mozilla
/
gecko-dev
зеркало из https://github.com/mozilla/gecko-dev.git
1
0
Форкнуть 0
Код Задачи Пакеты Проекты Релизы Вики Активность

Bug 1638358 - Cookie Schemeful Same-Site - part 3 - update add/addNative methods, r=mayhemer,remote-protocol-reviewers,marionette-reviewers,maja_zf,MattN,whimboo 

Differential Revision: https://phabricator.services.mozilla.com/D75627
This commit is contained in:
Andrea Marchesini 2020-06-02 13:49:27 +00:00
Родитель fdba4c920d
Коммит 5ccae203ff
43 изменённых файлов: 253 добавлений и 116 удалений
Показать статистику Скачать Patch файл Скачать Diff файл Показать все файлы Свернуть все файлы

6
browser/base/content/test/sanitize/head.js
Просмотреть файл

@ -49,7 +49,8 @@ function createHostCookie(host, originAttributes) {
false,
Date.now() + 24000 * 60 * 60,
originAttributes,
Ci.nsICookie.SAMESITE_NONE
Ci.nsICookie.SAMESITE_NONE,
Ci.nsICookie.SCHEME_HTTPS
);
}
@ -64,7 +65,8 @@ function createDomainCookie(host, originAttributes) {
false,
Date.now() + 24000 * 60 * 60,
originAttributes,
Ci.nsICookie.SAMESITE_NONE
Ci.nsICookie.SAMESITE_NONE,
Ci.nsICookie.SCHEME_HTTPS
);
}

15
browser/components/enterprisepolicies/tests/xpcshell/test_clear_blocked_cookies.js
Просмотреть файл

@ -17,7 +17,8 @@ add_task(async function setup() {
false,
expiry,
{},
Ci.nsICookie.SAMESITE_NONE
Ci.nsICookie.SAMESITE_NONE,
Ci.nsICookie.SCHEME_HTTPS
);
Services.cookies.add(
HOSTNAME_DOMAIN,
@ -29,7 +30,8 @@ add_task(async function setup() {
false,
expiry,
{},
Ci.nsICookie.SAMESITE_NONE
Ci.nsICookie.SAMESITE_NONE,
Ci.nsICookie.SCHEME_HTTP
);
Services.cookies.add(
ORIGIN_DOMAIN,
@ -41,7 +43,8 @@ add_task(async function setup() {
false,
expiry,
{},
Ci.nsICookie.SAMESITE_NONE
Ci.nsICookie.SAMESITE_NONE,
Ci.nsICookie.SCHEME_HTTPS
);
Services.cookies.add(
ORIGIN_DOMAIN,
@ -53,7 +56,8 @@ add_task(async function setup() {
false,
expiry,
{},
Ci.nsICookie.SAMESITE_NONE
Ci.nsICookie.SAMESITE_NONE,
Ci.nsICookie.SCHEME_HTTP
);
Services.cookies.add(
"example.net",
@ -65,7 +69,8 @@ add_task(async function setup() {
false,
expiry,
{},
Ci.nsICookie.SAMESITE_NONE
Ci.nsICookie.SAMESITE_NONE,
Ci.nsICookie.SCHEME_HTTPS
);
await setupPolicyEngineWithJson({
policies: {

3
browser/components/extensions/test/xpcshell/test_ext_browsingData_cookies_cache.js
Просмотреть файл

@ -41,7 +41,8 @@ function addCookie(cookie) {
false,
Date.now() / 1000 + 10000,
{},
Ci.nsICookie.SAMESITE_NONE
Ci.nsICookie.SAMESITE_NONE,
Ci.nsICookie.SCHEME_HTTPS
);
ok(
Services.cookies.cookieExists(cookie.host, cookie.path, cookie.name, {}),

21
browser/components/migration/ChromeProfileMigrator.jsm
Просмотреть файл

@ -381,17 +381,22 @@ async function GetCookiesResource(aProfileFolder) {
: "httponly";
let isSecure = columns.includes("is_secure") ? "is_secure" : "secure";
let source_scheme = columns.includes("source_scheme")
? "source_scheme"
: `"${Ci.nsICookie.SCHEME_UNSET}" as source_scheme`;
// We don't support decrypting cookies yet so only import plaintext ones.
let rows = await MigrationUtils.getRowsFromDBWithoutLocks(
cookiesPath,
"Chrome cookies",
`SELECT host_key, name, value, path, expires_utc, ${isSecure}, ${isHttponly}, encrypted_value
`SELECT host_key, name, value, path, expires_utc, ${isSecure}, ${isHttponly}, encrypted_value, ${source_scheme}
FROM cookies
WHERE length(encrypted_value) = 0`
).catch(ex => {
Cu.reportError(ex);
aCallback(false);
});
// If the promise was rejected we will have already called aCallback,
// so we can just return here.
if (!rows) {
@ -406,6 +411,16 @@ async function GetCookiesResource(aProfileFolder) {
host_key = host_key.substr(1);
}
let schemeType = Ci.nsICookie.SCHEME_UNSET;
switch (row.getResultByName("source_scheme")) {
case 1:
schemeType = Ci.nsICookie.SCHEME_HTTP;
break;
case 2:
schemeType = Ci.nsICookie.SCHEME_HTTPS;
break;
}
try {
let expiresUtc =
ChromeMigrationUtils.chromeTimeToDate(
@ -416,6 +431,7 @@ async function GetCookiesResource(aProfileFolder) {
if (!expiresUtc) {
continue;
}
Services.cookies.add(
host_key,
row.getResultByName("path"),
@ -426,7 +442,8 @@ async function GetCookiesResource(aProfileFolder) {
false,
parseInt(expiresUtc),
{},
Ci.nsICookie.SAMESITE_NONE
Ci.nsICookie.SAMESITE_NONE,
schemeType
);
} catch (e) {
Cu.reportError(e);

