Add SameParty attribute to CanonicalCookie
This adds a bool for SameParty to CanonicalCookie and updates ctor callers (mostly tests). It enforces the requirement that a canonical CanonicalCookie with SameParty must be Secure, and must not have SameSite=Strict. Cookies that violate this are rejected with a newly added CookieInclusionStatus::ExclusionReason. SameParty attribute semantics are not yet enforced. This adds same_party to the cookie attributes logged for cookie store events in the NetLog. Bug: 1142606 Change-Id: I06899aa5e24b5037e0609009aec498476a616bdc Reviewed-on: https://chromium-review.googlesource.com/c/chromium/src/+/2506303 Reviewed-by: David Roger <droger@chromium.org> Reviewed-by: Balazs Engedy <engedy@chromium.org> Reviewed-by: Mohammad Refaat <mrefaat@chromium.org> Reviewed-by: Sigurd Schneider <sigurds@chromium.org> Reviewed-by: Daniel Cheng <dcheng@chromium.org> Reviewed-by: Ayu Ishii <ayui@chromium.org> Reviewed-by: Alexander Alekseev <alemate@chromium.org> Reviewed-by: Wez <wez@chromium.org> Reviewed-by: Marc Treib <treib@chromium.org> Reviewed-by: Michael Thiessen <mthiesse@chromium.org> Reviewed-by: Maksim Orlovich <morlovich@chromium.org> Reviewed-by: Eugene But <eugenebut@chromium.org> Reviewed-by: Martin Šrámek <msramek@chromium.org> Reviewed-by: Karan Bhatia <karandeepb@chromium.org> Commit-Queue: Lily Chen <chlily@chromium.org> Cr-Commit-Position: refs/heads/master@{#823603}
This commit is contained in:
Lily Chen
chrome
android
junit
src
org
chromium
chrome
browser
cookies
browser
android
cookies
browsing_data
chromeos
android_sms
login
extensions
api
browsing_data
cookies
identity
net
profile_resetter
profiles
android
java
src
org
chromium
chrome
browser
sync
test
integration
components/signin
internal
identity_manager
ios
public
identity_manager
content/browser
browsing_data
browsing_data_remover_impl_unittest.ccbrowsing_data_test_utils.ccsame_site_data_remover_impl_unittest.cc
cookie_store
devtools
protocol
fuchsia/engine/browser
google_apis/gaia
oauth2_mint_token_flow.ccoauth2_mint_token_flow_unittest.ccoauth_multilogin_result.ccoauth_multilogin_result_unittest.cc
ios
net
cookies
web
download
net
cookies
canonical_cookie.cccanonical_cookie.hcanonical_cookie_fuzzer.cccanonical_cookie_unittest.cccookie_deletion_info_unittest.cccookie_inclusion_status.cccookie_inclusion_status.hcookie_monster_netlog_params.cccookie_monster_store_test.cccookie_monster_unittest.cccookie_store_unittest.h
extras
services/network
cookie_manager_unittest.ccnetwork_context_unittest.ccrestricted_cookie_manager.ccrestricted_cookie_manager_unittest.ccsession_cleanup_cookie_store_unittest.cc
public
cpp
mojom
third_party/blink/renderer/modules/cookie_store
@ -62,6 +62,7 @@ public class CanonicalCookieTest {
|
||||
Assert.assertEquals(lhs.isHttpOnly(), rhs.isHttpOnly());
|
||||
Assert.assertEquals(lhs.getSameSite(), rhs.getSameSite());
|
||||
Assert.assertEquals(lhs.getPriority(), rhs.getPriority());
|
||||
Assert.assertEquals(lhs.isSameParty(), rhs.isSameParty());
|
||||
Assert.assertEquals(lhs.sourceScheme(), rhs.sourceScheme());
|
||||
}
|
||||
|
||||
@ -86,13 +87,13 @@ public class CanonicalCookieTest {
|
||||
ArrayList<CanonicalCookie> cookies = new ArrayList<>();
|
||||
cookies.add(new CanonicalCookie("name", "value", "domain", "path", 0 /* creation */,
|
||||
1 /* expiration */, 0 /* lastAccess */, false /* secure */, true /* httpOnly */,
|
||||
0 /* sameSite */, 0 /* priority */, 1 /* sourceScheme */));
|
||||
0 /* sameSite */, 0 /* priority */, false /* same_party */, 1 /* sourceScheme */));
|
||||
cookies.add(new CanonicalCookie("name2", "value2", ".domain2", "path2", 10 /* creation */,
|
||||
20 /* expiration */, 15 /* lastAccess */, true /* secure */, false /* httpOnly */,
|
||||
1 /* sameSite */, 1 /* priority */, 2 /* sourceScheme */));
|
||||
1 /* sameSite */, 1 /* priority */, true /* same_party */, 2 /* sourceScheme */));
|
||||
cookies.add(new CanonicalCookie("name3", "value3", "domain3", "path3", 10 /* creation */,
|
||||
20 /* expiration */, 15 /* lastAccess */, true /* secure */, false /* httpOnly */,
|
||||
2 /* sameSite */, 2 /* priority */, 2 /* sourceScheme */));
|
||||
2 /* sameSite */, 2 /* priority */, false /* same_party */, 2 /* sourceScheme */));
|
||||
|
||||
doSaveRestoreCookiesListTest(cookies);
|
||||
}
|
||||
|
||||
@ -48,7 +48,7 @@ void OnCookiesFetchFinished(const net::CookieList& cookies) {
|
||||
i->ExpiryDate().ToDeltaSinceWindowsEpoch().InMicroseconds(),
|
||||
i->LastAccessDate().ToDeltaSinceWindowsEpoch().InMicroseconds(),
|
||||
i->IsSecure(), i->IsHttpOnly(), static_cast<int>(i->SameSite()),
|
||||
i->Priority(), static_cast<int>(i->SourceScheme()));
|
||||
i->Priority(), i->IsSameParty(), static_cast<int>(i->SourceScheme()));
|
||||
env->SetObjectArrayElement(joa.obj(), index++, java_cookie.obj());
|
||||
}
|
||||
|
||||
@ -88,6 +88,7 @@ static void JNI_CookiesFetcher_RestoreCookies(
|
||||
jboolean httponly,
|
||||
jint same_site,
|
||||
jint priority,
|
||||
jboolean same_party,
|
||||
jint source_scheme) {
|
||||
// TODO(https://crbug.com/1060940): Update to cover all OTR profiles.
|
||||
if (!ProfileManager::GetPrimaryUserProfile()->HasPrimaryOTRProfile())
|
||||
@ -108,7 +109,7 @@ static void JNI_CookiesFetcher_RestoreCookies(
|
||||
base::Time::FromDeltaSinceWindowsEpoch(
|
||||
base::TimeDelta::FromMicroseconds(last_access)),
|
||||
secure, httponly, static_cast<net::CookieSameSite>(same_site),
|
||||
static_cast<net::CookiePriority>(priority),
|
||||
static_cast<net::CookiePriority>(priority), same_party,
|
||||
static_cast<net::CookieSourceScheme>(source_scheme));
|
||||
if (!cookie)
|
||||
return;
|
||||
|
||||
@ -275,7 +275,8 @@ bool SetGaiaCookieForProfile(Profile* profile) {
|
||||
net::CanonicalCookie cookie(
|
||||
"SAPISID", std::string(), "." + google_url.host(), "/", base::Time(),
|
||||
base::Time(), base::Time(), true /* secure */, false /* httponly */,
|
||||
net::CookieSameSite::NO_RESTRICTION, net::COOKIE_PRIORITY_DEFAULT);
|
||||
net::CookieSameSite::NO_RESTRICTION, net::COOKIE_PRIORITY_DEFAULT,
|
||||
false /* same_party */);
|
||||
bool success = false;
|
||||
base::RunLoop loop;
|
||||
base::OnceCallback<void(net::CookieAccessResult)> callback =
|
||||
|
||||
@ -52,8 +52,8 @@ class SiteDataCountingHelperTest : public testing::Test {
|
||||
net::CanonicalCookie::CreateSanitizedCookie(
|
||||
url, "name", "A=1", url.host(), url.path(), creation_time,
|
||||
base::Time(), creation_time, url.SchemeIsCryptographic(), false,
|
||||
net::CookieSameSite::NO_RESTRICTION,
|
||||
net::COOKIE_PRIORITY_DEFAULT);
|
||||
net::CookieSameSite::NO_RESTRICTION, net::COOKIE_PRIORITY_DEFAULT,
|
||||
false);
|
||||
net::CookieOptions options;
|
||||
options.set_include_httponly();
|
||||
cookie_manager->SetCanonicalCookie(
|
||||
|
||||
@ -108,7 +108,8 @@ void AndroidSmsAppSetupControllerImpl::SetUpApp(const GURL& app_url,
|
||||
base::Time::Now() /* creation_time */, base::Time() /* expiration_time */,
|
||||
base::Time::Now() /* last_access_time */,
|
||||
!net::IsLocalhost(app_url) /* secure */, false /* http_only */,
|
||||
net::CookieSameSite::STRICT_MODE, net::COOKIE_PRIORITY_DEFAULT);
|
||||
net::CookieSameSite::STRICT_MODE, net::COOKIE_PRIORITY_DEFAULT,
|
||||
false /* same_party */);
|
||||
// TODO(crbug.com/1069974): The cookie source url must be faked here because
|
||||
// otherwise, this would fail to set a secure cookie if |app_url| is insecure.
|
||||
// Consider instead to use url::Replacements to force the scheme to be https.
|
||||
@ -327,7 +328,8 @@ void AndroidSmsAppSetupControllerImpl::SetMigrationCookie(
|
||||
base::Time::Now() /* creation_time */, base::Time() /* expiration_time */,
|
||||
base::Time::Now() /* last_access_time */,
|
||||
!net::IsLocalhost(app_url) /* secure */, false /* http_only */,
|
||||
net::CookieSameSite::STRICT_MODE, net::COOKIE_PRIORITY_DEFAULT);
|
||||
net::CookieSameSite::STRICT_MODE, net::COOKIE_PRIORITY_DEFAULT,
|
||||
false /* same_party */);
|
||||
// TODO(crbug.com/1069974): The cookie source url must be faked here because
|
||||
// otherwise, this would fail to set a secure cookie if |app_url| is insecure.
|
||||
// Consider instead to use url::Replacements to force the scheme to be https.
|
||||
|
||||
@ -231,21 +231,24 @@ void ProfileAuthDataTest::PopulateBrowserContext(
|
||||
GURL(kSAMLIdPCookieURL), kCookieName, cookie_value,
|
||||
kSAMLIdPCookieDomainWithWildcard, std::string(), base::Time(),
|
||||
base::Time(), base::Time(), true, false,
|
||||
net::CookieSameSite::NO_RESTRICTION, net::COOKIE_PRIORITY_DEFAULT),
|
||||
net::CookieSameSite::NO_RESTRICTION, net::COOKIE_PRIORITY_DEFAULT,
|
||||
false),
|
||||
GURL(kSAMLIdPCookieURL), options, base::DoNothing());
|
||||
|
||||
cookies->SetCanonicalCookie(
|
||||
*net::CanonicalCookie::CreateSanitizedCookie(
|
||||
GURL(kSAMLIdPCookieURL), kCookieName, cookie_value, std::string(),
|
||||
std::string(), base::Time(), base::Time(), base::Time(), true, false,
|
||||
net::CookieSameSite::NO_RESTRICTION, net::COOKIE_PRIORITY_DEFAULT),
|
||||
net::CookieSameSite::NO_RESTRICTION, net::COOKIE_PRIORITY_DEFAULT,
|
||||
false),
|
||||
GURL(kSAMLIdPCookieURL), options, base::DoNothing());
|
||||
|
||||
cookies->SetCanonicalCookie(
|
||||
*net::CanonicalCookie::CreateSanitizedCookie(
|
||||
GURL(kGAIACookieURL), kCookieName, cookie_value, std::string(),
|
||||
std::string(), base::Time(), base::Time(), base::Time(), true, false,
|
||||
net::CookieSameSite::NO_RESTRICTION, net::COOKIE_PRIORITY_DEFAULT),
|
||||
net::CookieSameSite::NO_RESTRICTION, net::COOKIE_PRIORITY_DEFAULT,
|
||||
false),
|
||||
GURL(kGAIACookieURL), options, base::DoNothing());
|
||||
}
|
||||
|
||||
|
||||
@ -132,7 +132,8 @@ void InjectCookie(content::StoragePartition* storage_partition) {
|
||||
net::CanonicalCookie cookie(
|
||||
kTestCookieName, kTestCookieValue, kTestCookieHost, "/", base::Time(),
|
||||
base::Time(), base::Time(), true /* secure */, false /* httponly*/,
|
||||
net::CookieSameSite::NO_RESTRICTION, net::COOKIE_PRIORITY_MEDIUM);
|
||||
net::CookieSameSite::NO_RESTRICTION, net::COOKIE_PRIORITY_MEDIUM,
|
||||
false /* same_party */);
|
||||
base::RunLoop run_loop;
|
||||
cookie_manager->SetCanonicalCookie(
|
||||
cookie, net::cookie_util::SimulatedCookieSource(cookie, "https"),
|
||||
|
||||
@ -57,7 +57,7 @@ bool SetGaiaCookieForProfile(Profile* profile) {
|
||||
"/", base::Time(), base::Time(), base::Time(),
|
||||
/*secure=*/true, false,
|
||||
net::CookieSameSite::NO_RESTRICTION,
|
||||
net::COOKIE_PRIORITY_DEFAULT);
|
||||
net::COOKIE_PRIORITY_DEFAULT, false);
|
||||
|
||||
bool success = false;
|
||||
base::RunLoop loop;
|
||||
|
||||
@ -411,6 +411,7 @@ ExtensionFunction::ResponseAction CookiesSetFunction::Run() {
|
||||
break;
|
||||
}
|
||||
|
||||
// TODO(crbug.com/1144181): Add support for SameParty attribute.
|
||||
// clang-format off
|
||||
std::unique_ptr<net::CanonicalCookie> cc(
|
||||
net::CanonicalCookie::CreateSanitizedCookie(
|
||||
@ -431,7 +432,8 @@ ExtensionFunction::ResponseAction CookiesSetFunction::Run() {
|
||||
*parsed_args_->details.http_only :
|
||||
false,
|
||||
same_site,
|
||||
net::COOKIE_PRIORITY_DEFAULT));
|
||||
net::COOKIE_PRIORITY_DEFAULT,
|
||||
/*same_party=*/false));
|
||||
// clang-format on
|
||||
if (!cc) {
|
||||
// Return error through callbacks so that the proper error message
|
||||
|
||||
@ -25,7 +25,7 @@ TEST(CookiesHelperUnittest, CookieConversionWithInfiniteExpirationDate) {
|
||||
net::CanonicalCookie cookie("cookiename", "cookievalue", "example.com", "/",
|
||||
base::Time::Now(), kExpirationDate, base::Time(),
|
||||
false, false, net::CookieSameSite::NO_RESTRICTION,
|
||||
net::COOKIE_PRIORITY_DEFAULT);
|
||||
net::COOKIE_PRIORITY_DEFAULT, false);
|
||||
|
||||
// Serialize the cookie to JSON. We need to gracefully handle the infinite
|
||||
// expiration date, which should be converted to the maximum value.
