Refactor code flow, tests and errors in cookies

Co-authored-by: Ankur Agarwal <[email protected]>
grafana · Sep 8, 2023 · 258b482 · 258b482
1 parent 4a81880
commit 258b482
Show file tree

Hide file tree

Showing 3 changed files with 36 additions and 23 deletions.
diff --git a/common/browser_context.go b/common/browser_context.go
@@ -550,7 +550,7 @@ func (b *BrowserContext) Cookies(urls ...string) ([]*api.Cookie, error) {
 	// filter cookies by the provided URLs.
 	cookies, err = filterCookies(cookies, urls...)
 	if err != nil {
-		return nil, fmt.Errorf("retrieving cookies: %w", err)
+		return nil, fmt.Errorf("filtering cookies: %w", err)
 	}
 	if len(cookies) == 0 {
 		return nil, nil
@@ -568,7 +568,7 @@ func filterCookies(cookies []*api.Cookie, urls ...string) ([]*api.Cookie, error)
 
 	purls, err := parseURLs(urls...)
 	if err != nil {
-		return nil, fmt.Errorf("filtering by URL: %w", err)
+		return nil, fmt.Errorf("parsing urls: %w", err)
 	}
 
 	// the following algorithm is like a sorting algorithm,
@@ -595,7 +595,7 @@ func filterCookies(cookies []*api.Cookie, urls ...string) ([]*api.Cookie, error)
 		var keep bool
 
 		for _, uri := range purls {
-			if shouldFilterCookie(c, uri) {
+			if shouldKeepCookie(c, uri) {
 				keep = true
 				break
 			}
@@ -617,10 +617,10 @@ func filterCookies(cookies []*api.Cookie, urls ...string) ([]*api.Cookie, error)
 	return cookies[:n], nil
 }
 
-// shouldFilterCookie determines whether a cookie should be kept,
+// shouldKeepCookie determines whether a cookie should be kept,
 // based on its compatibility with a specific URL.
 // Returns true if the cookie should be kept, false otherwise.
-func shouldFilterCookie(c *api.Cookie, uri *url.URL) bool {
+func shouldKeepCookie(c *api.Cookie, uri *url.URL) bool {
 	// Ensure consistent domain formatting for easier comparison.
 	// A leading dot means the cookie is valid across subdomains.
 	// For example, if the domain is example.com, then adding a
@@ -633,20 +633,21 @@ func shouldFilterCookie(c *api.Cookie, uri *url.URL) bool {
 	// Confirm that the cookie's domain is a suffix of the URL's
 	// hostname, emulating how a browser would scope cookies to
 	// specific domains.
-	if !strings.HasSuffix("."+uri.Hostname(), domain) {
+	if !strings.HasSuffix(domain, "."+uri.Hostname()) {
 		return false
 	}
 	// Follow RFC 6265 for cookies: an empty or missing path should
 	// be treated as "/".
 	//
 	// See: https://datatracker.ietf.org/doc/html/rfc6265#section-5.1.4
-	if uri.Path == "" {
-		uri.Path = "/"
+	path := c.Path
+	if path == "" {
+		path = "/"
 	}
 	// Ensure that the cookie applies to the specific path of the
 	// URL, emulating how a browser would scope cookies to specific
 	// paths within a domain.
-	if !strings.HasPrefix(uri.Path, c.Path) {
+	if !strings.HasPrefix(path, uri.Path) {
 		return false
 	}
 	// Emulate browser behavior: Don't include secure cookies when

diff --git a/common/browser_context_test.go b/common/browser_context_test.go
@@ -53,6 +53,8 @@ func TestNewBrowserContext(t *testing.T) {
 }
 
 func TestFilterCookies(t *testing.T) {
+	t.Parallel()
+
 	tests := map[string]struct {
 		filterByURLs []string
 		cookies      []*api.Cookie
@@ -134,13 +136,16 @@ func TestFilterCookies(t *testing.T) {
 				"https://sub.foo.com",
 			},
 			cookies: []*api.Cookie{
+				{
+					Domain: "sub.foo.com",
+				},
 				{
 					Domain: ".foo.com",
 				},
 			},
 			wantCookies: []*api.Cookie{
 				{
-					Domain: ".foo.com",
+					Domain: "sub.foo.com",
 				},
 			},
 		},
@@ -214,6 +219,23 @@ func TestFilterCookies(t *testing.T) {
 				},
 			},
 		},
+		"allow_secure_cookie_on_localhost": {
+			filterByURLs: []string{
+				"http://localhost",
+			},
+			cookies: []*api.Cookie{
+				{
+					Domain: "localhost",
+					Secure: true,
+				},
+			},
+			wantCookies: []*api.Cookie{
+				{
+					Domain: "localhost",
+					Secure: true,
+				},
+			},
+		},
 		"disallow_secure_cookie_on_http": {
 			filterByURLs: []string{
 				"http://foo.com",
@@ -264,7 +286,10 @@ func TestFilterCookies(t *testing.T) {
 		},
 	}
 	for name, tt := range tests {
+		tt := tt
 		t.Run(name, func(t *testing.T) {
+			t.Parallel()
+
 			cookies, err := filterCookies(
 				tt.cookies,
 				tt.filterByURLs...,
@@ -276,11 +301,6 @@ func TestFilterCookies(t *testing.T) {
 			}
 			require.NoError(t, err)
 
-			assert.Lenf(t,
-				cookies, len(tt.wantCookies),
-				"incorrect number of cookies filtered. filter: %#v", tt.filterByURLs,
-			)
-
 			assert.Equalf(t,
 				tt.wantCookies, cookies,
 				"incorrect cookies filtered by the filter %#v", tt.filterByURLs,

diff --git a/tests/browser_context_test.go b/tests/browser_context_test.go
@@ -209,10 +209,6 @@ func TestBrowserContextAddCookies(t *testing.T) {
 			require.NoErrorf(t,
 				err, "failed to get cookies from the browser context",
 			)
-			require.Lenf(t,
-				tt.wantCookiesToSet, len(cookies),
-				"incorrect number of cookies received from the browser context",
-			)
 			assert.Equalf(t,
 				tt.wantCookiesToSet, cookies,
 				"incorrect cookies received from the browser context",
@@ -586,10 +582,6 @@ func TestBrowserContextCookies(t *testing.T) {
 			require.NoErrorf(t,
 				err, "failed to get cookies from the browser context",
 			)
-			assert.Lenf(t,
-				cookies, len(tt.wantContextCookies),
-				"incorrect number of cookies received from the browser context",
-			)
 			assert.Equalf(t,
 				tt.wantContextCookies, cookies,
 				"incorrect cookies received from the browser context",