ParsedCookie.cpp 23 KB

123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140141142143144145146147148149150151152153154155156157158159160161162163164165166167168169170171172173174175176177178179180181182183184185186187188189190191192193194195196197198199200201202203204205206207208209210211212213214215216217218219220221222223224225226227228229230231232233234235236237238239240241242243244245246247248249250251252253254255256257258259260261262263264265266267268269270271272273274275276277278279280281282283284285286287288289290291292293294295296297298299300301302303304305306307308309310311312313314315316317318319320321322323324325326327328329330331332333334335336337338339340341342343344345346347348349350351352353354355356357358359360361362363364365366367368369370371372373374375376377378379380381382383384385386387388389390391392393394395396397398399400401402403404405406407408409410411412413414415416417418419420421422423424425426427428429430431432433434435436437438439440441442443444445446447448449450451452453454455456457458459460461462463464465466467468469470471472473474475476477478479480481482483484485486487488489490491492493494495496497498499500501502503504505506507508509510511512513514515516517518519520521522523524525526527
  1. /*
  2. * Copyright (c) 2021-2023, Tim Flynn <trflynn89@serenityos.org>
  3. *
  4. * SPDX-License-Identifier: BSD-2-Clause
  5. */
  6. #include "ParsedCookie.h"
  7. #include <AK/DateConstants.h>
  8. #include <AK/Function.h>
  9. #include <AK/StdLibExtras.h>
  10. #include <AK/Time.h>
  11. #include <AK/Vector.h>
  12. #include <LibIPC/Decoder.h>
  13. #include <LibIPC/Encoder.h>
  14. #include <LibURL/URL.h>
  15. #include <LibWeb/Infra/Strings.h>
  16. #include <ctype.h>
  17. namespace Web::Cookie {
  18. static void parse_attributes(URL::URL const&, ParsedCookie& parsed_cookie, StringView unparsed_attributes);
  19. static void process_attribute(URL::URL const&, ParsedCookie& parsed_cookie, StringView attribute_name, StringView attribute_value);
  20. static void on_expires_attribute(ParsedCookie& parsed_cookie, StringView attribute_value);
  21. static void on_max_age_attribute(ParsedCookie& parsed_cookie, StringView attribute_value);
  22. static void on_domain_attribute(ParsedCookie& parsed_cookie, StringView attribute_value);
  23. static void on_path_attribute(URL::URL const&, ParsedCookie& parsed_cookie, StringView attribute_value);
  24. static void on_secure_attribute(ParsedCookie& parsed_cookie);
  25. static void on_http_only_attribute(ParsedCookie& parsed_cookie);
  26. static void on_same_site_attribute(ParsedCookie& parsed_cookie, StringView attribute_value);
  27. static Optional<UnixDateTime> parse_date_time(StringView date_string);
  28. bool cookie_contains_invalid_control_character(StringView cookie_string)
  29. {
  30. for (auto code_point : Utf8View { cookie_string }) {
  31. if (code_point <= 0x08)
  32. return true;
  33. if (code_point >= 0x0a && code_point <= 0x1f)
  34. return true;
  35. if (code_point == 0x7f)
  36. return true;
  37. }
  38. return false;
  39. }
  40. // https://www.ietf.org/archive/id/draft-ietf-httpbis-rfc6265bis-15.html#section-5.6-6
  41. Optional<ParsedCookie> parse_cookie(URL::URL const& url, StringView cookie_string)
  42. {
  43. // 1. If the set-cookie-string contains a %x00-08 / %x0A-1F / %x7F character (CTL characters excluding HTAB):
  44. // Abort these steps and ignore the set-cookie-string entirely.
