Revert 110099 - Creation of cookie_utils.

net/base/cookie_monster.cc

 // Copyright (c) 2011 The Chromium Authors. All rights reserved.
 // Use of this source code is governed by a BSD-style license that can be
 // found in the LICENSE file.
 
 // Portions of this code based on Mozilla:
 //   (netwerk/cookie/src/nsCookieService.cpp)
 /* ***** BEGIN LICENSE BLOCK *****
  * Version: MPL 1.1/GPL 2.0/LGPL 2.1
  *
  * The contents of this file are subject to the Mozilla Public License Version
@@ skipping 43 matching lines @@
 #include "base/logging.h"
 #include "base/memory/scoped_ptr.h"
 #include "base/message_loop.h"
 #include "base/message_loop_proxy.h"
 #include "base/metrics/histogram.h"
 #include "base/string_tokenizer.h"
 #include "base/string_util.h"
 #include "base/stringprintf.h"
 #include "googleurl/src/gurl.h"
 #include "googleurl/src/url_canon.h"
-#include "net/base/cookie_utils.h"
+#include "net/base/net_util.h"
 #include "net/base/registry_controlled_domain.h"
 
 using base::Time;
 using base::TimeDelta;
 using base::TimeTicks;
 
 // In steady state, most cookie requests can be satisfied by the in memory
 // cookie monster store.  However, if a request comes in during the initial
 // cookie load, it must be delayed until that load completes. That is done by
 // queueing it on CookieMonster::queue_ and running it when notification of
@@ skipping 106 matching lines @@
       return diff < 0;
 
     return path.compare(cs.path) < 0;
   }
 
   std::string name;
   std::string domain;
   std::string path;
 };
 
+// Returns the effective TLD+1 for a given host. This only makes sense for http
+// and https schemes. For other schemes, the host will be returned unchanged
+// (minus any leading period).
+std::string GetEffectiveDomain(const std::string& scheme,
+                               const std::string& host) {
+  if (scheme == "http" || scheme == "https")
+    return RegistryControlledDomainService::GetDomainAndRegistry(host);
+
+  if (!CookieMonster::DomainIsHostOnly(host))
+    return host.substr(1);
+  return host;
+}
+
+// Determine the actual cookie domain based on the domain string passed
+// (if any) and the URL from which the cookie came.
+// On success returns true, and sets cookie_domain to either a
+//   -host cookie domain (ex: "google.com")
+//   -domain cookie domain (ex: ".google.com")
+bool GetCookieDomainWithString(const GURL& url,
+                               const std::string& domain_string,
+                               std::string* result) {
+  const std::string url_host(url.host());
+
+  // If no domain was specified in the domain string, default to a host cookie.
+  // We match IE/Firefox in allowing a domain=IPADDR if it matches the url
+  // ip address hostname exactly.  It should be treated as a host cookie.
+  if (domain_string.empty() ||
+      (url.HostIsIPAddress() && url_host == domain_string)) {
+    *result = url_host;
+    DCHECK(CookieMonster::DomainIsHostOnly(*result));
+    return true;
+  }
+
+  // Get the normalized domain specified in cookie line.
+  url_canon::CanonHostInfo ignored;
+  std::string cookie_domain(CanonicalizeHost(domain_string, &ignored));
+  if (cookie_domain.empty())
+    return false;
+  if (cookie_domain[0] != '.')
+    cookie_domain = "." + cookie_domain;
+
+  // Ensure |url| and |cookie_domain| have the same domain+registry.
+  const std::string url_scheme(url.scheme());
+  const std::string url_domain_and_registry(
+      GetEffectiveDomain(url_scheme, url_host));
+  if (url_domain_and_registry.empty())
+    return false;  // IP addresses/intranet hosts can't set domain cookies.
+  const std::string cookie_domain_and_registry(
+      GetEffectiveDomain(url_scheme, cookie_domain));
+  if (url_domain_and_registry != cookie_domain_and_registry)
+    return false;  // Can't set a cookie on a different domain + registry.
+
+  // Ensure |url_host| is |cookie_domain| or one of its subdomains.  Given that
+  // we know the domain+registry are the same from the above checks, this is
+  // basically a simple string suffix check.
+  if ((url_host.length() < cookie_domain.length()) ?
+      (cookie_domain != ("." + url_host)) :
+      url_host.compare(url_host.length() - cookie_domain.length(),
+                       cookie_domain.length(), cookie_domain))
+    return false;
+
+  *result = cookie_domain;
+  return true;
+}
+
 // Determine the cookie domain to use for setting the specified cookie.
 bool GetCookieDomain(const GURL& url,
                      const CookieMonster::ParsedCookie& pc,
                      std::string* result) {
   std::string domain_string;
   if (pc.HasDomain())
     domain_string = pc.Domain();
-  return cookie_utils::GetCookieDomainWithString(url, domain_string, result);
+  return GetCookieDomainWithString(url, domain_string, result);
 }
 
 std::string CanonPathWithString(const GURL& url,
                                 const std::string& path_string) {
   // The RFC says the path should be a prefix of the current URL path.
   // However, Mozilla allows you to set any path for compatibility with
   // broken websites.  We unfortunately will mimic this behavior.  We try
   // to be generous and accept cookies with an invalid path attribute, and
   // default the path to something reasonable.
 