3
browser/components/migration/MSMigrationUtils.jsm
Просмотреть файл

@ -727,7 +727,8 @@ Cookies.prototype = {
false, // session
expireTime,
{},
Ci.nsICookie.SAMESITE_NONE
Ci.nsICookie.SAMESITE_NONE,
Ci.nsICookie.SCHEME_UNSET
);
}
},

3
browser/components/migration/tests/marionette/test_refresh_firefox.py
Просмотреть файл

@ -152,7 +152,8 @@ class TestFirefoxRefresh(MarionetteTestCase):
// Expire in 15 minutes:
let expireTime = Math.floor(Date.now() / 1000) + 15 * 60;
Services.cookies.add(arguments[0], arguments[1], arguments[2], arguments[3],
true, false, false, expireTime, {}, Ci.nsICookie.SAMESITE_NONE);
true, false, false, expireTime, {},
Ci.nsICookie.SAMESITE_NONE, Ci.nsICookie.SCHEME_UNSET);
""", script_args=(self._cookieHost, self._cookiePath, self._cookieName, self._cookieValue))
def createSession(self):

12
browser/components/preferences/tests/siteData/browser_siteData.js
Просмотреть файл

@ -205,7 +205,8 @@ add_task(async function() {
false,
Date.now() + 1000 * 60 * 60,
{},
Ci.nsICookie.SAMESITE_NONE
Ci.nsICookie.SAMESITE_NONE,
Ci.nsICookie.SCHEME_HTTPS
);
Services.cookies.add(
uri.host,
@ -217,7 +218,8 @@ add_task(async function() {
false,
Date.now() + 1000 * 60 * 60,
{},
Ci.nsICookie.SAMESITE_NONE
Ci.nsICookie.SAMESITE_NONE,
Ci.nsICookie.SCHEME_HTTPS
);
Services.cookies.add(
uri2.host,
@ -229,7 +231,8 @@ add_task(async function() {
false,
Date.now() + 1000 * 60 * 60,
{},
Ci.nsICookie.SAMESITE_NONE
Ci.nsICookie.SAMESITE_NONE,
Ci.nsICookie.SCHEME_HTTPS
);
// Ensure that private browsing cookies are ignored.
@ -243,7 +246,8 @@ add_task(async function() {
false,
Date.now() + 1000 * 60 * 60,
{ privateBrowsingId: 1 },
Ci.nsICookie.SAMESITE_NONE
Ci.nsICookie.SAMESITE_NONE,
Ci.nsICookie.SCHEME_HTTPS
);
// Get the exact creation date from the cookies (to avoid intermittents

3
browser/components/search/test/unit/test_urlTelemetry.js
Просмотреть файл

@ -90,7 +90,8 @@ const TESTS = [
false,
Date.now() + 1000 * 60 * 60,
{},
Ci.nsICookie.SAMESITE_NONE
Ci.nsICookie.SAMESITE_NONE,
Ci.nsICookie.SCHEME_HTTPS
);
},
tearDown() {

7
browser/components/sessionstore/SessionCookies.jsm
Просмотреть файл

@ -79,7 +79,8 @@ var SessionCookiesInternal = {
/* isSession = */ true,
expiry,
cookie.originAttributes || {},
cookie.sameSite || Ci.nsICookie.SAMESITE_NONE
cookie.sameSite || Ci.nsICookie.SAMESITE_NONE,
cookie.schemeMap || Ci.nsICookie.SCHEME_HTTPS
);
} catch (ex) {
Cu.reportError(
@ -247,6 +248,10 @@ var CookieStore = {
jscookie.sameSite = cookie.sameSite;
}
if (cookie.schemeMap) {
jscookie.schemeMap = cookie.schemeMap;
}
this._entries.set(this._getKeyForCookie(cookie), jscookie);
},

3
browser/components/sessionstore/test/browser_cookies_privacy.js
Просмотреть файл

@ -15,7 +15,8 @@ function addCookie(scheme, secure = false) {
/* isSession = */ true,
MAX_EXPIRY,
/* originAttributes = */ {},
Ci.nsICookie.SAMESITE_NONE
Ci.nsICookie.SAMESITE_NONE,
Ci.nsICookie.SCHEME_HTTPS
);
return cookie;
}

32
browser/components/sessionstore/test/browser_cookies_sameSite.js
Просмотреть файл