  45. if (cookie_contains_invalid_control_character(cookie_string))
  46. return {};
  47. StringView name_value_pair;
  48. StringView unparsed_attributes;
  49. // 2. If the set-cookie-string contains a %x3B (";") character:
  50. if (auto position = cookie_string.find(';'); position.has_value()) {
  51. // 1. The name-value-pair string consists of the characters up to, but not including, the first %x3B (";"), and
  52. // the unparsed-attributes consist of the remainder of the set-cookie-string (including the %x3B (";") in
  53. // question).
  54. name_value_pair = cookie_string.substring_view(0, position.value());
  55. unparsed_attributes = cookie_string.substring_view(position.value());
  56. }
  57. // Otherwise:
  58. else {
  59. // 1. The name-value-pair string consists of all the characters contained in the set-cookie-string, and the
  60. // unparsed-attributes is the empty string.
  61. name_value_pair = cookie_string;
  62. }
  63. StringView name;
  64. StringView value;
  65. // 3. If the name-value-pair string lacks a %x3D ("=") character, then the name string is empty, and the value
  66. // string is the value of name-value-pair.
  67. if (auto position = name_value_pair.find('='); !position.has_value()) {
  68. value = name_value_pair;
  69. } else {
  70. // Otherwise, the name string consists of the characters up to, but not including, the first %x3D ("=") character
  71. // and the (possibly empty) value string consists of the characters after the first %x3D ("=") character.
  72. name = name_value_pair.substring_view(0, position.value());
  73. if (position.value() < name_value_pair.length() - 1)
  74. value = name_value_pair.substring_view(position.value() + 1);
  75. }
  76. // 4. Remove any leading or trailing WSP characters from the name string and the value string.
  77. name = name.trim_whitespace();
  78. value = value.trim_whitespace();
  79. // 5. If the sum of the lengths of the name string and the value string is more than 4096 octets, abort these steps
  80. // and ignore the set-cookie-string entirely.
  81. if (name.length() + value.length() > 4096)
  82. return {};
  83. // 6. The cookie-name is the name string, and the cookie-value is the value string.
  84. ParsedCookie parsed_cookie { MUST(String::from_utf8(name)), MUST(String::from_utf8(value)) };
  85. parse_attributes(url, parsed_cookie, unparsed_attributes);
  86. return parsed_cookie;
  87. }
  88. // https://www.ietf.org/archive/id/draft-ietf-httpbis-rfc6265bis-15.html#section-5.6-8
  89. void parse_attributes(URL::URL const& url, ParsedCookie& parsed_cookie, StringView unparsed_attributes)
  90. {
  91. // 1. If the unparsed-attributes string is empty, skip the rest of these steps.
  92. if (unparsed_attributes.is_empty())
  93. return;
  94. // 2. Discard the first character of the unparsed-attributes (which will be a %x3B (";") character).
  95. unparsed_attributes = unparsed_attributes.substring_view(1);
  96. StringView cookie_av;
  97. // 3. If the remaining unparsed-attributes contains a %x3B (";") character:
  98. if (auto position = unparsed_attributes.find(';'); position.has_value()) {
  99. // 1. Consume the characters of the unparsed-attributes up to, but not including, the first %x3B (";") character.
  100. cookie_av = unparsed_attributes.substring_view(0, position.value());
  101. unparsed_attributes = unparsed_attributes.substring_view(position.value());
  102. }
  103. // Otherwise:
  104. else {
  105. // 1. Consume the remainder of the unparsed-attributes.
  106. cookie_av = unparsed_attributes;
  107. unparsed_attributes = {};
  108. }
  109. // Let the cookie-av string be the characters consumed in this step.
  110. StringView attribute_name;
  111. StringView attribute_value;
  112. // 4. If the cookie-av string contains a %x3D ("=") character:
  113. if (auto position = cookie_av.find('='); position.has_value()) {
  114. // 1. The (possibly empty) attribute-name string consists of the characters up to, but not including, the first
  115. // %x3D ("=") character, and the (possibly empty) attribute-value string consists of the characters after the
  116. // first %x3D ("=") character.
