Crash under WebCore::deleteCookiesForHostnames()
[WebKit-https.git] / Source / WebCore / platform / network / cocoa / NetworkStorageSessionCocoa.mm
index 385c44b..89485a3 100644 (file)
@@ -266,6 +266,7 @@ static RetainPtr<NSArray> filterCookies(NSArray *unfilteredCookies)
     NSUInteger count = [unfilteredCookies count];
     RetainPtr<NSMutableArray> filteredCookies = adoptNS([[NSMutableArray alloc] initWithCapacity:count]);
 
+    const NSTimeInterval secondsPerWeek = 7 * 24 * 60 * 60;
     for (NSUInteger i = 0; i < count; ++i) {
         NSHTTPCookie *cookie = (NSHTTPCookie *)[unfilteredCookies objectAtIndex:i];
 
@@ -279,63 +280,27 @@ static RetainPtr<NSArray> filterCookies(NSArray *unfilteredCookies)
         if ([cookie isHTTPOnly])
             continue;
 
+        // Cap lifetime of persistent, client-side cookies to a week.
+        if (![cookie isSessionOnly]) {
+            if (!cookie.expiresDate || cookie.expiresDate.timeIntervalSinceNow > secondsPerWeek) {
+                RetainPtr<NSMutableDictionary<NSHTTPCookiePropertyKey, id>> properties = adoptNS([[cookie properties] mutableCopy]);
+                RetainPtr<NSDate> dateInAWeek = adoptNS([[NSDate alloc] initWithTimeIntervalSinceNow:secondsPerWeek]);
+                [properties setObject:dateInAWeek.get() forKey:NSHTTPCookieExpires];
+                cookie = [NSHTTPCookie cookieWithProperties:properties.get()];
+            }
+        }
+
         [filteredCookies.get() addObject:cookie];
     }
 
     return filteredCookies;
 }
 
-#if HAVE(CFNETWORK_STORAGE_PARTITIONING)
-
-static NSArray *applyPartitionToCookies(NSString *partition, NSArray *cookies)
-{
-    ASSERT(hasProcessPrivilege(ProcessPrivilege::CanAccessRawCookies));
-
-    // FIXME 24747739: CFNetwork should expose this key as SPI
-    static NSString * const partitionKey = @"StoragePartition";
-
-    NSMutableArray *partitionedCookies = [NSMutableArray arrayWithCapacity:cookies.count];
-    for (NSHTTPCookie *cookie in cookies) {
-        RetainPtr<NSMutableDictionary> properties = adoptNS([cookie.properties mutableCopy]);
-        [properties setObject:partition forKey:partitionKey];
-        [partitionedCookies addObject:[NSHTTPCookie cookieWithProperties:properties.get()]];
-    }
-
-    return partitionedCookies;
-}
-
-static bool cookiesAreBlockedForURL(const NetworkStorageSession& session, const URL& firstParty, const URL& url)
-{
-    return session.shouldBlockCookies(firstParty, url);
-}
-
-static NSArray *cookiesInPartitionForURL(const NetworkStorageSession& session, const URL& firstParty, const SameSiteInfo& sameSiteInfo, const URL& url, std::optional<uint64_t> frameID, std::optional<uint64_t> pageID)
-{
-    ASSERT(hasProcessPrivilege(ProcessPrivilege::CanAccessRawCookies));
-    String partition = session.cookieStoragePartition(firstParty, url, frameID, pageID);
-    if (partition.isEmpty())
-        return nil;
-
-    // FIXME: Stop creating a new NSHTTPCookieStorage object each time we want to query the cookie jar.
-    // NetworkStorageSession could instead keep a NSHTTPCookieStorage object for us.
-    RetainPtr<NSHTTPCookieStorage> cookieStorage;
-    if (auto storage = session.cookieStorage())
-        cookieStorage = adoptNS([[NSHTTPCookieStorage alloc] _initWithCFHTTPCookieStorage:storage.get()]);
-    else
-        cookieStorage = [NSHTTPCookieStorage sharedHTTPCookieStorage];
-    return cookiesForURL(cookieStorage.get(), url, firstParty, sameSiteInfo, partition);
-}
-
-#endif // HAVE(CFNETWORK_STORAGE_PARTITIONING)
-    
 static NSArray *cookiesForURL(const NetworkStorageSession& session, const URL& firstParty, const SameSiteInfo& sameSiteInfo, const URL& url, std::optional<uint64_t> frameID, std::optional<uint64_t> pageID)
 {
-#if HAVE(CFNETWORK_STORAGE_PARTITIONING)
-    if (cookiesAreBlockedForURL(session, firstParty, url))
+#if ENABLE(RESOURCE_LOAD_STATISTICS)
+    if (session.shouldBlockCookies(firstParty, url, frameID, pageID))
         return nil;
-    
-    if (NSArray *cookies = cookiesInPartitionForURL(session, firstParty, sameSiteInfo, url, frameID, pageID))
-        return cookies;
 #else
     UNUSED_PARAM(frameID);
     UNUSED_PARAM(pageID);
@@ -442,13 +407,9 @@ void NetworkStorageSession::setCookiesFromDOM(const URL& firstParty, const SameS
     RetainPtr<NSArray> filteredCookies = filterCookies(unfilteredCookies);
     ASSERT([filteredCookies.get() count] <= 1);
 
-#if HAVE(CFNETWORK_STORAGE_PARTITIONING)
-    if (shouldBlockCookies(firstParty, url))
+#if ENABLE(RESOURCE_LOAD_STATISTICS)
+    if (shouldBlockCookies(firstParty, url, frameID, pageID))
         return;
-
-    String partition = cookieStoragePartition(firstParty, url, frameID, pageID);
-    if (!partition.isEmpty())
-        filteredCookies = applyPartitionToCookies(partition, filteredCookies.get());
 #else
     UNUSED_PARAM(frameID);
     UNUSED_PARAM(pageID);
@@ -547,9 +508,12 @@ void NetworkStorageSession::deleteCookiesForHostnames(const Vector<String>& host
         return;
 
     HashMap<String, Vector<RetainPtr<NSHTTPCookie>>> cookiesByDomain;
-    for (NSHTTPCookie* cookie in cookies) {
-        auto& cookies = cookiesByDomain.add(cookie.domain, Vector<RetainPtr<NSHTTPCookie>>()).iterator->value;
-        cookies.append(cookie);
+    for (NSHTTPCookie *cookie in cookies) {
+        if (!cookie.domain)
+            continue;
+        cookiesByDomain.ensure(cookie.domain, [] {
+            return Vector<RetainPtr<NSHTTPCookie>>();
+        }).iterator->value.append(cookie);
     }
 
     for (const auto& hostname : hostnames) {