Block `<meta http-equiv="set-cookie" ...>`

Intent to Deprecate: https://groups.google.com/a/chromium.org/forum/#!msg/blink-dev/0sJ8GUJO0Dw/iMmcXLIGBAAJ HTML discussion at https://github.com/whatwg/html/issues/3076. Bug: 767813 Change-Id: Ibbbce7794c6802e66eeb4e8e6d95acedebbe840c Reviewed-on: https://chromium-review.googlesource.com/800290Reviewed-by: Jochen Eisinger <jochen@chromium.org> Commit-Queue: Mike West <mkwst@chromium.org> Cr-Commit-Position: refs/heads/master@{#521338}

Block `<meta http-equiv="set-cookie" ...>`
Intent to Deprecate: https://groups.google.com/a/chromium.org/forum/#!msg/blink-dev/0sJ8GUJO0Dw/iMmcXLIGBAAJ HTML discussion at https://github.com/whatwg/html/issues/3076. Bug: 767813 Change-Id: Ibbbce7794c6802e66eeb4e8e6d95acedebbe840c Reviewed-on: https://chromium-review.googlesource.com/800290Reviewed-by: Jochen Eisinger <jochen@chromium.org> Commit-Queue: Mike West <mkwst@chromium.org> Cr-Commit-Position: refs/heads/master@{#521338}
e71f2e95 · Mike West · Commit Bot · 67255bc1 · e71f2e95 · e71f2e95
Commit e71f2e95 authored Dec 04, 2017 by Mike West Committed by Commit Bot Dec 04, 2017
4 changed files
--- a/third_party/WebKit/LayoutTests/external/wpt/cookies/meta-blocked.html
+++ b/third_party/WebKit/LayoutTests/external/wpt/cookies/meta-blocked.html
+<!DOCTYPE html>
+<head>
+  <meta http-equiv="set-cookie" content="meta-set-cookie=1">
+  <script src="/resources/testharness.js"></script>
+  <script src="/resources/testharnessreport.js"></script>
+</head>
+<body>
+  <script>
+    test(t => {
+      assert_equals(document.cookie.indexOf('meta-set-cookie'), -1);
+    }, "Cookie is not set from `<meta>`.");
+  </script>
+</body>
--- a/third_party/WebKit/LayoutTests/http/tests/cookies/meta-expected.txt
+++ b/third_party/WebKit/LayoutTests/http/tests/cookies/meta-expected.txt
-CONSOLE WARNING: Setting cookies via `<meta http-equiv='Set-Cookie' ...>` is deprecated, and will stop working in M65, around March 2018. Consider switching to `document.cookie = ...`, or to `Set-Cookie` HTTP headers instead. See https://www.chromestatus.com/feature/6170540112871424 for more details.
+CONSOLE WARNING: Setting cookies via `<meta http-equiv='Set-Cookie' ...>` no longer works, as of M65. Consider switching to  `document.cookie = ...`, or to `Set-Cookie` HTTP headers instead. See https://www.chromestatus.com/feature/6170540112871424 for more details.
 CONSOLE ERROR: line 3: Blocked setting the `meta-set-cookie=1` cookie from a `<meta>` tag.
 This is a testharness.js-based test.
 PASS Cookie is not set from `<meta>`.

--- a/third_party/WebKit/Source/core/frame/Deprecation.cpp
+++ b/third_party/WebKit/Source/core/frame/Deprecation.cpp
@@ -296,11 +296,10 @@ DeprecationInfo GetDeprecationInfo(WebFeature feature) {
    case WebFeature::kMetaSetCookie:
      return {"MetaSetCookie", M65,
              String::Format(
-                  "Setting cookies via `<meta http-equiv='Set-Cookie' ...>` is "
-                  "deprecated, and will stop working in %s. Consider switching "
-                  "to `document.cookie = ...`, or to `Set-Cookie` HTTP headers "
+                  "Setting cookies via `<meta http-equiv='Set-Cookie' ...>` no "
+                  "longer works, as of M65. Consider switching to "
+                  " `document.cookie = ...`, or to `Set-Cookie` HTTP headers "
                  "instead. See %s for more details.",
-                  milestoneString(M65),
                  "https://www.chromestatus.com/feature/6170540112871424")};

    // Powerful features on insecure origins (https://goo.gl/rStTGz)

--- a/third_party/WebKit/Source/platform/runtime_enabled_features.json5
+++ b/third_party/WebKit/Source/platform/runtime_enabled_features.json5
@@ -134,7 +134,7 @@
    },
    {
      name: "BlockMetaSetCookie",
-      status: "experimental"
+      status: "stable"
    },
    {
      name: "Budget",