|
||||
|
||||
@ -87,7 +87,7 @@ TEST_F(ExtensionCookiesTest, ExtensionTypeCreation) {
|
||||
std::make_unique<net::CanonicalCookie>(
|
||||
"ABC", "DEF", "www.example.com", "/", base::Time(), base::Time(),
|
||||
base::Time(), false, false, net::CookieSameSite::NO_RESTRICTION,
|
||||
net::COOKIE_PRIORITY_DEFAULT));
|
||||
net::COOKIE_PRIORITY_DEFAULT, false));
|
||||
ASSERT_NE(nullptr, canonical_cookie1.get());
|
||||
Cookie cookie1 =
|
||||
cookies_helpers::CreateCookie(*canonical_cookie1, "some cookie store");
|
||||
@ -107,7 +107,8 @@ TEST_F(ExtensionCookiesTest, ExtensionTypeCreation) {
|
||||
std::make_unique<net::CanonicalCookie>(
|
||||
"ABC", "DEF", ".example.com", "/", base::Time(),
|
||||
base::Time::FromDoubleT(10000), base::Time(), false, false,
|
||||
net::CookieSameSite::STRICT_MODE, net::COOKIE_PRIORITY_DEFAULT));
|
||||
net::CookieSameSite::STRICT_MODE, net::COOKIE_PRIORITY_DEFAULT,
|
||||
false));
|
||||
ASSERT_NE(nullptr, canonical_cookie2.get());
|
||||
Cookie cookie2 =
|
||||
cookies_helpers::CreateCookie(*canonical_cookie2, "some cookie store");
|
||||
@ -131,7 +132,7 @@ TEST_F(ExtensionCookiesTest, GetURLFromCanonicalCookie) {
|
||||
std::make_unique<net::CanonicalCookie>(
|
||||
"ABC", "DEF", ".example.com", "/", base::Time(), base::Time(),
|
||||
base::Time(), false, false, net::CookieSameSite::NO_RESTRICTION,
|
||||
net::COOKIE_PRIORITY_DEFAULT));
|
||||
net::COOKIE_PRIORITY_DEFAULT, false));
|
||||
ASSERT_NE(nullptr, cookie1.get());
|
||||
EXPECT_EQ("http://example.com/",
|
||||
cookies_helpers::GetURLFromCanonicalCookie(*cookie1).spec());
|
||||
@ -140,7 +141,7 @@ TEST_F(ExtensionCookiesTest, GetURLFromCanonicalCookie) {
|
||||
std::make_unique<net::CanonicalCookie>(
|
||||
"ABC", "DEF", ".helloworld.com", "/", base::Time(), base::Time(),
|
||||
base::Time(), true, false, net::CookieSameSite::NO_RESTRICTION,
|
||||
net::COOKIE_PRIORITY_DEFAULT));
|
||||
net::COOKIE_PRIORITY_DEFAULT, false));
|
||||
ASSERT_NE(nullptr, cookie2.get());
|
||||
EXPECT_EQ("https://helloworld.com/",
|
||||
cookies_helpers::GetURLFromCanonicalCookie(*cookie2).spec());
|
||||
@ -176,7 +177,8 @@ TEST_F(ExtensionCookiesTest, DomainMatching) {
|
||||
std::make_unique<net::CanonicalCookie>(
|
||||
"name", std::string(), tests[i].domain, "/", base::Time(),
|
||||
base::Time(), base::Time(), false, false,
|
||||
net::CookieSameSite::NO_RESTRICTION, net::COOKIE_PRIORITY_DEFAULT));
|
||||
net::CookieSameSite::NO_RESTRICTION, net::COOKIE_PRIORITY_DEFAULT,
|
||||
false));
|
||||
ASSERT_NE(nullptr, cookie.get());
|
||||
EXPECT_EQ(tests[i].matches, filter.MatchesCookie(*cookie)) << " test " << i;
|
||||
}
|
||||
|
||||
@ -3665,7 +3665,7 @@ IN_PROC_BROWSER_TEST_P(ClearAllCachedAuthTokensFunctionTestWithPartitionParam,
|
||||
net::CanonicalCookie test_cookie(
|
||||
"test_name", "test_value", "test.com", "/", base::Time(), base::Time(),
|
||||
base::Time(), true, false, net::CookieSameSite::NO_RESTRICTION,
|
||||
net::COOKIE_PRIORITY_DEFAULT);
|
||||
net::COOKIE_PRIORITY_DEFAULT, false);
|
||||
base::RunLoop set_cookie_loop;
|
||||
GetCookieManager()->SetCanonicalCookie(
|
||||
test_cookie,
|
||||
|
||||
@ -44,11 +44,11 @@ net::CookieList GetCookies(
|
||||
void SetCookie(
|
||||
const mojo::Remote<network::mojom::CookieManager>& cookie_manager) {
|
||||
base::Time t = base::Time::Now();
|
||||
net::CanonicalCookie cookie(kCookieName, kCookieValue, "www.test.com", "/", t,
|
||||
t + base::TimeDelta::FromDays(1), base::Time(),
|
||||
true /* secure */, false /* http-only*/,
|
||||
net::CookieSameSite::NO_RESTRICTION,
|
||||
net::COOKIE_PRIORITY_DEFAULT);
|
||||
net::CanonicalCookie cookie(
|
||||
kCookieName, kCookieValue, "www.test.com", "/", t,
|
||||
t + base::TimeDelta::FromDays(1), base::Time(), true /* secure */,
|
||||
false /* http-only*/, net::CookieSameSite::NO_RESTRICTION,
|
||||
net::COOKIE_PRIORITY_DEFAULT, false /* same_party */);
|
||||
base::RunLoop run_loop;
|
||||
cookie_manager->SetCanonicalCookie(
|
||||
cookie, net::cookie_util::SimulatedCookieSource(cookie, "https"),
|
||||
|
||||
@ -100,7 +100,8 @@ void RemoveCookieTester::AddCookie(const std::string& host,
|
||||
net::CanonicalCookie cookie(
|
||||
name, value, host, "/", base::Time(), base::Time(), base::Time(),
|
||||
true /* secure*/, false /* http only*/,
|
||||
net::CookieSameSite::NO_RESTRICTION, net::COOKIE_PRIORITY_MEDIUM);
|
||||
net::CookieSameSite::NO_RESTRICTION, net::COOKIE_PRIORITY_MEDIUM,
|
||||
false /* same_party */);
|
||||
cookie_manager_->SetCanonicalCookie(
|
||||
cookie, net::cookie_util::SimulatedCookieSource(cookie, "https"), options,
|
||||
base::BindOnce(&RemoveCookieTester::SetCanonicalCookieCallback,
|
||||
|
||||
32
chrome/browser/profiles/android/java/src/org/chromium/chrome/browser/cookies/CanonicalCookie.java
32
chrome/browser/profiles/android/java/src/org/chromium/chrome/browser/cookies/CanonicalCookie.java
@ -27,12 +27,13 @@ class CanonicalCookie {
|
||||
private final boolean mHttpOnly;
|
||||
private final int mSameSite;
|
||||
private final int mPriority;
|
||||
private final boolean mSameParty;
|
||||
private final int mSourceScheme;
|
||||
|
||||
/** Constructs a CanonicalCookie */
|
||||
CanonicalCookie(String name, String value, String domain, String path, long creation,
|
||||
long expiration, long lastAccess, boolean secure, boolean httpOnly, int sameSite,
|
||||
int priority, int sourceScheme) {
|
||||
int priority, boolean sameParty, int sourceScheme) {
|
||||
mName = name;
|
||||
mValue = value;
|
||||
mDomain = domain;
|
||||
@ -44,6 +45,7 @@ class CanonicalCookie {
|
||||
mHttpOnly = httpOnly;
|
||||
mSameSite = sameSite;
|
||||
mPriority = priority;
|
||||
mSameParty = sameParty;
|
||||
mSourceScheme = sourceScheme;
|
||||
}
|
||||
|
||||
@ -62,6 +64,11 @@ class CanonicalCookie {
|
||||
return mSameSite;
|
||||
}
|
||||
|
||||
/** @return True if the cookie has the SameParty attribute. */
|
||||
boolean isSameParty() {
|
||||
return mSameParty;
|
||||
}
|
||||
|
||||
/** @return True if the cookie is secure. */
|
||||
boolean isSecure() {
|
||||
return mSecure;
|
||||
@ -110,7 +117,7 @@ class CanonicalCookie {
|
||||
// Note incognito state cannot persist across app installs since the encryption key is stored
|
||||
// in the activity state bundle. So the version here is more of a guard than a real version
|
||||
// used for format migrations.
|
||||
private static final int SERIALIZATION_VERSION = 20191105;
|
||||
private static final int SERIALIZATION_VERSION = 20201029;
|
||||
|
||||
static void saveListToStream(DataOutputStream out, CanonicalCookie[] cookies)
|
||||
throws IOException {
|
||||
@ -164,8 +171,6 @@ class CanonicalCookie {
|
||||
}
|
||||
|
||||
private void saveToStream(DataOutputStream out) throws IOException {
|
||||
// URL is no longer included. Keep for backward compatability.
|
||||
out.writeUTF("");
|
||||
out.writeUTF(mName);
|
||||
out.writeUTF(mValue);
|
||||
out.writeUTF(mDomain);
|
||||
@ -177,14 +182,23 @@ class CanonicalCookie {
|
||||
out.writeBoolean(mHttpOnly);
|
||||
out.writeInt(mSameSite);
|
||||
out.writeInt(mPriority);
|
||||
out.writeBoolean(mSameParty);
|
||||
out.writeInt(mSourceScheme);
|
||||
}
|
||||
|
||||
private static CanonicalCookie createFromStream(DataInputStream in) throws IOException {
|
||||
// URL is no longer included. Keep for backward compatability.
|
||||
in.readUTF();
|
||||
return new CanonicalCookie(in.readUTF(), in.readUTF(), in.readUTF(), in.readUTF(),
|
||||
in.readLong(), in.readLong(), in.readLong(), in.readBoolean(), in.readBoolean(),
|
||||
in.readInt(), in.readInt(), in.readInt());
|
||||
return new CanonicalCookie(in.readUTF(), // name
|
||||
in.readUTF(), // value
|
||||
in.readUTF(), // domain
|
||||
in.readUTF(), // path
|
||||
in.readLong(), // creation
|
||||
in.readLong(), // expiration
|
||||
in.readLong(), // last access
|
||||
in.readBoolean(), // secure
|
||||
in.readBoolean(), // httponly
|
||||
in.readInt(), // samesite
|
||||
in.readInt(), // priority
|
||||
in.readBoolean(), // sameparty
|
||||
in.readInt()); // source scheme
|
||||
}
|
||||
}
|
||||
|
||||
@ -31,6 +31,11 @@ import javax.crypto.CipherOutputStream;
|
||||
/**
|
||||
* Responsible for fetching, (de)serializing, and restoring cookies between the CookieJar and an
|
||||
* encrypted file storage.
|
||||
*
|
||||
* These methods are used for incognito only. Incognito cookies are kept separately from other
|
||||
* profiles' cookies, and are normally not persisted (on most platforms). However, on Android we
|
||||
* serialize and store them to avoid logging the user out of their accounts being used in incognito,
|
||||
* if the app is killed e.g. while in the background.
|
||||
*/
|
||||
public class CookiesFetcher {
|
||||
/** The default file name for the encrypted cookies storage. */
|
||||
@ -126,7 +131,7 @@ public class CookiesFetcher {
|
||||
cookie.getDomain(), cookie.getPath(), cookie.getCreationDate(),
|
||||
cookie.getExpirationDate(), cookie.getLastAccessDate(),
|
||||
cookie.isSecure(), cookie.isHttpOnly(), cookie.getSameSite(),
|
||||
cookie.getPriority(), cookie.sourceScheme());
|
||||
cookie.getPriority(), cookie.isSameParty(), cookie.sourceScheme());
|
||||
}
|
||||
}
|
||||
}.executeOnExecutor(AsyncTask.SERIAL_EXECUTOR);
|
||||
@ -169,9 +174,9 @@ public class CookiesFetcher {
|
||||
@CalledByNative
|
||||
private static CanonicalCookie createCookie(String name, String value, String domain,
|
||||
String path, long creation, long expiration, long lastAccess, boolean secure,
|
||||
boolean httpOnly, int sameSite, int priority, int sourceScheme) {
|
||||
boolean httpOnly, int sameSite, int priority, boolean sameParty, int sourceScheme) {
|
||||
return new CanonicalCookie(name, value, domain, path, creation, expiration, lastAccess,
|
||||
secure, httpOnly, sameSite, priority, sourceScheme);
|
||||
secure, httpOnly, sameSite, priority, sameParty, sourceScheme);
|
||||
}
|
||||
|
||||
@CalledByNative
|
||||
@ -227,6 +232,6 @@ public class CookiesFetcher {
|
||||
void persistCookies();
|
||||
void restoreCookies(String name, String value, String domain, String path, long creation,
|
||||
long expiration, long lastAccess, boolean secure, boolean httpOnly, int sameSite,
|
||||
int priority, int sourceScheme);
|
||||
int priority, boolean sameParty, int sourceScheme);
|
||||
}
|
||||
}
|
||||
|
||||
@ -27,9 +27,12 @@ const char kSigninCookieName[] = "SAPISID";
|
||||
void AddSigninCookie(Profile* profile) {
|
||||
DCHECK(profile);
|
||||
net::CanonicalCookie cookie(
|
||||
kSigninCookieName, std::string(), ".google.com", "/", base::Time(),
|
||||
base::Time(), base::Time(), /*secure=*/true, false,
|
||||
net::CookieSameSite::NO_RESTRICTION, net::COOKIE_PRIORITY_DEFAULT);
|
||||
kSigninCookieName, std::string(), ".google.com", "/",
|
||||
/*creation=*/base::Time(),
|
||||
/*expires=*/base::Time(), /*last_access=*/base::Time(), /*secure=*/true,
|
||||
/*httponly=*/false, net::CookieSameSite::NO_RESTRICTION,
|
||||
net::COOKIE_PRIORITY_DEFAULT,
|
||||
/*same_party=*/false);
|
||||
|
||||
network::mojom::CookieManager* cookie_manager =
|
||||
content::BrowserContext::GetDefaultStoragePartition(profile)
|
||||
|
||||
@ -601,7 +601,7 @@ void GaiaCookieManagerService::ForceOnCookieChangeProcessing() {
|
||||
kGaiaCookieName, std::string(), "." + google_url.host(), "/",
|
||||
base::Time(), base::Time(), base::Time(), true /* secure */,
|
||||
false /* httponly */, net::CookieSameSite::NO_RESTRICTION,
|
||||
net::COOKIE_PRIORITY_DEFAULT));
|
||||
net::COOKIE_PRIORITY_DEFAULT, false /* same_party */));
|
||||
OnCookieChange(
|
||||
net::CookieChangeInfo(*cookie, net::CookieAccessResult(),
|
||||
net::CookieChangeCause::UNKNOWN_DELETION));
|
||||
|
||||
@ -449,7 +449,7 @@ void AccountConsistencyService::SetChromeConnectedCookieWithUrl(
|
||||
/*last_access_time=*/base::Time(),
|
||||
/*secure=*/true,
|
||||
/*httponly=*/false, net::CookieSameSite::LAX_MODE,
|
||||
net::COOKIE_PRIORITY_DEFAULT);
|
||||
net::COOKIE_PRIORITY_DEFAULT, /*same_party=*/false);
|
||||
net::CookieOptions options;
|
||||
options.set_include_httponly();
|
||||
options.set_same_site_cookie_context(
|
||||
|
||||
@ -2055,7 +2055,7 @@ TEST_F(IdentityManagerTest, CallbackSentOnAccountsCookieDeletedByUserAction) {
|
||||
net::CanonicalCookie cookie(
|
||||
"SAPISID", std::string(), ".google.com", "/", base::Time(), base::Time(),
|
||||
base::Time(), /*secure=*/true, false, net::CookieSameSite::NO_RESTRICTION,
|
||||
net::COOKIE_PRIORITY_DEFAULT);
|
||||
net::COOKIE_PRIORITY_DEFAULT, false);
|
||||
SimulateCookieDeletedByUser(identity_manager()->GetGaiaCookieManagerService(),
|
||||
cookie);
|
||||
run_loop.Run();
|
||||
@ -2087,7 +2087,7 @@ TEST_F(IdentityManagerTest, OnNetworkInitialized) {
|
||||
net::CanonicalCookie cookie(
|
||||
"SAPISID", std::string(), ".google.com", "/", base::Time(), base::Time(),
|
||||
base::Time(), /*secure=*/true, false, net::CookieSameSite::NO_RESTRICTION,
|
||||
net::COOKIE_PRIORITY_DEFAULT);
|
||||
net::COOKIE_PRIORITY_DEFAULT, false);
|
||||
test_cookie_manager_ptr->DispatchCookieChange(net::CookieChangeInfo(
|
||||
cookie, net::CookieAccessResult(), net::CookieChangeCause::EXPLICIT));
|
||||
run_loop.Run();
|
||||
|
||||
@ -140,7 +140,7 @@ net::CanonicalCookie CreateCookieWithHost(const url::Origin& origin) {
|
||||
std::make_unique<net::CanonicalCookie>(
|
||||
"A", "1", origin.host(), "/", base::Time::Now(), base::Time::Now(),
|
||||
base::Time(), false, false, net::CookieSameSite::NO_RESTRICTION,
|
||||
net::COOKIE_PRIORITY_MEDIUM));
|
||||
net::COOKIE_PRIORITY_MEDIUM, false));
|
||||
EXPECT_TRUE(cookie);
|
||||
return *cookie;
|
||||
}
|
||||
|
||||
@ -40,7 +40,7 @@ void CreateCookieForTest(
|
||||
net::CanonicalCookie cookie(cookie_name, "1", cookie_domain, "/",
|
||||
base::Time(), base::Time(), base::Time(),
|
||||
is_cookie_secure, false, same_site,
|
||||
net::COOKIE_PRIORITY_LOW);
|
||||
net::COOKIE_PRIORITY_LOW, false);
|
||||
GetCookieManager(browser_context)
|
||||
->SetCanonicalCookie(
|
||||
cookie, net::cookie_util::SimulatedCookieSource(cookie, "https"),
|
||||
|
||||
@ -220,7 +220,7 @@ TEST_F(SameSiteDataRemoverImplTest, TestCookieRemovalUnaffectedByParameters) {
|
||||
net::CanonicalCookie cookie1("TestCookie1", "20", "google.com", "/",
|
||||
base::Time::Now(), base::Time(), base::Time(),
|
||||
true, true, net::CookieSameSite::NO_RESTRICTION,
|
||||
net::COOKIE_PRIORITY_HIGH);
|
||||
net::COOKIE_PRIORITY_HIGH, /*same_party=*/true);
|
||||
cookie_manager->SetCanonicalCookie(
|
||||
cookie1, net::cookie_util::SimulatedCookieSource(cookie1, "https"),
|
||||
options, base::BindLambdaForTesting([&](net::CookieAccessResult result) {
|
||||
@ -239,7 +239,7 @@ TEST_F(SameSiteDataRemoverImplTest, TestCookieRemovalUnaffectedByParameters) {
|
||||
net::CanonicalCookie cookie2("TestCookie2", "10", "gmail.google.com", "/",
|
||||
base::Time(), base::Time::Max(), base::Time(),
|
||||
false, true, net::CookieSameSite::LAX_MODE,
|
||||
net::COOKIE_PRIORITY_HIGH);
|
||||
net::COOKIE_PRIORITY_HIGH, false);
|
||||
cookie_manager->SetCanonicalCookie(
|
||||
cookie2, net::cookie_util::SimulatedCookieSource(cookie2, "https"),
|
||||
options, base::BindLambdaForTesting([&](net::CookieAccessResult result) {
|
||||
|
||||
@ -307,7 +307,7 @@ class CookieStoreManagerTest
|
||||
name, value, domain, path, base::Time(), base::Time(), base::Time(),
|
||||
/* secure = */ true,
|
||||
/* httponly = */ false, net::CookieSameSite::NO_RESTRICTION,
|
||||
net::COOKIE_PRIORITY_DEFAULT));
|
||||
net::COOKIE_PRIORITY_DEFAULT, /* same_party = */ false));
|
||||
}
|
||||
|
||||
bool DeleteCookie(const char* name, const char* domain, const char* path) {
|
||||
@ -315,7 +315,8 @@ class CookieStoreManagerTest
|
||||
name, /* value = */ "", domain, path, /* creation = */ base::Time(),
|
||||
/* expiration = */ base::Time::Min(), /* last_access = */ base::Time(),
|
||||
/* secure = */ true, /* httponly = */ false,
|
||||
net::CookieSameSite::NO_RESTRICTION, net::COOKIE_PRIORITY_DEFAULT));
|
||||
net::CookieSameSite::NO_RESTRICTION, net::COOKIE_PRIORITY_DEFAULT,
|
||||
/* same_party = */ false));
|
||||
}
|
||||
|
||||
// Designates a closure for preparing the cookie store for the current test.
