WebKit Bugzilla
Attachment 357167 Details for
Bug 188165
: iOS 12 Safari breaks ASP.NET Core 2.1 OIDC authentication
Home
|
New
|
Browse
|
Search
|
[?]
|
Reports
|
Requests
|
Help
|
New Account
|
Log In
Remember
[x]
|
Forgot Password
Login:
[x]
same_site_cookie.rb
same_site_cookie.rb (text/x-ruby-script), 2.10 KB, created by
Daniel Bates
on 2018-12-12 14:38:43 PST
(
hide
)
Description:
same_site_cookie.rb
Filename:
MIME Type:
Creator:
Daniel Bates
Created:
2018-12-12 14:38:43 PST
Size:
2.10 KB
patch
obsolete
># frozen_string_literal: true > ># 1. run server with `ruby same_site_cookie.rb` ># 2. visit http://a.lvh.me:3000 ># 3. submit form ># 4. you are redirected to http://b.local.gd:3000/cookie where the cookie should be set ># 5. you are redirected to http://b.local.gd:3000 where you can see if cookie is in place > >require 'webrick' > >SITE_A = 'a.lvh.me' >SITE_B = 'b.local.gd' >LISTEN_PORT = 3000 >COOKIES = %w[Chocolate Oreo Shortbread Oatmeal Gingerbread Macaron Butter Wafer > Fortune Almond Biscuit Stroopwafel Speculaas] > >def cookie > @visit_count ||= 0 > cookie = COOKIES[@visit_count % COOKIES.length] > @visit_count += 1 > cookie >end > >server = WEBrick::HTTPServer.new(Port: LISTEN_PORT) > >trap('INT') { server.shutdown } > >site_a = WEBrick::HTTPServer.new(ServerName: SITE_A, Port: LISTEN_PORT, DoNotListen: true) >site_b = WEBrick::HTTPServer.new(ServerName: SITE_B, Port: LISTEN_PORT, DoNotListen: true) > >site_a.mount_proc '/' do |req, res| > if req.path == '/' > if req.request_method == 'POST' > res.set_redirect(WEBrick::HTTPStatus::Found, "http://#{SITE_B}:#{LISTEN_PORT}/cookie") > else > res.body = <<~HTML > <!DOCTYPE html> > <html> > <head> > <title>Missing Cookie Example</title> > </head> > <body> > <form action="/" method="post"> > <button type="submit">Submit form</button> > </form> > </body> > </html> > HTML > end > else > res.status = 404 > end >end > >visit_count = 0 > >site_b.mount_proc '/' do |req, res| > if req.path == '/cookie' > res['Set-Cookie'] = "cookie=#{cookie}; path=/; HttpOnly; SameSite=Lax" > res.set_redirect(WEBrick::HTTPStatus::Found, "http://#{SITE_B}:#{LISTEN_PORT}/") > elsif req.path == '/' > res.body = <<~HTML > <!DOCTYPE html> > <html> > <head> > <title>Missing Cookie Example</title> > </head> > <body> > <p>"Hello Visitor, you brought a #{req['Cookie']}"</p> > <p><a href="http://#{SITE_A}:#{LISTEN_PORT}/">Retry</a></p> > </body> > </html> > HTML > else > res.status = 404 > end >end > >server.virtual_host(site_a) >server.virtual_host(site_b) >server.start
<b>You cannot view the attachment while viewing its details because your browser does not support IFRAMEs. <a href="attachment.cgi?id=357167">View the attachment on a separate page</a>.</b>
View Attachment As Raw
Actions:
View
Attachments on
bug 188165
:
351498
| 357167