Skip to content

Document cookie #529

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Merged
merged 4 commits into from
Apr 11, 2025
Merged

Document cookie #529

Show file tree
Hide file tree
Changes from 3 commits
Commits
Show all changes
4 commits
Select commit Hold shift + click to select a range
37340dc
dom: implement document.cookie
krichprollsch Apr 11, 2025
c88bc65
cookie: use a ; w/o space for cookie separator in requests
krichprollsch Apr 11, 2025
0310192
dom: assume we are using an arena for cookie
krichprollsch Apr 11, 2025
ee6382e
dom: use cookie jar's allocator to parse cookie
krichprollsch Apr 11, 2025
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
26 changes: 20 additions & 6 deletions src/html/document.zig
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -33,6 +33,9 @@ const Location = @import("location.zig").Location;
const collection = @import("../dom/html_collection.zig");
const Walker = @import("../dom/walker.zig").WalkerDepthFirst;

const UserContext = @import("../user_context.zig").UserContext;
const Cookie = @import("../storage/cookie.zig").Cookie;

// WEB IDL https://html.spec.whatwg.org/#the-document-object
pub const HTMLDocument = struct {
pub const Self = parser.DocumentHTML;
Expand Down Expand Up @@ -81,14 +84,17 @@ pub const HTMLDocument = struct {
}
}

// TODO: not implemented by libdom
pub fn get_cookie(_: *parser.DocumentHTML) ![]const u8 {
return error.NotImplemented;
pub fn get_cookie(_: *parser.DocumentHTML, arena: std.mem.Allocator, userctx: UserContext) ![]const u8 {
var buf: std.ArrayListUnmanaged(u8) = .{};
try userctx.cookie_jar.forRequest(&userctx.url.uri, buf.writer(arena), .{ .navigation = true });
return buf.items;
}

// TODO: not implemented by libdom
pub fn set_cookie(_: *parser.DocumentHTML, _: []const u8) ![]const u8 {
return error.NotImplemented;
pub fn set_cookie(_: *parser.DocumentHTML, arena: std.mem.Allocator, userctx: UserContext, cookie_str: []const u8) ![]const u8 {
const c = try Cookie.parse(arena, &userctx.url.uri, cookie_str);
Copy link
Collaborator

@karlseguin karlseguin Apr 11, 2025

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

This is a problem, the cookie has to outlive the arena (cookies live for the duration of the session, the arena is for the page). You can parse with userctx.cookie_jar.allocator instead of arena.

Not the first case where I think most web apis need the page_arena, but a few places need something with a longer lifetime. In jsuruntime, there is no special parameter for Allocator (or Loop), there's simply a session_state.arena. We could add a session_state.session_arena and/or a session_state.allocator

Copy link
Member Author

@krichprollsch krichprollsch Apr 11, 2025

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Good catch 👍

Did you see other places in that case in web api implementations?

Copy link
Collaborator

@karlseguin karlseguin Apr 11, 2025

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Somewhat related, we see this problem with XHR, where the page_arena is disposed of, clearing out the XHR object, but there are still inflight IO events. It crashes the app. It happens if the page load is slow, and the CDP client disconnects due to a timeout. It's on my radar.

The only other thing which I think currently outlives the page is the storage shed, but I just looked at the code again, and it seems OK as it's using the Session's arena.

try userctx.cookie_jar.add(c, std.time.timestamp());

return cookie_str;
}

pub fn get_title(self: *parser.DocumentHTML) ![]const u8 {
Expand Down Expand Up @@ -258,4 +264,12 @@ pub fn testExecFn(
.{ .src = "list.length", .ex = "1" },
};
try checkCases(js_env, &getElementsByName);

var cookie = [_]Case{
.{ .src = "document.cookie", .ex = "" },
.{ .src = "document.cookie = 'name=Oeschger; SameSite=None; Secure'", .ex = "name=Oeschger; SameSite=None; Secure" },
.{ .src = "document.cookie = 'favorite_food=tripe; SameSite=None; Secure'", .ex = "favorite_food=tripe; SameSite=None; Secure" },
.{ .src = "document.cookie", .ex = "name=Oeschger; favorite_food=tripe" },
};
try checkCases(js_env, &cookie);
}
30 changes: 15 additions & 15 deletions src/storage/cookie.zig
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -145,7 +145,7 @@ pub const Jar = struct {
if (first) {
first = false;
} else {
try writer.writeAll(", ");
try writer.writeAll("; ");
Copy link
Collaborator

@karlseguin karlseguin Apr 11, 2025

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

The problem with unit test: the test asserts the wrong behavior. Nice catch :)

}
try writeCookie(cookie, writer);
}
Expand Down Expand Up @@ -563,8 +563,8 @@ test "Jar: forRequest" {
try jar.add(try Cookie.parse(testing.allocator, &test_uri_2, "domain1=9;domain=test.lightpanda.io"), now);

