mirror of
https://github.com/servo/servo.git
synced 2025-08-03 04:30:10 +01:00
Add domain and path checks for secure cookies eviction
This commit is contained in:
parent
64b456f0e2
commit
63a7e8efdf
4 changed files with 37 additions and 17 deletions
|
@ -75,7 +75,7 @@ impl Cookie {
|
|||
|
||||
|
||||
// Step 10
|
||||
if cookie.httponly && source != CookieSource::HTTP {
|
||||
if cookie.httponly && source == CookieSource::NonHTTP {
|
||||
return None;
|
||||
}
|
||||
|
||||
|
@ -132,16 +132,11 @@ impl Cookie {
|
|||
|
||||
// http://tools.ietf.org/html/rfc6265#section-5.1.3
|
||||
pub fn domain_match(string: &str, domain_string: &str) -> bool {
|
||||
if string == domain_string {
|
||||
return true;
|
||||
}
|
||||
if string.ends_with(domain_string) &&
|
||||
string.as_bytes()[string.len()-domain_string.len()-1] == b'.' &&
|
||||
string.parse::<Ipv4Addr>().is_err() &&
|
||||
string.parse::<Ipv6Addr>().is_err() {
|
||||
return true;
|
||||
}
|
||||
false
|
||||
string == domain_string ||
|
||||
(string.ends_with(domain_string) &&
|
||||
string.as_bytes()[string.len()-domain_string.len()-1] == b'.' &&
|
||||
string.parse::<Ipv4Addr>().is_err() &&
|
||||
string.parse::<Ipv6Addr>().is_err())
|
||||
}
|
||||
|
||||
// http://tools.ietf.org/html/rfc6265#section-5.4 step 1
|
||||
|
|
Loading…
Add table
Add a link
Reference in a new issue