  117. attribute_name = cookie_av.substring_view(0, position.value());
  118. if (position.value() < cookie_av.length() - 1)
  119. attribute_value = cookie_av.substring_view(position.value() + 1);
  120. }
  121. // Otherwise:
  122. else {
  123. // 1. The attribute-name string consists of the entire cookie-av string, and the attribute-value string is empty.
  124. attribute_name = cookie_av;
  125. }
  126. // 5. Remove any leading or trailing WSP characters from the attribute-name string and the attribute-value string.
  127. attribute_name = attribute_name.trim_whitespace();
  128. attribute_value = attribute_value.trim_whitespace();
  129. // 6. If the attribute-value is longer than 1024 octets, ignore the cookie-av string and return to Step 1 of this
  130. // algorithm.
  131. if (attribute_value.length() > 1024) {
  132. parse_attributes(url, parsed_cookie, unparsed_attributes);
  133. return;
  134. }
  135. // 7. Process the attribute-name and attribute-value according to the requirements in the following subsections.
  136. // (Notice that attributes with unrecognized attribute-names are ignored.)
  137. process_attribute(url, parsed_cookie, attribute_name, attribute_value);
  138. // 8. Return to Step 1 of this algorithm.
  139. parse_attributes(url, parsed_cookie, unparsed_attributes);
  140. }
  141. void process_attribute(URL::URL const& url, ParsedCookie& parsed_cookie, StringView attribute_name, StringView attribute_value)
  142. {
  143. if (attribute_name.equals_ignoring_ascii_case("Expires"sv)) {
  144. on_expires_attribute(parsed_cookie, attribute_value);
  145. } else if (attribute_name.equals_ignoring_ascii_case("Max-Age"sv)) {
  146. on_max_age_attribute(parsed_cookie, attribute_value);
  147. } else if (attribute_name.equals_ignoring_ascii_case("Domain"sv)) {
  148. on_domain_attribute(parsed_cookie, attribute_value);
  149. } else if (attribute_name.equals_ignoring_ascii_case("Path"sv)) {
  150. on_path_attribute(url, parsed_cookie, attribute_value);
  151. } else if (attribute_name.equals_ignoring_ascii_case("Secure"sv)) {
  152. on_secure_attribute(parsed_cookie);
  153. } else if (attribute_name.equals_ignoring_ascii_case("HttpOnly"sv)) {
  154. on_http_only_attribute(parsed_cookie);
  155. } else if (attribute_name.equals_ignoring_ascii_case("SameSite"sv)) {
  156. on_same_site_attribute(parsed_cookie, attribute_value);
  157. }
  158. }
  159. static constexpr AK::Duration maximum_cookie_age()
  160. {
  161. return AK::Duration::from_seconds(400LL * 24 * 60 * 60);
  162. }
  163. // https://www.ietf.org/archive/id/draft-ietf-httpbis-rfc6265bis-15.html#section-5.6.1
  164. void on_expires_attribute(ParsedCookie& parsed_cookie, StringView attribute_value)
  165. {
  166. // 1. Let the expiry-time be the result of parsing the attribute-value as cookie-date (see Section 5.1.1).
  167. auto expiry_time = parse_date_time(attribute_value);
  168. // 2. If the attribute-value failed to parse as a cookie date, ignore the cookie-av.
  169. if (!expiry_time.has_value())
  170. return;
  171. // 3. Let cookie-age-limit be the maximum age of the cookie (which SHOULD be 400 days in the future or sooner, see
  172. // Section 5.5).
  173. auto cookie_age_limit = UnixDateTime::now() + maximum_cookie_age();
  174. // 4. If the expiry-time is more than cookie-age-limit, the user agent MUST set the expiry time to cookie-age-limit
  175. // in seconds.
  176. if (expiry_time->seconds_since_epoch() > cookie_age_limit.seconds_since_epoch())
  177. expiry_time = cookie_age_limit;
  178. // 5. If the expiry-time is earlier than the earliest date the user agent can represent, the user agent MAY replace
  179. // the expiry-time with the earliest representable date.
