Record a boolean metric indicating when an included SameParty cookie
would also have been included due to SameSite rules. Bug: 1143756 Change-Id: I443a042e08ed0c091c65e55138c5ad0547a6f652 Reviewed-on: https://chromium-review.googlesource.com/c/chromium/src/+/2611946 Reviewed-by: Brian White <bcwhite@chromium.org> Reviewed-by: Lily Chen <chlily@chromium.org> Commit-Queue: Chris Fredrickson <cfredric@chromium.org> Cr-Commit-Position: refs/heads/master@{#841119}
This commit is contained in:

committed by
Chromium LUCI CQ

parent
e2cf5fa1f6
commit
4991a86194
@ -771,17 +771,31 @@ CookieAccessResult CanonicalCookie::IncludeForRequestURL(
|
||||
status.AddExclusionReason(
|
||||
CookieInclusionStatus::EXCLUDE_SAMEPARTY_CROSS_PARTY_CONTEXT);
|
||||
FALLTHROUGH;
|
||||
case CookieSamePartyStatus::kEnforceSamePartyInclude:
|
||||
case CookieSamePartyStatus::kEnforceSamePartyInclude: {
|
||||
// Remove any SameSite exclusion reasons, since SameParty overrides
|
||||
// SameSite.
|
||||
DCHECK(!status.HasExclusionReason(
|
||||
CookieInclusionStatus::EXCLUDE_SAMESITE_STRICT));
|
||||
DCHECK_NE(effective_same_site, CookieEffectiveSameSite::STRICT_MODE);
|
||||
status.RemoveExclusionReasons({
|
||||
CookieInclusionStatus::EXCLUDE_SAMESITE_LAX,
|
||||
CookieInclusionStatus::EXCLUDE_SAMESITE_UNSPECIFIED_TREATED_AS_LAX,
|
||||
});
|
||||
bool included_by_samesite =
|
||||
!status.HasExclusionReason(
|
||||
CookieInclusionStatus::EXCLUDE_SAMESITE_LAX) &&
|
||||
!status.HasExclusionReason(
|
||||
CookieInclusionStatus::
|
||||
EXCLUDE_SAMESITE_UNSPECIFIED_TREATED_AS_LAX);
|
||||
if (!included_by_samesite) {
|
||||
status.RemoveExclusionReasons({
|
||||
CookieInclusionStatus::EXCLUDE_SAMESITE_LAX,
|
||||
CookieInclusionStatus::EXCLUDE_SAMESITE_UNSPECIFIED_TREATED_AS_LAX,
|
||||
});
|
||||
}
|
||||
if (status.IsInclude()) {
|
||||
UMA_HISTOGRAM_BOOLEAN(
|
||||
"Cookie.SamePartyReadIncluded.InclusionUnderSameSite",
|
||||
included_by_samesite);
|
||||
}
|
||||
break;
|
||||
}
|
||||
case CookieSamePartyStatus::kNoSamePartyEnforcement:
|
||||
break;
|
||||
}
|
||||
@ -931,7 +945,7 @@ CookieAccessResult CanonicalCookie::IsSetPermittedInContext(
|
||||
access_result.status.AddExclusionReason(
|
||||
CookieInclusionStatus::EXCLUDE_SAMEPARTY_CROSS_PARTY_CONTEXT);
|
||||
FALLTHROUGH;
|
||||
case CookieSamePartyStatus::kEnforceSamePartyInclude:
|
||||
case CookieSamePartyStatus::kEnforceSamePartyInclude: {
|
||||
DCHECK(IsSameParty());
|
||||
// Remove any SameSite exclusion reasons, since SameParty overrides
|
||||
// SameSite.
|
||||
@ -939,11 +953,25 @@ CookieAccessResult CanonicalCookie::IsSetPermittedInContext(
|
||||
CookieInclusionStatus::EXCLUDE_SAMESITE_STRICT));
|
||||
DCHECK_NE(access_result.effective_same_site,
|
||||
CookieEffectiveSameSite::STRICT_MODE);
|
||||
access_result.status.RemoveExclusionReasons({
|
||||
CookieInclusionStatus::EXCLUDE_SAMESITE_LAX,
|
||||
CookieInclusionStatus::EXCLUDE_SAMESITE_UNSPECIFIED_TREATED_AS_LAX,
|
||||
});
|
||||
bool included_by_samesite =
|
||||
!access_result.status.HasExclusionReason(
|
||||
CookieInclusionStatus::EXCLUDE_SAMESITE_LAX) &&
|
||||
!access_result.status.HasExclusionReason(
|
||||
CookieInclusionStatus::
|
||||
EXCLUDE_SAMESITE_UNSPECIFIED_TREATED_AS_LAX);
|
||||
if (!included_by_samesite) {
|
||||
access_result.status.RemoveExclusionReasons({
|
||||
CookieInclusionStatus::EXCLUDE_SAMESITE_LAX,
|
||||
CookieInclusionStatus::EXCLUDE_SAMESITE_UNSPECIFIED_TREATED_AS_LAX,
|
||||
});
|
||||
}
|
||||
if (access_result.status.IsInclude()) {
|
||||
UMA_HISTOGRAM_BOOLEAN(
|
||||
"Cookie.SamePartySetIncluded.InclusionUnderSameSite",
|
||||
included_by_samesite);
|
||||
}
|
||||
break;
|
||||
}
|
||||
case CookieSamePartyStatus::kNoSamePartyEnforcement:
|
||||
break;
|
||||
}
|
||||
|
@ -418,6 +418,17 @@ reviews. Googlers can read more about this at go/gwsq-gerrit.
|
||||
</summary>
|
||||
</histogram>
|
||||
|
||||
<histogram name="Cookie.SamePartyReadIncluded.InclusionUnderSameSite"
|
||||
enum="BooleanIncluded" expires_after="2022-01-05">
|
||||
<owner>cfredric@chromium.org</owner>
|
||||
<owner>chlily@chromium.org</owner>
|
||||
<summary>
|
||||
This histogram records, for each cookie with the SameParty attribute that is
|
||||
read, whether the access would have been allowed by the cookie's SameSite
|
||||
attribute (if SameParty had not been specified).
|
||||
</summary>
|
||||
</histogram>
|
||||
|
||||
<histogram name="Cookie.SamePartyReadIncluded.IsHTTP" enum="BooleanHTTPVsJS"
|
||||
expires_after="2022-01-05">
|
||||
<owner>cfredric@chromium.org</owner>
|
||||
@ -440,6 +451,17 @@ reviews. Googlers can read more about this at go/gwsq-gerrit.
|
||||
</summary>
|
||||
</histogram>
|
||||
|
||||
<histogram name="Cookie.SamePartySetIncluded.InclusionUnderSameSite"
|
||||
enum="BooleanIncluded" expires_after="2022-01-05">
|
||||
<owner>cfredric@chromium.org</owner>
|
||||
<owner>chlily@chromium.org</owner>
|
||||
<summary>
|
||||
This histogram records, for each cookie with the SameParty attribute that is
|
||||
set, whether the access would have been allowed by the cookie's SameSite
|
||||
attribute (if SameParty had not been specified).
|
||||
</summary>
|
||||
</histogram>
|
||||
|
||||
<histogram name="Cookie.SamePartySetIncluded.IsHTTP" enum="BooleanHTTPVsJS"
|
||||
expires_after="2022-01-05">
|
||||
<owner>cfredric@chromium.org</owner>
|
||||
|
Reference in New Issue
Block a user