feat: add httpOnly cookies.get filter (#37255)

feat: add httpOnly cookies filter
This commit is contained in:
Black-Hole 2023-02-21 18:44:35 +08:00 committed by GitHub
parent 85cf56d80b
commit 868676aa5c
No known key found for this signature in database
GPG key ID: 4AEE18F83AFDEB23
3 changed files with 37 additions and 0 deletions

View file

@ -78,6 +78,7 @@ The following methods are available on instances of `Cookies`:
* `path` string (optional) - Retrieves cookies whose path matches `path`.
* `secure` boolean (optional) - Filters cookies by their Secure property.
* `session` boolean (optional) - Filters out session or persistent cookies.
* `httpOnly` boolean (optional) - Filters cookies by httpOnly.
Returns `Promise<Cookie[]>` - A promise which resolves an array of cookie objects.

View file

@ -133,6 +133,9 @@ bool MatchesCookie(const base::Value::Dict& filter,
absl::optional<bool> session_filter = filter.FindBool("session");
if (session_filter && *session_filter == cookie.IsPersistent())
return false;
absl::optional<bool> httpOnly_filter = filter.FindBool("httpOnly");
if (httpOnly_filter && *httpOnly_filter != cookie.IsHttpOnly())
return false;
return true;
}

View file

@ -874,6 +874,39 @@ describe('net module', () => {
expect(cookies[0].name).to.equal('cookie2');
});
it('should be able correctly filter out cookies that are httpOnly', async () => {
const sess = session.fromPartition(`cookie-tests-${Math.random()}`);
await Promise.all([
sess.cookies.set({
url: 'https://electronjs.org',
domain: 'electronjs.org',
name: 'cookie1',
value: '1',
httpOnly: true
}),
sess.cookies.set({
url: 'https://electronjs.org',
domain: 'electronjs.org',
name: 'cookie2',
value: '2',
httpOnly: false
})
]);
const httpOnlyCookies = await sess.cookies.get({
httpOnly: true
});
expect(httpOnlyCookies).to.have.lengthOf(1);
expect(httpOnlyCookies[0].name).to.equal('cookie1');
const cookies = await sess.cookies.get({
httpOnly: false
});
expect(cookies).to.have.lengthOf(1);
expect(cookies[0].name).to.equal('cookie2');
});
describe('when {"credentials":"omit"}', () => {
it('should not send cookies');
it('should not store cookies');