Chromium Code Reviews Chromium Code Reviews
Issue 8462003:
Exempt chrome-extension:// from third-party cookie rules, but not from regular content settings (Closed)
Base URL: svn://svn.chromium.org/chrome/trunk/src| OLD | NEW |
|---|---|
| 1 // Copyright (c) 2011 The Chromium Authors. All rights reserved. | 1 // Copyright (c) 2011 The Chromium Authors. All rights reserved. |
| 2 // Use of this source code is governed by a BSD-style license that can be | 2 // Use of this source code is governed by a BSD-style license that can be |
| 3 // found in the LICENSE file. | 3 // found in the LICENSE file. |
| 4 | 4 |
| 5 #include "chrome/browser/content_settings/cookie_settings.h" | 5 #include "chrome/browser/content_settings/cookie_settings.h" |
| 6 | 6 |
| 7 #include "base/command_line.h" | 7 #include "base/command_line.h" |
| 8 #include "chrome/browser/content_settings/content_settings_utils.h" | 8 #include "chrome/browser/content_settings/content_settings_utils.h" |
| 9 #include "chrome/browser/content_settings/host_content_settings_map.h" | 9 #include "chrome/browser/content_settings/host_content_settings_map.h" |
| 10 #include "chrome/browser/prefs/pref_service.h" | 10 #include "chrome/browser/prefs/pref_service.h" |
| 11 #include "chrome/browser/profiles/profile.h" | 11 #include "chrome/browser/profiles/profile.h" |
| 12 #include "chrome/browser/profiles/profile_dependency_manager.h" | 12 #include "chrome/browser/profiles/profile_dependency_manager.h" |
| 13 #include "chrome/browser/profiles/profile_keyed_service.h" | 13 #include "chrome/browser/profiles/profile_keyed_service.h" |
| 14 #include "chrome/common/chrome_notification_types.h" | 14 #include "chrome/common/chrome_notification_types.h" |
| 15 #include "chrome/common/chrome_switches.h" | 15 #include "chrome/common/chrome_switches.h" |
| 16 #include "chrome/common/content_settings_pattern.h" | 16 #include "chrome/common/content_settings_pattern.h" |
| 17 #include "chrome/common/pref_names.h" | 17 #include "chrome/common/pref_names.h" |
| 18 #include "chrome/common/url_constants.h" | |
| 18 #include "content/browser/user_metrics.h" | 19 #include "content/browser/user_metrics.h" |
| 19 #include "content/public/browser/browser_thread.h" | 20 #include "content/public/browser/browser_thread.h" |
| 20 #include "content/public/browser/notification_service.h" | 21 #include "content/public/browser/notification_service.h" |
| 21 #include "content/public/browser/notification_source.h" | 22 #include "content/public/browser/notification_source.h" |
| 22 #include "googleurl/src/gurl.h" | 23 #include "googleurl/src/gurl.h" |
| 23 #include "net/base/net_errors.h" | 24 #include "net/base/net_errors.h" |
| 24 #include "net/base/static_cookie_policy.h" | 25 #include "net/base/static_cookie_policy.h" |
| 25 | 26 |
| 26 using content::BrowserThread; | 27 using content::BrowserThread; |
| 27 | 28 |
| 28 namespace { | 29 namespace { |
| 29 | 30 |
| 30 bool IsValidSetting(ContentSetting setting) { | 31 bool IsValidSetting(ContentSetting setting) { |
| 31 return (setting == CONTENT_SETTING_ALLOW || | 32 return (setting == CONTENT_SETTING_ALLOW || |
| 32 setting == CONTENT_SETTING_SESSION_ONLY || | 33 setting == CONTENT_SETTING_SESSION_ONLY || |
| 33 setting == CONTENT_SETTING_BLOCK); | 34 setting == CONTENT_SETTING_BLOCK); |
| 34 } | 35 } |
| 35 | 36 |
| 36 bool IsAllowed(ContentSetting setting) { | 37 bool IsAllowed(ContentSetting setting) { |
| 37 DCHECK(IsValidSetting(setting)); | 38 DCHECK(IsValidSetting(setting)); |
| 38 return (setting == CONTENT_SETTING_ALLOW || | 39 return (setting == CONTENT_SETTING_ALLOW || |
| 39 setting == CONTENT_SETTING_SESSION_ONLY); | 40 setting == CONTENT_SETTING_SESSION_ONLY); |
| 40 } | 41 } |
| 41 | 42 |
| 43 // Keep the list of schemes in sync with | |
| 44 // HostContentSettingsMap::ShouldAllowAllContent. | |
|
Bernhard Bauer
2011/11/04 10:00:55
Couldn't we create a single method for this?
