diff -r 7e26c7da4463 -r fc2d59ddac77 netwerk/cookie/nsCookieService.cpp --- a/netwerk/cookie/nsCookieService.cpp Wed Dec 31 06:55:50 2014 +0100 +++ b/netwerk/cookie/nsCookieService.cpp Wed Dec 31 07:22:50 2014 +0100 @@ -262,6 +262,7 @@ PR_LOG(GetCookieLog(), PR_LOG_DEBUG,("name: %s\n", aCookie->Name().get())); PR_LOG(GetCookieLog(), PR_LOG_DEBUG,("value: %s\n", aCookie->Value().get())); PR_LOG(GetCookieLog(), PR_LOG_DEBUG,("%s: %s\n", aCookie->IsDomain() ? "domain" : "host", aCookie->Host().get())); + PR_LOG(GetCookieLog(), PR_LOG_DEBUG,("orighost: %s\n", aCookie->Origin().get())); PR_LOG(GetCookieLog(), PR_LOG_DEBUG,("path: %s\n", aCookie->Path().get())); PR_ExplodeTime(aCookie->Expiry() * int64_t(PR_USEC_PER_SEC), @@ -1634,9 +1635,19 @@ bool isPrivate = aChannel && NS_UsePrivateBrowsing(aChannel); + nsCOMPtr firstPartyURI; + mThirdPartyUtil->GetFirstPartyURI(aChannel, nullptr, getter_AddRefs(firstPartyURI)); + bool requireHostMatch; + nsAutoCString origDomain; + nsresult rv = GetBaseDomain(firstPartyURI, origDomain, requireHostMatch); + if (NS_FAILED(rv)) { + COOKIE_LOGFAILURE(GET_COOKIE, aHostURI, nullptr, + "couldn't get base domain from URI"); + } + nsAutoCString result; GetCookieStringInternal(aHostURI, isForeign, aHttpBound, appId, - inBrowserElement, isPrivate, result); + inBrowserElement, isPrivate, origDomain, result); *aCookie = result.IsEmpty() ? nullptr : ToNewCString(result); return NS_OK; } @@ -1716,6 +1727,10 @@ return NS_OK; } +// FIXME:MSvB DEBUG DEBUG - DELETEME DELETEME - debug debug - deleteme deleteme +// FIXME:MSvB Setting a 3rd party cookie (on third.tld) for URL bar browsed +// FIXME:MSvB site first.tld causes aHostURI (and later the origin var) to +// FIXME:MSvB contain 'third.tld' void nsCookieService::SetCookieStringInternal(nsIURI *aHostURI, bool aIsForeign, @@ -1792,9 +1807,20 @@ serverTime = PR_Now() / PR_USEC_PER_SEC; } + // double keyed cookie boilerplate + nsCOMPtr firstPartyURI; + mThirdPartyUtil->GetFirstPartyURI(aChannel, nullptr, getter_AddRefs(firstPartyURI)); + nsAutoCString origDomain; + rv = GetBaseDomain(firstPartyURI, origDomain, requireHostMatch); + if (NS_FAILED(rv)) { + COOKIE_LOGFAILURE(GET_COOKIE, aHostURI, nullptr, + "couldn't get base domain from URI"); + } + // process each cookie in the header - while (SetCookieInternal(aHostURI, key, requireHostMatch, cookieStatus, - aCookieHeader, serverTime, aFromHttp, aChannel)) { + while (SetCookieInternal(aHostURI, key, requireHostMatch, origDomain, + cookieStatus, aCookieHeader, serverTime, + aFromHttp, aChannel)) { // document.cookie can only set one cookie at a time if (!aFromHttp) break; @@ -2026,7 +2052,7 @@ int64_t currentTimeInUsec = PR_Now(); nsRefPtr cookie = - nsCookie::Create(aName, aValue, host, aPath, + nsCookie::Create(aName, aValue, host, baseDomain, aPath, aExpiry, currentTimeInUsec, nsCookie::GenerateUniqueCreationTime(currentTimeInUsec), @@ -2064,6 +2090,7 @@ nsListIter matchIter; nsRefPtr cookie; if (FindCookie(nsCookieKey(baseDomain, aAppId, aInBrowserElement), + baseDomain, host, PromiseFlatCString(aName), PromiseFlatCString(aPath), @@ -2191,8 +2218,12 @@ bool isSecure = 0 != aRow->AsInt32(IDX_SECURE); bool isHttpOnly = 0 != aRow->AsInt32(IDX_HTTPONLY); + nsAutoCString baseDomain; + rv = GetBaseDomainFromHost(host, baseDomain); + NS_ASSERT_SUCCESS(rv); + // Create