Auto merge of #14722 - iamrohit7:check-secure-schemes, r=jdm

Check for wss schemes in Cookie::appropriate_for_url

* Also adds a new helper, `ServoUrl::is_secure_scheme`.
* Refactored `CookieStorage::push` and `CookieStorage::remove` to use the new helper.
<!-- Thank you for contributing to Servo! Please replace each `[ ]` by `[X]` when the step is complete, and replace `__` with appropriate data: -->
- [X] `./mach build -d` does not report any errors
- [X] `./mach test-tidy` does not report any errors
- [x] These changes fix #14702

<!-- Either: -->
- [X] These changes do not require tests because we can't test the changes yet.

<!-- Pull requests that do not address these steps are welcome, but they will require additional verification as part of the review process. -->

<!-- Reviewable:start -->
---
This change is [<img src="https://reviewable.io/review_button.svg" height="34" align="absmiddle" alt="Reviewable"/>](https://reviewable.io/reviews/servo/servo/14722)
<!-- Reviewable:end -->
This commit is contained in:
bors-servo 2016-12-25 00:48:09 -08:00 committed by GitHub
commit fcc3447dfc
3 changed files with 8 additions and 3 deletions

View file

@ -160,7 +160,7 @@ impl Cookie {
}
}
if self.cookie.secure && url.scheme() != "https" {
if self.cookie.secure && !url.is_secure_scheme() {
return false;
}
if self.cookie.httponly && source == CookieSource::NonHTTP {

View file

@ -38,7 +38,7 @@ impl CookieStorage {
let cookies = self.cookies_map.entry(domain).or_insert(vec![]);
// https://www.ietf.org/id/draft-ietf-httpbis-cookie-alone-01.txt Step 2
if !cookie.cookie.secure && url.scheme() != "https" && url.scheme() != "wss" {
if !cookie.cookie.secure && !url.is_secure_scheme() {
let new_domain = cookie.cookie.domain.as_ref().unwrap();
let new_path = cookie.cookie.path.as_ref().unwrap();
@ -85,7 +85,7 @@ impl CookieStorage {
// http://tools.ietf.org/html/rfc6265#section-5.3
pub fn push(&mut self, mut cookie: Cookie, url: &ServoUrl, source: CookieSource) {
// https://www.ietf.org/id/draft-ietf-httpbis-cookie-alone-01.txt Step 1
if cookie.cookie.secure && url.scheme() != "https" && url.scheme() != "wss" {
if cookie.cookie.secure && !url.is_secure_scheme() {
return;
}

View file

@ -79,6 +79,11 @@ impl ServoUrl {
self.0.scheme()
}
pub fn is_secure_scheme(&self) -> bool {
let scheme = self.scheme();
scheme == "https" || scheme == "wss"
}
pub fn as_str(&self) -> &str {
self.0.as_str()
}