From e7a5851a6b43b8a02e1d77152d91ac2687051101 Mon Sep 17 00:00:00 2001 From: Marie Hoeger Date: Wed, 11 Mar 2020 11:52:47 -0700 Subject: [PATCH] Add ability to set samesite=none in out of proc http cookies (#5757) * add ability to set samesite=none in out of proc http cookies * update test --- .../src/proto/FunctionRpc.proto | 3 ++- .../Rpc/MessageExtensions/RpcMessageExtensionUtilities.cs | 2 ++ .../Binding/ActionResults/RawScriptResultTests.cs | 8 ++++++-- 3 files changed, 10 insertions(+), 3 deletions(-) diff --git a/src/WebJobs.Script.Grpc/azure-functions-language-worker-protobuf/src/proto/FunctionRpc.proto b/src/WebJobs.Script.Grpc/azure-functions-language-worker-protobuf/src/proto/FunctionRpc.proto index d9d4e4a4eb..3ed1f0586e 100644 --- a/src/WebJobs.Script.Grpc/azure-functions-language-worker-protobuf/src/proto/FunctionRpc.proto +++ b/src/WebJobs.Script.Grpc/azure-functions-language-worker-protobuf/src/proto/FunctionRpc.proto @@ -431,11 +431,12 @@ message RpcException { // Http cookie type. Note that only name and value are used for Http requests message RpcHttpCookie { - // Enum that lets servers require that a cookie shouoldn't be sent with cross-site requests + // Enum that lets servers require that a cookie shouldn't be sent with cross-site requests enum SameSite { None = 0; Lax = 1; Strict = 2; + ExplicitNone = 3; } // Cookie name diff --git a/src/WebJobs.Script/Workers/Rpc/MessageExtensions/RpcMessageExtensionUtilities.cs b/src/WebJobs.Script/Workers/Rpc/MessageExtensions/RpcMessageExtensionUtilities.cs index 855823c82d..561e310db6 100644 --- a/src/WebJobs.Script/Workers/Rpc/MessageExtensions/RpcMessageExtensionUtilities.cs +++ b/src/WebJobs.Script/Workers/Rpc/MessageExtensions/RpcMessageExtensionUtilities.cs @@ -87,6 +87,8 @@ private static SameSiteMode RpcSameSiteEnumConverter(RpcHttpCookie.Types.SameSit return SameSiteMode.Lax; case RpcHttpCookie.Types.SameSite.None: return SameSiteMode.Unspecified; + case RpcHttpCookie.Types.SameSite.ExplicitNone: + return SameSiteMode.None; default: return SameSiteMode.Unspecified; } diff --git a/test/WebJobs.Script.Tests/Binding/ActionResults/RawScriptResultTests.cs b/test/WebJobs.Script.Tests/Binding/ActionResults/RawScriptResultTests.cs index 3655a6e4fc..8ba7a96dca 100644 --- a/test/WebJobs.Script.Tests/Binding/ActionResults/RawScriptResultTests.cs +++ b/test/WebJobs.Script.Tests/Binding/ActionResults/RawScriptResultTests.cs @@ -69,6 +69,10 @@ public async Task AddsHttpCookies() HttpOnly = true, MaxAge = TimeSpan.FromSeconds(20), SameSite = SameSiteMode.Unspecified + }), + new Tuple("thirdCookie", "cookieValue3", new CookieOptions() + { + SameSite = SameSiteMode.None }) } }; @@ -78,10 +82,10 @@ public async Task AddsHttpCookies() await result.ExecuteResultAsync(context); context.HttpContext.Response.Headers.TryGetValue("Set-Cookie", out StringValues cookies); - Assert.Equal(2, cookies.Count); + Assert.Equal(3, cookies.Count); Assert.Equal("firstCookie=cookieValue; path=/; samesite=lax", cookies[0]); - // TODO: https://github.com/Azure/azure-functions-host/issues/4890 Assert.Equal("secondCookie=cookieValue2; max-age=20; path=/; httponly", cookies[1]); + Assert.Equal("thirdCookie=cookieValue3; path=/; samesite=none", cookies[2]); } [Fact]