// nothing fancy here
try expectCookies("global1=1, global2=2", &jar, test_uri, .{});
try expectCookies("global1=1, global2=2", &jar, test_uri, .{ .origin_uri = &test_uri, .navigation = false });
try expectCookies("global1=1; global2=2", &jar, test_uri, .{});
try expectCookies("global1=1; global2=2", &jar, test_uri, .{ .origin_uri = &test_uri, .navigation = false });

// We have a cookie where Domain=lightpanda.io
// This should _not_ match xyxlightpanda.io
Expand All @@ -573,47 +573,47 @@ test "Jar: forRequest" {
});

// matching path without trailing /
try expectCookies("global1=1, global2=2, path1=3", &jar, try std.Uri.parse("http://lightpanda.io/about"), .{
try expectCookies("global1=1; global2=2; path1=3", &jar, try std.Uri.parse("http://lightpanda.io/about"), .{
.origin_uri = &test_uri,
});

// incomplete prefix path
try expectCookies("global1=1, global2=2", &jar, try std.Uri.parse("http://lightpanda.io/abou"), .{
try expectCookies("global1=1; global2=2", &jar, try std.Uri.parse("http://lightpanda.io/abou"), .{
.origin_uri = &test_uri,
});

// path doesn't match
try expectCookies("global1=1, global2=2", &jar, try std.Uri.parse("http://lightpanda.io/aboutus"), .{
try expectCookies("global1=1; global2=2", &jar, try std.Uri.parse("http://lightpanda.io/aboutus"), .{
.origin_uri = &test_uri,
});

// path doesn't match cookie directory
try expectCookies("global1=1, global2=2", &jar, try std.Uri.parse("http://lightpanda.io/docs"), .{
try expectCookies("global1=1; global2=2", &jar, try std.Uri.parse("http://lightpanda.io/docs"), .{
.origin_uri = &test_uri,
});

// exact directory match
try expectCookies("global1=1, global2=2, path2=4", &jar, try std.Uri.parse("http://lightpanda.io/docs/"), .{
try expectCookies("global1=1; global2=2; path2=4", &jar, try std.Uri.parse("http://lightpanda.io/docs/"), .{
.origin_uri = &test_uri,
});

// sub directory match
try expectCookies("global1=1, global2=2, path2=4", &jar, try std.Uri.parse("http://lightpanda.io/docs/more"), .{
try expectCookies("global1=1; global2=2; path2=4", &jar, try std.Uri.parse("http://lightpanda.io/docs/more"), .{
.origin_uri = &test_uri,
});

// secure
try expectCookies("global1=1, global2=2, secure=5", &jar, try std.Uri.parse("https://lightpanda.io/"), .{
try expectCookies("global1=1; global2=2; secure=5", &jar, try std.Uri.parse("https://lightpanda.io/"), .{
.origin_uri = &test_uri,
});

// navigational cross domain, secure
try expectCookies("global1=1, global2=2, secure=5, sitenone=6, sitelax=7", &jar, try std.Uri.parse("https://lightpanda.io/x/"), .{
try expectCookies("global1=1; global2=2; secure=5; sitenone=6; sitelax=7", &jar, try std.Uri.parse("https://lightpanda.io/x/"), .{
.origin_uri = &(try std.Uri.parse("https://example.com/")),
});

// navigational cross domain, insecure
try expectCookies("global1=1, global2=2, sitelax=7", &jar, try std.Uri.parse("http://lightpanda.io/x/"), .{
try expectCookies("global1=1; global2=2; sitelax=7", &jar, try std.Uri.parse("http://lightpanda.io/x/"), .{
.origin_uri = &(try std.Uri.parse("https://example.com/")),
});

Expand All @@ -630,18 +630,18 @@ test "Jar: forRequest" {
});

// non-navigational same origin
try expectCookies("global1=1, global2=2, sitelax=7, sitestrict=8", &jar, try std.Uri.parse("http://lightpanda.io/x/"), .{
try expectCookies("global1=1; global2=2; sitelax=7; sitestrict=8", &jar, try std.Uri.parse("http://lightpanda.io/x/"), .{
.origin_uri = &(try std.Uri.parse("https://lightpanda.io/")),
.navigation = false,
});

// exact domain match + suffix
try expectCookies("global2=2, domain1=9", &jar, try std.Uri.parse("http://test.lightpanda.io/"), .{
try expectCookies("global2=2; domain1=9", &jar, try std.Uri.parse("http://test.lightpanda.io/"), .{
.origin_uri = &test_uri,
});

// domain suffix match + suffix
try expectCookies("global2=2, domain1=9", &jar, try std.Uri.parse("http://1.test.lightpanda.io/"), .{
try expectCookies("global2=2; domain1=9", &jar, try std.Uri.parse("http://1.test.lightpanda.io/"), .{
.origin_uri = &test_uri,
});

Expand Down