From ced2921e4a9c9009070099996baac55b84d027b2 Mon Sep 17 00:00:00 2001 From: mhoeger Date: Tue, 3 Dec 2019 19:28:24 -0800 Subject: [PATCH 1/6] change default to Unspecified --- .../Rpc/MessageExtensions/RpcMessageExtensionUtilities.cs | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/src/WebJobs.Script/Workers/Rpc/MessageExtensions/RpcMessageExtensionUtilities.cs b/src/WebJobs.Script/Workers/Rpc/MessageExtensions/RpcMessageExtensionUtilities.cs index 0594c6a75e..855823c82d 100644 --- a/src/WebJobs.Script/Workers/Rpc/MessageExtensions/RpcMessageExtensionUtilities.cs +++ b/src/WebJobs.Script/Workers/Rpc/MessageExtensions/RpcMessageExtensionUtilities.cs @@ -86,9 +86,9 @@ private static SameSiteMode RpcSameSiteEnumConverter(RpcHttpCookie.Types.SameSit case RpcHttpCookie.Types.SameSite.Lax: return SameSiteMode.Lax; case RpcHttpCookie.Types.SameSite.None: - return SameSiteMode.None; + return SameSiteMode.Unspecified; default: - return SameSiteMode.None; + return SameSiteMode.Unspecified; } } } From a81e60ce2d3b547d9b00a0e337e1cd509bf7f6a6 Mon Sep 17 00:00:00 2001 From: mhoeger Date: Tue, 3 Dec 2019 19:34:58 -0800 Subject: [PATCH 2/6] by default, an unspecified SameSite value shouldn't be added --- .../RpcMessageExtensionUtilities.cs | 18 ++++++++++++------ 1 file changed, 12 insertions(+), 6 deletions(-) diff --git a/src/WebJobs.Script/Workers/Rpc/MessageExtensions/RpcMessageExtensionUtilities.cs b/src/WebJobs.Script/Workers/Rpc/MessageExtensions/RpcMessageExtensionUtilities.cs index 855823c82d..de98b310e2 100644 --- a/src/WebJobs.Script/Workers/Rpc/MessageExtensions/RpcMessageExtensionUtilities.cs +++ b/src/WebJobs.Script/Workers/Rpc/MessageExtensions/RpcMessageExtensionUtilities.cs @@ -57,7 +57,10 @@ public static Tuple RpcHttpCookieConverter(RpcHtt cookieOptions.Secure = cookie.Secure.Value; } - cookieOptions.SameSite = RpcSameSiteEnumConverter(cookie.SameSite); + if (TryGetRpcSameSiteEnumConverter(cookie.SameSite, out SameSiteMode sameSiteMode)) + { + cookieOptions.SameSite = sameSiteMode; + } if (cookie.HttpOnly != null) { @@ -77,18 +80,21 @@ public static Tuple RpcHttpCookieConverter(RpcHtt return new Tuple(cookie.Name, cookie.Value, cookieOptions); } - private static SameSiteMode RpcSameSiteEnumConverter(RpcHttpCookie.Types.SameSite sameSite) + private static bool TryGetRpcSameSiteEnumConverter(RpcHttpCookie.Types.SameSite sameSite, out SameSiteMode sameSiteMode) { + sameSiteMode = SameSiteMode.None; switch (sameSite) { case RpcHttpCookie.Types.SameSite.Strict: - return SameSiteMode.Strict; + sameSiteMode = SameSiteMode.Strict; + return true; case RpcHttpCookie.Types.SameSite.Lax: - return SameSiteMode.Lax; + sameSiteMode = SameSiteMode.Lax; + return true; case RpcHttpCookie.Types.SameSite.None: - return SameSiteMode.Unspecified; + return false; default: - return SameSiteMode.Unspecified; + return false; } } } From 2ba09fc87d09ab35228f10202df6f75c1f55728c Mon Sep 17 00:00:00 2001 From: mhoeger Date: Wed, 4 Dec 2019 15:30:21 -0800 Subject: [PATCH 3/6] use enum --- .../RpcMessageExtensionUtilities.cs | 18 ++++++------------ 1 file changed, 6 insertions(+), 12 deletions(-) diff --git a/src/WebJobs.Script/Workers/Rpc/MessageExtensions/RpcMessageExtensionUtilities.cs b/src/WebJobs.Script/Workers/Rpc/MessageExtensions/RpcMessageExtensionUtilities.cs index de98b310e2..490f431d6a 100644 --- a/src/WebJobs.Script/Workers/Rpc/MessageExtensions/RpcMessageExtensionUtilities.cs +++ b/src/WebJobs.Script/Workers/Rpc/MessageExtensions/RpcMessageExtensionUtilities.cs @@ -57,10 +57,7 @@ public static Tuple RpcHttpCookieConverter(RpcHtt cookieOptions.Secure = cookie.Secure.Value; } - if (TryGetRpcSameSiteEnumConverter(cookie.SameSite, out SameSiteMode sameSiteMode)) - { - cookieOptions.SameSite = sameSiteMode; - } + cookieOptions.SameSite = RpcSameSiteEnumConverter(cookie.SameSite); if (cookie.HttpOnly != null) { @@ -80,21 +77,18 @@ public static Tuple RpcHttpCookieConverter(RpcHtt return new Tuple(cookie.Name, cookie.Value, cookieOptions); } - private static bool TryGetRpcSameSiteEnumConverter(RpcHttpCookie.Types.SameSite sameSite, out SameSiteMode sameSiteMode) + private static SameSiteMode