Chromium Code Reviews
chromiumcodereview-hr@appspot.gserviceaccount.com (chromiumcodereview-hr) | Please choose your nickname with Settings | Help | Chromium Project | Gerrit Changes | Sign out
(228)

Issues Search
    My Issues | Starred     Open | Closed | All

Side by Side Diff: ios/net/cookies/cookie_store_ios.mm

Issue 2861063003: Remove dangerous CanonicalCookie::Create method. (Closed)
Patch Set: Use creation_time for last_access_time as per Elly's suggestion. Created 3 years, 7 months ago
Use n/p to move between diff chunks; N/P to move between comments. Draft comments are only viewable by you.
Jump to:
View unified diff | Download patch
« no previous file with comments | « ios/net/cookies/cookie_cache_unittest.cc ('k') | ios/net/cookies/cookie_store_ios_test_util.mm » ('j') | no next file with comments »
Toggle Intra-line Diffs ('i') | Expand Comments ('e') | Collapse Comments ('c') | Show Comments Hide Comments ('s')
OLDNEW
1 // Copyright 2012 The Chromium Authors. All rights reserved. 1 // Copyright 2012 The Chromium Authors. All rights reserved.
2 // Use of this source code is governed by a BSD-style license that can be 2 // Use of this source code is governed by a BSD-style license that can be
3 // found in the LICENSE file. 3 // found in the LICENSE file.
4 4
5 #include "ios/net/cookies/cookie_store_ios.h" 5 #include "ios/net/cookies/cookie_store_ios.h"
6 6
7 #import <Foundation/Foundation.h> 7 #import <Foundation/Foundation.h>
8 #include <stddef.h> 8 #include <stddef.h>
9 9
10 #include "base/bind.h" 10 #include "base/bind.h"
(...skipping 356 matching lines...) Expand 10 before | Expand all | Expand 10 after
367 DCHECK(thread_checker_.CalledOnValidThread()); 367 DCHECK(thread_checker_.CalledOnValidThread());
368 // If cookies are not allowed, they are stashed in the CookieMonster, and 368 // If cookies are not allowed, they are stashed in the CookieMonster, and
369 // should be written there instead. 369 // should be written there instead.
370 DCHECK(SystemCookiesAllowed()); 370 DCHECK(SystemCookiesAllowed());
371 371
372 bool success = false; 372 bool success = false;
373 373
374 if (creation_time.is_null()) 374 if (creation_time.is_null())
375 creation_time = base::Time::Now(); 375 creation_time = base::Time::Now();
376 376
377 // Validate consistency of passed arguments.
378 if (ParsedCookie::ParseTokenString(name) != name ||
379 ParsedCookie::ParseValueString(value) != value ||
380 ParsedCookie::ParseValueString(domain) != domain ||
381 ParsedCookie::ParseValueString(path) != path) {
382 if (!callback.is_null())
383 callback.Run(false);
384 return;
385 }
386
387 // Validate passed arguments against URL.
388 std::string cookie_domain;
389 std::string cookie_path = CanonicalCookie::CanonPathWithString(url, path);
390 if ((secure && !url.SchemeIsCryptographic()) ||
391 !cookie_util::GetCookieDomainWithString(url, domain, &cookie_domain) ||
392 (!path.empty() && cookie_path != path)) {
393 if (!callback.is_null())
394 callback.Run(false);
395 return;
396 }
397
398 // Canonicalize path again to make sure it escapes characters as needed.
399 url::Component path_component(0, cookie_path.length());
400 url::RawCanonOutputT<char> canon_path;
401 url::Component canon_path_component;
402 url::CanonicalizePath(cookie_path.data(), path_component, &canon_path,
403 &canon_path_component);
404 cookie_path = std::string(canon_path.data() + canon_path_component.begin,
405 canon_path_component.len);
406
377 // First create a CanonicalCookie, to normalize the arguments, 407 // First create a CanonicalCookie, to normalize the arguments,
378 // particularly domain and path, and perform validation. 408 // particularly domain and path, and perform validation.
379 std::unique_ptr<net::CanonicalCookie> canonical_cookie = 409 std::unique_ptr<net::CanonicalCookie> canonical_cookie =
380 net::CanonicalCookie::Create( 410 net::CanonicalCookie::Create(name, value, cookie_domain, cookie_path,
381 url, name, value, domain, path, creation_time, expiration_time, 411 creation_time, expiration_time,
382 secure, http_only, same_site, priority); 412 creation_time, secure, http_only, same_site,
413 priority);
383 414
384 if (canonical_cookie) { 415 if (canonical_cookie) {
385 NSHTTPCookie* cookie = SystemCookieFromCanonicalCookie(*canonical_cookie); 416 NSHTTPCookie* cookie = SystemCookieFromCanonicalCookie(*canonical_cookie);
386 417
387 if (cookie != nil) { 418 if (cookie != nil) {
388 [system_store_ setCookie:cookie]; 419 [system_store_ setCookie:cookie];
389 creation_time_manager_->SetCreationTime( 420 creation_time_manager_->SetCreationTime(
390 cookie, creation_time_manager_->MakeUniqueCreationTime( 421 cookie, creation_time_manager_->MakeUniqueCreationTime(
391 canonical_cookie->CreationDate())); 422 canonical_cookie->CreationDate()));
392 success = true; 423 success = true;
(...skipping 423 matching lines...) Expand 10 before | Expand all | Expand 10 after
816 net::CookieList cookie_list; 847 net::CookieList cookie_list;
817 cookie_list.reserve([cookies count]); 848 cookie_list.reserve([cookies count]);
818 for (NSHTTPCookie* cookie in cookies) { 849 for (NSHTTPCookie* cookie in cookies) {
819 base::Time created = creation_time_manager_->GetCreationTime(cookie); 850 base::Time created = creation_time_manager_->GetCreationTime(cookie);
820 cookie_list.push_back(CanonicalCookieFromSystemCookie(cookie, created)); 851 cookie_list.push_back(CanonicalCookieFromSystemCookie(cookie, created));
821 } 852 }
822 return cookie_list; 853 return cookie_list;
823 } 854 }
824 855
825 } // namespace net 856 } // namespace net
OLDNEW
« no previous file with comments | « ios/net/cookies/cookie_cache_unittest.cc ('k') | ios/net/cookies/cookie_store_ios_test_util.mm » ('j') | no next file with comments »

Powered by Google App Engine
This is Rietveld 408576698