  180. if (auto earliest = UnixDateTime::earliest(); *expiry_time < earliest)
  181. expiry_time = earliest;
  182. // 6. Append an attribute to the cookie-attribute-list with an attribute-name of Expires and an attribute-value of
  183. // expiry-time.
  184. parsed_cookie.expiry_time_from_expires_attribute = expiry_time.release_value();
  185. }
  186. // https://www.ietf.org/archive/id/draft-ietf-httpbis-rfc6265bis-15.html#section-5.6.2
  187. void on_max_age_attribute(ParsedCookie& parsed_cookie, StringView attribute_value)
  188. {
  189. // 1. If the attribute-value is empty, ignore the cookie-av.
  190. if (attribute_value.is_empty())
  191. return;
  192. // 2. If the first character of the attribute-value is neither a DIGIT, nor a "-" character followed by a DIGIT,
  193. // ignore the cookie-av.
  194. // 3. If the remainder of attribute-value contains a non-DIGIT character, ignore the cookie-av.
  195. auto digits = attribute_value[0] == '-' ? attribute_value.substring_view(1) : attribute_value;
  196. if (digits.is_empty() || !all_of(digits, is_ascii_digit))
  197. return;
  198. // 4. Let delta-seconds be the attribute-value converted to a base 10 integer.
  199. auto delta_seconds = attribute_value.to_number<i64>();
  200. if (!delta_seconds.has_value()) {
  201. // We know the attribute value only contains digits, so if we failed to parse, it is because the result did not
  202. // fit in an i64. Set the value to the i64 limits in that case. The positive limit will be further capped below,
  203. // and the negative limit will be immediately expired in the cookie jar.
  204. delta_seconds = attribute_value[0] == '-' ? NumericLimits<i64>::min() : NumericLimits<i64>::max();
  205. }
  206. // 5. Let cookie-age-limit be the maximum age of the cookie (which SHOULD be 400 days or less, see Section 5.5).
  207. auto cookie_age_limit = maximum_cookie_age();
  208. // 6. Set delta-seconds to the smaller of its present value and cookie-age-limit.
  209. if (*delta_seconds > cookie_age_limit.to_seconds())
  210. delta_seconds = cookie_age_limit.to_seconds();
  211. // 7. If delta-seconds is less than or equal to zero (0), let expiry-time be the earliest representable date and
  212. // time. Otherwise, let the expiry-time be the current date and time plus delta-seconds seconds.
  213. auto expiry_time = *delta_seconds <= 0
  214. ? UnixDateTime::earliest()
  215. : UnixDateTime::now() + AK::Duration::from_seconds(*delta_seconds);
  216. // 8. Append an attribute to the cookie-attribute-list with an attribute-name of Max-Age and an attribute-value of
  217. // expiry-time.
  218. parsed_cookie.expiry_time_from_max_age_attribute = expiry_time;
  219. }
  220. // https://www.ietf.org/archive/id/draft-ietf-httpbis-rfc6265bis-15.html#section-5.6.3
  221. void on_domain_attribute(ParsedCookie& parsed_cookie, StringView attribute_value)
  222. {
  223. // 1. Let cookie-domain be the attribute-value.
  224. auto cookie_domain = attribute_value;
  225. // 2. If cookie-domain starts with %x2E ("."), let cookie-domain be cookie-domain without its leading %x2E (".").
  226. if (cookie_domain.starts_with('.'))
  227. cookie_domain = cookie_domain.substring_view(1);
  228. // 3. Convert the cookie-domain to lower case.
  229. auto lowercase_cookie_domain = MUST(Infra::to_ascii_lowercase(cookie_domain));
  230. // 4. Append an attribute to the cookie-attribute-list with an attribute-name of Domain and an attribute-value of
  231. // cookie-domain.
