Bug 1809163 - [devtools] Show cookies with '__proto__' in the cookies panel r=jdescottes

Differential Revision: https://phabricator.services.mozilla.com/D166386

devtools/client/netmonitor/src/components/request-details/CookiesPanel.js

@@ -105,7 +105,7 @@ class CookiesPanel extends Component {
         map[obj.name] = obj.value;
       }
       return map;
-    }, {});
+    }, Object.create(null));
 
     // To have different roots for Request and Response cookies
     return { [title]: cookies };

devtools/client/netmonitor/src/utils/sort-utils.js

@@ -34,7 +34,7 @@ function sortObjectKeys(object) {
         acc[key] = object[key];
       }
       return acc;
-    }, {});
+    }, Object.create(null));
 }
 
 module.exports = {

devtools/client/netmonitor/test/browser_net_cookies_sorted.js

@@ -36,6 +36,9 @@ add_task(async function() {
 
   info("Check if Request-Cookies and Response-Cookies are sorted");
   const expectedLabelValues = [
+    "__proto__",
+    "httpOnly",
+    "value",
     "bob",
     "httpOnly",
     "value",
@@ -45,10 +48,12 @@ add_task(async function() {
     "tom",
     "httpOnly",
     "value",
+    "__proto__",
     "bob",
     "foo",
     "tom",
   ];
+
   const labelCells = document.querySelectorAll(".treeLabelCell");
   labelCells.forEach(function(val, index) {
     is(

devtools/client/netmonitor/test/browser_net_details_copy.js

@@ -243,9 +243,30 @@ add_task(async function() {
   const stringRows = cookiesPanel.querySelectorAll(".stringRow");
 
   const expectedResponseCookies = [
-    { bob: { httpOnly: true, value: "true" } },
-    { foo: { httpOnly: true, value: "bar" } },
-    { tom: { httpOnly: true, value: "cool" } },
+    `{
+	"__proto__": {
+		"httpOnly": true,
+		"value": "2"
+	}
+}`,
+    `{
+	"bob": {
+		"httpOnly": true,
+		"value": "true"
+	}
+}`,
+    `{
+	"foo": {
+		"httpOnly": true,
+		"value": "bar"
+	}
+}`,
+    `{
+	"tom": {
+		"httpOnly": true,
+		"value": "cool"
+	}
+}`,
   ];
   for (let i = 0; i < objectRows.length; i++) {
     const cur = objectRows[i];
@@ -255,10 +276,10 @@ add_task(async function() {
         monitor,
         "properties-view-context-menu-copyvalue"
       );
-    }, JSON.stringify(expectedResponseCookies[i], null, "\t"));
+    }, expectedResponseCookies[i]);
   }
 
-  const expectedRequestCookies = ["true", "bar", "cool"];
+  const expectedRequestCookies = ["2", "true", "bar", "cool"];
   for (let i = 0; i < expectedRequestCookies.length; i++) {
     const cur = stringRows[objectRows.length + i];
     EventUtils.sendMouseEvent({ type: "contextmenu" }, cur);

devtools/client/netmonitor/test/sjs_simple-unsorted-cookies-test-server.sjs

@@ -12,6 +12,7 @@ function handleRequest(request, response) {
   response.setHeader("Set-Cookie", "tom=cool; Max-Age=10; HttpOnly", true);
   response.setHeader("Set-Cookie", "bob=true; Max-Age=10; HttpOnly", true);
   response.setHeader("Set-Cookie", "foo=bar; Max-Age=10; HttpOnly", true);
+  response.setHeader("Set-Cookie", "__proto__=2; Max-Age=10; HttpOnly", true);
 
   response.setHeader("Content-Type", "text/plain; charset=utf-8", false);
   response.setHeader("Foo-Bar", "baz", false);