fix: cookies filter secure invalid (#37203)

2023-02-13 22:02:55 +08:00 · 2023-02-13 22:02:55 +08:00 · 8b3e498436
commit 8b3e498436
parent cf80994729
2 changed files with 67 additions and 2 deletions
--- a/shell/browser/api/electron_api_cookies.cc
+++ b/shell/browser/api/electron_api_cookies.cc
@ -128,10 +128,10 @@ bool MatchesCookie(const base::Value::Dict& filter,
      !MatchesDomain(*str, cookie.Domain()))
    return false;
  absl::optional<bool> secure_filter = filter.FindBool("secure");
-  if (secure_filter && *secure_filter == cookie.IsSecure())
+  if (secure_filter && *secure_filter != cookie.IsSecure())
    return false;
  absl::optional<bool> session_filter = filter.FindBool("session");
-  if (session_filter && *session_filter != !cookie.IsPersistent())
+  if (session_filter && *session_filter == cookie.IsPersistent())
    return false;
  return true;
 }
--- a/spec/api-net-spec.ts
+++ b/spec/api-net-spec.ts
@ -813,6 +813,71 @@ describe('net module', () => {
      });
    }

+    it('should be able correctly filter out cookies that are secure', async () => {
+      const sess = session.fromPartition(`cookie-tests-${Math.random()}`);
+
+      await Promise.all([
+        sess.cookies.set({
+          url: 'https://electronjs.org',
+          domain: 'electronjs.org',
+          name: 'cookie1',
+          value: '1',
+          secure: true
+        }),
+        sess.cookies.set({
+          url: 'https://electronjs.org',
+          domain: 'electronjs.org',
+          name: 'cookie2',
+          value: '2',
+          secure: false
+        })
+      ]);
+
+      const secureCookies = await sess.cookies.get({
+        secure: true
+      });
+      expect(secureCookies).to.have.lengthOf(1);
+      expect(secureCookies[0].name).to.equal('cookie1');
+
+      const cookies = await sess.cookies.get({
+        secure: false
+      });
+      expect(cookies).to.have.lengthOf(1);
+      expect(cookies[0].name).to.equal('cookie2');
+    });
+
+    it('should be able correctly filter out cookies that are session', async () => {
+      const sess = session.fromPartition(`cookie-tests-${Math.random()}`);
+
+      await Promise.all([
+        sess.cookies.set({
+          url: 'https://electronjs.org',
+          domain: 'electronjs.org',
+          name: 'cookie1',
+          value: '1'
+        }),
+        sess.cookies.set({
+          url: 'https://electronjs.org',
+          domain: 'electronjs.org',
+          name: 'cookie2',
+          value: '2',
+          expirationDate: Math.round(Date.now() / 1000) + 10000
+        })
+      ]);
+
+      const sessionCookies = await sess.cookies.get({
+        session: true
+      });
+      expect(sessionCookies).to.have.lengthOf(1);
+      expect(sessionCookies[0].name).to.equal('cookie1');
+
+      const cookies = await sess.cookies.get({
+        session: false
+      });
+      expect(cookies).to.have.lengthOf(1);
+      expect(cookies[0].name).to.equal('cookie2');
+    });
+
    describe('when {"credentials":"omit"}', () => {
      it('should not send cookies');
      it('should not store cookies');