mirrors/electron
2
0
Fork 0
Code Issues Pull requests Projects Releases Packages 1 Wiki Activity Actions

fix: change cookie default from NO_RESTRICTION to LAX_MODE (#31800)

Browse source 
* fix: change default from NO_RESTRICTION to LAX_MODE

* chore: update cookie docs, redirect tests
This commit is contained in:
Keeley Hammond 2021-11-15 07:20:04 -08:00 committed by GitHub
parent d9e93b3c4b
commit bf7b245fa0
No known key found for this signature in database
GPG key ID: 4AEE18F83AFDEB23
3 changed files with 6 additions and 2 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

2
docs/api/cookies.md
View file

@ -99,7 +99,7 @@ the response.
* `expirationDate` Double (optional) - The expiration date of the cookie as the number of * `expirationDate` Double (optional) - The expiration date of the cookie as the number of
seconds since the UNIX epoch. If omitted then the cookie becomes a session seconds since the UNIX epoch. If omitted then the cookie becomes a session
cookie and will not be retained between sessions. cookie and will not be retained between sessions.
* `sameSite` String (optional) - The [Same Site](https://developer.mozilla.org/en-US/docs/Web/HTTP/Cookies#SameSite_cookies) policy to apply to this cookie. Can be `unspecified`, `no_restriction`, `lax` or `strict`. Default is `no_restriction`. * `sameSite` String (optional) - The [Same Site](https://developer.mozilla.org/en-US/docs/Web/HTTP/Cookies#SameSite_cookies) policy to apply to this cookie. Can be `unspecified`, `no_restriction`, `lax` or `strict`. Default is `lax`.
Returns `Promise<void>` - A promise which resolves when the cookie has been set Returns `Promise<void>` - A promise which resolves when the cookie has been set

2
shell/browser/api/electron_api_cookies.cc
View file

@ -192,7 +192,7 @@ std::string InclusionStatusToString(net::CookieInclusionStatus status) {
std::string StringToCookieSameSite(const std::string* str_ptr, std::string StringToCookieSameSite(const std::string* str_ptr,
net::CookieSameSite* same_site) { net::CookieSameSite* same_site) {
if (!str_ptr) { if (!str_ptr) {
*same_site = net::CookieSameSite::NO_RESTRICTION; *same_site = net::CookieSameSite::LAX_MODE;
return ""; return "";
} }
const std::string& str = *str_ptr; const std::string& str = *str_ptr;

4
spec-main/api-net-spec.ts
View file

@ -759,14 +759,18 @@ describe('net module', () => {
const cookieLocalVal = `${Date.now()}-local`; const cookieLocalVal = `${Date.now()}-local`;
const localhostUrl = serverUrl.replace('127.0.0.1', 'localhost'); const localhostUrl = serverUrl.replace('127.0.0.1', 'localhost');
expect(localhostUrl).to.not.equal(serverUrl); expect(localhostUrl).to.not.equal(serverUrl);
// cookies with lax or strict same-site settings will not
// persist after redirects. no_restriction must be used
await Promise.all([ await Promise.all([
sess.cookies.set({ sess.cookies.set({
url: serverUrl, url: serverUrl,
name: 'wild_cookie', name: 'wild_cookie',
sameSite: 'no_restriction',
value: cookie127Val value: cookie127Val
}), sess.cookies.set({ }), sess.cookies.set({
url: localhostUrl, url: localhostUrl,
name: 'wild_cookie', name: 'wild_cookie',
sameSite: 'no_restriction',
value: cookieLocalVal value: cookieLocalVal
}) })
]); ]);