jochen (gone - plz use gerrit)
2011/11/04 10:59:09
Done.
| |
| 45 bool ShouldAllowAllContent( | |
|
Bernhard Bauer
2011/11/04 10:00:55
Nit: I think the first parameter fits on this line
| |
| 46 const GURL& url, | |
| 47 const GURL& first_party_url) { | |
| 48 return url.SchemeIs(chrome::kChromeDevToolsScheme) || | |
| 49 url.SchemeIs(chrome::kChromeInternalScheme) || | |
| 50 url.SchemeIs(chrome::kChromeUIScheme) || | |
| 51 (url.SchemeIs(chrome::kExtensionScheme) && | |
| 52 first_party_url.SchemeIs(chrome::kExtensionScheme)); | |
| 53 } | |
| 54 | |
| 42 } // namespace | 55 } // namespace |
| 43 | 56 |
| 44 // |ProfileKeyedFactory| is the owner of the |ProfileKeyedService|s. This | 57 // |ProfileKeyedFactory| is the owner of the |ProfileKeyedService|s. This |
| 45 // wrapper class allows others to hold shared pointers to CookieSettings. | 58 // wrapper class allows others to hold shared pointers to CookieSettings. |
| 46 class CookieSettingsWrapper : public ProfileKeyedService { | 59 class CookieSettingsWrapper : public ProfileKeyedService { |
| 47 public: | 60 public: |
| 48 explicit CookieSettingsWrapper(scoped_refptr<CookieSettings> cookie_settings) | 61 explicit CookieSettingsWrapper(scoped_refptr<CookieSettings> cookie_settings) |
| 49 : cookie_settings_(cookie_settings) {} | 62 : cookie_settings_(cookie_settings) {} |
| 50 virtual ~CookieSettingsWrapper() {} | 63 virtual ~CookieSettingsWrapper() {} |
| 51 | 64 |
| (...skipping 141 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... | |
| 193 | 206 |
| 194 void CookieSettings::ShutdownOnUIThread() { | 207 void CookieSettings::ShutdownOnUIThread() { |
| 195 DCHECK(BrowserThread::CurrentlyOn(BrowserThread::UI)); | 208 DCHECK(BrowserThread::CurrentlyOn(BrowserThread::UI)); |
| 196 pref_change_registrar_.RemoveAll(); | 209 pref_change_registrar_.RemoveAll(); |
| 197 } | 210 } |
| 198 | 211 |
| 199 ContentSetting CookieSettings::GetCookieSetting( | 212 ContentSetting CookieSettings::GetCookieSetting( |
| 200 const GURL& url, | 213 const GURL& url, |
| 201 const GURL& first_party_url, | 214 const GURL& first_party_url, |
| 202 bool setting_cookie) const { | 215 bool setting_cookie) const { |
| 203 if (HostContentSettingsMap::ShouldAllowAllContent( | 216 if (ShouldAllowAllContent(url, first_party_url)) |
| 204 first_party_url, | |
| 205 CONTENT_SETTINGS_TYPE_COOKIES)) { | |
| 206 return CONTENT_SETTING_ALLOW; | 217 return CONTENT_SETTING_ALLOW; |
| 207 } | |
| 208 | 218 |
| 209 ContentSettingsPattern primary_pattern; | 219 ContentSettingsPattern primary_pattern; |
| 210 ContentSettingsPattern secondary_pattern; | 220 ContentSettingsPattern secondary_pattern; |
| 211 // First get any host-specific settings. | 221 // First get any host-specific settings. |
