Skip to content

Commit

Permalink
fix: cookies filter secure invalid (#37203)
Browse files Browse the repository at this point in the history
  • Loading branch information
@BlackHole1
BlackHole1 committed Feb 13, 2023
1 parent cf80994 commit 8b3e498
Show file tree
Hide file tree
Showing 2 changed files with 67 additions and 2 deletions.
4 changes: 2 additions & 2 deletions shell/browser/api/electron_api_cookies.cc
View file
Original file line number Diff line number Diff line change
Expand Up @@ -128,10 +128,10 @@ bool MatchesCookie(const base::Value::Dict& filter,
!MatchesDomain(*str, cookie.Domain()))
return false;
absl::optional<bool> secure_filter = filter.FindBool("secure");
if (secure_filter && *secure_filter == cookie.IsSecure())
if (secure_filter && *secure_filter != cookie.IsSecure())
return false;
absl::optional<bool> session_filter = filter.FindBool("session");
if (session_filter && *session_filter != !cookie.IsPersistent())
if (session_filter && *session_filter == cookie.IsPersistent())
return false;
return true;
}
Expand Down
65 changes: 65 additions & 0 deletions spec/api-net-spec.ts
View file
Original file line number Diff line number Diff line change
Expand Up @@ -813,6 +813,71 @@ describe('net module', () => {
});
}

it('should be able correctly filter out cookies that are secure', async () => {
const sess = session.fromPartition(`cookie-tests-${Math.random()}`);

await Promise.all([
sess.cookies.set({
url: 'https://electronjs.org',
domain: 'electronjs.org',
name: 'cookie1',
value: '1',
secure: true
}),
sess.cookies.set({
url: 'https://electronjs.org',
domain: 'electronjs.org',
name: 'cookie2',
value: '2',
secure: false
})
]);

const secureCookies = await sess.cookies.get({
secure: true
});
expect(secureCookies).to.have.lengthOf(1);
expect(secureCookies[0].name).to.equal('cookie1');

const cookies = await sess.cookies.get({
secure: false
});
expect(cookies).to.have.lengthOf(1);
expect(cookies[0].name).to.equal('cookie2');
});

it('should be able correctly filter out cookies that are session', async () => {
const sess = session.fromPartition(`cookie-tests-${Math.random()}`);

await Promise.all([
sess.cookies.set({
url: 'https://electronjs.org',
domain: 'electronjs.org',
name: 'cookie1',
value: '1'
}),
sess.cookies.set({
url: 'https://electronjs.org',
domain: 'electronjs.org',
name: 'cookie2',
value: '2',
expirationDate: Math.round(Date.now() / 1000) + 10000
})
]);

const sessionCookies = await sess.cookies.get({
session: true
});
expect(sessionCookies).to.have.lengthOf(1);
expect(sessionCookies[0].name).to.equal('cookie1');

const cookies = await sess.cookies.get({
session: false
});
expect(cookies).to.have.lengthOf(1);
expect(cookies[0].name).to.equal('cookie2');
});

describe('when {"credentials":"omit"}', () => {
it('should not send cookies');
it('should not store cookies');
Expand Down

0 comments on commit 8b3e498

Please sign in to comment.