|
||||
@ -1561,7 +1562,7 @@ TEST_P(CookieStoreManagerTest, HttpOnlyCookieChange) {
|
||||
base::Time(), base::Time(),
|
||||
/* secure = */ true,
|
||||
/* httponly = */ true, net::CookieSameSite::NO_RESTRICTION,
|
||||
net::COOKIE_PRIORITY_DEFAULT)));
|
||||
net::COOKIE_PRIORITY_DEFAULT, /* same_party = */ false)));
|
||||
task_environment_.RunUntilIdle();
|
||||
EXPECT_EQ(0u, worker_test_helper_->changes().size());
|
||||
|
||||
@ -1571,7 +1572,7 @@ TEST_P(CookieStoreManagerTest, HttpOnlyCookieChange) {
|
||||
base::Time(), base::Time(),
|
||||
/* secure = */ true,
|
||||
/* httponly = */ false, net::CookieSameSite::NO_RESTRICTION,
|
||||
net::COOKIE_PRIORITY_DEFAULT)));
|
||||
net::COOKIE_PRIORITY_DEFAULT, /* same_party = */ false)));
|
||||
task_environment_.RunUntilIdle();
|
||||
|
||||
ASSERT_EQ(1u, worker_test_helper_->changes().size());
|
||||
@ -1616,7 +1617,7 @@ TEST_P(CookieStoreManagerTest, HttpOnlyCookieChangeLegacy) {
|
||||
base::Time(), base::Time(),
|
||||
/* secure = */ false,
|
||||
/* httponly = */ true, net::CookieSameSite::NO_RESTRICTION,
|
||||
net::COOKIE_PRIORITY_DEFAULT)));
|
||||
net::COOKIE_PRIORITY_DEFAULT, /* same_party = */ false)));
|
||||
task_environment_.RunUntilIdle();
|
||||
EXPECT_EQ(0u, worker_test_helper_->changes().size());
|
||||
|
||||
@ -1626,7 +1627,7 @@ TEST_P(CookieStoreManagerTest, HttpOnlyCookieChangeLegacy) {
|
||||
base::Time(), base::Time(),
|
||||
/* secure = */ false,
|
||||
/* httponly = */ false, net::CookieSameSite::NO_RESTRICTION,
|
||||
net::COOKIE_PRIORITY_DEFAULT)));
|
||||
net::COOKIE_PRIORITY_DEFAULT, /* same_party = */ false)));
|
||||
task_environment_.RunUntilIdle();
|
||||
|
||||
ASSERT_EQ(1u, worker_test_helper_->changes().size());
|
||||
|
||||
@ -320,9 +320,10 @@ std::unique_ptr<net::CanonicalCookie> MakeCookieFromProtocolValues(
|
||||
else if (priority == Network::CookiePriorityEnum::Low)
|
||||
cp = net::CookiePriority::COOKIE_PRIORITY_LOW;
|
||||
|
||||
// TODO(crbug.com/1142606): Add SameParty to DevTools cookie structures.
|
||||
return net::CanonicalCookie::CreateSanitizedCookie(
|
||||
url, name, value, normalized_domain, path, base::Time(), expiration_date,
|
||||
base::Time(), secure, http_only, css, cp);
|
||||
base::Time(), secure, http_only, css, cp, /*same_party=*/false);
|
||||
}
|
||||
|
||||
std::vector<GURL> ComputeCookieURLs(RenderFrameHostImpl* frame_host,
|
||||
|
||||
@ -43,7 +43,7 @@ std::unique_ptr<net::CanonicalCookie> CreateCookie(base::StringPiece name,
|
||||
/*expiration_time=*/base::Time(), /*last_access_time=*/base::Time(),
|
||||
/*secure=*/true,
|
||||
/*httponly*/ false, net::CookieSameSite::NO_RESTRICTION,
|
||||
net::COOKIE_PRIORITY_MEDIUM);
|
||||
net::COOKIE_PRIORITY_MEDIUM, /*same_party=*/false);
|
||||
}
|
||||
|
||||
class CookieManagerImplTest : public testing::Test {
|
||||
|
||||
@ -507,7 +507,7 @@ bool OAuth2MintTokenFlow::ParseRemoteConsentResponse(
|
||||
time_now, expiration_time, time_now, is_secure ? *is_secure : false,
|
||||
is_http_only ? *is_http_only : false,
|
||||
net::StringToCookieSameSite(same_site ? *same_site : ""),
|
||||
net::COOKIE_PRIORITY_DEFAULT);
|
||||
net::COOKIE_PRIORITY_DEFAULT, /* same_party */ false);
|
||||
cookies.push_back(*cookie);
|
||||
}
|
||||
|
||||
|
||||
@ -186,12 +186,13 @@ static RemoteConsentResolutionData CreateRemoteConsentResolutionData() {
|
||||
*net::CanonicalCookie::CreateSanitizedCookie(
|
||||
resolution_data.url, "test_name", "test_value", "test.com", "/",
|
||||
base::Time(), base::Time(), base::Time(), false, true,
|
||||
net::CookieSameSite::LAX_MODE, net::COOKIE_PRIORITY_DEFAULT));
|
||||
net::CookieSameSite::LAX_MODE, net::COOKIE_PRIORITY_DEFAULT, false));
|
||||
resolution_data.cookies.push_back(
|
||||
*net::CanonicalCookie::CreateSanitizedCookie(
|
||||
resolution_data.url, "test_name2", "test_value2", "test.com", "/",
|
||||
base::Time(), base::Time(), base::Time(), false, false,
|
||||
net::CookieSameSite::UNSPECIFIED, net::COOKIE_PRIORITY_DEFAULT));
|
||||
net::CookieSameSite::UNSPECIFIED, net::COOKIE_PRIORITY_DEFAULT,
|
||||
false));
|
||||
return resolution_data;
|
||||
}
|
||||
|
||||
|
||||
@ -125,7 +125,8 @@ void OAuthMultiloginResult::TryParseCookiesFromValue(base::Value* json_value) {
|
||||
base::Time::Now() + before_expiration,
|
||||
/*last_access=*/base::Time::Now(), is_secure.value_or(true),
|
||||
is_http_only.value_or(true), samesite_mode,
|
||||
net::StringToCookiePriority(priority ? *priority : "medium"));
|
||||
net::StringToCookiePriority(priority ? *priority : "medium"),
|
||||
/*sameparty=*/false);
|
||||
if (new_cookie.IsCanonical()) {
|
||||
cookies_.push_back(std::move(new_cookie));
|
||||
} else {
|
||||
|
||||
@ -87,15 +87,18 @@ TEST(OAuthMultiloginResultTest, TryParseCookiesFromValue) {
|
||||
CanonicalCookie("SID", "vAlUe1", ".google.ru", "/", time_now, time_now,
|
||||
expiration_time, /*is_secure=*/true,
|
||||
/*is_http_only=*/false, net::CookieSameSite::UNSPECIFIED,
|
||||
net::CookiePriority::COOKIE_PRIORITY_HIGH),
|
||||
net::CookiePriority::COOKIE_PRIORITY_HIGH,
|
||||
/*is_same_party=*/false),
|
||||
CanonicalCookie("SAPISID", "vAlUe2", "google.com", "/", time_now,
|
||||
time_now, expiration_time, /*is_secure=*/false,
|
||||
/*is_http_only=*/true, net::CookieSameSite::LAX_MODE,
|
||||
net::CookiePriority::COOKIE_PRIORITY_HIGH),
|
||||
net::CookiePriority::COOKIE_PRIORITY_HIGH,
|
||||
/*is_same_party=*/false),
|
||||
CanonicalCookie("HSID", "vAlUe4", "", "/", time_now, time_now, time_now,
|
||||
/*is_secure=*/true, /*is_http_only=*/true,
|
||||
net::CookieSameSite::STRICT_MODE,
|
||||
net::CookiePriority::COOKIE_PRIORITY_HIGH)};
|
||||
net::CookiePriority::COOKIE_PRIORITY_HIGH,
|
||||
/*is_same_party=*/false)};
|
||||
|
||||
EXPECT_EQ((int)result.cookies().size(), 3);
|
||||
|
||||
|
||||
@ -21,7 +21,7 @@ CanonicalCookie MakeCookie(const GURL& url,
|
||||
return CanonicalCookie(name, value, url.host(), url.path(), base::Time(),
|
||||
base::Time(), base::Time(), false, false,
|
||||
net::CookieSameSite::NO_RESTRICTION,
|
||||
net::COOKIE_PRIORITY_DEFAULT);
|
||||
net::COOKIE_PRIORITY_DEFAULT, false);
|
||||
}
|
||||
|
||||
} // namespace
|
||||
|
||||
@ -51,7 +51,8 @@ void TestPersistentCookieStore::RunLoadedCallback() {
|
||||
base::Time(), // last accessed
|
||||
false, // secure
|
||||
false, // httponly
|
||||
net::CookieSameSite::NO_RESTRICTION, net::COOKIE_PRIORITY_DEFAULT));
|
||||
net::CookieSameSite::NO_RESTRICTION, net::COOKIE_PRIORITY_DEFAULT,
|
||||
false /* same_party */));
|
||||
cookies.push_back(std::move(bad_canonical_cookie));
|
||||
std::move(loaded_callback_).Run(std::move(cookies));
|
||||
}
|
||||
|
||||
@ -96,9 +96,10 @@ net::CanonicalCookie CanonicalCookieFromSystemCookie(
|
||||
base::SysNSStringToUTF8([cookie path]), ceation_time,
|
||||
base::Time::FromDoubleT([[cookie expiresDate] timeIntervalSince1970]),
|
||||
base::Time(), [cookie isSecure], [cookie isHTTPOnly], same_site,
|
||||
// When iOS begins to support 'Priority' attribute, pass it
|
||||
// through here.
|
||||
net::COOKIE_PRIORITY_DEFAULT, net::CookieSourceScheme::kUnset));
|
||||
// When iOS begins to support 'Priority' and 'SameParty' attributes, pass
|
||||
// them through here.
|
||||
net::COOKIE_PRIORITY_DEFAULT, false /* SameParty */,
|
||||
net::CookieSourceScheme::kUnset));
|
||||
}
|
||||
|
||||
void ReportGetCookiesForURLResult(SystemCookieStoreType store_type,
|
||||
|
||||
@ -43,7 +43,8 @@ void CheckSystemCookie(const base::Time& expires, bool secure, bool httponly) {
|
||||
base::Time(), // creation
|
||||
expires,
|
||||
base::Time(), // last_access
|
||||
secure, httponly, same_site, net::COOKIE_PRIORITY_DEFAULT);
|
||||
secure, httponly, same_site, net::COOKIE_PRIORITY_DEFAULT,
|
||||
false /* same_party */);
|
||||
// Convert it to system cookie.
|
||||
NSHTTPCookie* system_cookie =
|
||||
SystemCookieFromCanonicalCookie(canonical_cookie);
|
||||
@ -191,7 +192,8 @@ TEST_F(CookieUtil, SystemCookieFromBadCanonicalCookie) {
|
||||
base::Time(), // last_access
|
||||
false, // secure
|
||||
false, // httponly
|
||||
net::CookieSameSite::NO_RESTRICTION, net::COOKIE_PRIORITY_DEFAULT);
|
||||
net::CookieSameSite::NO_RESTRICTION, net::COOKIE_PRIORITY_DEFAULT,
|
||||
false /* same_party */);
|
||||
// Convert it to system cookie.
|
||||
NSHTTPCookie* system_cookie =
|
||||
SystemCookieFromCanonicalCookie(bad_canonical_cookie);
|
||||
@ -208,7 +210,8 @@ TEST_F(CookieUtil, SystemCookiesFromCanonicalCookieList) {
|
||||
false, // secure
|
||||
false, // httponly
|
||||
net::CookieSameSite::UNSPECIFIED,
|
||||
net::COOKIE_PRIORITY_DEFAULT),
|
||||
net::COOKIE_PRIORITY_DEFAULT,
|
||||
false /* same_party */),
|
||||
net::CanonicalCookie("name2", "value2", "domain2", "path2/",
|
||||
base::Time(), // creation
|
||||
expire_date,
|
||||
@ -216,7 +219,8 @@ TEST_F(CookieUtil, SystemCookiesFromCanonicalCookieList) {
|
||||
false, // secure
|
||||
false, // httponly
|
||||
net::CookieSameSite::UNSPECIFIED,
|
||||
net::COOKIE_PRIORITY_DEFAULT),
|
||||
net::COOKIE_PRIORITY_DEFAULT,
|
||||
false /* same_party */),
|
||||
};
|
||||
|
||||
NSArray<NSHTTPCookie*>* system_cookies =
|
||||
|
||||
@ -548,7 +548,7 @@ TEST_F(DownloadTaskImplTest, Cookie) {
|
||||
/*last_access=*/now,
|
||||
/*secure=*/false,
|
||||
/*httponly=*/false, net::CookieSameSite::UNSPECIFIED,
|
||||
net::COOKIE_PRIORITY_DEFAULT);
|
||||
net::COOKIE_PRIORITY_DEFAULT, /*same_party=*/false);
|
||||
cookie_store_.SetAllCookies({expected_cookie});
|
||||
|
||||
// Start the download and make sure that all cookie from BrowserState were
|
||||
|
||||
@ -277,6 +277,7 @@ CanonicalCookie::CanonicalCookie(const std::string& name,
|
||||
bool httponly,
|
||||
CookieSameSite same_site,
|
||||
CookiePriority priority,
|
||||
bool same_party,
|
||||
CookieSourceScheme scheme_secure)
|
||||
: name_(name),
|
||||
value_(value),
|
||||
@ -289,6 +290,7 @@ CanonicalCookie::CanonicalCookie(const std::string& name,
|
||||
httponly_(httponly),
|
||||
same_site_(same_site),
|
||||
priority_(priority),
|
||||
same_party_(same_party),
|
||||
source_scheme_(scheme_secure) {}
|
||||
|
||||
CanonicalCookie::~CanonicalCookie() = default;
|
||||
@ -408,6 +410,12 @@ std::unique_ptr<CanonicalCookie> CanonicalCookie::Create(
|
||||
status->AddExclusionReason(CookieInclusionStatus::EXCLUDE_INVALID_PREFIX);
|
||||
}
|
||||
|
||||
bool is_same_party_valid = IsCookieSamePartyValid(parsed_cookie);
|
||||
if (!is_same_party_valid) {
|
||||
status->AddExclusionReason(
|
||||
CookieInclusionStatus::EXCLUDE_INVALID_SAMEPARTY);
|
||||
}
|
||||
|
||||
// TODO(chlily): Log metrics.
|
||||
if (!status->IsInclude())
|
||||
return nullptr;
|
||||
@ -424,7 +432,7 @@ std::unique_ptr<CanonicalCookie> CanonicalCookie::Create(
|
||||
parsed_cookie.Name(), parsed_cookie.Value(), cookie_domain, cookie_path,
|
||||
creation_time, cookie_expires, creation_time, parsed_cookie.IsSecure(),
|
||||
parsed_cookie.IsHttpOnly(), samesite, parsed_cookie.Priority(),
|
||||
source_scheme));
|
||||
parsed_cookie.IsSameParty(), source_scheme));
|
||||
|
||||
DCHECK(cc->IsCanonical());
|
||||
|
||||
@ -446,7 +454,8 @@ std::unique_ptr<CanonicalCookie> CanonicalCookie::CreateSanitizedCookie(
|
||||
bool secure,
|
||||
bool http_only,
|
||||
CookieSameSite same_site,
|
||||
CookiePriority priority) {
|
||||
CookiePriority priority,
|
||||
bool same_party) {
|
||||
// Validate consistency of passed arguments.
|
||||
if (ParsedCookie::ParseTokenString(name) != name ||
|
||||
ParsedCookie::ParseValueString(value) != value ||
|
||||
@ -485,6 +494,9 @@ std::unique_ptr<CanonicalCookie> CanonicalCookie::CreateSanitizedCookie(
|
||||
return nullptr;
|
||||
}
|
||||
|
||||
if (!IsCookieSamePartyValid(same_party, secure, same_site))
|
||||
return nullptr;
|
||||
|
||||
if (!last_access_time.is_null() && creation_time.is_null())
|
||||
return nullptr;
|
||||
|
||||
@ -499,7 +511,8 @@ std::unique_ptr<CanonicalCookie> CanonicalCookie::CreateSanitizedCookie(
|
||||
|
||||
std::unique_ptr<CanonicalCookie> cc(std::make_unique<CanonicalCookie>(
|
||||
name, value, cookie_domain, cookie_path, creation_time, expiration_time,
|
||||
last_access_time, secure, http_only, same_site, priority, source_scheme));
|
||||
last_access_time, secure, http_only, same_site, priority, same_party,
|
||||
source_scheme));
|
||||
DCHECK(cc->IsCanonical());
|
||||
|
||||
return cc;
|
||||
@ -518,10 +531,11 @@ std::unique_ptr<CanonicalCookie> CanonicalCookie::FromStorage(
|
||||
bool httponly,
|
||||
CookieSameSite same_site,
|
||||
CookiePriority priority,
|
||||
bool same_party,
|
||||
CookieSourceScheme source_scheme) {
|
||||
std::unique_ptr<CanonicalCookie> cc(std::make_unique<CanonicalCookie>(
|
||||
name, value, domain, path, creation, expiration, last_access, secure,
|
||||
httponly, same_site, priority, source_scheme));
|
||||
httponly, same_site, priority, same_party, source_scheme));
|
||||
if (!cc->IsCanonical())
|
||||
return nullptr;
|
||||
return cc;
|
||||
@ -851,7 +865,7 @@ bool CanonicalCookie::IsCanonical() const {
|
||||
break;
|
||||
}
|
||||
|
||||
return true;
|
||||
return IsCookieSamePartyValid(same_party_, secure_, same_site_);
|
||||
}
|
||||
|
||||
bool CanonicalCookie::IsEffectivelySameSiteNone(
|
||||
@ -982,6 +996,23 @@ bool CanonicalCookie::IsRecentlyCreated(base::TimeDelta age_threshold) const {
|
||||
return (base::Time::Now() - creation_date_) <= age_threshold;
|
||||
}
|
||||
|
||||
// static
|
||||
bool CanonicalCookie::IsCookieSamePartyValid(
|
||||
const ParsedCookie& parsed_cookie) {
|
||||
return IsCookieSamePartyValid(parsed_cookie.IsSameParty(),
|
||||
parsed_cookie.IsSecure(),
|
||||
parsed_cookie.SameSite());
|
||||
}
|
||||
|
||||
// static
|
||||
bool CanonicalCookie::IsCookieSamePartyValid(bool is_same_party,
|
||||
bool is_secure,
|
||||
CookieSameSite same_site) {
|
||||
if (!is_same_party)
|
||||
return true;
|
||||
return is_secure && (same_site != CookieSameSite::STRICT_MODE);
|
||||
}
|
||||
|
||||
CookieAndLineWithAccessResult::CookieAndLineWithAccessResult() = default;
|
||||
|
||||
CookieAndLineWithAccessResult::CookieAndLineWithAccessResult(
|
||||
|
||||
@ -59,6 +59,7 @@ class NET_EXPORT CanonicalCookie {
|
||||
bool httponly,
|
||||
CookieSameSite same_site,
|
||||
CookiePriority priority,
|
||||
bool same_party,
|
||||
CookieSourceScheme scheme_secure = CookieSourceScheme::kUnset);
|
||||
|
||||
~CanonicalCookie();
|
||||
@ -104,7 +105,8 @@ class NET_EXPORT CanonicalCookie {
|
||||
bool secure,
|
||||
bool http_only,
|
||||
CookieSameSite same_site,
|
||||
CookiePriority priority);
|
||||
CookiePriority priority,
|
||||
bool same_party);
|
||||
|
||||
// FromStorage is a factory method which is meant for creating a new
|
||||
// CanonicalCookie using properties of a previously existing cookie
|
||||
@ -125,6 +127,7 @@ class NET_EXPORT CanonicalCookie {
|
||||
bool httponly,
|
||||
CookieSameSite same_site,
|
||||
CookiePriority priority,
|
||||
bool same_party,
|
||||
CookieSourceScheme source_scheme);
|
||||
|
||||
const std::string& Name() const { return name_; }
|
||||
@ -143,6 +146,7 @@ class NET_EXPORT CanonicalCookie {
|
||||
bool IsHttpOnly() const { return httponly_; }
|
||||
CookieSameSite SameSite() const { return same_site_; }
|
||||
CookiePriority Priority() const { return priority_; }
|
||||
bool IsSameParty() const { return same_party_; }
|
||||
// Returns an enum indicating the source scheme that set this cookie. This is
|
||||
// not part of the cookie spec but is being used to collect metrics for a
|
||||
// potential change to the cookie spec.
