Bug 251581

Summary: [WinCairo] secure WebSocket's don't include secure cookies
Product: WebKit Reporter: Max Schmitt <max>
Component: PlatformAssignee: Nobody <webkit-unassigned>
Status: RESOLVED FIXED    
Severity: Normal CC: fujii.hironori, max, webkit-bug-importer
Priority: P2 Keywords: InRadar
Version: WebKit Nightly Build   
Hardware: Unspecified   
OS: Unspecified   

Max Schmitt
Reported 2023-02-02 05:15:28 PST
1. Go to https://httpdump.app/ and 'Create your own Dump' 2. Open the URL on the right in MiniBrowser 2. Inside Web Inspector go to Storage -> Cookies -> Mark both cookies as secure 3. Inside Web Inspector evaluate 'new WebSocket("wss://httpdump.app/dumps/ecf2db54-87fb-4369-87bc-51f3707ba75a")' (adjust the random UUID to your httpdump) 4. Click on the request which got tracked on the left and observe the headers on the right. Expected: It includes two cookies Actual: It does not include any cookies
Attachments
Add attachment proposed patch, testcase, etc.
Max Schmitt
Comment 1 2023-02-02 05:42:47 PST
Pull request: https://github.com/WebKit/WebKit/pull/9514
Fujii Hironori
Comment 2 2023-02-02 21:03:35 PST
(In reply to Max Schmitt from comment #0) > 1. Go to https://httpdump.app/ and 'Create your own Dump' I found out another bug while trying this step. Filed: Bug 251661 – REGRESSION(WebKitRequirements v2022.12.22) WinCairo can't load https://httpdump.app/
Fujii Hironori
Comment 3 2023-02-02 21:12:26 PST
Due to the above bug, I'm trying to reproduce it with old WinCairo MiniBrowser (258184@main) + WebKitRequirements v2022.10.20. But, I don't observe the problem. I'm observing cookies in the newest request.
Fujii Hironori
Comment 4 2023-02-02 22:00:13 PST
[BUG]: secure cookies don't get included for wss:// WebSockets · Issue #20370 · microsoft/playwright https://github.com/microsoft/playwright/issues/20370 The bug report says this is a regression.
Max Schmitt
Comment 5 2023-02-03 10:25:07 PST
It's a regression on our side + on WebKit side as well since it was introduced between these commits: https://github.com/WebKit/WebKit/compare/0e798281d3ad557900b890a1ffdee2984b05c227...b443fbf87d8dcbaabdd9bde259a812a2e5622906 This reflects to Playwright revision numbers 1652 and 1654.
Max Schmitt
Comment 6 2023-02-03 10:25:41 PST
So I guess its caused by https://github.com/WebKit/WebKit/commit/d726f6c8e4e517f224863044bb7200eeeac40127.
EWS
Comment 7 2023-02-07 12:52:45 PST
Committed 259975@main (11421fd47f7d): <https://commits.webkit.org/259975@main> Reviewed commits have been landed. Closing PR #9514 and removing active labels.
Radar WebKit Bug Importer
Comment 8 2023-02-07 12:53:18 PST
<rdar://problem/105141402>
Note You need to log in before you can comment on or make changes to this bug.