chrome/common/render_messages.h - Issue 18533: Merge r5767 - Protect cookie headers from XHR... - Code Review

Chromium Code Reviews

chromiumcodereview-hr@appspot.gserviceaccount.com (chromiumcodereview-hr) | Please choose your nickname with Settings | Help | Chromium Project | Gerrit Changes | Sign out

(9500)

My Issues | Starred Open | Closed | All

Unified Diff: chrome/common/render_messages.h

Issue 18533: Merge r5767 - Protect cookie headers from XHR... (Closed) Base URL: svn://chrome-svn/chrome/branches/release_154.next/src/

Patch Set: Created 11 years, 11 months ago

Use n/p to move between diff chunks; N/P to move between comments. Draft comments are only viewable by you.

Jump to:

View side-by-side diff with in-line comments

« no previous file with comments | « no previous file | net/http/http_cache.cc » ('j') | no next file with comments »
Expand Comments ('e') | Collapse Comments ('c') | Hide Comments ('s')

Index: chrome/common/render_messages.h

===================================================================

--- chrome/common/render_messages.h (revision 8522)

+++ chrome/common/render_messages.h (working copy)

@@ -1349,8 +1349,10 @@

typedef scoped_refptr<net::HttpResponseHeaders> param_type;

static void Write(Message* m, const param_type& p) {

WriteParam(m, p.get() != NULL);

- if (p)

- p->Persist(m, false);

+ if (p) {

+ // Do not disclose Set-Cookie headers over IPC.

+ p->Persist(m, net::HttpResponseHeaders::PERSIST_SANS_COOKIES);

+ }

}

static bool Read(const Message* m, void** iter, param_type* r) {

bool has_object;

« no previous file with comments | « no previous file | net/http/http_cache.cc » ('j') | no next file with comments »

Powered by Google App Engine

This is Rietveld 408576698