|
||||
@ -368,6 +372,14 @@ class NET_EXPORT CanonicalCookie {
|
||||
// Returns whether the cookie was created at most |age_threshold| ago.
|
||||
bool IsRecentlyCreated(base::TimeDelta age_threshold) const;
|
||||
|
||||
// Returns true iff the cookie does not violate any rules associated with
|
||||
// creating a cookie with the SameParty attribute. In particular, if a cookie
|
||||
// has SameParty, then it must be Secure and must not be SameSite=Strict.
|
||||
static bool IsCookieSamePartyValid(const ParsedCookie& parsed_cookie);
|
||||
static bool IsCookieSamePartyValid(bool is_same_party,
|
||||
bool is_secure,
|
||||
CookieSameSite same_site);
|
||||
|
||||
std::string name_;
|
||||
std::string value_;
|
||||
std::string domain_;
|
||||
@ -379,6 +391,7 @@ class NET_EXPORT CanonicalCookie {
|
||||
bool httponly_;
|
||||
CookieSameSite same_site_;
|
||||
CookiePriority priority_;
|
||||
bool same_party_;
|
||||
CookieSourceScheme source_scheme_;
|
||||
};
|
||||
|
||||
|
||||
@ -56,8 +56,9 @@ extern "C" int LLVMFuzzerTestOneInput(const uint8_t* data, size_t size) {
|
||||
const std::unique_ptr<const CanonicalCookie> sanitized_cookie =
|
||||
CanonicalCookie::CreateSanitizedCookie(
|
||||
url, name, value, domain, path, creation, expiration, last_access,
|
||||
data_provider.ConsumeBool(), data_provider.ConsumeBool(), same_site,
|
||||
priority);
|
||||
data_provider.ConsumeBool() /* secure */,
|
||||
data_provider.ConsumeBool() /* httponly */, same_site, priority,
|
||||
data_provider.ConsumeBool() /* same_party */);
|
||||
|
||||
if (sanitized_cookie) {
|
||||
CHECK(sanitized_cookie->IsCanonical());
|
||||
|
||||
File diff suppressed because it is too large
Load Diff
@ -90,7 +90,8 @@ TEST(CookieDeletionInfoTest, CookieDeletionInfoMatchSessionControl) {
|
||||
/*secure=*/true,
|
||||
/*httponly=*/false,
|
||||
CookieSameSite::NO_RESTRICTION,
|
||||
CookiePriority::COOKIE_PRIORITY_DEFAULT);
|
||||
CookiePriority::COOKIE_PRIORITY_DEFAULT,
|
||||
/*sameparty=*/false);
|
||||
|
||||
CanonicalCookie session_cookie(
|
||||
"session-cookie", "session-value", "session-domain", "session-path",
|
||||
@ -99,7 +100,8 @@ TEST(CookieDeletionInfoTest, CookieDeletionInfoMatchSessionControl) {
|
||||
/*last_access=*/base::Time::Now(),
|
||||
/*secure=*/true,
|
||||
/*httponly=*/false, CookieSameSite::NO_RESTRICTION,
|
||||
CookiePriority::COOKIE_PRIORITY_DEFAULT);
|
||||
CookiePriority::COOKIE_PRIORITY_DEFAULT,
|
||||
/*sameparty=*/false);
|
||||
|
||||
CookieDeletionInfo delete_info;
|
||||
EXPECT_TRUE(delete_info.Matches(persistent_cookie));
|
||||
@ -125,7 +127,8 @@ TEST(CookieDeletionInfoTest, CookieDeletionInfoMatchHost) {
|
||||
/*secure=*/true,
|
||||
/*httponly=*/false,
|
||||
CookieSameSite::NO_RESTRICTION,
|
||||
CookiePriority::COOKIE_PRIORITY_DEFAULT);
|
||||
CookiePriority::COOKIE_PRIORITY_DEFAULT,
|
||||
/*sameparty=*/false);
|
||||
|
||||
CanonicalCookie host_cookie("host-cookie", "host-cookie-value",
|
||||
/*domain=*/"thehost.hosting.com", "/path",
|
||||
@ -135,7 +138,8 @@ TEST(CookieDeletionInfoTest, CookieDeletionInfoMatchHost) {
|
||||
/*secure=*/true,
|
||||
/*httponly=*/false,
|
||||
CookieSameSite::NO_RESTRICTION,
|
||||
CookiePriority::COOKIE_PRIORITY_DEFAULT);
|
||||
CookiePriority::COOKIE_PRIORITY_DEFAULT,
|
||||
/*sameparty=*/false);
|
||||
|
||||
EXPECT_TRUE(domain_cookie.IsDomainCookie());
|
||||
EXPECT_TRUE(host_cookie.IsHostCookie());
|
||||
@ -165,7 +169,8 @@ TEST(CookieDeletionInfoTest, CookieDeletionInfoMatchName) {
|
||||
/*last_access=*/base::Time::Now(),
|
||||
/*secure=*/true,
|
||||
/*httponly=*/false, CookieSameSite::NO_RESTRICTION,
|
||||
CookiePriority::COOKIE_PRIORITY_DEFAULT);
|
||||
CookiePriority::COOKIE_PRIORITY_DEFAULT,
|
||||
/*sameparty=*/false);
|
||||
CanonicalCookie cookie2("cookie2-name", "cookie2-value",
|
||||
/*domain=*/".example.com", "/path",
|
||||
/*creation=*/base::Time::Now(),
|
||||
@ -173,7 +178,8 @@ TEST(CookieDeletionInfoTest, CookieDeletionInfoMatchName) {
|
||||
/*last_access=*/base::Time::Now(),
|
||||
/*secure=*/true,
|
||||
/*httponly=*/false, CookieSameSite::NO_RESTRICTION,
|
||||
CookiePriority::COOKIE_PRIORITY_DEFAULT);
|
||||
CookiePriority::COOKIE_PRIORITY_DEFAULT,
|
||||
/*sameparty=*/false);
|
||||
|
||||
CookieDeletionInfo delete_info;
|
||||
delete_info.name = "cookie1-name";
|
||||
@ -189,7 +195,8 @@ TEST(CookieDeletionInfoTest, CookieDeletionInfoMatchValue) {
|
||||
/*last_access=*/base::Time::Now(),
|
||||
/*secure=*/true,
|
||||
/*httponly=*/false, CookieSameSite::NO_RESTRICTION,
|
||||
CookiePriority::COOKIE_PRIORITY_DEFAULT);
|
||||
CookiePriority::COOKIE_PRIORITY_DEFAULT,
|
||||
/*sameparty=*/false);
|
||||
CanonicalCookie cookie2("cookie2-name", "cookie2-value",
|
||||
/*domain=*/".example.com", "/path",
|
||||
/*creation=*/base::Time::Now(),
|
||||
@ -197,7 +204,8 @@ TEST(CookieDeletionInfoTest, CookieDeletionInfoMatchValue) {
|
||||
/*last_access=*/base::Time::Now(),
|
||||
/*secure=*/true,
|
||||
/*httponly=*/false, CookieSameSite::NO_RESTRICTION,
|
||||
CookiePriority::COOKIE_PRIORITY_DEFAULT);
|
||||
CookiePriority::COOKIE_PRIORITY_DEFAULT,
|
||||
/*sameparty=*/false);
|
||||
|
||||
CookieDeletionInfo delete_info;
|
||||
delete_info.value_for_testing = "cookie2-value";
|
||||
@ -213,7 +221,8 @@ TEST(CookieDeletionInfoTest, CookieDeletionInfoMatchUrl) {
|
||||
/*last_access=*/base::Time::Now(),
|
||||
/*secure=*/true,
|
||||
/*httponly=*/false, CookieSameSite::NO_RESTRICTION,
|
||||
CookiePriority::COOKIE_PRIORITY_DEFAULT);
|
||||
CookiePriority::COOKIE_PRIORITY_DEFAULT,
|
||||
/*sameparty=*/false);
|
||||
|
||||
CookieDeletionInfo delete_info;
|
||||
delete_info.url = GURL("https://www.example.com/path");
|
||||
@ -242,7 +251,8 @@ TEST(CookieDeletionInfoTest, CookieDeletionInfoDomainMatchesDomain) {
|
||||
/*secure=*/true,
|
||||
/*httponly=*/false,
|
||||
/*same_site=*/CookieSameSite::NO_RESTRICTION,
|
||||
/*priority=*/CookiePriority::COOKIE_PRIORITY_DEFAULT);
|
||||
/*priority=*/CookiePriority::COOKIE_PRIORITY_DEFAULT,
|
||||
/*sameparty=*/false);
|
||||
return cookie;
|
||||
};
|
||||
|
||||
@ -278,7 +288,8 @@ TEST(CookieDeletionInfoTest, CookieDeletionInfoMatchesDomainList) {
|
||||
/*secure=*/false,
|
||||
/*httponly=*/false,
|
||||
/*same_site=*/CookieSameSite::NO_RESTRICTION,
|
||||
/*priority=*/CookiePriority::COOKIE_PRIORITY_DEFAULT);
|
||||
/*priority=*/CookiePriority::COOKIE_PRIORITY_DEFAULT,
|
||||
/*sameparty=*/false);
|
||||
return cookie;
|
||||
};
|
||||
|
||||
|
||||
@ -226,6 +226,8 @@ std::string CookieInclusionStatus::GetDebugString() const {
|
||||
base::StrAppend(&out, {"EXCLUDE_INVALID_DOMAIN, "});
|
||||
if (HasExclusionReason(EXCLUDE_INVALID_PREFIX))
|
||||
base::StrAppend(&out, {"EXCLUDE_INVALID_PREFIX, "});
|
||||
if (HasExclusionReason(EXCLUDE_INVALID_SAMEPARTY))
|
||||
base::StrAppend(&out, {"EXCLUDE_INVALID_SAMEPARTY, "});
|
||||
|
||||
// Add warning
|
||||
if (!ShouldWarn()) {
|
||||
|
||||
@ -50,6 +50,7 @@ class NET_EXPORT CookieInclusionStatus {
|
||||
EXCLUDE_OVERWRITE_HTTP_ONLY = 13,
|
||||
EXCLUDE_INVALID_DOMAIN = 14,
|
||||
EXCLUDE_INVALID_PREFIX = 15,
|
||||
EXCLUDE_INVALID_SAMEPARTY = 16,
|
||||
|
||||
// This should be kept last.
|
||||
NUM_EXCLUSION_REASONS
|
||||
|
||||
@ -32,6 +32,7 @@ base::Value NetLogCookieMonsterCookieAdded(const CanonicalCookie* cookie,
|
||||
dict.SetStringKey("same_site", CookieSameSiteToString(cookie->SameSite()));
|
||||
dict.SetBoolKey("is_persistent", cookie->IsPersistent());
|
||||
dict.SetBoolKey("sync_requested", sync_requested);
|
||||
dict.SetBoolKey("same_party", cookie->IsSameParty());
|
||||
return dict;
|
||||
}
|
||||
|
||||
|
||||
@ -122,7 +122,7 @@ std::unique_ptr<CanonicalCookie> BuildCanonicalCookie(
|
||||
return std::make_unique<CanonicalCookie>(
|
||||
pc.Name(), pc.Value(), "." + url.host(), cookie_path, creation_time,
|
||||
cookie_expires, base::Time(), pc.IsSecure(), pc.IsHttpOnly(),
|
||||
pc.SameSite(), pc.Priority());
|
||||
pc.SameSite(), pc.Priority(), pc.IsSameParty());
|
||||
}
|
||||
|
||||
void AddCookieToList(const GURL& url,
|
||||
@ -236,7 +236,7 @@ std::unique_ptr<CookieMonster> CreateMonsterFromStoreForGC(
|
||||
std::unique_ptr<CanonicalCookie> cc(std::make_unique<CanonicalCookie>(
|
||||
"a", "1", base::StringPrintf("h%05d.izzle", i), "/path", creation_time,
|
||||
expiration_time, base::Time(), secure, false,
|
||||
CookieSameSite::NO_RESTRICTION, COOKIE_PRIORITY_DEFAULT));
|
||||
CookieSameSite::NO_RESTRICTION, COOKIE_PRIORITY_DEFAULT, false));
|
||||
cc->SetLastAccessDate(last_access_time);
|
||||
store->AddCookie(*cc);
|
||||
}
|
||||
|
||||
@ -209,71 +209,71 @@ class CookieMonsterTestBase : public CookieStoreTest<T> {
|
||||
cookies.push_back(std::make_unique<CanonicalCookie>(
|
||||
"dom_1", "A", ".harvard.edu", "/", base::Time(), base::Time(),
|
||||
base::Time(), false, false, CookieSameSite::LAX_MODE,
|
||||
COOKIE_PRIORITY_DEFAULT));
|
||||
COOKIE_PRIORITY_DEFAULT, false));
|
||||
cookies.push_back(std::make_unique<CanonicalCookie>(
|
||||
"dom_2", "B", ".math.harvard.edu", "/", base::Time(), base::Time(),
|
||||
base::Time(), false, false, CookieSameSite::LAX_MODE,
|
||||
COOKIE_PRIORITY_DEFAULT));
|
||||
COOKIE_PRIORITY_DEFAULT, false));
|
||||
cookies.push_back(std::make_unique<CanonicalCookie>(
|
||||
"dom_3", "C", ".bourbaki.math.harvard.edu", "/", base::Time(),
|
||||
base::Time(), base::Time(), false, false, CookieSameSite::LAX_MODE,
|
||||
COOKIE_PRIORITY_DEFAULT));
|
||||
COOKIE_PRIORITY_DEFAULT, false));
|
||||
|
||||
// Host cookies
|
||||
cookies.push_back(std::make_unique<CanonicalCookie>(
|
||||
"host_1", "A", url_top_level_domain_plus_1, "/", base::Time(),
|
||||
base::Time(), base::Time(), false, false, CookieSameSite::LAX_MODE,
|
||||
COOKIE_PRIORITY_DEFAULT));
|
||||
COOKIE_PRIORITY_DEFAULT, false));
|
||||
cookies.push_back(std::make_unique<CanonicalCookie>(
|
||||
"host_2", "B", url_top_level_domain_plus_2, "/", base::Time(),
|
||||
base::Time(), base::Time(), false, false, CookieSameSite::LAX_MODE,
|
||||
COOKIE_PRIORITY_DEFAULT));
|
||||
COOKIE_PRIORITY_DEFAULT, false));
|
||||
cookies.push_back(std::make_unique<CanonicalCookie>(
|
||||
"host_3", "C", url_top_level_domain_plus_3, "/", base::Time(),
|
||||
base::Time(), base::Time(), false, false, CookieSameSite::LAX_MODE,
|
||||
COOKIE_PRIORITY_DEFAULT));
|
||||
COOKIE_PRIORITY_DEFAULT, false));
|
||||
|
||||
// http_only cookie
|
||||
cookies.push_back(std::make_unique<CanonicalCookie>(
|
||||
"httpo_check", "A", url_top_level_domain_plus_2, "/", base::Time(),
|
||||
base::Time(), base::Time(), false, true, CookieSameSite::LAX_MODE,
|
||||
COOKIE_PRIORITY_DEFAULT));
|
||||
COOKIE_PRIORITY_DEFAULT, false));
|
||||
|
||||
// same-site cookie
|
||||
cookies.push_back(std::make_unique<CanonicalCookie>(
|
||||
"firstp_check", "A", url_top_level_domain_plus_2, "/", base::Time(),
|
||||
base::Time(), base::Time(), false, false, CookieSameSite::STRICT_MODE,
|
||||
COOKIE_PRIORITY_DEFAULT));
|
||||
COOKIE_PRIORITY_DEFAULT, false));
|
||||
|
||||
// Secure cookies
|
||||
cookies.push_back(std::make_unique<CanonicalCookie>(
|
||||
"sec_dom", "A", ".math.harvard.edu", "/", base::Time(), base::Time(),
|
||||
base::Time(), true, false, CookieSameSite::NO_RESTRICTION,
|
||||
COOKIE_PRIORITY_DEFAULT));
|
||||
COOKIE_PRIORITY_DEFAULT, false));
|
||||
cookies.push_back(std::make_unique<CanonicalCookie>(
|
||||
"sec_host", "B", url_top_level_domain_plus_2, "/", base::Time(),
|
||||
base::Time(), base::Time(), true, false, CookieSameSite::NO_RESTRICTION,
|
||||
COOKIE_PRIORITY_DEFAULT));
|
||||
COOKIE_PRIORITY_DEFAULT, false));
|
||||
|
||||
// Domain path cookies
|
||||
cookies.push_back(std::make_unique<CanonicalCookie>(
|
||||
"dom_path_1", "A", ".math.harvard.edu", "/dir1", base::Time(),
|
||||
base::Time(), base::Time(), false, false, CookieSameSite::LAX_MODE,
|
||||
COOKIE_PRIORITY_DEFAULT));
|
||||
COOKIE_PRIORITY_DEFAULT, false));
|
||||
cookies.push_back(std::make_unique<CanonicalCookie>(
|
||||
"dom_path_2", "B", ".math.harvard.edu", "/dir1/dir2", base::Time(),
|
||||
base::Time(), base::Time(), false, false, CookieSameSite::LAX_MODE,
|
||||
COOKIE_PRIORITY_DEFAULT));
|
||||
COOKIE_PRIORITY_DEFAULT, false));
|
||||
|
||||
// Host path cookies
|
||||
cookies.push_back(std::make_unique<CanonicalCookie>(
|
||||
"host_path_1", "A", url_top_level_domain_plus_2, "/dir1", base::Time(),
|
||||
base::Time(), base::Time(), false, false, CookieSameSite::LAX_MODE,
|
||||
COOKIE_PRIORITY_DEFAULT));
|
||||
COOKIE_PRIORITY_DEFAULT, false));
|
||||
cookies.push_back(std::make_unique<CanonicalCookie>(
|
||||
"host_path_2", "B", url_top_level_domain_plus_2, "/dir1/dir2",
|
||||
base::Time(), base::Time(), base::Time(), false, false,
|
||||
CookieSameSite::LAX_MODE, COOKIE_PRIORITY_DEFAULT));
|
||||
CookieSameSite::LAX_MODE, COOKIE_PRIORITY_DEFAULT, false));
|
||||
|
||||
for (auto& cookie : cookies) {
|
||||
GURL source_url = cookie_util::SimulatedCookieSource(
|
||||
@ -833,7 +833,7 @@ class CookieMonsterTestBase : public CookieStoreTest<T> {
|
||||
creation_time, base::Time() /* expiration_time */,
|
||||
creation_time /* last_access */, true /* secure */,
|
||||
false /* http_only */, CookieSameSite::NO_RESTRICTION,
|
||||
COOKIE_PRIORITY_DEFAULT));
|
||||
COOKIE_PRIORITY_DEFAULT, false /* same_party */));
|
||||
GURL source_url = cookie_util::SimulatedCookieSource(*cc, "https");
|
||||
cm->SetCanonicalCookieAsync(std::move(cc), source_url,
|
||||
CookieOptions::MakeAllInclusive(),
|
||||
@ -874,6 +874,7 @@ struct CookiesInputInfo {
|
||||
bool http_only;
|
||||
CookieSameSite same_site;
|
||||
CookiePriority priority;
|
||||
bool same_party;
|
||||
};
|
||||
|
||||
} // namespace
|
||||
@ -1009,11 +1010,11 @@ TEST_F(DeferredCookieTaskTest, DeferredSetAllCookies) {
|
||||
list.push_back(CanonicalCookie("A", "B", "." + http_www_foo_.domain(), "/",
|
||||
base::Time::Now(), base::Time(), base::Time(),
|
||||
false, true, CookieSameSite::NO_RESTRICTION,
|
||||
COOKIE_PRIORITY_DEFAULT));
|
||||
COOKIE_PRIORITY_DEFAULT, false));
|
||||
list.push_back(CanonicalCookie("C", "D", "." + http_www_foo_.domain(), "/",
|
||||
base::Time::Now(), base::Time(), base::Time(),
|
||||
false, true, CookieSameSite::NO_RESTRICTION,
|
||||
COOKIE_PRIORITY_DEFAULT));
|
||||
COOKIE_PRIORITY_DEFAULT, false));
|
||||
|
||||
ResultSavingCookieCallback<CookieAccessResult> call1;
|
||||
cookie_monster_->SetAllCookiesAsync(list, call1.MakeCallback());
|
||||
@ -1991,13 +1992,13 @@ TEST_F(CookieMonsterTest, BackingStoreCommunication) {
|
||||
const CookiesInputInfo input_info[] = {
|
||||
{GURL("https://a.b.foo.com"), "a", "1", "a.b.foo.com", "/path/to/cookie",
|
||||
expires, true /* secure */, false, CookieSameSite::NO_RESTRICTION,
|
||||
COOKIE_PRIORITY_DEFAULT},
|
||||
COOKIE_PRIORITY_DEFAULT, false},
|
||||
{GURL("https://www.foo.com"), "b", "2", ".foo.com", "/path/from/cookie",
|
||||
expires + TimeDelta::FromSeconds(10), true, true,
|
||||
CookieSameSite::NO_RESTRICTION, COOKIE_PRIORITY_DEFAULT},
|
||||
CookieSameSite::NO_RESTRICTION, COOKIE_PRIORITY_DEFAULT, true},
|
||||
{GURL("https://foo.com"), "c", "3", "foo.com", "/another/path/to/cookie",
|
||||
base::Time::Now() + base::TimeDelta::FromSeconds(100), false, false,
|
||||
CookieSameSite::STRICT_MODE, COOKIE_PRIORITY_DEFAULT}};
|
||||
CookieSameSite::STRICT_MODE, COOKIE_PRIORITY_DEFAULT, false}};
|
||||
const int INPUT_DELETE = 1;
|
||||
|
||||
// Create new cookies and flush them to the store.