@ -1,6 +1,7 @@
"use strict";
const TEST_URL = "http://example.com";
const TEST_HTTP_URL = "http://example.com";
const TEST_HTTPS_URL = "https://example.com";
const MAX_EXPIRY = Math.pow(2, 62);
function getSingleCookie() {
@ -9,7 +10,7 @@ function getSingleCookie() {
return cookies[0];
}
async function verifyRestore(sameSiteSetting) {
async function verifyRestore(url, sameSiteSetting) {
Services.cookies.removeAll();
// Make sure that sessionstore.js can be forced to be created by setting
@ -18,13 +19,13 @@ async function verifyRestore(sameSiteSetting) {
set: [["browser.sessionstore.interval", 0]],
});
let tab = BrowserTestUtils.addTab(gBrowser, TEST_URL);
let tab = BrowserTestUtils.addTab(gBrowser, url);
await BrowserTestUtils.browserLoaded(tab.linkedBrowser);
// Add a cookie with specific same-site setting.
let r = Math.floor(Math.random() * MAX_EXPIRY);
Services.cookies.add(
TEST_URL,
url,
"/",
"name" + r,
"value" + r,
@ -33,7 +34,10 @@ async function verifyRestore(sameSiteSetting) {
true,
MAX_EXPIRY,
{},
sameSiteSetting
sameSiteSetting,
url.startsWith("https:")
? Ci.nsICookie.SCHEME_HTTPS
: Ci.nsICookie.SCHEME_HTTP
);
await TabStateFlusher.flush(tab.linkedBrowser);
@ -58,6 +62,12 @@ async function verifyRestore(sameSiteSetting) {
"cookie same-site flag successfully restored"
);
is(
cookie2.schemeMap,
cookie.schemeMap,
"cookie schemeMap flag successfully restored"
);
// Clean up.
Services.cookies.removeAll();
BrowserTestUtils.removeTab(gBrowser.tabs[1]);
@ -68,8 +78,12 @@ async function verifyRestore(sameSiteSetting) {
* sessionstore.
*/
add_task(async function() {
// Test for various possible values of cookie.sameSite.
await verifyRestore(Ci.nsICookie.SAMESITE_NONE);
await verifyRestore(Ci.nsICookie.SAMESITE_LAX);
await verifyRestore(Ci.nsICookie.SAMESITE_STRICT);
// Test for various possible values of cookie.sameSite and schemeMap.
await verifyRestore(TEST_HTTP_URL, Ci.nsICookie.SAMESITE_NONE);
await verifyRestore(TEST_HTTP_URL, Ci.nsICookie.SAMESITE_LAX);
await verifyRestore(TEST_HTTP_URL, Ci.nsICookie.SAMESITE_STRICT);
await verifyRestore(TEST_HTTPS_URL, Ci.nsICookie.SAMESITE_NONE);
await verifyRestore(TEST_HTTPS_URL, Ci.nsICookie.SAMESITE_LAX);
await verifyRestore(TEST_HTTPS_URL, Ci.nsICookie.SAMESITE_STRICT);
});

3
browser/modules/Discovery.jsm
Просмотреть файл

@ -148,7 +148,8 @@ const DiscoveryInternal = {
true, // session
Date.now(),
originAttributes,
Ci.nsICookie.SAMESITE_LAX
Ci.nsICookie.SAMESITE_LAX,
Ci.nsICookie.SCHEME_HTTPS
);
}
}

4
devtools/server/actors/storage.js
Просмотреть файл

@ -932,6 +932,7 @@ var cookieHelpers = {
isSession: nsiCookie.isSession,
expires: nsiCookie.expires,
originAttributes: nsiCookie.originAttributes,
schemeMap: nsiCookie.schemeMap,
};
break;
}
@ -995,7 +996,8 @@ var cookieHelpers = {
cookie.isSession,
cookie.isSession ? MAX_COOKIE_EXPIRY : cookie.expires,
cookie.originAttributes,
cookie.sameSite
cookie.sameSite,
cookie.schemeMap
);
},

9
netwerk/cookie/CookieService.cpp
Просмотреть файл

@ -689,7 +689,8 @@ CookieService::Add(const nsACString& aHost, const nsACString& aPath,
const nsACString& aName, const nsACString& aValue,
bool aIsSecure, bool aIsHttpOnly, bool aIsSession,
int64_t aExpiry, JS::HandleValue aOriginAttributes,
int32_t aSameSite, JSContext* aCx) {
int32_t aSameSite, nsICookie::schemeType aSchemeMap,
JSContext* aCx) {
OriginAttributes attrs;
if (!aOriginAttributes.isObject() || !attrs.Init(aCx, aOriginAttributes)) {
@ -697,7 +698,7 @@ CookieService::Add(const nsACString& aHost, const nsACString& aPath,
}
return AddNative(aHost, aPath, aName, aValue, aIsSecure, aIsHttpOnly,
aIsSession, aExpiry, &attrs, aSameSite);
aIsSession, aExpiry, &attrs, aSameSite, aSchemeMap);
}
NS_IMETHODIMP_(nsresult)
@ -705,7 +706,7 @@ CookieService::AddNative(const nsACString& aHost, const nsACString& aPath,
const nsACString& aName, const nsACString& aValue,
bool aIsSecure, bool aIsHttpOnly, bool aIsSession,
int64_t aExpiry, OriginAttributes* aOriginAttributes,
int32_t aSameSite) {
int32_t aSameSite, nsICookie::schemeType aSchemeMap) {
if (NS_WARN_IF(!aOriginAttributes)) {
return NS_ERROR_FAILURE;
}
@ -732,7 +733,7 @@ CookieService::AddNative(const nsACString& aHost, const nsACString& aPath,
nsCString(aPath), aExpiry, currentTimeInUsec,
Cookie::GenerateUniqueCreationTime(currentTimeInUsec),
aIsHttpOnly, aIsSession, aIsSecure, aSameSite,
aSameSite, nsICookie::SCHEME_UNSET);
aSameSite, aSchemeMap);
RefPtr<Cookie> cookie = Cookie::Create(cookieData, key.mOriginAttributes);
MOZ_ASSERT(cookie);

