summaryrefslogtreecommitdiffstats
path: root/chromium/net/cookies/canonical_cookie.cc
diff options
context:
space:
mode:
Diffstat (limited to 'chromium/net/cookies/canonical_cookie.cc')
-rw-r--r--chromium/net/cookies/canonical_cookie.cc48
1 files changed, 48 insertions, 0 deletions
diff --git a/chromium/net/cookies/canonical_cookie.cc b/chromium/net/cookies/canonical_cookie.cc
index 053f760ed76..d0120b13c5c 100644
--- a/chromium/net/cookies/canonical_cookie.cc
+++ b/chromium/net/cookies/canonical_cookie.cc
@@ -56,6 +56,7 @@
#include "base/metrics/histogram_macros.h"
#include "base/strings/strcat.h"
#include "base/strings/string_number_conversions.h"
+#include "base/strings/string_piece.h"
#include "base/strings/string_util.h"
#include "base/strings/stringprintf.h"
#include "net/base/features.h"
@@ -558,6 +559,11 @@ std::unique_ptr<CanonicalCookie> CanonicalCookie::Create(
CookiePrefix prefix = GetCookiePrefix(parsed_cookie.Name());
bool is_cookie_prefix_valid = IsCookiePrefixValid(prefix, url, parsed_cookie);
RecordCookiePrefixMetrics(prefix, is_cookie_prefix_valid);
+
+ if (parsed_cookie.Name() == "") {
+ is_cookie_prefix_valid = !HasHiddenPrefixName(parsed_cookie.Value());
+ }
+
if (!is_cookie_prefix_valid) {
DVLOG(net::cookie_util::kVlogSetCookies)
<< "Create() failed because the cookie violated prefix rules.";
@@ -768,6 +774,11 @@ std::unique_ptr<CanonicalCookie> CanonicalCookie::CreateSanitizedCookie(
net::CookieInclusionStatus::EXCLUDE_INVALID_PREFIX);
}
+ if (name == "" && HasHiddenPrefixName(value)) {
+ status->AddExclusionReason(
+ net::CookieInclusionStatus::EXCLUDE_INVALID_PREFIX);
+ }
+
if (!IsCookieSamePartyValid(same_party, secure, same_site)) {
status->AddExclusionReason(
net::CookieInclusionStatus::EXCLUDE_INVALID_SAMEPARTY);
@@ -1472,6 +1483,9 @@ bool CanonicalCookie::IsCanonicalForFromStorage() const {
return false;
}
+ if (name_ == "" && HasHiddenPrefixName(value_))
+ return false;
+
if (!IsCookieSamePartyValid(same_party_, secure_, same_site_))
return false;
@@ -1594,6 +1608,40 @@ CookieEffectiveSameSite CanonicalCookie::GetEffectiveSameSite(
}
}
+// static
+bool CanonicalCookie::HasHiddenPrefixName(
+ const base::StringPiece cookie_value) {
+ // Skip BWS as defined by HTTPSEM as SP or HTAB (0x20 or 0x9).
+ base::StringPiece value_without_BWS =
+ base::TrimString(cookie_value, " \t", base::TRIM_LEADING);
+
+ const base::StringPiece host_prefix = "__Host-";
+
+ // Compare the value to the host_prefix.
+ if (base::StartsWith(value_without_BWS, host_prefix)) {
+ // The prefix matches, now check if the value string contains a subsequent
+ // '='.
+ if (value_without_BWS.find_first_of('=', host_prefix.size()) !=
+ base::StringPiece::npos) {
+ // This value contains a hidden prefix name.
+ return true;
+ }
+ return false;
+ }
+
+ // Do a similar check for the secure prefix
+ const base::StringPiece secure_prefix = "__Secure-";
+
+ if (base::StartsWith(value_without_BWS, secure_prefix)) {
+ if (value_without_BWS.find_first_of('=', secure_prefix.size()) !=
+ base::StringPiece::npos) {
+ return true;
+ }
+ }
+
+ return false;
+}
+
bool CanonicalCookie::IsRecentlyCreated(base::TimeDelta age_threshold) const {
return (base::Time::Now() - creation_date_) <= age_threshold;
}
generated by cgit v1.2.3 (git 2.25.1) at 2024-06-25 19:00:28 +0000