|
||||
@ -2010,7 +2011,8 @@ TEST_F(CookieMonsterTest, BackingStoreCommunication) {
|
||||
std::make_unique<CanonicalCookie>(
|
||||
cookie.name, cookie.value, cookie.domain, cookie.path,
|
||||
base::Time(), cookie.expiration_time, base::Time(), cookie.secure,
|
||||
cookie.http_only, cookie.same_site, cookie.priority),
|
||||
cookie.http_only, cookie.same_site, cookie.priority,
|
||||
cookie.same_party),
|
||||
cookie.url, true /*modify_httponly*/));
|
||||
}
|
||||
|
||||
@ -2463,15 +2465,15 @@ TEST_F(CookieMonsterTest, SetAllCookies) {
|
||||
list.push_back(CanonicalCookie(
|
||||
"A", "B", "." + http_www_foo_.url().host(), "/", base::Time::Now(),
|
||||
base::Time(), base::Time(), false, false, CookieSameSite::NO_RESTRICTION,
|
||||
COOKIE_PRIORITY_DEFAULT));
|
||||
COOKIE_PRIORITY_DEFAULT, false));
|
||||
list.push_back(CanonicalCookie(
|
||||
"W", "X", "." + http_www_foo_.url().host(), "/bar", base::Time::Now(),
|
||||
base::Time(), base::Time(), false, false, CookieSameSite::NO_RESTRICTION,
|
||||
COOKIE_PRIORITY_DEFAULT));
|
||||
COOKIE_PRIORITY_DEFAULT, false));
|
||||
list.push_back(CanonicalCookie(
|
||||
"Y", "Z", "." + http_www_foo_.url().host(), "/", base::Time::Now(),
|
||||
base::Time(), base::Time(), false, false, CookieSameSite::NO_RESTRICTION,
|
||||
COOKIE_PRIORITY_DEFAULT));
|
||||
COOKIE_PRIORITY_DEFAULT, false));
|
||||
|
||||
// SetAllCookies must not flush.
|
||||
ASSERT_EQ(0, store->flush_count());
|
||||
@ -2554,7 +2556,7 @@ TEST_F(CookieMonsterTest, HistogramCheck) {
|
||||
auto cookie = std::make_unique<CanonicalCookie>(
|
||||
"a", "b", "a.url", "/", base::Time(),
|
||||
base::Time::Now() + base::TimeDelta::FromMinutes(59), base::Time(), true,
|
||||
false, CookieSameSite::NO_RESTRICTION, COOKIE_PRIORITY_DEFAULT);
|
||||
false, CookieSameSite::NO_RESTRICTION, COOKIE_PRIORITY_DEFAULT, false);
|
||||
GURL source_url = cookie_util::SimulatedCookieSource(*cookie, "https");
|
||||
ASSERT_TRUE(SetCanonicalCookie(cm.get(), std::move(cookie), source_url,
|
||||
true /*modify_httponly*/));
|
||||
@ -2682,7 +2684,7 @@ TEST_F(CookieMonsterTest, ControlCharacterPurge) {
|
||||
"\x05"
|
||||
"boo",
|
||||
"." + domain, path, now2, later, base::Time(), false, false,
|
||||
CookieSameSite::NO_RESTRICTION, COOKIE_PRIORITY_DEFAULT);
|
||||
CookieSameSite::NO_RESTRICTION, COOKIE_PRIORITY_DEFAULT, false);
|
||||
initial_cookies.push_back(std::move(cc));
|
||||
|
||||
AddCookieToList(url, "hello=world; path=" + path, now3, &initial_cookies);
|
||||
|
||||
@ -423,7 +423,7 @@ TYPED_TEST_P(CookieStoreTest, FilterTest) {
|
||||
std::unique_ptr<CanonicalCookie> cc(CanonicalCookie::CreateSanitizedCookie(
|
||||
this->www_foo_foo_.url(), "A", "B", std::string(), "/foo", one_hour_ago,
|
||||
one_hour_from_now, base::Time(), false, false,
|
||||
CookieSameSite::STRICT_MODE, COOKIE_PRIORITY_DEFAULT));
|
||||
CookieSameSite::STRICT_MODE, COOKIE_PRIORITY_DEFAULT, false));
|
||||
ASSERT_TRUE(cc);
|
||||
EXPECT_TRUE(this->SetCanonicalCookie(
|
||||
cs, std::move(cc), this->www_foo_foo_.url(), true /*modify_httponly*/));
|
||||
@ -433,7 +433,7 @@ TYPED_TEST_P(CookieStoreTest, FilterTest) {
|
||||
cc = CanonicalCookie::CreateSanitizedCookie(
|
||||
this->www_foo_bar_.url(), "C", "D", this->www_foo_bar_.domain(), "/bar",
|
||||
two_hours_ago, base::Time(), one_hour_ago, false, true,
|
||||
CookieSameSite::STRICT_MODE, COOKIE_PRIORITY_DEFAULT);
|
||||
CookieSameSite::STRICT_MODE, COOKIE_PRIORITY_DEFAULT, false);
|
||||
ASSERT_TRUE(cc);
|
||||
EXPECT_TRUE(this->SetCanonicalCookie(
|
||||
cs, std::move(cc), this->www_foo_bar_.url(), true /*modify_httponly*/));
|
||||
@ -444,13 +444,13 @@ TYPED_TEST_P(CookieStoreTest, FilterTest) {
|
||||
cc = CanonicalCookie::CreateSanitizedCookie(
|
||||
this->http_www_foo_.url(), "E", "F", std::string(), std::string(),
|
||||
base::Time(), base::Time(), base::Time(), true, false,
|
||||
CookieSameSite::NO_RESTRICTION, COOKIE_PRIORITY_DEFAULT);
|
||||
CookieSameSite::NO_RESTRICTION, COOKIE_PRIORITY_DEFAULT, false);
|
||||
ASSERT_FALSE(cc);
|
||||
|
||||
cc = CanonicalCookie::CreateSanitizedCookie(
|
||||
this->https_www_foo_.url(), "E", "F", std::string(), std::string(),
|
||||
base::Time(), base::Time(), base::Time(), true, false,
|
||||
CookieSameSite::NO_RESTRICTION, COOKIE_PRIORITY_DEFAULT);
|
||||
CookieSameSite::NO_RESTRICTION, COOKIE_PRIORITY_DEFAULT, false);
|
||||
ASSERT_TRUE(cc);
|
||||
EXPECT_TRUE(this->SetCanonicalCookie(
|
||||
cs, std::move(cc), this->https_www_foo_.url(), true /*modify_httponly*/));
|
||||
@ -550,14 +550,14 @@ TYPED_TEST_P(CookieStoreTest, SetCanonicalCookieTest) {
|
||||
std::make_unique<CanonicalCookie>(
|
||||
"A", "B", foo_foo_host, "/foo", one_hour_ago, one_hour_from_now,
|
||||
base::Time(), false /* secure */, false /* httponly */,
|
||||
CookieSameSite::LAX_MODE, COOKIE_PRIORITY_DEFAULT),
|
||||
CookieSameSite::LAX_MODE, COOKIE_PRIORITY_DEFAULT, false),
|
||||
this->www_foo_foo_.url(), true));
|
||||
EXPECT_TRUE(this->SetCanonicalCookie(
|
||||
cs,
|
||||
std::make_unique<CanonicalCookie>(
|
||||
"C", "D", "." + foo_bar_domain, "/bar", two_hours_ago, base::Time(),
|
||||
one_hour_ago, false, true, CookieSameSite::LAX_MODE,
|
||||
COOKIE_PRIORITY_DEFAULT),
|
||||
COOKIE_PRIORITY_DEFAULT, false),
|
||||
this->www_foo_bar_.url(), true));
|
||||
|
||||
// A secure source is required for setting secure cookies.
|
||||
@ -567,7 +567,7 @@ TYPED_TEST_P(CookieStoreTest, SetCanonicalCookieTest) {
|
||||
std::make_unique<CanonicalCookie>(
|
||||
"E", "F", http_foo_host, "/", base::Time(), base::Time(),
|
||||
base::Time(), true, false, CookieSameSite::NO_RESTRICTION,
|
||||
COOKIE_PRIORITY_DEFAULT),
|
||||
COOKIE_PRIORITY_DEFAULT, false),
|
||||
this->http_www_foo_.url(), true)
|
||||
.status.HasExclusionReason(
|
||||
CookieInclusionStatus::EXCLUDE_SECURE_ONLY));
|
||||
@ -592,19 +592,20 @@ TYPED_TEST_P(CookieStoreTest, SetCanonicalCookieTest) {
|
||||
std::make_unique<CanonicalCookie>(
|
||||
"E", "F", https_foo_host, "/", base::Time(), base::Time(),
|
||||
base::Time(), true /* secure */, false /* httponly */,
|
||||
CookieSameSite::NO_RESTRICTION, COOKIE_PRIORITY_DEFAULT),
|
||||
CookieSameSite::NO_RESTRICTION, COOKIE_PRIORITY_DEFAULT,
|
||||
false /* same_party */),
|
||||
this->https_www_foo_.url(), true /* modify_http_only */));
|
||||
|
||||
EXPECT_TRUE(
|
||||
this->SetCanonicalCookieReturnAccessResult(
|
||||
cs,
|
||||
std::make_unique<CanonicalCookie>(
|
||||
"E", "F", http_foo_host, "/", base::Time(), base::Time(),
|
||||
base::Time(), true /* secure */, false /* httponly */,
|
||||
CookieSameSite::NO_RESTRICTION, COOKIE_PRIORITY_DEFAULT),
|
||||
this->http_www_foo_.url(), true /* modify_http_only */)
|
||||
.status.HasExclusionReason(
|
||||
CookieInclusionStatus::EXCLUDE_SECURE_ONLY));
|
||||
EXPECT_TRUE(this->SetCanonicalCookieReturnAccessResult(
|
||||
cs,
|
||||
std::make_unique<CanonicalCookie>(
|
||||
"E", "F", http_foo_host, "/", base::Time(),
|
||||
base::Time(), base::Time(), true /* secure */,
|
||||
false /* httponly */, CookieSameSite::NO_RESTRICTION,
|
||||
COOKIE_PRIORITY_DEFAULT, false /* same_party */),
|
||||
this->http_www_foo_.url(), true /* modify_http_only */)
|
||||
.status.HasExclusionReason(
|
||||
CookieInclusionStatus::EXCLUDE_SECURE_ONLY));
|
||||
|
||||
if (TypeParam::supports_http_only) {
|
||||
// Permission to modify http only cookies is required to set an
|
||||
@ -615,7 +616,7 @@ TYPED_TEST_P(CookieStoreTest, SetCanonicalCookieTest) {
|
||||
"G", "H", http_foo_host, "/unique", base::Time(),
|
||||
base::Time(), base::Time(), false /* secure */,
|
||||
true /* httponly */, CookieSameSite::LAX_MODE,
|
||||
COOKIE_PRIORITY_DEFAULT),
|
||||
COOKIE_PRIORITY_DEFAULT, false /* same_party */),
|
||||
this->http_www_foo_.url(), false /* modify_http_only */)
|
||||
.status.HasExclusionReason(
|
||||
CookieInclusionStatus::EXCLUDE_HTTP_ONLY));
|
||||
@ -641,7 +642,8 @@ TYPED_TEST_P(CookieStoreTest, SetCanonicalCookieTest) {
|
||||
std::make_unique<CanonicalCookie>(
|
||||
"G", "H", http_foo_host, "/unique", base::Time(), base::Time(),
|
||||
base::Time(), false /* secure */, true /* httponly */,
|
||||
CookieSameSite::LAX_MODE, COOKIE_PRIORITY_DEFAULT),
|
||||
CookieSameSite::LAX_MODE, COOKIE_PRIORITY_DEFAULT,
|
||||
false /* same_party */),
|
||||
this->http_www_foo_.url(), true /* modify_http_only */));
|
||||
|
||||
EXPECT_TRUE(this->SetCanonicalCookieReturnAccessResult(
|
||||
@ -650,7 +652,7 @@ TYPED_TEST_P(CookieStoreTest, SetCanonicalCookieTest) {
|
||||
"G", "H", http_foo_host, "/unique", base::Time(),
|
||||
base::Time(), base::Time(), false /* secure */,
|
||||
true /* httponly */, CookieSameSite::LAX_MODE,
|
||||
COOKIE_PRIORITY_DEFAULT),
|
||||
COOKIE_PRIORITY_DEFAULT, false /* same_party */),
|
||||
this->http_www_foo_.url(), false /* modify_http_only */)
|
||||
.status.HasExclusionReason(
|
||||
CookieInclusionStatus::EXCLUDE_HTTP_ONLY));
|
||||
@ -661,7 +663,8 @@ TYPED_TEST_P(CookieStoreTest, SetCanonicalCookieTest) {
|
||||
std::make_unique<CanonicalCookie>(
|
||||
"G", "H", http_foo_host, "/unique", base::Time(), base::Time(),
|
||||
base::Time(), false /* secure */, true /* httponly */,
|
||||
CookieSameSite::LAX_MODE, COOKIE_PRIORITY_DEFAULT),
|
||||
CookieSameSite::LAX_MODE, COOKIE_PRIORITY_DEFAULT,
|
||||
false /* same_party */),
|
||||
this->http_www_foo_.url(), true /* modify_http_only */));
|
||||
}
|
||||
|
||||
@ -739,28 +742,28 @@ TYPED_TEST_P(CookieStoreTest, SecureEnforcement) {
|
||||
std::make_unique<CanonicalCookie>(
|
||||
"A", "B", http_domain, "/", base::Time::Now(), base::Time(),
|
||||
base::Time(), true, false, CookieSameSite::STRICT_MODE,
|
||||
COOKIE_PRIORITY_DEFAULT),
|
||||
COOKIE_PRIORITY_DEFAULT, false /* same_party */),
|
||||
http_url, true /*modify_httponly*/));
|
||||
EXPECT_TRUE(this->SetCanonicalCookie(
|
||||
cs,
|
||||
std::make_unique<CanonicalCookie>(
|
||||
"A", "B", http_domain, "/", base::Time::Now(), base::Time(),
|
||||
base::Time(), true, false, CookieSameSite::STRICT_MODE,
|
||||
COOKIE_PRIORITY_DEFAULT),
|
||||
COOKIE_PRIORITY_DEFAULT, false /* same_party */),
|
||||
https_url, true /*modify_httponly*/));
|
||||
EXPECT_TRUE(this->SetCanonicalCookie(
|
||||
cs,
|
||||
std::make_unique<CanonicalCookie>(
|
||||
"A", "B", http_domain, "/", base::Time::Now(), base::Time(),
|
||||
base::Time(), false, false, CookieSameSite::STRICT_MODE,
|
||||
COOKIE_PRIORITY_DEFAULT),
|
||||
COOKIE_PRIORITY_DEFAULT, false /* same_party */),
|
||||
https_url, true /*modify_httponly*/));
|
||||
EXPECT_TRUE(this->SetCanonicalCookie(
|
||||
cs,
|
||||
std::make_unique<CanonicalCookie>(
|
||||
"A", "B", http_domain, "/", base::Time::Now(), base::Time(),
|
||||
base::Time(), false, false, CookieSameSite::STRICT_MODE,
|
||||
COOKIE_PRIORITY_DEFAULT),
|
||||
COOKIE_PRIORITY_DEFAULT, false /* same_party */),
|
||||
http_url, true /*modify_httponly*/));
|
||||
}
|
||||
|
||||
|
||||
@ -885,14 +885,14 @@ bool SQLitePersistentCookieStore::Backend::LoadCookiesForDomains(
|
||||
"SELECT creation_utc, host_key, name, value, encrypted_value, path, "
|
||||
"expires_utc, is_secure, is_httponly, samesite, "
|
||||
"last_access_utc, has_expires, is_persistent, priority, "
|
||||
"source_scheme "
|
||||
"source_scheme, is_same_party "
|
||||
"FROM cookies WHERE host_key = ?"));
|
||||
} else {
|
||||
smt.Assign(db()->GetCachedStatement(
|
||||
SQL_FROM_HERE,
|
||||
"SELECT creation_utc, host_key, name, value, encrypted_value, path, "
|
||||
"expires_utc, is_secure, is_httponly, samesite, last_access_utc, "
|
||||
"has_expires, is_persistent, priority, source_scheme "
|
||||
"has_expires, is_persistent, priority, source_scheme, is_same_party "
|
||||
"FROM cookies WHERE host_key = ? AND is_persistent = 1"));
|
||||
}
|
||||
del_smt.Assign(db()->GetCachedStatement(
|
||||
@ -973,6 +973,7 @@ bool SQLitePersistentCookieStore::Backend::MakeCookiesFromSQLStatement(
|
||||
static_cast<DBCookieSameSite>(smt.ColumnInt(9))), // samesite
|
||||
DBCookiePriorityToCookiePriority(
|
||||
static_cast<DBCookiePriority>(smt.ColumnInt(13))), // priority
|
||||
smt.ColumnBool(15), // is_same_party
|
||||
DBToCookieSourceScheme(smt.ColumnInt(14))); // source_scheme
|
||||
if (cc) {
|
||||
DLOG_IF(WARNING, cc->CreationDate() > Time::Now())
|
||||
@ -1299,8 +1300,7 @@ void SQLitePersistentCookieStore::Backend::DoCommit() {
|
||||
add_smt.BindInt(14, static_cast<int>(po->cc().SourceScheme()));
|
||||
// TODO(crbug.com/1141135): Record port number of the cookie.
