Mirrors/servo
1
0
Fork 0
mirror of https://github.com/servo/servo.git synced 2025-08-06 06:00:15 +01:00
Code Issues Projects Releases Packages Wiki Activity

Auto merge of #14722 - iamrohit7:check-secure-schemes, r=jdm

Browse source 
Check for wss schemes in Cookie::appropriate_for_url

* Also adds a new helper, `ServoUrl::is_secure_scheme`.
* Refactored `CookieStorage::push` and `CookieStorage::remove` to use the new helper.
<!-- Thank you for contributing to Servo! Please replace each `[ ]` by `[X]` when the step is complete, and replace `__` with appropriate data: -->
- [X] `./mach build -d` does not report any errors
- [X] `./mach test-tidy` does not report any errors
- [x] These changes fix #14702

<!-- Either: -->
- [X] These changes do not require tests because we can't test the changes yet.

<!-- Pull requests that do not address these steps are welcome, but they will require additional verification as part of the review process. -->

<!-- Reviewable:start -->
---
This change is [<img src="https://reviewable.io/review_button.svg" height="34" align="absmiddle" alt="Reviewable"/>](https://reviewable.io/reviews/servo/servo/14722)
<!-- Reviewable:end -->
This commit is contained in:
bors-servo 2016-12-25 00:48:09 -08:00 committed by GitHub
commit fcc3447dfc
3 changed files with 8 additions and 3 deletions
Download patch file Download diff file Expand all files Collapse all files

2
components/net/cookie.rs
View file

@ -160,7 +160,7 @@ impl Cookie {
} }
} }
if self.cookie.secure && url.scheme() != "https" { if self.cookie.secure && !url.is_secure_scheme() {
return false; return false;
} }
if self.cookie.httponly && source == CookieSource::NonHTTP { if self.cookie.httponly && source == CookieSource::NonHTTP {

4
components/net/cookie_storage.rs
View file

@ -38,7 +38,7 @@ impl CookieStorage {
let cookies = self.cookies_map.entry(domain).or_insert(vec![]); let cookies = self.cookies_map.entry(domain).or_insert(vec![]);
// https://www.ietf.org/id/draft-ietf-httpbis-cookie-alone-01.txt Step 2 // https://www.ietf.org/id/draft-ietf-httpbis-cookie-alone-01.txt Step 2
if !cookie.cookie.secure && url.scheme() != "https" && url.scheme() != "wss" { if !cookie.cookie.secure && !url.is_secure_scheme() {
let new_domain = cookie.cookie.domain.as_ref().unwrap(); let new_domain = cookie.cookie.domain.as_ref().unwrap();
let new_path = cookie.cookie.path.as_ref().unwrap(); let new_path = cookie.cookie.path.as_ref().unwrap();
@ -85,7 +85,7 @@ impl CookieStorage {
// http://tools.ietf.org/html/rfc6265#section-5.3 // http://tools.ietf.org/html/rfc6265#section-5.3
pub fn push(&mut self, mut cookie: Cookie, url: &ServoUrl, source: CookieSource) { pub fn push(&mut self, mut cookie: Cookie, url: &ServoUrl, source: CookieSource) {
// https://www.ietf.org/id/draft-ietf-httpbis-cookie-alone-01.txt Step 1 // https://www.ietf.org/id/draft-ietf-httpbis-cookie-alone-01.txt Step 1
if cookie.cookie.secure && url.scheme() != "https" && url.scheme() != "wss" { if cookie.cookie.secure && !url.is_secure_scheme() {
return; return;
} }

5
components/url/lib.rs
View file

@ -79,6 +79,11 @@ impl ServoUrl {
self.0.scheme() self.0.scheme()
} }
pub fn is_secure_scheme(&self) -> bool {
let scheme = self.scheme();
scheme == "https" || scheme == "wss"
}
pub fn as_str(&self) -> &str { pub fn as_str(&self) -> &str {
self.0.as_str() self.0.as_str()
} }