| OLD | NEW |
|---|
| 1 // Copyright (c) 2012 The Chromium Authors. All rights reserved. | 1 // Copyright (c) 2012 The Chromium Authors. All rights reserved. |
| 2 // Use of this source code is governed by a BSD-style license that can be | 2 // Use of this source code is governed by a BSD-style license that can be |
| 3 // found in the LICENSE file. | 3 // found in the LICENSE file. |
| 4 | 4 |
| 5 // Portions of this code based on Mozilla: | 5 // Portions of this code based on Mozilla: |
| 6 // (netwerk/cookie/src/nsCookieService.cpp) | 6 // (netwerk/cookie/src/nsCookieService.cpp) |
| 7 /* ***** BEGIN LICENSE BLOCK ***** | 7 /* ***** BEGIN LICENSE BLOCK ***** |
| 8 * Version: MPL 1.1/GPL 2.0/LGPL 2.1 | 8 * Version: MPL 1.1/GPL 2.0/LGPL 2.1 |
| 9 * | 9 * |
| 10 * The contents of this file are subject to the Mozilla Public License Version | 10 * The contents of this file are subject to the Mozilla Public License Version |
| (...skipping 287 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
| 298 CookieSameSite same_site, | 298 CookieSameSite same_site, |
| 299 CookiePriority priority) { | 299 CookiePriority priority) { |
| 300 return base::WrapUnique( | 300 return base::WrapUnique( |
| 301 new CanonicalCookie(name, value, domain, path, creation, expiration, | 301 new CanonicalCookie(name, value, domain, path, creation, expiration, |
| 302 last_access, secure, http_only, same_site, priority)); | 302 last_access, secure, http_only, same_site, priority)); |
| 303 } | 303 } |
| 304 | 304 |
| 305 bool CanonicalCookie::IsEquivalentForSecureCookieMatching( | 305 bool CanonicalCookie::IsEquivalentForSecureCookieMatching( |
| 306 const CanonicalCookie& ecc) const { | 306 const CanonicalCookie& ecc) const { |
| 307 return (name_ == ecc.Name() && (ecc.IsDomainMatch(DomainWithoutDot()) || | 307 return (name_ == ecc.Name() && (ecc.IsDomainMatch(DomainWithoutDot()) || |
| 308 IsDomainMatch(ecc.DomainWithoutDot()))); | 308 IsDomainMatch(ecc.DomainWithoutDot())) && |
| 309 ecc.IsOnPath(Path())); |
| 309 } | 310 } |
| 310 | 311 |
| 311 bool CanonicalCookie::IsOnPath(const std::string& url_path) const { | 312 bool CanonicalCookie::IsOnPath(const std::string& url_path) const { |
| 312 | 313 |
| 313 // A zero length would be unsafe for our trailing '/' checks, and | 314 // A zero length would be unsafe for our trailing '/' checks, and |
| 314 // would also make no sense for our prefix match. The code that | 315 // would also make no sense for our prefix match. The code that |
| 315 // creates a CanonicalCookie should make sure the path is never zero length, | 316 // creates a CanonicalCookie should make sure the path is never zero length, |
| 316 // but we double check anyway. | 317 // but we double check anyway. |
| 317 if (path_.empty()) | 318 if (path_.empty()) |
| 318 return false; | 319 return false; |
| (...skipping 202 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
| 521 return true; | 522 return true; |
| 522 } | 523 } |
| 523 | 524 |
| 524 std::string CanonicalCookie::DomainWithoutDot() const { | 525 std::string CanonicalCookie::DomainWithoutDot() const { |
| 525 if (domain_.empty() || domain_[0] != '.') | 526 if (domain_.empty() || domain_[0] != '.') |
| 526 return domain_; | 527 return domain_; |
| 527 return domain_.substr(1); | 528 return domain_.substr(1); |
| 528 } | 529 } |
| 529 | 530 |
| 530 } // namespace net | 531 } // namespace net |
| OLD | NEW |
|---|
Chromium Code Reviews
Issue 2306393002:
Loosen strict 'Secure' checks for non-overlapping paths. (Closed)