|
||||
add_smt.BindInt(15, kDefaultUnknownPort);
|
||||
// TODO(crbug.com/1142606): Record SameParty attribute of the cookie.
|
||||
add_smt.BindBool(16, false);
|
||||
add_smt.BindBool(16, po->cc().IsSameParty());
|
||||
if (!add_smt.Run()) {
|
||||
DLOG(WARNING) << "Could not add a cookie to the DB.";
|
||||
RecordCookieCommitProblem(COOKIE_COMMIT_PROBLEM_ADD);
|
||||
|
||||
@ -90,7 +90,7 @@ class SQLitePersistentCookieStorePerfTest : public testing::Test {
|
||||
return CanonicalCookie(base::StringPrintf("Cookie_%d", cookie_num), "1",
|
||||
domain_name, "/", t, t, t, false, false,
|
||||
CookieSameSite::NO_RESTRICTION,
|
||||
COOKIE_PRIORITY_DEFAULT);
|
||||
COOKIE_PRIORITY_DEFAULT, false);
|
||||
}
|
||||
|
||||
void SetUp() override {
|
||||
|
||||
@ -180,7 +180,7 @@ class SQLitePersistentCookieStoreTest : public TestWithTaskEnvironment {
|
||||
const base::Time& creation) {
|
||||
store_->AddCookie(CanonicalCookie(
|
||||
name, value, domain, path, creation, creation, base::Time(), false,
|
||||
false, CookieSameSite::NO_RESTRICTION, COOKIE_PRIORITY_DEFAULT));
|
||||
false, CookieSameSite::NO_RESTRICTION, COOKIE_PRIORITY_DEFAULT, false));
|
||||
}
|
||||
|
||||
void AddCookieWithExpiration(const std::string& name,
|
||||
@ -191,7 +191,7 @@ class SQLitePersistentCookieStoreTest : public TestWithTaskEnvironment {
|
||||
const base::Time& expiration) {
|
||||
store_->AddCookie(CanonicalCookie(
|
||||
name, value, domain, path, creation, expiration, base::Time(), false,
|
||||
false, CookieSameSite::NO_RESTRICTION, COOKIE_PRIORITY_DEFAULT));
|
||||
false, CookieSameSite::NO_RESTRICTION, COOKIE_PRIORITY_DEFAULT, false));
|
||||
}
|
||||
|
||||
std::string ReadRawDBContents() {
|
||||
@ -527,10 +527,10 @@ TEST_F(SQLitePersistentCookieStoreTest, TestLoadOldSessionCookies) {
|
||||
InitializeStore(false, true);
|
||||
|
||||
// Add a session cookie.
|
||||
store_->AddCookie(
|
||||
CanonicalCookie("C", "D", "sessioncookie.com", "/", base::Time::Now(),
|
||||
base::Time(), base::Time(), false, false,
|
||||
CookieSameSite::NO_RESTRICTION, COOKIE_PRIORITY_DEFAULT));
|
||||
store_->AddCookie(CanonicalCookie(
|
||||
"C", "D", "sessioncookie.com", "/", base::Time::Now(), base::Time(),
|
||||
base::Time(), false, false, CookieSameSite::NO_RESTRICTION,
|
||||
COOKIE_PRIORITY_DEFAULT, false));
|
||||
|
||||
// Force the store to write its data to the disk.
|
||||
DestroyStore();
|
||||
@ -554,10 +554,10 @@ TEST_F(SQLitePersistentCookieStoreTest, TestDontLoadOldSessionCookies) {
|
||||
InitializeStore(false, true);
|
||||
|
||||
// Add a session cookie.
|
||||
store_->AddCookie(
|
||||
CanonicalCookie("C", "D", "sessioncookie.com", "/", base::Time::Now(),
|
||||
base::Time(), base::Time(), false, false,
|
||||
CookieSameSite::NO_RESTRICTION, COOKIE_PRIORITY_DEFAULT));
|
||||
store_->AddCookie(CanonicalCookie(
|
||||
"C", "D", "sessioncookie.com", "/", base::Time::Now(), base::Time(),
|
||||
base::Time(), false, false, CookieSameSite::NO_RESTRICTION,
|
||||
COOKIE_PRIORITY_DEFAULT, false));
|
||||
|
||||
// Force the store to write its data to the disk.
|
||||
DestroyStore();
|
||||
@ -660,13 +660,13 @@ TEST_F(SQLitePersistentCookieStoreTest, PersistIsPersistent) {
|
||||
store_->AddCookie(CanonicalCookie(
|
||||
kSessionName, "val", "sessioncookie.com", "/", base::Time::Now(),
|
||||
base::Time(), base::Time(), false, false, CookieSameSite::NO_RESTRICTION,
|
||||
COOKIE_PRIORITY_DEFAULT));
|
||||
COOKIE_PRIORITY_DEFAULT, false));
|
||||
// Add a persistent cookie.
|
||||
store_->AddCookie(CanonicalCookie(
|
||||
kPersistentName, "val", "sessioncookie.com", "/",
|
||||
base::Time::Now() - base::TimeDelta::FromDays(1),
|
||||
base::Time::Now() + base::TimeDelta::FromDays(1), base::Time(), false,
|
||||
false, CookieSameSite::NO_RESTRICTION, COOKIE_PRIORITY_DEFAULT));
|
||||
false, CookieSameSite::NO_RESTRICTION, COOKIE_PRIORITY_DEFAULT, false));
|
||||
|
||||
// Force the store to write its data to the disk.
|
||||
DestroyStore();
|
||||
@ -707,21 +707,21 @@ TEST_F(SQLitePersistentCookieStoreTest, PriorityIsPersistent) {
|
||||
kLowName, kCookieValue, kDomain, kCookiePath,
|
||||
base::Time::Now() - base::TimeDelta::FromMinutes(1),
|
||||
base::Time::Now() + base::TimeDelta::FromDays(1), base::Time(), false,
|
||||
false, CookieSameSite::NO_RESTRICTION, COOKIE_PRIORITY_LOW));
|
||||
false, CookieSameSite::NO_RESTRICTION, COOKIE_PRIORITY_LOW, false));
|
||||
|
||||
// Add a medium-priority persistent cookie.
|
||||
store_->AddCookie(CanonicalCookie(
|
||||
kMediumName, kCookieValue, kDomain, kCookiePath,
|
||||
base::Time::Now() - base::TimeDelta::FromMinutes(2),
|
||||
base::Time::Now() + base::TimeDelta::FromDays(1), base::Time(), false,
|
||||
false, CookieSameSite::NO_RESTRICTION, COOKIE_PRIORITY_MEDIUM));
|
||||
false, CookieSameSite::NO_RESTRICTION, COOKIE_PRIORITY_MEDIUM, false));
|
||||
|
||||
// Add a high-priority peristent cookie.
|
||||
store_->AddCookie(CanonicalCookie(
|
||||
kHighName, kCookieValue, kDomain, kCookiePath,
|
||||
base::Time::Now() - base::TimeDelta::FromMinutes(3),
|
||||
base::Time::Now() + base::TimeDelta::FromDays(1), base::Time(), false,
|
||||
false, CookieSameSite::NO_RESTRICTION, COOKIE_PRIORITY_HIGH));
|
||||
false, CookieSameSite::NO_RESTRICTION, COOKIE_PRIORITY_HIGH, false));
|
||||
|
||||
// Force the store to write its data to the disk.
|
||||
DestroyStore();
|
||||
@ -768,21 +768,21 @@ TEST_F(SQLitePersistentCookieStoreTest, SameSiteIsPersistent) {
|
||||
kNoneName, kCookieValue, kDomain, kCookiePath,
|
||||
base::Time::Now() - base::TimeDelta::FromMinutes(1),
|
||||
base::Time::Now() + base::TimeDelta::FromDays(1), base::Time(), false,
|
||||
false, CookieSameSite::NO_RESTRICTION, COOKIE_PRIORITY_DEFAULT));
|
||||
false, CookieSameSite::NO_RESTRICTION, COOKIE_PRIORITY_DEFAULT, false));
|
||||
|
||||
// Add a lax-samesite persistent cookie.
|
||||
store_->AddCookie(CanonicalCookie(
|
||||
kLaxName, kCookieValue, kDomain, kCookiePath,
|
||||
base::Time::Now() - base::TimeDelta::FromMinutes(2),
|
||||
base::Time::Now() + base::TimeDelta::FromDays(1), base::Time(), false,
|
||||
false, CookieSameSite::LAX_MODE, COOKIE_PRIORITY_DEFAULT));
|
||||
false, CookieSameSite::LAX_MODE, COOKIE_PRIORITY_DEFAULT, false));
|
||||
|
||||
// Add a strict-samesite persistent cookie.
|
||||
store_->AddCookie(CanonicalCookie(
|
||||
kStrictName, kCookieValue, kDomain, kCookiePath,
|
||||
base::Time::Now() - base::TimeDelta::FromMinutes(3),
|
||||
base::Time::Now() + base::TimeDelta::FromDays(1), base::Time(), false,
|
||||
false, CookieSameSite::STRICT_MODE, COOKIE_PRIORITY_DEFAULT));
|
||||
false, CookieSameSite::STRICT_MODE, COOKIE_PRIORITY_DEFAULT, false));
|
||||
|
||||
// Force the store to write its data to the disk.
|
||||
DestroyStore();
|
||||
@ -824,7 +824,7 @@ TEST_F(SQLitePersistentCookieStoreTest, SameSiteExtendedTreatedAsUnspecified) {
|
||||
kExtendedName, kCookieValue, kDomain, kCookiePath,
|
||||
base::Time::Now() - base::TimeDelta::FromMinutes(1),
|
||||
base::Time::Now() + base::TimeDelta::FromDays(1), base::Time(), false,
|
||||
false, CookieSameSite::STRICT_MODE, COOKIE_PRIORITY_DEFAULT));
|
||||
false, CookieSameSite::STRICT_MODE, COOKIE_PRIORITY_DEFAULT, false));
|
||||
|
||||
// Force the store to write its data to the disk.
|
||||
DestroyStore();
|
||||
@ -850,6 +850,53 @@ TEST_F(SQLitePersistentCookieStoreTest, SameSiteExtendedTreatedAsUnspecified) {
|
||||
EXPECT_EQ(CookieSameSite::UNSPECIFIED, cookies[0]->SameSite());
|
||||
}
|
||||
|
||||
TEST_F(SQLitePersistentCookieStoreTest, SamePartyIsPersistent) {
|
||||
const char kDomain[] = "sessioncookie.com";
|
||||
const char kNonSamePartyCookieName[] = "no_party";
|
||||
const char kSamePartyCookieName[] = "party";
|
||||
const char kCookieValue[] = "value";
|
||||
const char kCookiePath[] = "/";
|
||||
|
||||
InitializeStore(false, true);
|
||||
|
||||
// Add a non-SameParty persistent cookie.
|
||||
store_->AddCookie(CanonicalCookie(
|
||||
kNonSamePartyCookieName, kCookieValue, kDomain, kCookiePath,
|
||||
base::Time::Now() - base::TimeDelta::FromMinutes(1),
|
||||
base::Time::Now() + base::TimeDelta::FromDays(1), base::Time(),
|
||||
/*secure=*/true, false, CookieSameSite::LAX_MODE, COOKIE_PRIORITY_DEFAULT,
|
||||
/*same_party=*/false));
|
||||
|
||||
// Add a SameParty persistent cookie.
|
||||
store_->AddCookie(CanonicalCookie(
|
||||
kSamePartyCookieName, kCookieValue, kDomain, kCookiePath,
|
||||
base::Time::Now() - base::TimeDelta::FromMinutes(1),
|
||||
base::Time::Now() + base::TimeDelta::FromDays(1), base::Time(),
|
||||
/*secure=*/true, false, CookieSameSite::LAX_MODE, COOKIE_PRIORITY_DEFAULT,
|
||||
/*same_party=*/true));
|
||||
|
||||
// Force the store to write its data to the disk.
|
||||
DestroyStore();
|
||||
|
||||
// Create a store that loads session cookie and test that the SameParty
|
||||
// attribute values are restored.
|
||||
CanonicalCookieVector cookies;
|
||||
CreateAndLoad(false, true, &cookies);
|
||||
ASSERT_EQ(2U, cookies.size());
|
||||
|
||||
// Put the cookies into a map, by name, for comparison below.
|
||||
std::map<std::string, CanonicalCookie*> cookie_map;
|
||||
for (const auto& cookie : cookies)
|
||||
cookie_map[cookie->Name()] = cookie.get();
|
||||
|
||||
// Validate that each cookie has the correct SameParty.
