Adding CookieSettings for storing cookie content settings.

chrome/browser/content_settings/cookie_settings.h

+// Copyright (c) 2011 The Chromium Authors. All rights reserved.
+// Use of this source code is governed by a BSD-style license that can be
+// found in the LICENSE file.
+
+// Maps hostnames to cookie settings. Written on the UI thread and read on any

[Bernhard Bauer, 2011/10/25 13:11:21]

Nit: If this is a class-level comment, you should merge it with the one below.

[marja, 2011/10/26 13:03:21]

Done.

+// thread. One instance per profile.
+
+#ifndef CHROME_BROWSER_CONTENT_SETTINGS_COOKIE_SETTINGS_H_
+#define CHROME_BROWSER_CONTENT_SETTINGS_COOKIE_SETTINGS_H_
+#pragma once
+
+#include <string>
+
+#include "base/compiler_specific.h"
+#include "base/memory/ref_counted.h"
+#include "base/synchronization/lock.h"
+#include "chrome/browser/content_settings/host_content_settings_map.h"
+#include "chrome/browser/prefs/pref_change_registrar.h"
+#include "chrome/common/content_settings.h"
+#include "content/public/browser/notification_observer.h"
+
+class ContentSettingsPattern;
+class GURL;
+class PrefService;
+class Profile;
+
+// A frontend to the cookie settings of |HostContentSettingsMap|. Handles
+// cookie-specific logic such as blocking third-party cookies.
+class CookieSettings
+    : public content::NotificationObserver,
+      public base::RefCountedThreadSafe<CookieSettings> {
+ public:
+  CookieSettings(
+      HostContentSettingsMap* host_content_settings_map,
+      PrefService* prefs);
+
+  virtual ~CookieSettings();
+
+  // Returns the |CookieSettings| associated with the |profile|.
+  //
+  // This should only be called on the UI thread.
+  static CookieSettings* GetForProfile(Profile* profile);
+
+  // Returns the default content setting (CONTENT_SETTING_ALLOW,
+  // CONTENT_SETTING_BLOCK, or CONTENT_SETTING_SESSION_ONLY) for cookies. If
+  // |provider_id| is not NULL, the id of the provider which provided the
+  // default setting is assigned to it.
+  //
+  // This may be called on any thread.
+  ContentSetting GetDefaultCookieSetting(std::string* provider_id) const;
+
+  // Returns true if the page identified by (|url|, |first_party_url|) is
+  // allowed to read cookies.
+  //
+  // This may be called on any thread.
+  bool IsReadingCookieAllowed(const GURL& url,
+                              const GURL& first_party_url) const;
+
+  // Returns true if the page identified by (|url|, |first_party_url|) is
+  // allowed to set cookies (permanent or session only).
+  //
+  // This may be called on any thread.
+  bool IsSettingCookieAllowed(const GURL& url,
+                              const GURL& first_party_url) const;
+
+  // Returns true if the cookie set by a page identified by |url| should be
+  // session only. Querying this only makes sense if |IsSettingCookieAllowed|
+  // has returned true.
+  //
+  // This may be called on any thread.
+  bool IsCookieSessionOnly(const GURL& url) const;
+
+  // Returns all patterns with a non-default cookie setting, mapped to their
+  // actual settings, in the precedence order of the setting rules. |settings|
+  // must be a non-NULL outparam.
+  //
+  // This may be called on any thread.
+  void GetCookieSettings(
+      HostContentSettingsMap::SettingsForOneType* settings) const;
+
+  // Sets the default content setting (CONTENT_SETTING_ALLOW,
+  // CONTENT_SETTING_BLOCK, or CONTENT_SETTING_SESSION_ONLY) for cookies.
+  //
+  // This should only be called on the UI thread.
+  void SetDefaultCookieSetting(ContentSetting setting);
+
+  // Sets the cookie setting to CONTENT_SETTING_ALLOW, CONTENT_SETTING_BLOCK or
+  // CONTENT_SETTING_SESSION_ONLY for (url, first_party_url) pairs where url

[Bernhard Bauer, 2011/10/25 13:11:21]

|first_party_url| does not exist here. Also, the comment is a bit redundant (see
below).

