# HG changeset patch # User Michael Schloh von Bennewitz # Date 1420006970 -3600 # Node ID fc2d59ddac77c7c1e8aa37c9e79f00e5e25797f4 # Parent 7e26c7da4463504de6c8fb0c37db5ff08f124dc3 Correct previous dual key logic pending first delivery installment. diff -r 7e26c7da4463 -r fc2d59ddac77 netwerk/cookie/CookieServiceParent.cpp --- a/netwerk/cookie/CookieServiceParent.cpp Wed Dec 31 06:55:50 2014 +0100 +++ b/netwerk/cookie/CookieServiceParent.cpp Wed Dec 31 07:22:50 2014 +0100 @@ -89,8 +89,11 @@ return false; } + // Method is called nowhere + nsAutoCString origDomain; mCookieService->GetCookieStringInternal(hostURI, aIsForeign, aFromHttp, appId, - isInBrowserElement, isPrivate, *aResult); + isInBrowserElement, isPrivate, + origDomain, *aResult); return true; } diff -r 7e26c7da4463 -r fc2d59ddac77 netwerk/cookie/nsCookie.cpp --- a/netwerk/cookie/nsCookie.cpp Wed Dec 31 06:55:50 2014 +0100 +++ b/netwerk/cookie/nsCookie.cpp Wed Dec 31 07:22:50 2014 +0100 @@ -19,10 +19,12 @@ const nsACString &aSource2, const nsACString &aSource3, const nsACString &aSource4, + const nsACString &aSource5, char *&aDest1, char *&aDest2, char *&aDest3, char *&aDest4, + char *&aDest5, char *&aDestEnd) { char *toBegin = aDest1; @@ -35,6 +37,8 @@ *copy_string(aSource3.BeginReading(fromBegin), aSource3.EndReading(fromEnd), toBegin) = char(0); aDest4 = ++toBegin; *copy_string(aSource4.BeginReading(fromBegin), aSource4.EndReading(fromEnd), toBegin) = char(0); + aDest5 = ++toBegin; + *copy_string(aSource5.BeginReading(fromBegin), aSource5.EndReading(fromEnd), toBegin) = char(0); aDestEnd = toBegin; } @@ -70,6 +74,7 @@ nsCookie::Create(const nsACString &aName, const nsACString &aValue, const nsACString &aHost, + const nsACString &aOrigin, const nsACString &aPath, int64_t aExpiry, int64_t aLastAccessed, @@ -84,9 +89,10 @@ nsAutoCString aUTF8Value; converter.ConvertStringToUTF8(aValue, "UTF-8", false, true, 1, aUTF8Value); - // find the required string buffer size, adding 4 for the terminating nulls + // find the required string buffer size, accommodating terminating nulls const uint32_t stringLength = aName.Length() + aUTF8Value.Length() + - aHost.Length() + aPath.Length() + 4; + aHost.Length() + aOrigin.Length() + + aPath.Length() + 5; // allocate contiguous space for the nsCookie and its strings - // we store the strings in-line with the nsCookie to save allocations @@ -95,10 +101,10 @@ return nullptr; // assign string members - char *name, *value, *host, *path, *end; + char *name, *value, *host, *origin, *path, *end; name = static_cast(place) + sizeof(nsCookie); - StrBlockCopy(aName, aUTF8Value, aHost, aPath, - name, value, host, path, end); + StrBlockCopy(aName, aUTF8Value, aHost, aOrigin, aPath, + name, value, host, origin, path, end); // If the creationTime given to us is higher than the running maximum, update // our maximum. @@ -106,7 +112,7 @@ gLastCreationTime = aCreationTime; // construct the cookie. placement new, oh yeah! - return new (place) nsCookie(name, value, host, path, end, + return new (place) nsCookie(name, value, host, origin, path, end, aExpiry, aLastAccessed, aCreationTime, aIsSession, aIsSecure, aIsHttpOnly); } @@ -127,6 +133,7 @@ // xpcom getters NS_IMETHODIMP nsCookie::GetName(nsACString &aName) { aName = Name(); return NS_OK; } NS_IMETHODIMP nsCookie::GetValue(nsACString &aValue) { aValue = Value(); return NS_OK; } +NS_IMETHODIMP nsCookie::GetOrigin(nsACString &aOrigin) { aOrigin = Origin(); return NS_OK; } NS_IMETHODIMP nsCookie::GetHost(nsACString &aHost) { aHost = Host(); return NS_OK; } NS_IMETHODIMP nsCookie::GetRawHost(nsACString &aHost) { aHost = RawHost(); return NS_OK; } NS_IMETHODIMP nsCookie::GetPath(nsACString &aPath) { aPath = Path(); return NS_OK; } diff -r 7e26c7da4463 -r fc2d59ddac77 netwerk/cookie/nsCookie.h --- a/netwerk/cookie/nsCookie.h Wed Dec 31 06:55:50 2014 +0100 +++ b/netwerk/cookie/nsCookie.h Wed Dec 31 07:22:50 2014 +0100 @@ -36,6 +36,7 @@ nsCookie(const char *aName, const char *aValue, const char *aHost, + const char *aOrigin, const char *aPath, const char *aEnd, int64_t aExpiry, @@ -47,6 +48,7 @@ : mName(aName) , mValue(aValue) , mHost(aHost) + , mOrigin(aOrigin) , mPath(aPath) , mEnd(aEnd) , mExpiry(aExpiry) @@ -68,6 +70,7 @@ static nsCookie * Create(const nsACString &aName, const nsACString &aValue, const nsACString &aHost, + const nsACString &aOrigin, const nsACString &aPath, int64_t aExpiry, int64_t aLastAccessed, @@ -83,8 +86,9 @@ // fast (inline, non-xpcom) getters inline const nsDependentCString Name() const { return nsDependentCString(mName, mValue - 1); } inline const nsDependentCString Value() const { return nsDependentCString(mValue, mHost - 1); } - inline const nsDependentCString Host() const { return nsDependentCString(mHost, mPath - 1); } - inline const nsDependentCString RawHost() const { return nsDependentCString(IsDomain() ? mHost + 1 : mHost, mPath - 1); } + inline const nsDependentCString Host() const { return nsDependentCString(mHost, mOrigin - 1); } + inline const nsDependentCString RawHost() const { return nsDependentCString(IsDomain() ? mHost + 1 : mHost, mOrigin - 1); } + inline const nsDependentCString Origin() const { return nsDependentCString(mOrigin, mPath - 1); } inline const nsDependentCString Path() const { return nsDependentCString(mPath, mEnd); } inline int64_t Expiry() const { return mExpiry; } // in seconds inline int64_t LastAccessed() const { return mLastAccessed; } // in microseconds @@ -113,6 +117,7 @@ const char *mName; const char *mValue; const char *mHost; + const char *mOrigin; const char *mPath; const char *mEnd; int64_t mExpiry; diff -r 7e26c7da4463 -r fc2d59ddac77 netwerk/cookie/nsCookieService.cpp --- a/netwerk/cookie/nsCookieService.cpp Wed Dec 31 06:55:50 2014 +0100 +++ b/netwerk/cookie/nsCookieService.cpp Wed Dec 31 07:22:50 2014 +0100 @@ -262,6 +262,7 @@ PR_LOG(GetCookieLog(), PR_LOG_DEBUG,("name: %s\n", aCookie->Name().get())); PR_LOG(GetCookieLog(), PR_LOG_DEBUG,("value: %s\n", aCookie->Value().get())); PR_LOG(GetCookieLog(), PR_LOG_DEBUG,("%s: %s\n", aCookie->IsDomain() ? "domain" : "host", aCookie->Host().get())); + PR_LOG(GetCookieLog(), PR_LOG_DEBUG,("orighost: %s\n", aCookie->Origin().get())); PR_LOG(GetCookieLog(), PR_LOG_DEBUG,("path: %s\n", aCookie->Path().get())); PR_ExplodeTime(aCookie->Expiry() * int64_t(PR_USEC_PER_SEC), @@ -1634,9 +1635,19 @@ bool isPrivate = aChannel && NS_UsePrivateBrowsing(aChannel); + nsCOMPtr firstPartyURI; + mThirdPartyUtil->GetFirstPartyURI(aChannel, nullptr, getter_AddRefs(firstPartyURI)); + bool requireHostMatch; + nsAutoCString origDomain; + nsresult rv = GetBaseDomain(firstPartyURI, origDomain, requireHostMatch); + if (NS_FAILED(rv)) { + COOKIE_LOGFAILURE(GET_COOKIE, aHostURI, nullptr, + "couldn't get base domain from URI"); + } + nsAutoCString result; GetCookieStringInternal(aHostURI, isForeign, aHttpBound, appId, - inBrowserElement, isPrivate, result); + inBrowserElement, isPrivate, origDomain, result); *aCookie = result.IsEmpty() ? nullptr : ToNewCString(result); return NS_OK; } @@ -1716,6 +1727,10 @@ return NS_OK; } +// FIXME:MSvB DEBUG DEBUG - DELETEME DELETEME - debug debug - deleteme deleteme +// FIXME:MSvB Setting a 3rd party cookie (on third.tld) for URL bar browsed +// FIXME:MSvB site first.tld causes aHostURI (and later the origin var) to +// FIXME:MSvB contain 'third.tld' void nsCookieService::SetCookieStringInternal(nsIURI *aHostURI, bool aIsForeign, @@ -1792,9 +1807,20 @@ serverTime = PR_Now() / PR_USEC_PER_SEC; } + // double keyed cookie boilerplate + nsCOMPtr firstPartyURI; + mThirdPartyUtil->GetFirstPartyURI(aChannel, nullptr, getter_AddRefs(firstPartyURI)); + nsAutoCString origDomain; + rv = GetBaseDomain(firstPartyURI, origDomain, requireHostMatch); + if (NS_FAILED(rv)) { + COOKIE_LOGFAILURE(GET_COOKIE, aHostURI, nullptr, + "couldn't get base domain from URI"); + } + // process each cookie in the header - while (SetCookieInternal(aHostURI, key, requireHostMatch, cookieStatus, - aCookieHeader, serverTime, aFromHttp, aChannel)) { + while (SetCookieInternal(aHostURI, key, requireHostMatch, origDomain, + cookieStatus, aCookieHeader, serverTime, + aFromHttp, aChannel)) { // document.cookie can only set one cookie at a time if (!aFromHttp) break; @@ -2026,7 +2052,7 @@ int64_t currentTimeInUsec = PR_Now(); nsRefPtr cookie = - nsCookie::Create(aName, aValue, host, aPath, + nsCookie::Create(aName, aValue, host, baseDomain, aPath, aExpiry, currentTimeInUsec, nsCookie::GenerateUniqueCreationTime(currentTimeInUsec), @@ -2064,6 +2090,7 @@ nsListIter matchIter; nsRefPtr cookie; if (FindCookie(nsCookieKey(baseDomain, aAppId, aInBrowserElement), + baseDomain, host, PromiseFlatCString(aName), PromiseFlatCString(aPath), @@ -2191,8 +2218,12 @@ bool isSecure = 0 != aRow->AsInt32(IDX_SECURE); bool isHttpOnly = 0 != aRow->AsInt32(IDX_HTTPONLY); + nsAutoCString baseDomain; + rv = GetBaseDomainFromHost(host, baseDomain); + NS_ASSERT_SUCCESS(rv); + // Create a new nsCookie and assign the data. - return nsCookie::Create(name, value, host, path, + return nsCookie::Create(name, value, host, baseDomain, path, expiry, lastAccessed, creationTime, @@ -2579,6 +2610,7 @@ nsCookie::Create(Substring(buffer, nameIndex, cookieIndex - nameIndex - 1), Substring(buffer, cookieIndex, buffer.Length() - cookieIndex), host, + baseDomain, Substring(buffer, pathIndex, secureIndex - pathIndex - 1), expires, lastAccessedCounter, @@ -2664,6 +2696,7 @@ uint32_t aAppId, bool aInBrowserElement, bool aIsPrivate, + nsCString &aOrigDomain, nsCString &aCookieString) { NS_ASSERTION(aHostURI, "null host!"); @@ -2732,6 +2765,13 @@ for (nsCookieEntry::IndexType i = 0; i < cookies.Length(); ++i) { cookie = cookies[i]; + // Check the origin key. We only continue if the + // saved origin matches matches the origin domain. + // FIXME:MSvB, other places iterate cookies too, handle them likewise? + if (cookie->Origin() != aOrigDomain) { + continue; + } + // check the host, since the base domain lookup is conservative. // first, check for an exact host or domain cookie match, e.g. "google.com" // or ".google.com"; second a subdomain match, e.g. @@ -2854,6 +2894,7 @@ nsCookieService::SetCookieInternal(nsIURI *aHostURI, const nsCookieKey &aKey, bool aRequireHostMatch, + const nsCString &aOrigin, CookieStatus aStatus, nsDependentCString &aCookieHeader, int64_t aServerTime, @@ -2910,10 +2951,13 @@ } // create a new nsCookie and copy attributes +//FIXME:MSvB, The name and value vars are neither host nor key +//FIXME:MSvB, host shows up in cookie inspector, as a index key nsRefPtr cookie = nsCookie::Create(cookieAttributes.name, cookieAttributes.value, cookieAttributes.host, + aOrigin, cookieAttributes.path, cookieAttributes.expiryTime, currentTimeInUsec, @@ -2975,8 +3019,8 @@ } nsListIter matchIter; - bool foundCookie = FindCookie(aKey, aCookie->Host(), - aCookie->Name(), aCookie->Path(), matchIter); + bool foundCookie = FindCookie(aKey, aCookie->Origin(), + aCookie->Host(), aCookie->Name(), aCookie->Path(), matchIter); nsRefPtr oldCookie; nsCOMPtr purgedList; @@ -3885,9 +3929,11 @@ return NS_ERROR_NOT_AVAILABLE; } - nsAutoCString host, name, path; + nsAutoCString host, origin, name, path; nsresult rv = aCookie->GetHost(host); NS_ENSURE_SUCCESS(rv, rv); + rv = aCookie->GetOrigin(origin); + NS_ENSURE_SUCCESS(rv, rv); rv = aCookie->GetName(name); NS_ENSURE_SUCCESS(rv, rv); rv = aCookie->GetPath(path); @@ -3898,7 +3944,7 @@ NS_ENSURE_SUCCESS(rv, rv); nsListIter iter; - *aFoundCookie = FindCookie(DEFAULT_APP_KEY(baseDomain), host, name, path, iter); + *aFoundCookie = FindCookie(DEFAULT_APP_KEY(baseDomain), origin, host, name, path, iter); return NS_OK; } @@ -4105,6 +4151,7 @@ // find an exact cookie specified by host, name, and path that hasn't expired. bool nsCookieService::FindCookie(const nsCookieKey &aKey, + const nsAFlatCString &aOrigin, const nsAFlatCString &aHost, const nsAFlatCString &aName, const nsAFlatCString &aPath, @@ -4120,7 +4167,8 @@ for (nsCookieEntry::IndexType i = 0; i < cookies.Length(); ++i) { nsCookie *cookie = cookies[i]; - if (aHost.Equals(cookie->Host()) && + if (aOrigin.Equals(cookie->Origin()) && + aHost.Equals(cookie->Host()) && aPath.Equals(cookie->Path()) && aName.Equals(cookie->Name())) { aIter = nsListIter(entry, i); diff -r 7e26c7da4463 -r fc2d59ddac77 netwerk/cookie/nsCookieService.h --- a/netwerk/cookie/nsCookieService.h Wed Dec 31 06:55:50 2014 +0100 +++ b/netwerk/cookie/nsCookieService.h Wed Dec 31 07:22:50 2014 +0100 @@ -289,10 +289,10 @@ nsresult GetBaseDomain(nsIURI *aHostURI, nsCString &aBaseDomain, bool &aRequireHostMatch); nsresult GetBaseDomainFromHost(const nsACString &aHost, nsCString &aBaseDomain); nsresult GetCookieStringCommon(nsIURI *aHostURI, nsIChannel *aChannel, bool aHttpBound, char** aCookie); - void GetCookieStringInternal(nsIURI *aHostURI, bool aIsForeign, bool aHttpBound, uint32_t aAppId, bool aInBrowserElement, bool aIsPrivate, nsCString &aCookie); + void GetCookieStringInternal(nsIURI *aHostURI, bool aIsForeign, bool aHttpBound, uint32_t aAppId, bool aInBrowserElement, bool aIsPrivate, nsCString &aOrigin, nsCString &aCookie); nsresult SetCookieStringCommon(nsIURI *aHostURI, const char *aCookieHeader, const char *aServerTime, nsIChannel *aChannel, bool aFromHttp); void SetCookieStringInternal(nsIURI *aHostURI, bool aIsForeign, nsDependentCString &aCookieHeader, const nsCString &aServerTime, bool aFromHttp, uint32_t aAppId, bool aInBrowserElement, bool aIsPrivate, nsIChannel* aChannel); - bool SetCookieInternal(nsIURI *aHostURI, const nsCookieKey& aKey, bool aRequireHostMatch, CookieStatus aStatus, nsDependentCString &aCookieHeader, int64_t aServerTime, bool aFromHttp, nsIChannel* aChannel); + bool SetCookieInternal(nsIURI *aHostURI, const nsCookieKey& aKey, bool aRequireHostMatch, const nsCString &aOrigin, CookieStatus aStatus, nsDependentCString &aCookieHeader, int64_t aServerTime, bool aFromHttp, nsIChannel* aChannel); void AddInternal(const nsCookieKey& aKey, nsCookie *aCookie, int64_t aCurrentTimeInUsec, nsIURI *aHostURI, const char *aCookieHeader, bool aFromHttp); void RemoveCookieFromList(const nsListIter &aIter, mozIStorageBindingParamsArray *aParamsArray = nullptr); void AddCookieToList(const nsCookieKey& aKey, nsCookie *aCookie, DBState *aDBState, mozIStorageBindingParamsArray *aParamsArray, bool aWriteToDB = true); @@ -306,7 +306,7 @@ static bool GetExpiry(nsCookieAttributes &aCookie, int64_t aServerTime, int64_t aCurrentTime); void RemoveAllFromMemory(); already_AddRefed PurgeCookies(int64_t aCurrentTimeInUsec); - bool FindCookie(const nsCookieKey& aKey, const nsAFlatCString &aHost, const nsAFlatCString &aName, const nsAFlatCString &aPath, nsListIter &aIter); + bool FindCookie(const nsCookieKey& aKey, const nsAFlatCString &aOrigin, const nsAFlatCString &aHost, const nsAFlatCString &aName, const nsAFlatCString &aPath, nsListIter &aIter); static void FindStaleCookie(nsCookieEntry *aEntry, int64_t aCurrentTime, nsListIter &aIter); void NotifyRejected(nsIURI *aHostURI); void NotifyThirdParty(nsIURI *aHostURI, bool aAccepted, nsIChannel *aChannel); diff -r 7e26c7da4463 -r fc2d59ddac77 netwerk/cookie/nsICookie2.idl --- a/netwerk/cookie/nsICookie2.idl Wed Dec 31 06:55:50 2014 +0100 +++ b/netwerk/cookie/nsICookie2.idl Wed Dec 31 07:22:50 2014 +0100 @@ -11,12 +11,17 @@ * access of cookie objects */ -[scriptable, uuid(05c420e5-03d0-4c7b-a605-df7ebe5ca326)] +[scriptable, uuid(9468A7E6-37B3-43CE-A081-377BC12C5BB7)] interface nsICookie2 : nsICookie { /** + * the origin key of the cookie. + */ + readonly attribute ACString origin; + + /** * the host (possibly fully qualified) of the cookie, * without a leading dot to represent if it is a * domain cookie.