|
||||
ASSERT_EQ(1u, cookie_map.count(kNonSamePartyCookieName));
|
||||
EXPECT_FALSE(cookie_map[kNonSamePartyCookieName]->IsSameParty());
|
||||
|
||||
ASSERT_EQ(1u, cookie_map.count(kSamePartyCookieName));
|
||||
EXPECT_TRUE(cookie_map[kSamePartyCookieName]->IsSameParty());
|
||||
}
|
||||
|
||||
TEST_F(SQLitePersistentCookieStoreTest, UpdateToEncryption) {
|
||||
CanonicalCookieVector cookies;
|
||||
|
||||
@ -1019,29 +1066,35 @@ bool AddV9CookiesToDB(sql::Database* db) {
|
||||
static base::Time cookie_time(base::Time::Now());
|
||||
|
||||
std::vector<CanonicalCookie> cookies;
|
||||
cookies.push_back(CanonicalCookie(
|
||||
"A", "B", "example.com", "/", cookie_time, cookie_time, cookie_time,
|
||||
false, false, CookieSameSite::NO_RESTRICTION, COOKIE_PRIORITY_DEFAULT));
|
||||
cookies.push_back(CanonicalCookie("A", "B", "example.com", "/", cookie_time,
|
||||
cookie_time, cookie_time, false, false,
|
||||
CookieSameSite::NO_RESTRICTION,
|
||||
COOKIE_PRIORITY_DEFAULT, false));
|
||||
cookie_time += base::TimeDelta::FromMicroseconds(1);
|
||||
cookies.push_back(CanonicalCookie(
|
||||
"C", "B", "example.com", "/", cookie_time, cookie_time, cookie_time,
|
||||
false, false, CookieSameSite::NO_RESTRICTION, COOKIE_PRIORITY_DEFAULT));
|
||||
cookies.push_back(CanonicalCookie("C", "B", "example.com", "/", cookie_time,
|
||||
cookie_time, cookie_time, false, false,
|
||||
CookieSameSite::NO_RESTRICTION,
|
||||
COOKIE_PRIORITY_DEFAULT, false));
|
||||
cookie_time += base::TimeDelta::FromMicroseconds(1);
|
||||
cookies.push_back(CanonicalCookie(
|
||||
"A", "B", "example2.com", "/", cookie_time, cookie_time, cookie_time,
|
||||
false, false, CookieSameSite::NO_RESTRICTION, COOKIE_PRIORITY_DEFAULT));
|
||||
cookies.push_back(CanonicalCookie("A", "B", "example2.com", "/", cookie_time,
|
||||
cookie_time, cookie_time, false, false,
|
||||
CookieSameSite::NO_RESTRICTION,
|
||||
COOKIE_PRIORITY_DEFAULT, false));
|
||||
cookie_time += base::TimeDelta::FromMicroseconds(1);
|
||||
cookies.push_back(CanonicalCookie(
|
||||
"C", "B", "example2.com", "/", cookie_time, cookie_time, cookie_time,
|
||||
false, false, CookieSameSite::NO_RESTRICTION, COOKIE_PRIORITY_DEFAULT));
|
||||
cookies.push_back(CanonicalCookie("C", "B", "example2.com", "/", cookie_time,
|
||||
cookie_time, cookie_time, false, false,
|
||||
CookieSameSite::NO_RESTRICTION,
|
||||
COOKIE_PRIORITY_DEFAULT, false));
|
||||
cookie_time += base::TimeDelta::FromMicroseconds(1);
|
||||
cookies.push_back(CanonicalCookie(
|
||||
"A", "B", "example.com", "/path", cookie_time, cookie_time, cookie_time,
|
||||
false, false, CookieSameSite::NO_RESTRICTION, COOKIE_PRIORITY_DEFAULT));
|
||||
false, false, CookieSameSite::NO_RESTRICTION, COOKIE_PRIORITY_DEFAULT,
|
||||
false));
|
||||
cookie_time += base::TimeDelta::FromMicroseconds(1);
|
||||
cookies.push_back(CanonicalCookie(
|
||||
"C", "B", "example.com", "/path", cookie_time, cookie_time, cookie_time,
|
||||
false, false, CookieSameSite::NO_RESTRICTION, COOKIE_PRIORITY_DEFAULT));
|
||||
false, false, CookieSameSite::NO_RESTRICTION, COOKIE_PRIORITY_DEFAULT,
|
||||
false));
|
||||
cookie_time += base::TimeDelta::FromMicroseconds(1);
|
||||
return AddV9CookiesToDBImpl(db, cookies);
|
||||
}
|
||||
@ -1165,7 +1218,7 @@ TEST_F(SQLitePersistentCookieStoreTest, UpgradeToSchemaVersion10Corrupted) {
|
||||
base::Time old_time2 = base::Time::Now() - base::TimeDelta::FromMinutes(91);
|
||||
CanonicalCookie old_cookie1(
|
||||
"A", "old_value", "example.com", "/", old_time, old_time, old_time, false,
|
||||
false, CookieSameSite::NO_RESTRICTION, COOKIE_PRIORITY_DEFAULT);
|
||||
false, CookieSameSite::NO_RESTRICTION, COOKIE_PRIORITY_DEFAULT, false);
|
||||
AddV9CookiesToDBImpl(&connection, {old_cookie1});
|
||||
|
||||
// Add the same set of cookies twice to create duplicates.
|
||||
@ -1173,9 +1226,10 @@ TEST_F(SQLitePersistentCookieStoreTest, UpgradeToSchemaVersion10Corrupted) {
|
||||
ASSERT_TRUE(AddV9CookiesToDB(&connection));
|
||||
|
||||
// Add some others as well.
|
||||
CanonicalCookie old_cookie2(
|
||||
"A", "old_value", "example.com", "/path", old_time2, old_time2, old_time2,
|
||||
false, false, CookieSameSite::NO_RESTRICTION, COOKIE_PRIORITY_DEFAULT);
|
||||
CanonicalCookie old_cookie2("A", "old_value", "example.com", "/path",
|
||||
old_time2, old_time2, old_time2, false, false,
|
||||
CookieSameSite::NO_RESTRICTION,
|
||||
COOKIE_PRIORITY_DEFAULT, false);
|
||||
AddV9CookiesToDBImpl(&connection, {old_cookie2});
|
||||
|
||||
connection.Close();
|
||||
@ -1493,22 +1547,22 @@ bool AddV10CookiesToDB(sql::Database* db) {
|
||||
std::vector<CanonicalCookie> cookies;
|
||||
cookies.push_back(CanonicalCookie(
|
||||
"A", "B", "example.com", "/", time, time, time, false, false,
|
||||
CookieSameSite::NO_RESTRICTION, COOKIE_PRIORITY_DEFAULT));
|
||||
CookieSameSite::NO_RESTRICTION, COOKIE_PRIORITY_DEFAULT, false));
|
||||
cookies.push_back(CanonicalCookie(
|
||||
"C", "B", "example.com", "/", time, time, time, false, false,
|
||||
CookieSameSite::NO_RESTRICTION, COOKIE_PRIORITY_DEFAULT));
|
||||
CookieSameSite::NO_RESTRICTION, COOKIE_PRIORITY_DEFAULT, false));
|
||||
cookies.push_back(CanonicalCookie(
|
||||
"A", "B", "example2.com", "/", time, time, time, false, false,
|
||||
CookieSameSite::LAX_MODE, COOKIE_PRIORITY_DEFAULT));
|
||||
CookieSameSite::LAX_MODE, COOKIE_PRIORITY_DEFAULT, false));
|
||||
cookies.push_back(CanonicalCookie(
|
||||
"C", "B", "example2.com", "/", time, time, time, false, false,
|
||||
CookieSameSite::LAX_MODE, COOKIE_PRIORITY_DEFAULT));
|
||||
CookieSameSite::LAX_MODE, COOKIE_PRIORITY_DEFAULT, false));
|
||||
cookies.push_back(CanonicalCookie(
|
||||
"A", "B", "example.com", "/path", time, time, time, false, false,
|
||||
CookieSameSite::STRICT_MODE, COOKIE_PRIORITY_DEFAULT));
|
||||
CookieSameSite::STRICT_MODE, COOKIE_PRIORITY_DEFAULT, false));
|
||||
cookies.push_back(CanonicalCookie(
|
||||
"C", "B", "example.com", "/path", time, time, time, false, false,
|
||||
CookieSameSite::STRICT_MODE, COOKIE_PRIORITY_DEFAULT));
|
||||
CookieSameSite::STRICT_MODE, COOKIE_PRIORITY_DEFAULT, false));
|
||||
return AddV10CookiesToDBImpl(db, cookies);
|
||||
}
|
||||
|
||||
@ -1698,30 +1752,32 @@ std::vector<CanonicalCookie> CookiesForMigrationTest() {
|
||||
// Note: These are all constructed with the default value of
|
||||
// is_source_scheme_secure, which is false, but that doesn't matter because
|
||||
// v11 doesn't store that info.
|
||||
cookies.push_back(CanonicalCookie("A", "B", "example.com", "/", now, now, now,
|
||||
true /* secure */, false /* httponly */,
|
||||
CookieSameSite::UNSPECIFIED,
|
||||
COOKIE_PRIORITY_DEFAULT));
|
||||
cookies.push_back(CanonicalCookie("C", "B", "example.com", "/", now, now, now,
|
||||
true /* secure */, false /* httponly */,
|
||||
CookieSameSite::UNSPECIFIED,
|
||||
COOKIE_PRIORITY_DEFAULT));
|
||||
cookies.push_back(
|
||||
CanonicalCookie("A", "B", "example2.com", "/", now, now, now,
|
||||
true /* secure */, false /* httponly */,
|
||||
CookieSameSite::UNSPECIFIED, COOKIE_PRIORITY_DEFAULT));
|
||||
cookies.push_back(
|
||||
CanonicalCookie("C", "B", "example2.com", "/", now, now, now,
|
||||
false /* secure */, false /* httponly */,
|
||||
CookieSameSite::UNSPECIFIED, COOKIE_PRIORITY_DEFAULT));
|
||||
cookies.push_back(
|
||||
CanonicalCookie("A", "B", "example.com", "/path", now, now, now,
|
||||
false /* secure */, false /* httponly */,
|
||||
CookieSameSite::UNSPECIFIED, COOKIE_PRIORITY_DEFAULT));
|
||||
cookies.push_back(
|
||||
CanonicalCookie("C", "B", "example.com", "/path", now, now, now,
|
||||
false /* secure */, false /* httponly */,
|
||||
CookieSameSite::UNSPECIFIED, COOKIE_PRIORITY_DEFAULT));
|
||||
// Some of these are constructed with SameParty set to true, to test that in
|
||||
// the DB migration, the is_same_party values are all defaulted to false.
|
||||
cookies.push_back(CanonicalCookie(
|
||||
"A", "B", "example.com", "/", now, now, now, true /* secure */,
|
||||
false /* httponly */, CookieSameSite::UNSPECIFIED,
|
||||
COOKIE_PRIORITY_DEFAULT, false /* same_party */));
|
||||
cookies.push_back(CanonicalCookie(
|
||||
"C", "B", "example.com", "/", now, now, now, true /* secure */,
|
||||
false /* httponly */, CookieSameSite::UNSPECIFIED,
|
||||
COOKIE_PRIORITY_DEFAULT, true /* same_party */));
|
||||
cookies.push_back(CanonicalCookie(
|
||||
"A", "B", "example2.com", "/", now, now, now, true /* secure */,
|
||||
false /* httponly */, CookieSameSite::UNSPECIFIED,
|
||||
COOKIE_PRIORITY_DEFAULT, true /* same_party */));
|
||||
cookies.push_back(CanonicalCookie(
|
||||
"C", "B", "example2.com", "/", now, now, now, false /* secure */,
|
||||
false /* httponly */, CookieSameSite::UNSPECIFIED,
|
||||
COOKIE_PRIORITY_DEFAULT, false /* same_party */));
|
||||
cookies.push_back(CanonicalCookie(
|
||||
"A", "B", "example.com", "/path", now, now, now, false /* secure */,
|
||||
false /* httponly */, CookieSameSite::UNSPECIFIED,
|
||||
COOKIE_PRIORITY_DEFAULT, false /* same_party */));
|
||||
cookies.push_back(CanonicalCookie(
|
||||
"C", "B", "example.com", "/path", now, now, now, false /* secure */,
|
||||
false /* httponly */, CookieSameSite::UNSPECIFIED,
|
||||
COOKIE_PRIORITY_DEFAULT, false /* same_party */));
|
||||
return cookies;
|
||||
}
|
||||
|
||||
@ -1832,6 +1888,7 @@ void ConfirmCookiesAfterMigrationTest(
|
||||
EXPECT_EQ("/", read_in_cookies[i]->Path());
|
||||
EXPECT_TRUE(read_in_cookies[i]->IsSecure());
|
||||
EXPECT_EQ(CookieSourceScheme::kUnset, read_in_cookies[i]->SourceScheme());
|
||||
EXPECT_FALSE(read_in_cookies[i]->IsSameParty());
|
||||
|
||||
i++;
|
||||
EXPECT_EQ("A", read_in_cookies[i]->Name());
|
||||
@ -1840,6 +1897,7 @@ void ConfirmCookiesAfterMigrationTest(
|
||||
EXPECT_EQ("/path", read_in_cookies[i]->Path());
|
||||
EXPECT_FALSE(read_in_cookies[i]->IsSecure());
|
||||
EXPECT_EQ(CookieSourceScheme::kUnset, read_in_cookies[i]->SourceScheme());
|
||||
EXPECT_FALSE(read_in_cookies[i]->IsSameParty());
|
||||
|
||||
i++;
|
||||
EXPECT_EQ("A", read_in_cookies[i]->Name());
|
||||
@ -1848,6 +1906,7 @@ void ConfirmCookiesAfterMigrationTest(
|
||||
EXPECT_EQ("/", read_in_cookies[i]->Path());
|
||||
EXPECT_TRUE(read_in_cookies[i]->IsSecure());
|
||||
EXPECT_EQ(CookieSourceScheme::kUnset, read_in_cookies[i]->SourceScheme());
|
||||
EXPECT_FALSE(read_in_cookies[i]->IsSameParty());
|
||||
|
||||
i++;
|
||||
EXPECT_EQ("C", read_in_cookies[i]->Name());
|
||||
@ -1856,6 +1915,7 @@ void ConfirmCookiesAfterMigrationTest(
|
||||
EXPECT_EQ("/", read_in_cookies[i]->Path());
|
||||
EXPECT_TRUE(read_in_cookies[i]->IsSecure());
|
||||
EXPECT_EQ(CookieSourceScheme::kUnset, read_in_cookies[i]->SourceScheme());
|
||||
EXPECT_FALSE(read_in_cookies[i]->IsSameParty());
|
||||
|
||||
i++;
|
||||
EXPECT_EQ("C", read_in_cookies[i]->Name());
|
||||
@ -1864,6 +1924,7 @@ void ConfirmCookiesAfterMigrationTest(
|
||||
EXPECT_EQ("/path", read_in_cookies[i]->Path());
|
||||
EXPECT_FALSE(read_in_cookies[i]->IsSecure());
|
||||
EXPECT_EQ(CookieSourceScheme::kUnset, read_in_cookies[i]->SourceScheme());
|
||||
EXPECT_FALSE(read_in_cookies[i]->IsSameParty());
|
||||
|
||||
i++;
|
||||
EXPECT_EQ("C", read_in_cookies[i]->Name());
|
||||
@ -1872,6 +1933,7 @@ void ConfirmCookiesAfterMigrationTest(
|
||||
EXPECT_EQ("/", read_in_cookies[i]->Path());
|
||||
EXPECT_FALSE(read_in_cookies[i]->IsSecure());
|
||||
EXPECT_EQ(CookieSourceScheme::kUnset, read_in_cookies[i]->SourceScheme());
|
||||
EXPECT_FALSE(read_in_cookies[i]->IsSameParty());
|
||||
}
|
||||
|
||||
// Confirm that source_scheme gets added and is set to "Unset".
|
||||
|
||||
File diff suppressed because it is too large
Load Diff
@ -2429,7 +2429,7 @@ bool SetCookieHelper(NetworkContext* network_context,
|
||||
net::CanonicalCookie(key, value, url.host(), "/", base::Time(),
|
||||
base::Time(), base::Time(), true, false,
|
||||
net::CookieSameSite::NO_RESTRICTION,
|
||||
net::COOKIE_PRIORITY_LOW),
|
||||
net::COOKIE_PRIORITY_LOW, false),
|
||||
url, net::CookieOptions::MakeAllInclusive(),
|
||||
base::BindOnce(&SetCookieCallback, &run_loop, &result));
|
||||
run_loop.Run();
|
||||
@ -2450,7 +2450,7 @@ TEST_F(NetworkContextTest, CookieManager) {
|
||||
net::CanonicalCookie cookie("TestCookie", "1", "www.test.com", "/",
|
||||
base::Time(), base::Time(), base::Time(), false,
|
||||
false, net::CookieSameSite::LAX_MODE,
|
||||
net::COOKIE_PRIORITY_LOW);
|
||||
net::COOKIE_PRIORITY_LOW, false);
|
||||
cookie_manager_remote->SetCanonicalCookie(
|
||||
cookie, net::cookie_util::SimulatedCookieSource(cookie, "https"),
|
||||
net::CookieOptions::MakeAllInclusive(),
|
||||
@ -3917,7 +3917,7 @@ TEST_F(NetworkContextTest, CanSetCookieFalseIfCookiesBlocked) {
|
||||
net::CanonicalCookie cookie("TestCookie", "1", "www.test.com", "/",
|
||||
base::Time(), base::Time(), base::Time(), false,
|
||||
false, net::CookieSameSite::LAX_MODE,
|
||||
net::COOKIE_PRIORITY_LOW);
|
||||
net::COOKIE_PRIORITY_LOW, false);
|
||||
EXPECT_TRUE(
|
||||
network_context->url_request_context()->network_delegate()->CanSetCookie(
|
||||
*request, cookie, nullptr, true));
|
||||
@ -3937,7 +3937,7 @@ TEST_F(NetworkContextTest, CanSetCookieTrueIfCookiesAllowed) {
|
||||
net::CanonicalCookie cookie("TestCookie", "1", "www.test.com", "/",
|
||||
base::Time(), base::Time(), base::Time(), false,
|
||||
false, net::CookieSameSite::LAX_MODE,
|
||||
net::COOKIE_PRIORITY_LOW);
|
||||
net::COOKIE_PRIORITY_LOW, false);
|
||||
|
||||
SetDefaultContentSetting(CONTENT_SETTING_ALLOW, network_context.get());
|
||||
EXPECT_TRUE(
|
||||
|
||||
@ -393,7 +393,7 @@ bool StructTraits<
|
||||
auto cc = net::CanonicalCookie::FromStorage(
|
||||
name, value, domain, path, creation_time, expiry_time, last_access_time,
|
||||
cookie.secure(), cookie.httponly(), site_restrictions, priority,
|
||||
source_scheme);
|
||||
cookie.same_party(), source_scheme);
|
||||
if (!cc)
|
||||
return false;
|
||||
*out = *cc;
|
||||
|
||||
@ -149,6 +149,9 @@ struct StructTraits<network::mojom::CanonicalCookieDataView,
|
||||
static net::CookieSourceScheme source_scheme(const net::CanonicalCookie& c) {
|
||||
return c.SourceScheme();
|
||||
}
|
||||
static bool same_party(const net::CanonicalCookie& c) {
|
||||
return c.IsSameParty();
|
||||
}
|
||||
|
||||
static bool Read(network::mojom::CanonicalCookieDataView cookie,
|
||||
net::CanonicalCookie* out);
|
||||
|
||||
@ -23,9 +23,10 @@ bool SerializeAndDeserializeEnum(NativeType in, NativeType* out) {
|
||||
}
|
||||
|
||||
TEST(CookieManagerTraitsTest, Roundtrips_CanonicalCookie) {
|
||||
net::CanonicalCookie original(
|
||||
"A", "B", "x.y", "/path", base::Time(), base::Time(), base::Time(), false,
|
||||
false, net::CookieSameSite::NO_RESTRICTION, net::COOKIE_PRIORITY_LOW);
|
||||
net::CanonicalCookie original("A", "B", "x.y", "/path", base::Time(),
|
||||
base::Time(), base::Time(), false, false,
|
||||
net::CookieSameSite::NO_RESTRICTION,
|
||||
net::COOKIE_PRIORITY_LOW, false);
|
||||
|
||||
net::CanonicalCookie copied;
|
||||
|
||||
@ -43,6 +44,7 @@ TEST(CookieManagerTraitsTest, Roundtrips_CanonicalCookie) {
|
||||
EXPECT_EQ(original.IsHttpOnly(), copied.IsHttpOnly());
|
||||
EXPECT_EQ(original.SameSite(), copied.SameSite());
|
||||
EXPECT_EQ(original.Priority(), copied.Priority());
|
||||
EXPECT_EQ(original.IsSameParty(), copied.IsSameParty());
|
||||
|
||||
// Serializer returns false if cookie is non-canonical.
