Merge pull request #8258 from deepak1556/net_header_patch

net: disallow cookies from cookie store
This commit is contained in:
Kevin Sawicki 2017-01-05 16:47:44 -08:00 committed by GitHub
commit e788b9f959
2 changed files with 52 additions and 0 deletions

View file

@ -11,6 +11,7 @@
#include "content/public/browser/browser_thread.h" #include "content/public/browser/browser_thread.h"
#include "net/base/elements_upload_data_stream.h" #include "net/base/elements_upload_data_stream.h"
#include "net/base/io_buffer.h" #include "net/base/io_buffer.h"
#include "net/base/load_flags.h"
#include "net/base/upload_bytes_element_reader.h" #include "net/base/upload_bytes_element_reader.h"
namespace { namespace {
@ -113,6 +114,8 @@ void AtomURLRequest::DoInitialize(
return; return;
} }
request_->set_method(method); request_->set_method(method);
// Do not send cookies from the cookie store.
DoSetLoadFlags(net::LOAD_DO_NOT_SEND_COOKIES);
} }
void AtomURLRequest::DoTerminate() { void AtomURLRequest::DoTerminate() {

View file

@ -487,6 +487,55 @@ describe('net module', function () {
urlRequest.end() urlRequest.end()
}) })
it('should be able to set cookie header line', function (done) {
const requestUrl = '/requestUrl'
const cookieHeaderName = 'Cookie'
const cookieHeaderValue = 'test=12345'
const customSession = session.fromPartition('test-cookie-header')
server.on('request', function (request, response) {
switch (request.url) {
case requestUrl:
assert.equal(request.headers[cookieHeaderName.toLowerCase()],
cookieHeaderValue)
response.statusCode = 200
response.statusMessage = 'OK'
response.end()
break
default:
assert(false)
}
})
customSession.cookies.set({
url: `${server.url}`,
name: 'test',
value: '11111'
}, function (error) {
if (error) {
return done(error)
}
const urlRequest = net.request({
method: 'GET',
url: `${server.url}${requestUrl}`,
session: customSession
})
urlRequest.on('response', function (response) {
const statusCode = response.statusCode
assert.equal(statusCode, 200)
response.pause()
response.on('data', function (chunk) {
})
response.on('end', function () {
done()
})
response.resume()
})
urlRequest.setHeader(cookieHeaderName, cookieHeaderValue)
assert.equal(urlRequest.getHeader(cookieHeaderName),
cookieHeaderValue)
urlRequest.end()
})
})
it('should be able to abort an HTTP request before first write', function (done) { it('should be able to abort an HTTP request before first write', function (done) {
const requestUrl = '/requestUrl' const requestUrl = '/requestUrl'
server.on('request', function (request, response) { server.on('request', function (request, response) {