  232. parsed_cookie.domain = move(lowercase_cookie_domain);
  233. }
  234. // https://www.ietf.org/archive/id/draft-ietf-httpbis-rfc6265bis-15.html#section-5.6.4
  235. void on_path_attribute(URL::URL const& url, ParsedCookie& parsed_cookie, StringView attribute_value)
  236. {
  237. String cookie_path;
  238. // 1. If the attribute-value is empty or if the first character of the attribute-value is not %x2F ("/"):
  239. if (attribute_value.is_empty() || attribute_value[0] != '/') {
  240. // 1. Let cookie-path be the default-path.
  241. cookie_path = default_path(url);
  242. }
  243. // Otherwise:
  244. else {
  245. // 1. Let cookie-path be the attribute-value.
  246. cookie_path = MUST(String::from_utf8(attribute_value));
  247. }
  248. // 2. Append an attribute to the cookie-attribute-list with an attribute-name of Path and an attribute-value of
  249. // cookie-path.
  250. parsed_cookie.path = move(cookie_path);
  251. }
  252. // https://www.ietf.org/archive/id/draft-ietf-httpbis-rfc6265bis-15.html#section-5.6.5
  253. void on_secure_attribute(ParsedCookie& parsed_cookie)
  254. {
  255. parsed_cookie.secure_attribute_present = true;
  256. }
  257. // https://www.ietf.org/archive/id/draft-ietf-httpbis-rfc6265bis-15.html#section-5.6.6
  258. void on_http_only_attribute(ParsedCookie& parsed_cookie)
  259. {
  260. parsed_cookie.http_only_attribute_present = true;
  261. }
  262. // https://www.ietf.org/archive/id/draft-ietf-httpbis-rfc6265bis-15.html#section-5.6.7
  263. void on_same_site_attribute(ParsedCookie& parsed_cookie, StringView attribute_value)
  264. {
  265. // 1. Let enforcement be "Default".
  266. // 2. If cookie-av's attribute-value is a case-insensitive match for "None", set enforcement to "None".
  267. // 3. If cookie-av's attribute-value is a case-insensitive match for "Strict", set enforcement to "Strict".
  268. // 4. If cookie-av's attribute-value is a case-insensitive match for "Lax", set enforcement to "Lax".
  269. auto enforcement = same_site_from_string(attribute_value);
  270. // 5. Append an attribute to the cookie-attribute-list with an attribute-name of "SameSite" and an attribute-value
  271. // of enforcement.
  272. parsed_cookie.same_site_attribute = enforcement;
  273. }
  274. // https://www.ietf.org/archive/id/draft-ietf-httpbis-rfc6265bis-15.html#section-5.1.1
  275. Optional<UnixDateTime> parse_date_time(StringView date_string)
  276. {
  277. // https://tools.ietf.org/html/rfc6265#section-5.1.1
  278. unsigned hour = 0;
  279. unsigned minute = 0;
  280. unsigned second = 0;
  281. unsigned day_of_month = 0;
  282. unsigned month = 0;
  283. unsigned year = 0;
  284. auto to_uint = [](StringView token, unsigned& result) {
  285. if (!all_of(token, isdigit))
  286. return false;
  287. if (auto converted = token.to_number<unsigned>(); converted.has_value()) {
  288. result = *converted;
  289. return true;
  290. }
  291. return false;
  292. };
  293. auto parse_time = [&](StringView token) {
  294. Vector<StringView> parts = token.split_view(':');
  295. if (parts.size() != 3)
  296. return false;
  297. for (auto const& part : parts) {
  298. if (part.is_empty() || part.length() > 2)
  299. return false;
  300. }
  301. return to_uint(parts[0], hour) && to_uint(parts[1], minute) && to_uint(parts[2], second);
  302. };
  303. auto parse_day_of_month = [&](StringView token) {
  304. if (token.is_empty() || token.length() > 2)
  305. return false;
  306. return to_uint(token, day_of_month);
  307. };
  308. auto parse_month = [&](StringView token) {
  309. for (unsigned i = 0; i < 12; ++i) {
  310. if (token.equals_ignoring_ascii_case(short_month_names[i])) {
  311. month = i + 1;
  312. return true;
  313. }
  314. }
  315. return false;
  316. };
  317. auto parse_year = [&](StringView token) {
  318. if (token.length() != 2 && token.length() != 4)
  319. return false;
  320. return to_uint(token, year);
  321. };
  322. Function<bool(char)> is_delimiter = [](char ch) {
  323. return ch == 0x09 || (ch >= 0x20 && ch <= 0x2f) || (ch >= 0x3b && ch <= 0x40) || (ch >= 0x5b && ch <= 0x60) || (ch >= 0x7b && ch <= 0x7e);
  324. };
  325. // 1. Using the grammar below, divide the cookie-date into date-tokens.