[marja, 2011/10/26 13:03:21]

Done.

+  // matches |primary_pattern|.
+  //
+  // This should only be called on the UI thread.
+  void SetCookieSetting(const ContentSettingsPattern& primary_pattern,

[Bernhard Bauer, 2011/10/25 13:11:21]

We should not have two methods here.

[marja, 2011/10/26 13:03:21]

Done.

+                        ContentSetting setting);
+
+  // Sets the cookie setting to CONTENT_SETTING_ALLOW or CONTENT_SETTING_BLOCK
+  // for (url, first_party_url) pairs where url matches |primary_pattern| and
+  // first_party_url matches |secondary_pattern|.

[Bernhard Bauer, 2011/10/25 13:11:21]

This comment is a bit redundant (you're describing how patterns work).

[marja, 2011/10/26 13:03:21]

Done.

+  //
+  // This should only be called on the UI thread.
+  void SetCookieSetting(const ContentSettingsPattern& primary_pattern,

[Bernhard Bauer, 2011/10/25 13:11:21]

Who calls this method, BTW?

[marja, 2011/10/26 13:03:21]

Currently nobody was setting cookie settings where the secondary pattern would
be something else than wildcard, but do we want that limitation in
CookieSettings? (I removed the one-parameter version and made
ContentSettingsHandler and CookiesTreeModel call this one.)

[Bernhard Bauer, 2011/10/26 13:24:09]

Yes, this is nicer than having overloaded methods, and one of them not even
called :)

+                        const ContentSettingsPattern& secondary_pattern,
+                        ContentSetting setting);
+
+  // Resets the cookie setting for (url, first_party_url) pairs where url
+  // matches |primary_pattern|.
+  //
+  // This should only be called on the UI thread.
+  void ResetCookieSetting(const ContentSettingsPattern& primary_pattern);

[Bernhard Bauer, 2011/10/25 13:11:21]

We should not have two methods there either.

[marja, 2011/10/26 13:03:21]

Done.

+
+  // Resets the cookie setting for (url, first_party_url) pairs where url
+  // matches |primary_pattern| and first_party_url matches |secondary_pattern|.
+  //
+  // This should only be called on the UI thread.
+  void ResetCookieSetting(const ContentSettingsPattern& primary_pattern,
+                          const ContentSettingsPattern& secondary_pattern);
+
+  // |NotificationObserver| implementation.
+  virtual void Observe(int type,
+                       const content::NotificationSource& source,
+                       const content::NotificationDetails& details) OVERRIDE;
+
+  // Detaches the |CookieSettings| from all |Profile|-related objects like
+  // |PrefService|. This methods needs to be called before destroying the
+  // |Profile|. Afterwards, none of the methods above that should only be called

[Bernhard Bauer, 2011/10/25 13:11:21]

I think we can simplify the comment to "Afterwards, only const methods can be
called".

[marja, 2011/10/26 13:03:21]

Done.

+  // on the UI thread should be called anymore.
+  void ShutdownOnUIThread();
+
+  // A helper for applying third party cookie blocking rules.
+  ContentSetting GetCookieSetting(const GURL& url,
+                                  const GURL& first_party_url,
+                                  bool setting_cookie) const;
+ private:
+  class Factory;
+
+  // This setting trumps any host-specific settings.

[Bernhard Bauer, 2011/10/25 13:11:21]

This comment isn't true anymore.

[marja, 2011/10/26 13:03:21]

Done.

+  //
+  // This method may be called on any thread.
+  bool ShouldBlockThirdPartyCookies() const;
+
+  scoped_refptr<HostContentSettingsMap> host_content_settings_map_;
+  PrefChangeRegistrar pref_change_registrar_;
+
+  // Used around accesses to |block_third_party_cookies_| to guarantee thread
+  // safety.
+  mutable base::Lock lock_;
+
+  bool block_third_party_cookies_;
+};
+
+#endif  // CHROME_BROWSER_CONTENT_SETTINGS_COOKIE_SETTINGS_H_