diff options
| author | Keith Yeung <kungfukeith11@gmail.com> | 2017-11-11 14:50:06 -0800 |
|---|---|---|
| committer | Keith Yeung <kungfukeith11@gmail.com> | 2017-11-21 19:15:58 -0800 |
| commit | 17ca56aa79df859cb01b8650c4c96ab621fec5f6 (patch) | |
| tree | 742894c29a5cce43d7a4a8477d95ec6531efe3cc /components/net | |
| parent | 93c2a5da89b7413837e61ec92ed529debd4cf5f8 (diff) | |
| download | servo-17ca56aa79df859cb01b8650c4c96ab621fec5f6.tar.gz servo-17ca56aa79df859cb01b8650c4c96ab621fec5f6.zip | |
Implement secure and host cookie prefixes
Diffstat (limited to 'components/net')
| -rw-r--r-- | components/net/cookie.rs | 27 |
1 files changed, 23 insertions, 4 deletions
diff --git a/components/net/cookie.rs b/components/net/cookie.rs index 7029ddee090..e8e7be6733d 100644 --- a/components/net/cookie.rs +++ b/components/net/cookie.rs @@ -82,7 +82,11 @@ impl Cookie { }; // Step 7 - let mut path = cookie.path().unwrap_or("").to_owned(); + let mut has_path_specified = true; + let mut path = cookie.path().unwrap_or_else(|| { + has_path_specified = false; + "" + }).to_owned(); if path.chars().next() != Some('/') { path = Cookie::default_path(&request.path().to_owned()).to_string(); } @@ -94,10 +98,25 @@ impl Cookie { return None; } + // https://tools.ietf.org/html/draft-west-cookie-prefixes-04#section-4 + // Step 1 of cookie prefixes + if (cookie.name().starts_with("__Secure-") || cookie.name().starts_with("__Host-")) && + !(cookie.secure() && request.is_secure_scheme()) + { + return None; + } + + // Step 2 of cookie prefixes + if cookie.name().starts_with("__Host-") && + !(host_only && has_path_specified && cookie.path().unwrap() == "/") + { + return None; + } + Some(Cookie { - cookie: cookie, - host_only: host_only, - persistent: persistent, + cookie, + host_only, + persistent, creation_time: now(), last_access: now(), expiry_time: expiry_time.map(Serde), |