10
netwerk/cookie/nsICookieManager.idl
Просмотреть файл

@ -4,6 +4,7 @@
* file, You can obtain one at http://mozilla.org/MPL/2.0/. */
#include "nsISupports.idl"
#include "nsICookie.idl"
%{ C++
namespace mozilla {
@ -13,9 +14,6 @@ class OriginAttributes;
[ptr] native OriginAttributesPtr(mozilla::OriginAttributes);
interface nsICookie;
interface nsIFile;
/**
* An optional interface for accessing or removing the cookies
* that are in the cookie list
@ -127,7 +125,8 @@ interface nsICookieManager : nsISupports
in boolean aIsSession,
in int64_t aExpiry,
in jsval aOriginAttributes,
in int32_t aSameSite);
in int32_t aSameSite,
in nsICookie_schemeType aSchemeMap);
[notxpcom]
nsresult addNative(in AUTF8String aHost,
@ -139,7 +138,8 @@ interface nsICookieManager : nsISupports
in boolean aIsSession,
in int64_t aExpiry,
in OriginAttributesPtr aOriginAttributes,
in int32_t aSameSite);
in int32_t aSameSite,
in nsICookie_schemeType aSchemeMap);
/**
* Find whether a given cookie already exists.

66
netwerk/test/TestCookie.cpp
Просмотреть файл

@ -748,39 +748,39 @@ TEST(TestCookie, TestCookieMain)
// first, ensure a clean slate
EXPECT_TRUE(NS_SUCCEEDED(cookieMgr->RemoveAll()));
// add some cookies
EXPECT_TRUE(NS_SUCCEEDED(
cookieMgr2->AddNative(NS_LITERAL_CSTRING("cookiemgr.test"), // domain
NS_LITERAL_CSTRING("/foo"), // path
NS_LITERAL_CSTRING("test1"), // name
NS_LITERAL_CSTRING("yes"), // value
false, // is secure
false, // is httponly
true, // is session
INT64_MAX, // expiry time
&attrs, // originAttributes
nsICookie::SAMESITE_NONE)));
EXPECT_TRUE(NS_SUCCEEDED(
cookieMgr2->AddNative(NS_LITERAL_CSTRING("cookiemgr.test"), // domain
NS_LITERAL_CSTRING("/foo"), // path
NS_LITERAL_CSTRING("test2"), // name
NS_LITERAL_CSTRING("yes"), // value
false, // is secure
true, // is httponly
true, // is session
PR_Now() / PR_USEC_PER_SEC + 2, // expiry time
&attrs, // originAttributes
nsICookie::SAMESITE_NONE)));
EXPECT_TRUE(NS_SUCCEEDED(
cookieMgr2->AddNative(NS_LITERAL_CSTRING("new.domain"), // domain
NS_LITERAL_CSTRING("/rabbit"), // path
NS_LITERAL_CSTRING("test3"), // name
NS_LITERAL_CSTRING("yes"), // value
false, // is secure
false, // is httponly
true, // is session
INT64_MAX, // expiry time
&attrs, // originAttributes
nsICookie::SAMESITE_NONE)));
EXPECT_TRUE(NS_SUCCEEDED(cookieMgr2->AddNative(
NS_LITERAL_CSTRING("cookiemgr.test"), // domain
NS_LITERAL_CSTRING("/foo"), // path
NS_LITERAL_CSTRING("test1"), // name
NS_LITERAL_CSTRING("yes"), // value
false, // is secure
false, // is httponly
true, // is session
INT64_MAX, // expiry time
&attrs, // originAttributes
nsICookie::SAMESITE_NONE, nsICookie::SCHEME_HTTPS)));
EXPECT_TRUE(NS_SUCCEEDED(cookieMgr2->AddNative(
NS_LITERAL_CSTRING("cookiemgr.test"), // domain
NS_LITERAL_CSTRING("/foo"), // path
NS_LITERAL_CSTRING("test2"), // name
NS_LITERAL_CSTRING("yes"), // value
false, // is secure
true, // is httponly
true, // is session
PR_Now() / PR_USEC_PER_SEC + 2, // expiry time
&attrs, // originAttributes
nsICookie::SAMESITE_NONE, nsICookie::SCHEME_HTTPS)));
EXPECT_TRUE(NS_SUCCEEDED(cookieMgr2->AddNative(
NS_LITERAL_CSTRING("new.domain"), // domain
NS_LITERAL_CSTRING("/rabbit"), // path
NS_LITERAL_CSTRING("test3"), // name
NS_LITERAL_CSTRING("yes"), // value
false, // is secure
false, // is httponly
true, // is session
INT64_MAX, // expiry time
&attrs, // originAttributes
nsICookie::SAMESITE_NONE, nsICookie::SCHEME_HTTPS)));
// confirm using enumerator
nsTArray<RefPtr<nsICookie>> cookies;
EXPECT_TRUE(NS_SUCCEEDED(cookieMgr->GetCookies(cookies)));