| 212 scoped_ptr<base::Value> value( | 222 scoped_ptr<base::Value> value( |
| 213 host_content_settings_map_->GetContentSettingValue( | 223 host_content_settings_map_->GetContentSettingValue( |
| 214 url, first_party_url, CONTENT_SETTINGS_TYPE_COOKIES, "", | 224 url, first_party_url, CONTENT_SETTINGS_TYPE_COOKIES, "", |
| 215 &primary_pattern, &secondary_pattern)); | 225 &primary_pattern, &secondary_pattern)); |
| 216 | 226 |
| 217 // If no explicit exception has been made and third-party cookies are blocked | 227 // If no explicit exception has been made and third-party cookies are blocked |
| 218 // by default, apply that rule. | 228 // by default, apply that rule. |
| 219 if (primary_pattern == ContentSettingsPattern::Wildcard() && | 229 if (primary_pattern == ContentSettingsPattern::Wildcard() && |
| 220 secondary_pattern == ContentSettingsPattern::Wildcard() && | 230 secondary_pattern == ContentSettingsPattern::Wildcard() && |
| 221 ShouldBlockThirdPartyCookies()) { | 231 ShouldBlockThirdPartyCookies() && |
| 232 !first_party_url.SchemeIs(chrome::kExtensionScheme)) { | |
| 222 bool strict = CommandLine::ForCurrentProcess()->HasSwitch( | 233 bool strict = CommandLine::ForCurrentProcess()->HasSwitch( |
| 223 switches::kBlockReadingThirdPartyCookies); | 234 switches::kBlockReadingThirdPartyCookies); |
| 224 net::StaticCookiePolicy policy(strict ? | 235 net::StaticCookiePolicy policy(strict ? |
| 225 net::StaticCookiePolicy::BLOCK_ALL_THIRD_PARTY_COOKIES : | 236 net::StaticCookiePolicy::BLOCK_ALL_THIRD_PARTY_COOKIES : |
| 226 net::StaticCookiePolicy::BLOCK_SETTING_THIRD_PARTY_COOKIES); | 237 net::StaticCookiePolicy::BLOCK_SETTING_THIRD_PARTY_COOKIES); |
| 227 int rv; | 238 int rv; |
| 228 if (setting_cookie) | 239 if (setting_cookie) |
| 229 rv = policy.CanSetCookie(url, first_party_url); | 240 rv = policy.CanSetCookie(url, first_party_url); |
| 230 else | 241 else |
| 231 rv = policy.CanGetCookies(url, first_party_url); | 242 rv = policy.CanGetCookies(url, first_party_url); |
| (...skipping 11 matching lines...) Expand all Loading... | |
| 243 void CookieSettings::RegisterUserPrefs(PrefService* prefs) { | 254 void CookieSettings::RegisterUserPrefs(PrefService* prefs) { |
| 244 prefs->RegisterBooleanPref(prefs::kBlockThirdPartyCookies, | 255 prefs->RegisterBooleanPref(prefs::kBlockThirdPartyCookies, |
| 245 false, | 256 false, |
| 246 PrefService::SYNCABLE_PREF); | 257 PrefService::SYNCABLE_PREF); |
| 247 } | 258 } |
| 248 | 259 |
| 249 bool CookieSettings::ShouldBlockThirdPartyCookies() const { | 260 bool CookieSettings::ShouldBlockThirdPartyCookies() const { |
| 250 base::AutoLock auto_lock(lock_); | 261 base::AutoLock auto_lock(lock_); |
| 251 return block_third_party_cookies_; | 262 return block_third_party_cookies_; |
| 252 } | 263 } |
| OLD | NEW |