  326. Vector<StringView> date_tokens = date_string.split_view_if(is_delimiter);
  327. // 2. Process each date-token sequentially in the order the date-tokens appear in the cookie-date:
  328. bool found_time = false;
  329. bool found_day_of_month = false;
  330. bool found_month = false;
  331. bool found_year = false;
  332. for (auto const& date_token : date_tokens) {
  333. // 1. If the found-time flag is not set and the token matches the time production, set the found-time flag and
  334. // set the hour-value, minute-value, and second-value to the numbers denoted by the digits in the date-token,
  335. // respectively. Skip the remaining sub-steps and continue to the next date-token.
  336. if (!found_time && parse_time(date_token)) {
  337. found_time = true;
  338. }
  339. // 2. If the found-day-of-month flag is not set and the date-token matches the day-of-month production, set the
  340. // found-day-of-month flag and set the day-of-month-value to the number denoted by the date-token. Skip the
  341. // remaining sub-steps and continue to the next date-token.
  342. else if (!found_day_of_month && parse_day_of_month(date_token)) {
  343. found_day_of_month = true;
  344. }
  345. // 3. If the found-month flag is not set and the date-token matches the month production, set the found-month
  346. // flag and set the month-value to the month denoted by the date-token. Skip the remaining sub-steps and
  347. // continue to the next date-token.
  348. else if (!found_month && parse_month(date_token)) {
  349. found_month = true;
  350. }
  351. // 4. If the found-year flag is not set and the date-token matches the year production, set the found-year flag
  352. // and set the year-value to the number denoted by the date-token. Skip the remaining sub-steps and continue
  353. // to the next date-token.
  354. else if (!found_year && parse_year(date_token)) {
  355. found_year = true;
  356. }
  357. }
  358. // 3. If the year-value is greater than or equal to 70 and less than or equal to 99, increment the year-value by 1900.
  359. if (year >= 70 && year <= 99)
  360. year += 1900;
  361. // 4. If the year-value is greater than or equal to 0 and less than or equal to 69, increment the year-value by 2000.
  362. if (year <= 69)
  363. year += 2000;
  364. // 5. Abort these steps and fail to parse the cookie-date if:
  365. // * at least one of the found-day-of-month, found-month, found-year, or found-time flags is not set,
  366. if (!found_day_of_month || !found_month || !found_year || !found_time)
  367. return {};
  368. // * the day-of-month-value is less than 1 or greater than 31,
  369. if (day_of_month < 1 || day_of_month > 31)
  370. return {};
  371. // * the year-value is less than 1601,
  372. if (year < 1601)
  373. return {};
  374. // * the hour-value is greater than 23,
  375. if (hour > 23)
  376. return {};
  377. // * the minute-value is greater than 59, or
  378. if (minute > 59)
  379. return {};
  380. // * the second-value is greater than 59.
