Bug 1561210 - Pass samesite-none-secure WPTs, r=Ehsan
authorAndrea Marchesini <amarchesini@mozilla.com>
Wed, 03 Jul 2019 18:18:27 +0000
changeset 540872 89f953aae9214467dd2b3d8ab333686ea525f468
parent 540866 6a2bd09a6bf9aada14581e923408d7308479b76d
child 540873 264f8e9be4b1833fdc620febe96b53cb4ebfa3e5
push id11533
push userarchaeopteryx@coole-files.de
push dateMon, 08 Jul 2019 18:18:03 +0000
treeherdermozilla-beta@f4452e031aed [default view] [failures only]
perfherder[talos] [build metrics] [platform microbench] (compared to previous push)
reviewersEhsan
bugs1561210
milestone69.0a1
first release with
nightly linux32
nightly linux64
nightly mac
nightly win32
nightly win64
last release without
nightly linux32
nightly linux64
nightly mac
nightly win32
nightly win64
Bug 1561210 - Pass samesite-none-secure WPTs, r=Ehsan Differential Revision: https://phabricator.services.mozilla.com/D35762
netwerk/cookie/nsCookieService.cpp
testing/web-platform/meta/cookies/samesite-none-secure/__dir__.ini
testing/web-platform/meta/cookies/samesite-none-secure/cookies-without-samesite-must-be-secure.https.tentative.html.ini
--- a/netwerk/cookie/nsCookieService.cpp
+++ b/netwerk/cookie/nsCookieService.cpp
@@ -3859,31 +3859,31 @@ bool nsCookieService::ParseAttributes(ns
         aCookieData.rawSameSite() = nsICookie::SAMESITE_STRICT;
       } else if (tokenValue.LowerCaseEqualsLiteral(kSameSiteNone)) {
         aCookieData.sameSite() = nsICookie::SAMESITE_NONE;
         aCookieData.rawSameSite() = nsICookie::SAMESITE_NONE;
       }
     }
   }
 
+  // re-assign aCookieHeader, in case we need to process another cookie
+  aCookieHeader.Assign(Substring(cookieStart, cookieEnd));
+
   // If same-site is set to 'none' but this is not a secure context, let's abort
   // the parsing.
   if (StaticPrefs::network_cookie_sameSite_laxByDefault() &&
       StaticPrefs::network_cookie_sameSite_noneRequiresSecure() &&
       !aCookieData.isSecure() &&
       aCookieData.sameSite() == nsICookie::SAMESITE_NONE) {
     return newCookie;
   }
 
   // Cookie accepted.
   aAcceptedByParser = true;
 
-  // re-assign aCookieHeader, in case we need to process another cookie
-  aCookieHeader.Assign(Substring(cookieStart, cookieEnd));
-
   MOZ_ASSERT(nsCookie::ValidateRawSame(aCookieData));
   return newCookie;
 }
 
 /******************************************************************************
  * nsCookieService impl:
  * private domain & permission compliance enforcement functions
  ******************************************************************************/
new file mode 100644
--- /dev/null
+++ b/testing/web-platform/meta/cookies/samesite-none-secure/__dir__.ini
@@ -0,0 +1,1 @@
+prefs: [network.cookie.sameSite.laxByDefault:true, network.cookie.sameSite.noneRequiresSecure:true]
deleted file mode 100644
--- a/testing/web-platform/meta/cookies/samesite-none-secure/cookies-without-samesite-must-be-secure.https.tentative.html.ini
+++ /dev/null
@@ -1,4 +0,0 @@
-[cookies-without-samesite-must-be-secure.https.tentative.html]
-  [SameSite=None cookies are rejected unless the Secure attribute is set.]
-    expected: FAIL
-