Bug 1298370 - Add SameSite attribute to Cookie Inspector r=pbro

MozReview-Commit-ID: C0n35vEaAdJ

--HG--
extra : rebase_source : 217b8eb13374fec057bf626cac586f41d25e44bb

devtools/client/locales/en-US/storage.properties

@@ -43,6 +43,7 @@ table.headers.cookies.expires=Expires on
 table.headers.cookies.value=Value
 table.headers.cookies.lastAccessed=Last accessed on
 table.headers.cookies.creationTime=Created on
+table.headers.cookies.sameSite=sameSite
 
 table.headers.localStorage.name=Key
 table.headers.localStorage.value=Value

devtools/client/storage/test/browser.ini

@@ -5,6 +5,7 @@ support-files =
   storage-cache-error.html
   storage-complex-values.html
   storage-cookies.html
+  storage-cookies-samesite.html
   storage-empty-objectstores.html
   storage-idb-delete-blocked.html
   storage-indexeddb-duplicate-names.html
@@ -36,6 +37,7 @@ tags = usercontextid
 [browser_storage_cookies_domain_port.js]
 [browser_storage_cookies_edit.js]
 [browser_storage_cookies_edit_keyboard.js]
+[browser_storage_cookies_samesite.js]
 [browser_storage_cookies_tab_navigation.js]
 [browser_storage_delete.js]
 [browser_storage_delete_all.js]

devtools/client/storage/test/browser_storage_cookies_samesite.js

@@ -0,0 +1,37 @@
+/* This Source Code Form is subject to the terms of the Mozilla Public
+ * License, v. 2.0. If a copy of the MPL was not distributed with this
+ * file, You can obtain one at http://mozilla.org/MPL/2.0/. */
+
+/* import-globals-from ../../framework/test/shared-head.js */
+
+"use strict";
+
+// Test that the samesite cookie attribute is displayed correctly.
+
+add_task(function* () {
+  yield openTabAndSetupStorage(MAIN_DOMAIN + "storage-cookies-samesite.html");
+
+  let id1 = getCookieId("test1", "test1.example.org",
+                        "/browser/devtools/client/storage/test/");
+  let id2 = getCookieId("test2", "test1.example.org",
+                        "/browser/devtools/client/storage/test/");
+  let id3 = getCookieId("test3", "test1.example.org",
+                        "/browser/devtools/client/storage/test/");
+
+  yield checkState([
+    [
+      ["cookies", "http://test1.example.org"],
+      [ id1, id2, id3 ]
+    ]
+  ]);
+
+  let sameSite1 = getRowValues(id1).sameSite;
+  let sameSite2 = getRowValues(id2).sameSite;
+  let sameSite3 = getRowValues(id3).sameSite;
+
+  is(sameSite1, "Unset", `sameSite1 is "Unset"`);
+  is(sameSite2, "Lax", `sameSite2 is "Lax"`);
+  is(sameSite3, "Strict", `sameSite3 is "Strict"`);
+
+  yield finishTests();
+});

devtools/client/storage/test/storage-cookies-samesite.html

@@ -0,0 +1,17 @@
+<!DOCTYPE HTML>
+<html>
+  <head>
+    <meta charset="utf-8">
+    <title>Storage inspector cookie samesite test</title>
+  </head>
+  <body>
+    <script type="application/javascript;version=1.7">
+    "use strict";
+    let expiresIn24Hours = new Date(Date.now() + 60 * 60 * 24 * 1000).toUTCString();
+
+    document.cookie = "test1=value1;expires=" + expiresIn24Hours + ";";
+    document.cookie = "test2=value2;expires=" + expiresIn24Hours + ";SameSite=lax";
+    document.cookie = "test3=value3;expires=" + expiresIn24Hours + ";SameSite=strict";
+    </script>
+  </body>
+</html>

devtools/server/actors/storage.js

@@ -20,6 +20,14 @@ const DEFAULT_VALUE = "value";
 loader.lazyRequireGetter(this, "naturalSortCaseInsensitive",
   "devtools/client/shared/natural-sort", true);
 
+// "Lax", "Strict" and "Unset" are special values of the sameSite property
+// that should not be translated.
+const COOKIE_SAMESITE = {
+  LAX: "Lax",
+  STRICT: "Strict",
+  UNSET: "Unset"
+};
+
 // GUID to be used as a separator in compound keys. This must match the same
 // constant in devtools/client/storage/ui.js,
 // devtools/client/storage/test/head.js and
@@ -540,10 +548,22 @@ StorageActors.createActor({
       value: new LongStringActor(this.conn, cookie.value || ""),
       isDomain: cookie.isDomain,
       isSecure: cookie.isSecure,
-      isHttpOnly: cookie.isHttpOnly
+      isHttpOnly: cookie.isHttpOnly,
+      sameSite: this.getSameSiteStringFromCookie(cookie)
     };
   },
 
+  getSameSiteStringFromCookie(cookie) {
+    switch (cookie.sameSite) {
+      case cookie.SAMESITE_LAX:
+        return COOKIE_SAMESITE.LAX;
+      case cookie.SAMESITE_STRICT:
+        return COOKIE_SAMESITE.STRICT;
+    }
+    // cookie.SAMESITE_UNSET
+    return COOKIE_SAMESITE.UNSET;
+  },
+
   populateStoresForHost(host) {
     this.hostVsStores.set(host, new Map());
     let doc = this.storageActor.document;
@@ -653,7 +673,8 @@ StorageActors.createActor({
       { name: "value", editable: true, hidden: false },
       { name: "isDomain", editable: false, hidden: true },
       { name: "isSecure", editable: true, hidden: true },
-      { name: "isHttpOnly", editable: true, hidden: false }
+      { name: "isHttpOnly", editable: true, hidden: false },
+      { name: "sameSite", editable: false, hidden: false }
     ];
   }),