Chromium Code Reviews
chromiumcodereview-hr@appspot.gserviceaccount.com (chromiumcodereview-hr) | Please choose your nickname with Settings | Help | Chromium Project | Gerrit Changes | Sign out
(175)

Issues Search
    My Issues | Starred     Open | Closed | All

Unified Diff: third_party/WebKit/Source/core/dom/Document.cpp

Issue 2102993002: Fix WebSocket to set first party for cookies (Closed) Base URL: https://chromium.googlesource.com/chromium/src.git@master
Patch Set: Added TODO for mkwst Created 4 years, 5 months ago
Use n/p to move between diff chunks; N/P to move between comments. Draft comments are only viewable by you.
Jump to:
View side-by-side diff with in-line comments
Download patch
« third_party/WebKit/LayoutTests/http/tests/security/cookies/websocket/first-party-cookie-accepted.html ('K') | « third_party/WebKit/LayoutTests/http/tests/websocket/workers/resources/cookie-ws-to-ws.js ('k') | third_party/WebKit/Source/modules/websockets/DocumentWebSocketChannel.cpp » ('j') | third_party/WebKit/public/platform/modules/websockets/WebSocketHandle.h » ('J')
Expand Comments ('e') | Collapse Comments ('c') | Show Comments Hide Comments ('s')
Index: third_party/WebKit/Source/core/dom/Document.cpp
diff --git a/third_party/WebKit/Source/core/dom/Document.cpp b/third_party/WebKit/Source/core/dom/Document.cpp
index 0237c178a90d10d43bb4150ec865e83db8984ccb..7def2d1f94af96c44e627133f2ad105b9d6ce28b 100644
--- a/third_party/WebKit/Source/core/dom/Document.cpp
+++ b/third_party/WebKit/Source/core/dom/Document.cpp
@@ -4163,10 +4163,15 @@ String Document::lastModified() const
const KURL Document::firstPartyForCookies() const
{
+ // TODO(mkwst): This doesn't properly handle HTML Import documents.
+
// If this is an imported document, grab its master document's first-party:
if (importsController() && importsController()->master() && importsController()->master() != this)
return importsController()->master()->firstPartyForCookies();
+ if (!frame())
+ return SecurityOrigin::urlWithUniqueSecurityOrigin();
+
// TODO(mkwst): This doesn't correctly handle sandboxed documents; we want to look at their URL,
// but we can't because we don't know what it is.
Frame* top = frame()->tree().top();
« third_party/WebKit/LayoutTests/http/tests/security/cookies/websocket/first-party-cookie-accepted.html ('K') | « third_party/WebKit/LayoutTests/http/tests/websocket/workers/resources/cookie-ws-to-ws.js ('k') | third_party/WebKit/Source/modules/websockets/DocumentWebSocketChannel.cpp » ('j') | third_party/WebKit/public/platform/modules/websockets/WebSocketHandle.h » ('J')

Powered by Google App Engine
This is Rietveld 408576698