* Throws if a given cookie should not be set on the given origin. * This is a defense-in-depth. Callers should never run into this. * * @param {!Window} win * @param {!Object} options * @param {string} name For the error message.
(win, options, name)
| 240 | * @param {string} name For the error message. |
| 241 | */ |
| 242 | function checkOriginForSettingCookie(win, options, name) { |
| 243 | if (options.allowOnProxyOrigin) { |
| 244 | userAssert( |
| 245 | !options.highestAvailableDomain, |
| 246 | 'Could not support highestAvailable Domain on proxy origin, ' + |
| 247 | 'specify domain explicitly' |
| 248 | ); |
| 249 | return; |
| 250 | } |
| 251 | userAssert( |
| 252 | !isProxyOrigin(win.location.href), |
| 253 | `Should never attempt to set cookie on proxy origin: ${name}` |
| 254 | ); |
| 255 | const current = parseUrlDeprecated(win.location.href).hostname.toLowerCase(); |
| 256 | const proxy = parseUrlDeprecated(urls.cdn).hostname.toLowerCase(); |
| 257 | userAssert( |
| 258 | !(current == proxy || endsWith(current, '.' + proxy)), |
| 259 | 'Should never attempt to set cookie on proxy origin. (in depth check): ' + |
| 260 | name |
| 261 | ); |
| 262 | } |
| 263 | |
| 264 | /** |
| 265 | * Return a temporary cookie name for testing only |
no test coverage detected