3
netwerk/test/mochitests/file_testloadflags_chromescript.js
Просмотреть файл

@ -113,7 +113,8 @@ addMessageListener("init", ({ domain }) => {
true,
Math.pow(2, 62),
{},
Ci.nsICookie.SAMESITE_NONE
Ci.nsICookie.SAMESITE_NONE,
Ci.nsICookie.SCHEME_HTTPS
);
is(
cs.countCookiesFromHost(domain),

3
netwerk/test/unit/test_bug411952.js
Просмотреть файл

@ -16,7 +16,8 @@ function run_test() {
false,
time,
{},
Ci.nsICookie.SAMESITE_NONE
Ci.nsICookie.SAMESITE_NONE,
Ci.nsICookie.SCHEME_HTTPS
);
const now = Math.floor(new Date().getTime() / 1000);

21
netwerk/test/unit/test_bug526789.js
Просмотреть файл

@ -25,7 +25,8 @@ add_task(async () => {
true,
expiry,
{},
Ci.nsICookie.SAMESITE_NONE
Ci.nsICookie.SAMESITE_NONE,
Ci.nsICookie.SCHEME_HTTPS
);
Assert.equal(cm.countCookiesFromHost("baz.com"), 1);
Assert.equal(cm.countCookiesFromHost("BAZ.com"), 1);
@ -57,7 +58,8 @@ add_task(async () => {
true,
expiry,
{},
Ci.nsICookie.SAMESITE_NONE
Ci.nsICookie.SAMESITE_NONE,
Ci.nsICookie.SCHEME_HTTPS
);
Assert.equal(cm.countCookiesFromHost("baz.com"), 0);
Assert.equal(cm.countCookiesFromHost("BAZ.com"), 0);
@ -81,7 +83,8 @@ add_task(async () => {
true,
expiry,
{},
Ci.nsICookie.SAMESITE_NONE
Ci.nsICookie.SAMESITE_NONE,
Ci.nsICookie.SCHEME_HTTPS
);
Assert.equal(cm.countCookiesFromHost("192.168.0.1"), 1);
Assert.equal(cm.countCookiesFromHost("192.168.0.1."), 0);
@ -102,7 +105,8 @@ add_task(async () => {
true,
expiry,
{},
Ci.nsICookie.SAMESITE_NONE
Ci.nsICookie.SAMESITE_NONE,
Ci.nsICookie.SCHEME_HTTPS
);
Assert.equal(cm.countCookiesFromHost("localhost"), 1);
Assert.equal(cm.countCookiesFromHost("localhost."), 0);
@ -123,7 +127,8 @@ add_task(async () => {
true,
expiry,
{},
Ci.nsICookie.SAMESITE_NONE
Ci.nsICookie.SAMESITE_NONE,
Ci.nsICookie.SCHEME_HTTPS
);
Assert.equal(cm.countCookiesFromHost("co.uk"), 1);
Assert.equal(cm.countCookiesFromHost("co.uk."), 0);
@ -197,7 +202,8 @@ add_task(async () => {
true,
expiry,
{},
Ci.nsICookie.SAMESITE_NONE
Ci.nsICookie.SAMESITE_NONE,
Ci.nsICookie.SCHEME_HTTPS
);
Assert.equal(getCookieCount(), 1);
do_check_throws(function() {
@ -211,7 +217,8 @@ add_task(async () => {
true,
expiry,
{},
Ci.nsICookie.SAMESITE_NONE
Ci.nsICookie.SAMESITE_NONE,
Ci.nsICookie.SCHEME_HTTPS
);
}, Cr.NS_ERROR_ILLEGAL_VALUE);
Assert.equal(getCookieCount(), 1);

3
netwerk/test/unit/test_bug650522.js
Просмотреть файл

@ -22,7 +22,8 @@ add_task(async () => {
true,
expiry,
{},
Ci.nsICookie.SAMESITE_NONE
Ci.nsICookie.SAMESITE_NONE,
Ci.nsICookie.SCHEME_HTTP
);
Assert.equal(cm.countCookiesFromHost("e.com"), 1);

3
netwerk/test/unit/test_bug667087.js
Просмотреть файл

@ -20,7 +20,8 @@ add_task(async () => {
true,
expiry,
{},
Ci.nsICookie.SAMESITE_NONE
Ci.nsICookie.SAMESITE_NONE,
Ci.nsICookie.SCHEME_HTTP
);
Assert.equal(cm.countCookiesFromHost("a"), 1);

3
netwerk/test/unit/test_cookies_async_failure.js
Просмотреть файл

@ -144,7 +144,8 @@ async function run_test_1() {
cookie.isSession,
cookie.expiry,
{},
Ci.nsICookie.SAMESITE_NONE
Ci.nsICookie.SAMESITE_NONE,
Ci.nsICookie.SCHEME_HTTPS
);
// Check that the cookie service accepted the new cookie.