a new nsCookie and assign the data. - return nsCookie::Create(name, value, host, path, + return nsCookie::Create(name, value, host, baseDomain, path, expiry, lastAccessed, creationTime, @@ -2579,6 +2610,7 @@ nsCookie::Create(Substring(buffer, nameIndex, cookieIndex - nameIndex - 1), Substring(buffer, cookieIndex, buffer.Length() - cookieIndex), host, + baseDomain, Substring(buffer, pathIndex, secureIndex - pathIndex - 1), expires, lastAccessedCounter, @@ -2664,6 +2696,7 @@ uint32_t aAppId, bool aInBrowserElement, bool aIsPrivate, + nsCString &aOrigDomain, nsCString &aCookieString) { NS_ASSERTION(aHostURI, "null host!"); @@ -2732,6 +2765,13 @@ for (nsCookieEntry::IndexType i = 0; i < cookies.Length(); ++i) { cookie = cookies[i]; + // Check the origin key. We only continue if the + // saved origin matches matches the origin domain. + // FIXME:MSvB, other places iterate cookies too, handle them likewise? + if (cookie->Origin() != aOrigDomain) { + continue; + } + // check the host, since the base domain lookup is conservative. // first, check for an exact host or domain cookie match, e.g. "google.com" // or ".google.com"; second a subdomain match, e.g. @@ -2854,6 +2894,7 @@ nsCookieService::SetCookieInternal(nsIURI *aHostURI, const nsCookieKey &aKey, bool aRequireHostMatch, + const nsCString &aOrigin, CookieStatus aStatus, nsDependentCString &aCookieHeader, int64_t aServerTime, @@ -2910,10 +2951,13 @@ } // create a new nsCookie and copy attributes +//FIXME:MSvB, The name and value vars are neither host nor key +//FIXME:MSvB, host shows up in cookie inspector, as a index key nsRefPtr cookie = nsCookie::Create(cookieAttributes.name, cookieAttributes.value, cookieAttributes.host, + aOrigin, cookieAttributes.path, cookieAttributes.expiryTime, currentTimeInUsec, @@ -2975,8 +3019,8 @@ } nsListIter matchIter; - bool foundCookie = FindCookie(aKey, aCookie->Host(), - aCookie->Name(), aCookie->Path(), matchIter); + bool foundCookie = FindCookie(aKey, aCookie->Origin(), + aCookie->Host(), aCookie->Name(), aCookie->Path(), matchIter); nsRefPtr oldCookie; nsCOMPtr purgedList; @@ -3885,9 +3929,11 @@ return NS_ERROR_NOT_AVAILABLE; } - nsAutoCString host, name, path; + nsAutoCString host, origin, name, path; nsresult rv = aCookie->GetHost(host); NS_ENSURE_SUCCESS(rv, rv); + rv = aCookie->GetOrigin(origin); + NS_ENSURE_SUCCESS(rv, rv); rv = aCookie->GetName(name); NS_ENSURE_SUCCESS(rv, rv); rv = aCookie->GetPath(path); @@ -3898,7 +3944,7 @@ NS_ENSURE_SUCCESS(rv, rv); nsListIter iter; - *aFoundCookie = FindCookie(DEFAULT_APP_KEY(baseDomain), host, name, path, iter); + *aFoundCookie = FindCookie(DEFAULT_APP_KEY(baseDomain), origin, host, name, path, iter); return NS_OK; } @@ -4105,6 +4151,7 @@ // find an exact cookie specified by host, name, and path that hasn't expired. bool nsCookieService::FindCookie(const nsCookieKey &aKey, + const nsAFlatCString &aOrigin, const nsAFlatCString &aHost, const nsAFlatCString &aName, const nsAFlatCString &aPath, @@ -4120,7 +4167,8 @@ for (nsCookieEntry::IndexType i = 0; i < cookies.Length(); ++i) { nsCookie *cookie = cookies[i]; - if (aHost.Equals(cookie->Host()) && + if (aOrigin.Equals(cookie->Origin()) && + aHost.Equals(cookie->Host()) && aPath.Equals(cookie->Path()) && aName.Equals(cookie->Name())) { aIter = nsListIter(entry, i);