|
||||
// Example is non-canonical because of newline in name.
|
||||
@ -50,7 +52,7 @@ TEST(CookieManagerTraitsTest, Roundtrips_CanonicalCookie) {
|
||||
original = net::CanonicalCookie("A\n", "B", "x.y", "/path", base::Time(),
|
||||
base::Time(), base::Time(), false, false,
|
||||
net::CookieSameSite::NO_RESTRICTION,
|
||||
net::COOKIE_PRIORITY_LOW);
|
||||
net::COOKIE_PRIORITY_LOW, false);
|
||||
|
||||
EXPECT_FALSE(mojo::test::SerializeAndDeserialize<mojom::CanonicalCookie>(
|
||||
&original, &copied));
|
||||
@ -119,7 +121,7 @@ TEST(CookieManagerTraitsTest, Rountrips_CookieWithAccessResult) {
|
||||
net::CanonicalCookie original_cookie(
|
||||
"A", "B", "x.y", "/path", base::Time(), base::Time(), base::Time(),
|
||||
/* secure = */ true, /* http_only = */ false,
|
||||
net::CookieSameSite::NO_RESTRICTION, net::COOKIE_PRIORITY_LOW);
|
||||
net::CookieSameSite::NO_RESTRICTION, net::COOKIE_PRIORITY_LOW, false);
|
||||
|
||||
net::CookieWithAccessResult original = {original_cookie,
|
||||
net::CookieAccessResult()};
|
||||
@ -140,6 +142,7 @@ TEST(CookieManagerTraitsTest, Rountrips_CookieWithAccessResult) {
|
||||
EXPECT_EQ(original.cookie.IsHttpOnly(), copied.cookie.IsHttpOnly());
|
||||
EXPECT_EQ(original.cookie.SameSite(), copied.cookie.SameSite());
|
||||
EXPECT_EQ(original.cookie.Priority(), copied.cookie.Priority());
|
||||
EXPECT_EQ(original.cookie.IsSameParty(), copied.cookie.IsSameParty());
|
||||
EXPECT_EQ(original.access_result.effective_same_site,
|
||||
copied.access_result.effective_same_site);
|
||||
EXPECT_EQ(original.access_result.status, copied.access_result.status);
|
||||
@ -149,7 +152,7 @@ TEST(CookieManagerTraitsTest, Rountrips_CookieAndLineWithAccessResult) {
|
||||
net::CanonicalCookie original_cookie(
|
||||
"A", "B", "x.y", "/path", base::Time(), base::Time(), base::Time(),
|
||||
/* secure = */ true, /* http_only = */ false,
|
||||
net::CookieSameSite::NO_RESTRICTION, net::COOKIE_PRIORITY_LOW);
|
||||
net::CookieSameSite::NO_RESTRICTION, net::COOKIE_PRIORITY_LOW, false);
|
||||
|
||||
net::CookieAndLineWithAccessResult original(original_cookie, "cookie-string",
|
||||
net::CookieAccessResult());
|
||||
@ -299,7 +302,7 @@ TEST(CookieManagerTraitsTest, Roundtrips_CookieChangeInfo) {
|
||||
net::CanonicalCookie original_cookie(
|
||||
"A", "B", "x.y", "/path", base::Time(), base::Time(), base::Time(),
|
||||
/* secure = */ false, /* http_only = */ false,
|
||||
net::CookieSameSite::UNSPECIFIED, net::COOKIE_PRIORITY_LOW);
|
||||
net::CookieSameSite::UNSPECIFIED, net::COOKIE_PRIORITY_LOW, false);
|
||||
|
||||
net::CookieChangeInfo original(
|
||||
original_cookie,
|
||||
|
||||
@ -131,6 +131,7 @@ struct CanonicalCookie {
|
||||
CookieSameSite site_restrictions = NO_RESTRICTION;
|
||||
CookiePriority priority = MEDIUM;
|
||||
CookieSourceScheme source_scheme = kUnset;
|
||||
bool same_party = false;
|
||||
};
|
||||
|
||||
struct CookieInclusionStatus {
|
||||
|
||||
@ -388,7 +388,8 @@ void RestrictedCookieManager::SetCanonicalCookie(
|
||||
auto sanitized_cookie = net::CanonicalCookie::FromStorage(
|
||||
cookie.Name(), cookie.Value(), cookie.Domain(), cookie.Path(), now,
|
||||
cookie.ExpiryDate(), now, cookie.IsSecure(), cookie.IsHttpOnly(),
|
||||
cookie.SameSite(), cookie.Priority(), source_scheme);
|
||||
cookie.SameSite(), cookie.Priority(), cookie.IsSameParty(),
|
||||
source_scheme);
|
||||
DCHECK(sanitized_cookie);
|
||||
net::CanonicalCookie cookie_copy = *sanitized_cookie;
|
||||
|
||||
|
||||
@ -241,11 +241,11 @@ class RestrictedCookieManagerTest
|
||||
const char* path,
|
||||
bool secure = true) {
|
||||
CHECK(SetCanonicalCookie(
|
||||
net::CanonicalCookie(name, value, domain, path, base::Time(),
|
||||
base::Time(), base::Time(), /* secure = */ secure,
|
||||
/* httponly = */ false,
|
||||
net::CookieSameSite::NO_RESTRICTION,
|
||||
net::COOKIE_PRIORITY_DEFAULT),
|
||||
net::CanonicalCookie(
|
||||
name, value, domain, path, base::Time(), base::Time(), base::Time(),
|
||||
/* secure = */ secure,
|
||||
/* httponly = */ false, net::CookieSameSite::NO_RESTRICTION,
|
||||
net::COOKIE_PRIORITY_DEFAULT, /* same_party = */ false),
|
||||
"https", /* can_modify_httponly = */ true));
|
||||
}
|
||||
|
||||
@ -255,11 +255,11 @@ class RestrictedCookieManagerTest
|
||||
const char* domain,
|
||||
const char* path) {
|
||||
CHECK(SetCanonicalCookie(
|
||||
net::CanonicalCookie(name, value, domain, path, base::Time(),
|
||||
base::Time(), base::Time(), /* secure = */ true,
|
||||
/* httponly = */ true,
|
||||
net::CookieSameSite::NO_RESTRICTION,
|
||||
net::COOKIE_PRIORITY_DEFAULT),
|
||||
net::CanonicalCookie(
|
||||
name, value, domain, path, base::Time(), base::Time(), base::Time(),
|
||||
/* secure = */ true,
|
||||
/* httponly = */ true, net::CookieSameSite::NO_RESTRICTION,
|
||||
net::COOKIE_PRIORITY_DEFAULT, /* same_party = */ false),
|
||||
"https", /* can_modify_httponly = */ true));
|
||||
}
|
||||
|
||||
@ -569,7 +569,7 @@ TEST_P(RestrictedCookieManagerTest, SetCanonicalCookie) {
|
||||
"new-name", "new-value", "example.com", "/", base::Time(),
|
||||
base::Time(), base::Time(), /* secure = */ true,
|
||||
/* httponly = */ false, net::CookieSameSite::NO_RESTRICTION,
|
||||
net::COOKIE_PRIORITY_DEFAULT),
|
||||
net::COOKIE_PRIORITY_DEFAULT, /* same_party = */ false),
|
||||
GURL("https://example.com/test/"), GURL("https://example.com"),
|
||||
url::Origin::Create(GURL("https://example.com"))));
|
||||
|
||||
@ -593,7 +593,7 @@ TEST_P(RestrictedCookieManagerTest, SetCanonicalCookieHttpOnly) {
|
||||
"new-name", "new-value", "example.com", "/", base::Time(),
|
||||
base::Time(), base::Time(), /* secure = */ true,
|
||||
/* httponly = */ true, net::CookieSameSite::NO_RESTRICTION,
|
||||
net::COOKIE_PRIORITY_DEFAULT),
|
||||
net::COOKIE_PRIORITY_DEFAULT, /* same_party = */ false),
|
||||
GURL("https://example.com/test/"), GURL("https://example.com"),
|
||||
url::Origin::Create(GURL("https://example.com"))));
|
||||
|
||||
@ -640,7 +640,7 @@ TEST_P(RestrictedCookieManagerTest, SetCanonicalCookieFromWrongOrigin) {
|
||||
"new-name", "new-value", "not-example.com", "/", base::Time(),
|
||||
base::Time(), base::Time(), /* secure = */ true,
|
||||
/* httponly = */ false, net::CookieSameSite::NO_RESTRICTION,
|
||||
net::COOKIE_PRIORITY_DEFAULT),
|
||||
net::COOKIE_PRIORITY_DEFAULT, /* same_party = */ false),
|
||||
GURL("https://not-example.com/test/"), GURL("https://example.com"),
|
||||
url::Origin::Create(GURL("https://example.com"))));
|
||||
ASSERT_TRUE(received_bad_message());
|
||||
@ -657,7 +657,7 @@ TEST_P(RestrictedCookieManagerTest, SetCanonicalCookieFromOpaqueOrigin) {
|
||||
"new-name", "new-value", "not-example.com", "/", base::Time(),
|
||||
base::Time(), base::Time(), /* secure = */ true,
|
||||
/* httponly = */ false, net::CookieSameSite::NO_RESTRICTION,
|
||||
net::COOKIE_PRIORITY_DEFAULT),
|
||||
net::COOKIE_PRIORITY_DEFAULT, /* same_party = */ false),
|
||||
GURL("https://example.com/test/"), GURL("https://example.com"),
|
||||
url::Origin::Create(GURL("https://example.com"))));
|
||||
ASSERT_TRUE(received_bad_message());
|
||||
@ -670,7 +670,7 @@ TEST_P(RestrictedCookieManagerTest, SetCanonicalCookieWithMismatchingDomain) {
|
||||
"new-name", "new-value", "not-example.com", "/", base::Time(),
|
||||
base::Time(), base::Time(), /* secure = */ true,
|
||||
/* httponly = */ false, net::CookieSameSite::NO_RESTRICTION,
|
||||
net::COOKIE_PRIORITY_DEFAULT),
|
||||
net::COOKIE_PRIORITY_DEFAULT, /* same_party = */ false),
|
||||
GURL("https://example.com/test/"), GURL("https://example.com"),
|
||||
url::Origin::Create(GURL("https://example.com"))));
|
||||
ASSERT_TRUE(received_bad_message());
|
||||
@ -832,14 +832,14 @@ TEST_P(RestrictedCookieManagerTest, SameSiteCookiesSpecialScheme) {
|
||||
"strict-cookie", "1", "example.com", "/", base::Time(), base::Time(),
|
||||
base::Time(), /* secure = */ false,
|
||||
/* httponly = */ false, net::CookieSameSite::STRICT_MODE,
|
||||
net::COOKIE_PRIORITY_DEFAULT),
|
||||
net::COOKIE_PRIORITY_DEFAULT, /* same_party = */ false),
|
||||
https_url, chrome_url, https_origin));
|
||||
EXPECT_TRUE(sync_service_->SetCanonicalCookie(
|
||||
net::CanonicalCookie("lax-cookie", "1", "example.com", "/", base::Time(),
|
||||
base::Time(), base::Time(), /* secure = */ false,
|
||||
/* httponly = */ false,
|
||||
net::CookieSameSite::LAX_MODE,
|
||||
net::COOKIE_PRIORITY_DEFAULT),
|
||||
net::CanonicalCookie(
|
||||
"lax-cookie", "1", "example.com", "/", base::Time(), base::Time(),
|
||||
base::Time(), /* secure = */ false,
|
||||
/* httponly = */ false, net::CookieSameSite::LAX_MODE,
|
||||
net::COOKIE_PRIORITY_DEFAULT, /* same_party = */ false),
|
||||
https_url, chrome_url, https_origin));
|
||||
|
||||
auto options = mojom::CookieManagerGetOptions::New();
|
||||
@ -858,14 +858,14 @@ TEST_P(RestrictedCookieManagerTest, SameSiteCookiesSpecialScheme) {
|
||||
"strict-cookie", "2", "example.com", "/", base::Time(), base::Time(),
|
||||
base::Time(), /* secure = */ false,
|
||||
/* httponly = */ false, net::CookieSameSite::STRICT_MODE,
|
||||
net::COOKIE_PRIORITY_DEFAULT),
|
||||
net::COOKIE_PRIORITY_DEFAULT, /* same_party = */ false),
|
||||
http_url, chrome_url, http_origin));
|
||||
EXPECT_FALSE(sync_service_->SetCanonicalCookie(
|
||||
net::CanonicalCookie("lax-cookie", "2", "example.com", "/", base::Time(),
|
||||
base::Time(), base::Time(), /* secure = */ false,
|
||||
/* httponly = */ false,
|
||||
net::CookieSameSite::LAX_MODE,
|
||||
net::COOKIE_PRIORITY_DEFAULT),
|
||||
net::CanonicalCookie(
|
||||
"lax-cookie", "2", "example.com", "/", base::Time(), base::Time(),
|
||||
base::Time(), /* secure = */ false,
|
||||
/* httponly = */ false, net::CookieSameSite::LAX_MODE,
|
||||
net::COOKIE_PRIORITY_DEFAULT, /* same_party = */ false),
|
||||
http_url, chrome_url, http_origin));
|
||||
|
||||
options = mojom::CookieManagerGetOptions::New();
|
||||
@ -885,12 +885,12 @@ TEST_P(RestrictedCookieManagerTest, SameSiteCompatPairWarning_AppliedOnGet) {
|
||||
"name", "value", "example.com", "/", base::Time(), base::Time(),
|
||||
base::Time(), /* secure = */ true,
|
||||
/* httponly = */ false, net::CookieSameSite::NO_RESTRICTION,
|
||||
net::COOKIE_PRIORITY_DEFAULT)));
|
||||
net::COOKIE_PRIORITY_DEFAULT, /* same_party = */ false)));
|
||||
ASSERT_TRUE(EnsureSetCanonicalCookie(net::CanonicalCookie(
|
||||
"name_legacy", "value", "example.com", "/", base::Time(), base::Time(),
|
||||
base::Time(), /* secure = */ true,
|
||||
/* httponly = */ false, net::CookieSameSite::UNSPECIFIED,
|
||||
net::COOKIE_PRIORITY_DEFAULT)));
|
||||
net::COOKIE_PRIORITY_DEFAULT, /* same_party = */ false)));
|
||||
|
||||
// Get cookies from the RestrictedCookieManager in a same-site context (should
|
||||
// not trigger warnings).
|
||||
@ -992,12 +992,12 @@ TEST_P(RestrictedCookieManagerTest, SameSiteCompatPairWarning_HttpOnly) {
|
||||
"name", "value", "example.com", "/", base::Time(), base::Time(),
|
||||
base::Time(), /* secure = */ true,
|
||||
/* httponly = */ true, net::CookieSameSite::NO_RESTRICTION,
|
||||
net::COOKIE_PRIORITY_DEFAULT)));
|
||||
net::COOKIE_PRIORITY_DEFAULT, /* same_party = */ false)));
|
||||
ASSERT_TRUE(EnsureSetCanonicalCookie(net::CanonicalCookie(
|
||||
"name_legacy", "value", "example.com", "/", base::Time(), base::Time(),
|
||||
base::Time(), /* secure = */ true,
|
||||
/* httponly = */ false, net::CookieSameSite::UNSPECIFIED,
|
||||
net::COOKIE_PRIORITY_DEFAULT)));
|
||||
net::COOKIE_PRIORITY_DEFAULT, /* same_party = */ false)));
|
||||
|
||||
// Get cookies from the RestrictedCookieManager in a cross-site context.
|
||||
{
|
||||
|
||||
@ -68,10 +68,10 @@ class SessionCleanupCookieStoreTest : public testing::Test {
|
||||
const std::string& domain,
|
||||
const std::string& path,
|
||||
base::Time creation) {
|
||||
store_->AddCookie(net::CanonicalCookie(name, value, domain, path, creation,
|
||||
creation, base::Time(), false, false,
|
||||
net::CookieSameSite::NO_RESTRICTION,
|
||||
net::COOKIE_PRIORITY_DEFAULT));
|
||||
store_->AddCookie(net::CanonicalCookie(
|
||||
name, value, domain, path, creation, creation, base::Time(), false,
|
||||
false, net::CookieSameSite::NO_RESTRICTION,
|
||||
net::COOKIE_PRIORITY_DEFAULT, false));
|
||||
}
|
||||
|
||||
void DestroyStore() {
|
||||
|
||||
@ -146,11 +146,12 @@ std::unique_ptr<net::CanonicalCookie> ToCanonicalCookie(
|
||||
same_site = net::CookieSameSite::NO_RESTRICTION;
|
||||
}
|
||||
|
||||
// TODO(crbug.com/1144187): Add support for SameParty attribute.
|
||||
return net::CanonicalCookie::CreateSanitizedCookie(
|
||||
cookie_url, name.Utf8(), value.Utf8(), domain.Utf8(), path.Utf8(),
|
||||
base::Time() /*creation*/, expires, base::Time() /*last_access*/,
|
||||
true /*secure*/, false /*http_only*/, same_site,
|
||||
net::CookiePriority::COOKIE_PRIORITY_DEFAULT);
|
||||
net::CookiePriority::COOKIE_PRIORITY_DEFAULT, false /*same_party*/);
|
||||
}
|
||||
|
||||
const KURL DefaultCookieURL(ExecutionContext* execution_context) {
|
||||
|
||||
Reference in New Issue
Block a user