RpcSameSiteEnumConverter(RpcHttpCookie.Types.SameSite sameSite) { - sameSiteMode = SameSiteMode.None; switch (sameSite) { case RpcHttpCookie.Types.SameSite.Strict: - sameSiteMode = SameSiteMode.Strict; - return true; + return SameSiteMode.Strict; case RpcHttpCookie.Types.SameSite.Lax: - sameSiteMode = SameSiteMode.Lax; - return true; + return SameSiteMode.Lax; case RpcHttpCookie.Types.SameSite.None: - return false; + return (SameSiteMode)(-1); default: - return false; + return (SameSiteMode)(-1); } } } From c3d5abae89967dc79dd6a85c4901b3d718957cb4 Mon Sep 17 00:00:00 2001 From: mhoeger Date: Wed, 4 Dec 2019 15:33:19 -0800 Subject: [PATCH 4/6] update test to be more accurate --- .../Binding/ActionResults/RawScriptResultTests.cs | 7 ++++--- 1 file changed, 4 insertions(+), 3 deletions(-) diff --git a/test/WebJobs.Script.Tests/Binding/ActionResults/RawScriptResultTests.cs b/test/WebJobs.Script.Tests/Binding/ActionResults/RawScriptResultTests.cs index 88bcc5b5e6..5431a89523 100644 --- a/test/WebJobs.Script.Tests/Binding/ActionResults/RawScriptResultTests.cs +++ b/test/WebJobs.Script.Tests/Binding/ActionResults/RawScriptResultTests.cs @@ -61,13 +61,14 @@ public async Task AddsHttpCookies() { new Tuple("firstCookie", "cookieValue", new CookieOptions() { - SameSite = SameSiteMode.None + SameSite = SameSiteMode.Lax }), new Tuple("secondCookie", "cookieValue2", new CookieOptions() { Path = "/", HttpOnly = true, - MaxAge = TimeSpan.FromSeconds(20) + MaxAge = TimeSpan.FromSeconds(20), + SameSite = (SameSiteMode)(-1) }) } }; @@ -78,7 +79,7 @@ public async Task AddsHttpCookies() context.HttpContext.Response.Headers.TryGetValue("Set-Cookie", out StringValues cookies); Assert.Equal(2, cookies.Count); - Assert.Equal("firstCookie=cookieValue; path=/; samesite=none", cookies[0]); + Assert.Equal("firstCookie=cookieValue; path=/; samesite=lax", cookies[0]); // TODO: https://github.com/Azure/azure-functions-host/issues/4890 Assert.Equal("secondCookie=cookieValue2; max-age=20; path=/; httponly", cookies[1]); } From 8a2402a032758fc1fc5002226bcfcf377d76c168 Mon Sep 17 00:00:00 2001 From: mhoeger Date: Wed, 4 Dec 2019 16:42:00 -0800 Subject: [PATCH 5/6] Add explicit reference to .NET core 3.1 for http features --- .../Rpc/MessageExtensions/RpcMessageExtensionUtilities.cs | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/src/WebJobs.Script/Workers/Rpc/MessageExtensions/RpcMessageExtensionUtilities.cs b/src/WebJobs.Script/Workers/Rpc/MessageExtensions/RpcMessageExtensionUtilities.cs index 490f431d6a..855823c82d 100644 --- a/src/WebJobs.Script/Workers/Rpc/MessageExtensions/RpcMessageExtensionUtilities.cs +++ b/src/WebJobs.Script/Workers/Rpc/MessageExtensions/RpcMessageExtensionUtilities.cs @@ -86,9 +86,9 @@ private static SameSiteMode RpcSameSiteEnumConverter(RpcHttpCookie.Types.SameSit case RpcHttpCookie.Types.SameSite.Lax: return SameSiteMode.Lax; case RpcHttpCookie.Types.SameSite.None: - return (SameSiteMode)(-1); + return SameSiteMode.Unspecified; default: - return (SameSiteMode)(-1); + return SameSiteMode.Unspecified; } } } From a86492dfc4a2c2f3c5985abb6b68f5fed75c69ec Mon Sep 17 00:00:00 2001 From: mhoeger Date: Wed, 4 Dec 2019 17:35:57 -0800 Subject: [PATCH 6/6] update reference --- src/WebJobs.Script/WebJobs.Script.csproj | 1 + .../Binding/ActionResults/RawScriptResultTests.cs | 2 +- 2 files changed, 2 insertions(+), 1 deletion(-) diff --git a/src/WebJobs.Script/WebJobs.Script.csproj b/src/WebJobs.Script/WebJobs.Script.csproj index 81f2aebe2a..c452a82e98 100644 --- a/src/WebJobs.Script/WebJobs.Script.csproj +++ b/src/WebJobs.Script/WebJobs.Script.csproj @@ -38,6 +38,7 @@ + diff --git a/test/WebJobs.Script.Tests/Binding/ActionResults/RawScriptResultTests.cs b/test/WebJobs.Script.Tests/Binding/ActionResults/RawScriptResultTests.cs index 5431a89523..3655a6e4fc 100644 --- a/test/WebJobs.Script.Tests/Binding/ActionResults/RawScriptResultTests.cs +++ b/test/WebJobs.Script.Tests/Binding/ActionResults/RawScriptResultTests.cs @@ -68,7 +68,7 @@ public async Task AddsHttpCookies() Path = "/", HttpOnly = true, MaxAge = TimeSpan.FromSeconds(20), - SameSite = (SameSiteMode)(-1) + SameSite = SameSiteMode.Unspecified }) } };