Closed
Bug 1286858
Opened 8 years ago
Closed 7 years ago
Modify nsCookie*, interfaces and storage to include the SameSite attribute
Categories
(Core :: Networking: Cookies, defect, P2)
Core
Networking: Cookies
Tracking
()
RESOLVED
FIXED
mozilla58
Tracking | Status | |
---|---|---|
firefox58 | --- | fixed |
People
(Reporter: mgoodwin, Assigned: amchung)
References
Details
Attachments
(1 file, 1 obsolete file)
40.83 KB,
patch
|
amchung
:
review+
|
Details | Diff | Splinter Review |
See https://tools.ietf.org/html/draft-west-first-party-cookies-07 - section 4.2
Mark, what's the roadmap for the SameSite cookie attribute? Are you working on this?
Updated•8 years ago
|
Whiteboard: [necko-active]
Reporter | ||
Comment 2•8 years ago
|
||
(In reply to m.kurz from comment #1) > Mark, what's the roadmap for the SameSite cookie attribute? Are you working > on this? I'm hoping for firefox 51 (or shortly after). Yes, I am actively working on this.
Reporter | ||
Comment 3•8 years ago
|
||
Review commit: https://reviewboard.mozilla.org/r/66028/diff/#index_header See other reviews: https://reviewboard.mozilla.org/r/66028/
Attachment #8773284 -
Flags: review?(valentin.gosu)
Reporter | ||
Comment 4•8 years ago
|
||
Valentin; at this stage this is more feedback? than r? - but AFICT mozreview has no support for such a thing.
Comment 5•8 years ago
|
||
Comment on attachment 8773284 [details] Bug 1286858 - Data storage and interface changes for SameSite cookies Looks good overall. I haven't looked at the SQL bits too closely. I would add a check to nsCookie::Create() that aSameSite has a sane value. Also, some tests that actually use this feature would be great, and the comments in nsICookie2.idl should specify what the attribute is used for. Thanks!
Attachment #8773284 -
Flags: review?(valentin.gosu) → feedback+
Comment hidden (mozreview-request) |
Comment 7•8 years ago
|
||
mozreview-review |
Comment on attachment 8773284 [details] Bug 1286858 - Data storage and interface changes for SameSite cookies https://reviewboard.mozilla.org/r/66028/#review70856 Looks good to me. Thanks!
Attachment #8773284 -
Flags: review?(valentin.gosu) → review+
Reporter | ||
Comment 8•8 years ago
|
||
https://treeherder.mozilla.org/#/jobs?repo=try&revision=7e134b91e926
Reporter | ||
Comment 9•8 years ago
|
||
https://treeherder.mozilla.org/#/jobs?repo=try&revision=a3053ee77f57
Reporter | ||
Comment 10•8 years ago
|
||
https://treeherder.mozilla.org/#/jobs?repo=try&revision=3441cc99c727
Comment hidden (mozreview-request) |
Comment hidden (mozreview-request) |
Blocks: 1298370
Comment hidden (mozreview-request) |
Comment hidden (mozreview-request) |
Comment 15•7 years ago
|
||
mozreview-review |
Comment on attachment 8773284 [details] Bug 1286858 - Data storage and interface changes for SameSite cookies https://reviewboard.mozilla.org/r/66028/#review121508 Looks good to me. r=me with the following question answered. ::: netwerk/cookie/nsCookieService.cpp:2819 (Diff revision 6) > "creationTime, " > "isSecure, " > - "isHttpOnly " > + "isHttpOnly, " > + "baseDomain, " > + "originAttributes, " > + "sameSite " baseDomain and originAttributes weren't listed here before. Was that a bug?
Reporter | ||
Comment 16•7 years ago
|
||
mozreview-review |
Comment on attachment 8773284 [details] Bug 1286858 - Data storage and interface changes for SameSite cookies https://reviewboard.mozilla.org/r/66028/#review121596 ::: netwerk/cookie/nsCookieService.cpp:2819 (Diff revision 6) > "creationTime, " > "isSecure, " > - "isHttpOnly " > + "isHttpOnly, " > + "baseDomain, " > + "originAttributes, " > + "sameSite " Well, not really. They're not actually used in GetCookieFromRow but we need to have them in the data for the row if we want to use IDX_SAME_SITE for the index in that function. Since the use of these greatly helps readability, I added them to that statement.
Reporter | ||
Comment 17•7 years ago
|
||
https://treeherder.mozilla.org/#/jobs?repo=try&revision=6b9fef87bb5a
Comment 18•7 years ago
|
||
Bulk priority update: https://bugzilla.mozilla.org/show_bug.cgi?id=1399258
Priority: -- → P1
Comment 19•7 years ago
|
||
Not happening for 57. Mark, what's the status with this work? Anything we can do to move it along?
Flags: needinfo?(mgoodwin)
Priority: P1 → P2
Whiteboard: [necko-active]
Reporter | ||
Comment 20•7 years ago
|
||
(In reply to Jason Duell [:jduell] (needinfo me) from comment #19) > Not happening for 57. > > Mark, what's the status with this work? Anything we can do to move it along? The patch on this bug needs rebasing and landing. With regards to the rest of the work; I'm unable to work on this in the near-term due to other priorities in CryptoEng - would be really happy to see someone else pick it up if someone in necko has time?
Assignee: mgoodwin → nobody
Flags: needinfo?(mgoodwin)
Assignee | ||
Comment 22•7 years ago
|
||
Attachment #8773284 -
Attachment is obsolete: true
Attachment #8911588 -
Flags: review+
Assignee | ||
Comment 23•7 years ago
|
||
[Try Server] https://treeherder.mozilla.org/#/jobs?repo=try&revision=06b304474708389e207dfdf6c66e1592a2a8a01f
Keywords: checkin-needed
Comment 24•7 years ago
|
||
Pushed by ryanvm@gmail.com: https://hg.mozilla.org/integration/mozilla-inbound/rev/23221e95f9ca Data storage and interface changes for SameSite cookies. r=valentin
Keywords: checkin-needed
Comment 25•7 years ago
|
||
bugherder |
https://hg.mozilla.org/mozilla-central/rev/23221e95f9ca
Status: NEW → RESOLVED
Closed: 7 years ago
status-firefox58:
--- → fixed
Resolution: --- → FIXED
Target Milestone: --- → mozilla58
You need to log in
before you can comment on or make changes to this bug.
Description
•