@@ skipping 293 matching lines @@
     return Time::FromUTCExploded(exploded);
   }
 
   // One of our values was out of expected range.  For well-formed input,
   // the following check would be reasonable:
   // NOTREACHED() << "Cookie exploded expiration failed: " << time_string;
 
   return Time();
 }
 
+bool CookieMonster::DomainIsHostOnly(const std::string& domain_string) {
+  return (domain_string.empty() || domain_string[0] != '.');
+}
+
 // Task classes for queueing the coming request.
 
 class CookieMonster::CookieMonsterTask
     : public base::RefCountedThreadSafe<CookieMonsterTask> {
  public:
   // Runs the task and invokes the client callback on the thread that
   // originally constructed the task.
   virtual void Run() = 0;
 
  protected:
@@ skipping 530 matching lines @@
 void CookieMonster::DoCookieTaskForURL(
     const scoped_refptr<CookieMonsterTask>& task_item,
     const GURL& url) {
   {
     base::AutoLock autolock(lock_);
     InitIfNecessary();
     // If cookies for the requested domain key (eTLD+1) have been loaded from DB
     // then run the task, otherwise load from DB.
     if (!loaded_) {
       // Checks if the domain key has been loaded.
-      std::string key(cookie_utils::GetEffectiveDomain(url.scheme(),
-                                                       url.host()));
+      std::string key(GetEffectiveDomain(url.scheme(), url.host()));
       if (keys_loaded_.find(key) == keys_loaded_.end()) {
         std::map<std::string, std::deque<scoped_refptr<CookieMonsterTask> > >
           ::iterator it = tasks_queued_.find(key);
         if (it == tasks_queued_.end()) {
           store_->LoadCookiesForKey(key,
             base::Bind(&CookieMonster::OnKeyLoaded, this, key));
           it = tasks_queued_.insert(std::make_pair(key,
             std::deque<scoped_refptr<CookieMonsterTask> >())).first;
         }
         it->second.push_back(task_item);
@@ skipping 585 matching lines @@
   } else {
     // Need to probe for all domains that might have relevant
     // cookies for us.
 
     // Query for the full host, For example: 'a.c.blah.com'.
     std::string key(GetKey(url.host()));
     FindCookiesForKey(key, url, options, current_time, update_access_time,
                       cookies);
 
     // See if we can search for domain cookies, i.e. if the host has a TLD + 1.
-    const std::string domain(cookie_utils::GetEffectiveDomain(url.scheme(),
-                                                              key));
+    const std::string domain(GetEffectiveDomain(url.scheme(), key));
     if (domain.empty())
       return;
     DCHECK_LE(domain.length(), key.length());
     DCHECK_EQ(0, key.compare(key.length() - domain.length(), domain.length(),
                              domain));
 
     // Walk through the string and query at the dot points (GURL should have
     // canonicalized the dots, so this should be safe).  Stop once we reach the
     // domain + registry; we can't write cookies past this point, and with some
     // registrars other domains can, in which case we don't want to read their
@@ skipping 888 matching lines @@
   else
     SetSessionCookieExpiryTime();
 
   // Do the best we can with the domain.
   std::string cookie_domain;
   std::string domain_string;
   if (pc.HasDomain()) {
     domain_string = pc.Domain();
   }
   bool result
-      = cookie_utils::GetCookieDomainWithString(url, domain_string,
-                                                &cookie_domain);
+      = GetCookieDomainWithString(url, domain_string,
+                                  &cookie_domain);
   // Caller is responsible for passing in good arguments.
   DCHECK(result);
   domain_ = cookie_domain;
 }
 
 CookieMonster::CanonicalCookie::~CanonicalCookie() {
 }
 
 std::string CookieMonster::CanonicalCookie::GetCookieSourceFromURL(
     const GURL& url) {
@@ skipping 62 matching lines @@
   if (parsed_name != name)
     return NULL;
   std::string parsed_value = ParsedCookie::ParseValueString(value);
   if (parsed_value != value)
     return NULL;
 
   std::string parsed_domain = ParsedCookie::ParseValueString(domain);
   if (parsed_domain != domain)
     return NULL;
   std::string cookie_domain;
-  if (!cookie_utils::GetCookieDomainWithString(url, parsed_domain,
-                                               &cookie_domain)) {
+  if (!GetCookieDomainWithString(url, parsed_domain, &cookie_domain))
     return NULL;
-  }
 
   std::string parsed_path = ParsedCookie::ParseValueString(path);
   if (parsed_path != path)
     return NULL;
 
   std::string cookie_path = CanonPathWithString(url, parsed_path);
   // Expect that the path was either not specified (empty), or is valid.
   if (!parsed_path.empty() && cookie_path != parsed_path)
     return NULL;
   // Canonicalize path again to make sure it escapes characters as needed.
@@ skipping 85 matching lines @@
 std::string CookieMonster::CanonicalCookie::DebugString() const {
   return base::StringPrintf(
       "name: %s value: %s domain: %s path: %s creation: %"
       PRId64,
       name_.c_str(), value_.c_str(),
       domain_.c_str(), path_.c_str(),
       static_cast<int64>(creation_date_.ToTimeT()));
 }
 
 }  // namespace