3
netwerk/test/unit/test_cookies_profile_close.js
Просмотреть файл

@ -83,7 +83,8 @@ add_task(async () => {
false,
0,
{},
Ci.nsICookie.SAMESITE_NONE
Ci.nsICookie.SAMESITE_NONE,
Ci.nsICookie.SCHEME_HTTPS
);
}, Cr.NS_ERROR_NOT_AVAILABLE);

9
netwerk/test/unit/test_domain_eviction.js
Просмотреть файл

@ -77,7 +77,8 @@ function* do_run_test() {
false,
shortExpiry,
{},
Ci.nsICookie.SAMESITE_NONE
Ci.nsICookie.SAMESITE_NONE,
Ci.nsICookie.SCHEME_HTTPS
);
do_timeout(2100, continue_test);
yield;
@ -93,7 +94,8 @@ function* do_run_test() {
false,
futureExpiry,
{},
Ci.nsICookie.SAMESITE_NONE
Ci.nsICookie.SAMESITE_NONE,
Ci.nsICookie.SCHEME_HTTPS
);
Assert.equal(countCookies("captchart.com", "captchart.com"), 50);
@ -120,7 +122,8 @@ function setCookies(aHost, aNumber, aExpiry) {
false,
aExpiry,
{},
Ci.nsICookie.SAMESITE_NONE
Ci.nsICookie.SAMESITE_NONE,
Ci.nsICookie.SCHEME_HTTPS
);
}
}

3
netwerk/test/unit/test_eviction.js
Просмотреть файл

@ -201,7 +201,8 @@ function set_cookies(begin, end, expiry) {
false,
expiry,
{},
Ci.nsICookie.SAMESITE_NONE
Ci.nsICookie.SAMESITE_NONE,
Ci.nsICookie.SCHEME_HTTPS
);
if (i == begin) {

3
netwerk/test/unit_ipc/test_cookie_header_stripped.js
Просмотреть файл

@ -82,7 +82,8 @@ function run_test() {
false,
expiry,
{},
Ci.nsICookie.SAMESITE_NONE
Ci.nsICookie.SAMESITE_NONE,
Ci.nsICookie.SCHEME_HTTPS
);
do_send_remote_message("set-cookie-done");
});

7
remote/domains/parent/Network.jsm
Просмотреть файл

@ -269,6 +269,7 @@ class Network extends Domain {
// Retrieve host. Check domain first because it has precedence.
let hostname = cookie.domain || "";
let cookieURL;
let schemeType = Ci.nsICookie.SCHEME_UNSET;
if (hostname.length == 0) {
try {
cookieURL = new URL(cookie.url);
@ -282,6 +283,9 @@ class Network extends Domain {
if (cookieURL.protocol == "https:") {
cookie.secure = true;
schemeType = Ci.nsICookie.SCHEME_HTTPS;
} else {
schemeType = Ci.nsICookie.SCHEME_HTTP;
}
hostname = cookieURL.hostname;
@ -315,7 +319,8 @@ class Network extends Domain {
isSession,
cookie.expires,
{} /* originAttributes */,
sameSiteMap.get(cookie.sameSite)
sameSiteMap.get(cookie.sameSite),
schemeType
);
} catch (e) {
success = false;

3
security/manager/ssl/tests/unit/test_toolkit_securityreporter.js
Просмотреть файл

@ -109,7 +109,8 @@ function run_test() {
false,
Date.now() + 24000 * 60 * 60,
{},
Ci.nsICookie.SAMESITE_NONE
Ci.nsICookie.SAMESITE_NONE,
Ci.nsICookie.SCHEME_HTTP
);
registerCleanupFunction(() => {

23
testing/marionette/cookie.js
Просмотреть файл

@ -94,6 +94,8 @@ cookie.fromJSON = function(json) {
* Cookie to add.
* @param {string=} restrictToHost
* Perform test that ``newCookie``'s domain matches this.
* @param {string=} protocol
* The protocol of the caller. It can be `ftp:`, `http:` or `https:`.
*
* @throws {TypeError}
* If ``name``, ``value``, or ``domain`` are not present and
@ -104,7 +106,10 @@ cookie.fromJSON = function(json) {
* @throws {UnableToSetCookieError}
* If an error occurred while trying to save the cookie.
*/
cookie.add = function(newCookie, { restrictToHost = null } = {}) {
cookie.add = function(
newCookie,
{ restrictToHost = null, protocol = null } = {}
) {
assert.string(newCookie.name, "Cookie name must be string");
assert.string(newCookie.value, "Cookie value must be string");
@ -168,6 +173,19 @@ cookie.add = function(newCookie, { restrictToHost = null } = {}) {
}
}
let schemeType = Ci.nsICookie.SCHEME_UNSET;
switch (protocol) {
case "http:":
schemeType = Ci.nsICookie.SCHEME_HTTP;
break;
case "https:":
schemeType = Ci.nsICookie.SCHEME_HTTPS;
break;
default:
// ftp: or any other protocol is supported by the cookie service.
break;
}
// remove port from domain, if present.
// unfortunately this catches IPv6 addresses by mistake
// TODO: Bug 814416
@ -184,7 +202,8 @@ cookie.add = function(newCookie, { restrictToHost = null } = {}) {
newCookie.session,
newCookie.expiry,
{} /* origin attributes */,
Ci.nsICookie.SAMESITE_NONE
Ci.nsICookie.SAMESITE_NONE,
schemeType
);
} catch (e) {
throw new UnableToSetCookieError(e);

