b4477fa51bcf1bb261ae4"
-            md5sum="c5fa76fbf9184d20dfb04af66b598190"/>
+    <branch module="/pub/GNOME/sources/glib/2.33/glib-2.33.2.tar.xz" version="2.33.2"
+            repo="ftp.gnome.org"
+            hash="sha256:b7163e9f159775d13ecfb433d67c3f0883e0e518e85b2e970d4ad9773d7cd0b4"
+            md5sum="06ef0099fed22afcf34ade39ddff9a5b"/>
   </autotools>
 
@@ -143 +143 @@
       <dep package="gnutls"/>
     </dependencies>
-    <branch module="/pub/GNOME/sources/glib-networking/2.31/glib-networking-2.31.2.tar.xz" version="2.31.2"
-            repo="ftp.gnome.org"
-            hash="sha256:03e3a2881d2626d1206e72972531661037fe0d32e745bf9b2f63c0d6f5e32a9c"
-            md5sum="b649b457bd9fd5e0e9b9c4dcb1a74a37"/>
+    <branch module="/pub/GNOME/sources/glib-networking/2.33/glib-networking-2.33.2.tar.xz" version="2.33.2"
+            repo="ftp.gnome.org"
+            hash="sha256:e298cff3935eb752be290bbf734e457f1870bdb5370ee292606e6040a82074e7"
+            md5sum="5abb364f2a0babe2ec1e3a6d59f69043"/>
   </autotools>
 
@@ -162 +162 @@
       <dep package="glib-networking"/>
     </dependencies>
-    <branch module="libsoup" version="2.38.1"
+    <branch module="libsoup" version="2.39.2"
             repo="git.gnome.org"
-            tag="LIBSOUP_2_38_1"/>
+            tag="LIBSOUP_2_39_2"/>
   </autotools>