  381. if (second > 59)
  382. return {};
  383. // 6. Let the parsed-cookie-date be the date whose day-of-month, month, year, hour, minute, and second (in UTC) are the
  384. // day-of-month-value, the month-value, the year-value, the hour-value, the minute-value, and the second-value, respectively.
  385. // If no such date exists, abort these steps and fail to parse the cookie-date.
  386. if (day_of_month > static_cast<unsigned int>(days_in_month(year, month)))
  387. return {};
  388. // FIXME: This currently uses UNIX time, which is not equivalent to UTC due to leap seconds.
  389. auto parsed_cookie_date = UnixDateTime::from_unix_time_parts(year, month, day_of_month, hour, minute, second, 0);
  390. // 7. Return the parsed-cookie-date as the result of this algorithm.
  391. return parsed_cookie_date;
  392. }
  393. // https://www.ietf.org/archive/id/draft-ietf-httpbis-rfc6265bis-15.html#section-5.1.4
  394. String default_path(URL::URL const& url)
  395. {
  396. // 1. Let uri-path be the path portion of the request-uri if such a portion exists (and empty otherwise).
  397. auto uri_path = URL::percent_decode(url.serialize_path());
  398. // 2. If the uri-path is empty or if the first character of the uri-path is not a %x2F ("/") character, output
  399. // %x2F ("/") and skip the remaining steps.
  400. if (uri_path.is_empty() || (uri_path[0] != '/'))
  401. return "/"_string;
  402. StringView uri_path_view = uri_path;
  403. size_t last_separator = uri_path_view.find_last('/').value();
  404. // 3. If the uri-path contains no more than one %x2F ("/") character, output %x2F ("/") and skip the remaining step.
  405. if (last_separator == 0)
  406. return "/"_string;
  407. // 4. Output the characters of the uri-path from the first character up to, but not including, the right-most
  408. // %x2F ("/").
  409. // FIXME: The path might not be valid UTF-8.
  410. return MUST(String::from_utf8(uri_path.substring_view(0, last_separator)));
  411. }
  412. }
  413. template<>
  414. ErrorOr<void> IPC::encode(Encoder& encoder, Web::Cookie::ParsedCookie const& cookie)
  415. {
  416. TRY(encoder.encode(cookie.name));
  417. TRY(encoder.encode(cookie.value));
  418. TRY(encoder.encode(cookie.expiry_time_from_expires_attribute));
  419. TRY(encoder.encode(cookie.expiry_time_from_max_age_attribute));
  420. TRY(encoder.encode(cookie.domain));
  421. TRY(encoder.encode(cookie.path));
  422. TRY(encoder.encode(cookie.secure_attribute_present));
  423. TRY(encoder.encode(cookie.http_only_attribute_present));
  424. TRY(encoder.encode(cookie.same_site_attribute));
  425. return {};
  426. }
  427. template<>
  428. ErrorOr<Web::Cookie::ParsedCookie> IPC::decode(Decoder& decoder)
  429. {
  430. auto name = TRY(decoder.decode<String>());
  431. auto value = TRY(decoder.decode<String>());
  432. auto expiry_time_from_expires_attribute = TRY(decoder.decode<Optional<UnixDateTime>>());
  433. auto expiry_time_from_max_age_attribute = TRY(decoder.decode<Optional<UnixDateTime>>());
  434. auto domain = TRY(decoder.decode<Optional<String>>());
  435. auto path = TRY(decoder.decode<Optional<String>>());
  436. auto secure_attribute_present = TRY(decoder.decode<bool>());
  437. auto http_only_attribute_present = TRY(decoder.decode<bool>());
  438. auto same_site_attribute = TRY(decoder.decode<Web::Cookie::SameSite>());
  439. return Web::Cookie::ParsedCookie { move(name), move(value), same_site_attribute, move(expiry_time_from_expires_attribute), move(expiry_time_from_max_age_attribute), move(domain), move(path), secure_attribute_present, http_only_attribute_present };
  440. }