2
testing/marionette/driver.js
Просмотреть файл

@ -2727,7 +2727,7 @@ GeckoDriver.prototype.addCookie = async function(cmd) {
let newCookie = cookie.fromJSON(cmd.parameters.cookie);
cookie.add(newCookie, { restrictToHost: hostname });
cookie.add(newCookie, { restrictToHost: hostname, protocol });
};
/**

3
toolkit/components/cleardata/SiteDataTestUtils.jsm
Просмотреть файл

@ -100,7 +100,8 @@ var SiteDataTestUtils = {
false,
Date.now() + 24000 * 60 * 60,
{},
Ci.nsICookie.SAMESITE_NONE
Ci.nsICookie.SAMESITE_NONE,
Ci.nsICookie.SCHEME_UNSET
);
},

12
toolkit/components/cleardata/tests/unit/test_cookies.js
Просмотреть файл

@ -19,7 +19,8 @@ add_task(async function test_all_cookies() {
false /* session */,
expiry,
{},
Ci.nsICookie.SAMESITE_NONE
Ci.nsICookie.SAMESITE_NONE,
Ci.nsICookie.SCHEME_HTTPS
);
Assert.equal(Services.cookies.countCookiesFromHost("example.net"), 1);
@ -48,7 +49,8 @@ add_task(async function test_range_cookies() {
false /* session */,
expiry,
{},
Ci.nsICookie.SAMESITE_NONE
Ci.nsICookie.SAMESITE_NONE,
Ci.nsICookie.SCHEME_HTTPS
);
Assert.equal(Services.cookies.countCookiesFromHost("example.net"), 1);
@ -99,7 +101,8 @@ add_task(async function test_principal_cookies() {
false /* session */,
expiry,
{},
Ci.nsICookie.SAMESITE_NONE
Ci.nsICookie.SAMESITE_NONE,
Ci.nsICookie.SCHEME_HTTPS
);
Assert.equal(Services.cookies.countCookiesFromHost("example.net"), 1);
@ -152,7 +155,8 @@ add_task(async function test_localfile_cookies() {
false /* session */,
expiry,
{},
Ci.nsICookie.SAMESITE_NONE
Ci.nsICookie.SAMESITE_NONE,
Ci.nsICookie.SCHEME_HTTP
);
Assert.notEqual(Services.cookies.countCookiesFromHost(""), 0);

3
toolkit/components/contextualidentity/tests/unit/test_corruptedFile.js
Просмотреть файл

@ -37,7 +37,8 @@ function createCookie(userContextId) {
COOKIE.isSession,
COOKIE.expiry,
{ userContextId },
Ci.nsICookie.SAMESITE_NONE
Ci.nsICookie.SAMESITE_NONE,
Ci.nsICookie.SCHEME_HTTP
);
}

12
toolkit/components/extensions/parent/ext-cookies.js
Просмотреть файл

@ -466,6 +466,15 @@ this.cookies = class extends ExtensionAPI {
let sameSite = SAME_SITE_STATUSES.indexOf(details.sameSite);
let schemeType = Ci.nsICookie.SCHEME_UNSET;
if (uri.scheme === "https") {
schemeType = Ci.nsICookie.SCHEME_HTTPS;
} else if (uri.scheme === "http") {
schemeType = Ci.nsICookie.SCHEME_HTTP;
} else if (uri.scheme === "file") {
schemeType = Ci.nsICookie.SCHEME_FILE;
}
// The permission check may have modified the domain, so use
// the new value instead.
Services.cookies.add(
@ -478,7 +487,8 @@ this.cookies = class extends ExtensionAPI {
isSession,
expiry,
originAttributes,
sameSite
sameSite,
schemeType
);
return self.cookies.get(details);

25
toolkit/components/extensions/test/mochitest/head_cookies.js
Просмотреть файл

@ -131,7 +131,10 @@ async function testCookies(options) {
false,
options.expiry,
{},
Ci.nsICookie.SAMESITE_NONE
Ci.nsICookie.SAMESITE_NONE,
options.url.startsWith("https")
? Ci.nsICookie.SCHEME_HTTPS
: Ci.nsICookie.SCHEME_HTTP
);
// This will be modified by the background script.
Services.cookies.add(
@ -144,7 +147,10 @@ async function testCookies(options) {
false,
options.expiry,
{},
Ci.nsICookie.SAMESITE_NONE
Ci.nsICookie.SAMESITE_NONE,
options.url.startsWith("https")
? Ci.nsICookie.SCHEME_HTTPS
: Ci.nsICookie.SCHEME_HTTP
);
// This will be deleted by the background script.
Services.cookies.add(
@ -157,7 +163,10 @@ async function testCookies(options) {
false,
options.expiry,
{},
Ci.nsICookie.SAMESITE_NONE
Ci.nsICookie.SAMESITE_NONE,
options.url.startsWith("https")
? Ci.nsICookie.SCHEME_HTTPS
: Ci.nsICookie.SCHEME_HTTP
);
sendAsyncMessage("done");
});
@ -185,7 +194,10 @@ async function testCookies(options) {
false,
options.expiry,
{},
Ci.nsICookie.SAMESITE_NONE
Ci.nsICookie.SAMESITE_NONE,
options.url.startsWith("https")
? Ci.nsICookie.SCHEME_HTTPS
: Ci.nsICookie.SCHEME_HTTP
);
Services.cookies.add(
domain,
@ -197,7 +209,10 @@ async function testCookies(options) {
false,
options.expiry,
{},
Ci.nsICookie.SAMESITE_NONE
Ci.nsICookie.SAMESITE_NONE,
options.url.startsWith("https")
? Ci.nsICookie.SCHEME_HTTPS
: Ci.nsICookie.SCHEME_HTTP
);
Services.cookies.remove(domain, "x", "/", {});
sendAsyncMessage("done");

