File tree Expand file tree Collapse file tree 1 file changed +3
-10
lines changed
Expand file tree Collapse file tree 1 file changed +3
-10
lines changed Original file line number Diff line number Diff line change @@ -174,18 +174,11 @@ function onCookieChanged(changeInfo) {
174174}
175175
176176// This event is needed due to the potential race between cookie permissions
177- // update and cookie transmission, because the cookie API is non-blocking.
178- // It would be less perf impact to have a blocking version of the cookie API
179- // available instead .
177+ // update and cookie transmission ( because the cookie API is non-blocking) .
178+ // Without this function, an aggressive attacker could race to steal a not-yet-secured
179+ // cookie if they controlled & could redirect the user to a non-SSL subdomain .
180180// WARNING: This is a very hot function.
181181function onBeforeSendHeaders ( details ) {
182- // XXX this function appears to enforce something equivalent to the secure
183- // cookie flag by independent means. Is that really what it's supposed to
184- // do?
185- // @@@ Agreed, this function is really weird. I'm not sure it's even useful
186- // since we block WebRequests to HTTP sites (and maybe rewrite them to SSL)
187- // we force cookies to be sent over HTTPS even if they don't have the flag
188- // "Secure" set. (Unless I'm reading this wrong?)
189182 // TODO: Verify this with wireshark
190183 for ( var h in details . requestHeaders ) {
191184 if ( details . requestHeaders [ h ] . name == "Cookie" ) {
You can’t perform that action at this time.
0 commit comments