4
toolkit/components/extensions/test/mochitest/test_ext_cookies_expiry.html
Просмотреть файл

@ -45,7 +45,7 @@ add_task(async function test_cookies_expiry() {
let chromeScript = loadChromeScript(() => {
const {sendAsyncMessage} = this;
Services.cookies.add(".example.com", "/", "first", "one", false, false, false, Date.now() / 1000 + 1, {}, Ci.nsICookie.SAMESITE_NONE);
Services.cookies.add(".example.com", "/", "first", "one", false, false, false, Date.now() / 1000 + 1, {}, Ci.nsICookie.SAMESITE_NONE, Ci.nsICookie.SCHEME_HTTP);
sendAsyncMessage("done");
});
await chromeScript.promiseOneMessage("done");
@ -56,7 +56,7 @@ add_task(async function test_cookies_expiry() {
chromeScript = loadChromeScript(() => {
const {sendAsyncMessage} = this;
Services.cookies.add(".example.com", "/", "first", "one-again", false, false, false, Date.now() / 1000 + 10, {}, Ci.nsICookie.SAMESITE_NONE);
Services.cookies.add(".example.com", "/", "first", "one-again", false, false, false, Date.now() / 1000 + 10, {}, Ci.nsICookie.SAMESITE_NONE, Ci.nsICookie.SCHEME_HTTP);
sendAsyncMessage("done");
});
await chromeScript.promiseOneMessage("done");

3
toolkit/components/forgetaboutsite/test/unit/test_removeDataFromDomain.js
Просмотреть файл

@ -60,7 +60,8 @@ function add_cookie(aDomain) {
false,
COOKIE_EXPIRY,
{},
Ci.nsICookie.SAMESITE_NONE
Ci.nsICookie.SAMESITE_NONE,
Ci.nsICookie.SCHEME_HTTPS
);
check_cookie_exists(aDomain, true);
}

3
toolkit/mozapps/extensions/test/browser/browser_html_discover_view.js
Просмотреть файл

@ -696,7 +696,8 @@ add_task(async function discopane_no_cookies() {
false,
Date.now() / 1000 + 600,
{},
Ci.nsICookie.SAMESITE_NONE
Ci.nsICookie.SAMESITE_NONE,
Ci.nsICookie.SCHEME_HTTP
);
let win = await loadInitialView("discover");
let request = await requestPromise;

3
toolkit/mozapps/extensions/test/xpcshell/test_AddonRepository_langpacks.js
Просмотреть файл

@ -120,7 +120,8 @@ add_task(async function test_cookies() {
false,
expiration,
{},
Ci.nsICookie.SAMESITE_NONE
Ci.nsICookie.SAMESITE_NONE,
Ci.nsICookie.SCHEME_HTTP
);
await AddonRepository.getAvailableLangpacks();

3
toolkit/mozapps/extensions/test/xpcshell/test_cookies.js
Просмотреть файл

@ -62,7 +62,8 @@ add_task(async function test_cookies() {
false,
expiration,
{},
Ci.nsICookie.SAMESITE_NONE
Ci.nsICookie.SAMESITE_NONE,
Ci.nsICookie.SCHEME_HTTP
);
await promiseStartupManager();

3
toolkit/mozapps/extensions/test/xpinstall/browser_cookies2.js
Просмотреть файл

@ -17,7 +17,8 @@ function test() {
true,
Date.now() / 1000 + 60,
{},
Ci.nsICookie.SAMESITE_NONE
Ci.nsICookie.SAMESITE_NONE,
Ci.nsICookie.SCHEME_HTTP
);
PermissionTestUtils.add(

3
toolkit/mozapps/extensions/test/xpinstall/browser_cookies3.js
Просмотреть файл

@ -17,7 +17,8 @@ function test() {
true,
Date.now() / 1000 + 60,
{},
Ci.nsICookie.SAMESITE_NONE
Ci.nsICookie.SAMESITE_NONE,
Ci.nsICookie.SCHEME_HTTP
);
PermissionTestUtils.add(

3
toolkit/mozapps/extensions/test/xpinstall/browser_cookies4.js
Просмотреть файл

@ -18,7 +18,8 @@ function test() {
true,
Date.now() / 1000 + 60,
{},
Ci.nsICookie.SAMESITE_NONE
Ci.nsICookie.SAMESITE_NONE,
Ci.nsICookie.SCHEME_HTTP
);
PermissionTestUtils.add(