Chromium Code Reviews
chromiumcodereview-hr@appspot.gserviceaccount.com (chromiumcodereview-hr) | Please choose your nickname with Settings | Help | Chromium Project | Gerrit Changes | Sign out
(387)

Issues Search
    My Issues | Starred     Open | Closed | All

Side by Side Diff: net/cookies/canonical_cookie.cc

Issue 1253353004: WIP: Teach "First-Party-Only" cookies about the requestor origin. Base URL: https://chromium.googlesource.com/chromium/src.git@cookie-options
Patch Set: Created 5 years, 4 months ago
Use n/p to move between diff chunks; N/P to move between comments. Draft comments are only viewable by you.
Jump to:
View unified diff | Download patch
« no previous file with comments | « content/common/resource_messages.h ('k') | net/cookies/canonical_cookie_unittest.cc » ('j') | no next file with comments »
Toggle Intra-line Diffs ('i') | Expand Comments ('e') | Collapse Comments ('c') | Show Comments Hide Comments ('s')
OLDNEW
1 // Copyright (c) 2012 The Chromium Authors. All rights reserved. 1 // Copyright (c) 2012 The Chromium Authors. All rights reserved.
2 // Use of this source code is governed by a BSD-style license that can be 2 // Use of this source code is governed by a BSD-style license that can be
3 // found in the LICENSE file. 3 // found in the LICENSE file.
4 4
5 // Portions of this code based on Mozilla: 5 // Portions of this code based on Mozilla:
6 // (netwerk/cookie/src/nsCookieService.cpp) 6 // (netwerk/cookie/src/nsCookieService.cpp)
7 /* ***** BEGIN LICENSE BLOCK ***** 7 /* ***** BEGIN LICENSE BLOCK *****
8 * Version: MPL 1.1/GPL 2.0/LGPL 2.1 8 * Version: MPL 1.1/GPL 2.0/LGPL 2.1
9 * 9 *
10 * The contents of this file are subject to the Mozilla Public License Version 10 * The contents of this file are subject to the Mozilla Public License Version
(...skipping 33 matching lines...) Expand 10 before | Expand all | Expand 10 after
44 44
45 #include "net/cookies/canonical_cookie.h" 45 #include "net/cookies/canonical_cookie.h"
46 46
47 #include "base/basictypes.h" 47 #include "base/basictypes.h"
48 #include "base/format_macros.h" 48 #include "base/format_macros.h"
49 #include "base/logging.h" 49 #include "base/logging.h"
50 #include "base/strings/stringprintf.h" 50 #include "base/strings/stringprintf.h"
51 #include "net/cookies/cookie_util.h" 51 #include "net/cookies/cookie_util.h"
52 #include "net/cookies/parsed_cookie.h" 52 #include "net/cookies/parsed_cookie.h"
53 #include "url/gurl.h" 53 #include "url/gurl.h"
54 #include "url/origin.h"
54 #include "url/url_canon.h" 55 #include "url/url_canon.h"
55 56
56 using base::Time; 57 using base::Time;
57 using base::TimeDelta; 58 using base::TimeDelta;
58 59
59 namespace net { 60 namespace net {
60 61
61 namespace { 62 namespace {
62 63
63 const int kVlogSetCookies = 7; 64 const int kVlogSetCookies = 7;
(...skipping 333 matching lines...) Expand 10 before | Expand all | Expand 10 after
397 if (IsSecure() && !url.SchemeIsCryptographic()) 398 if (IsSecure() && !url.SchemeIsCryptographic())
398 return false; 399 return false;
399 // Don't include cookies for requests that don't apply to the cookie domain. 400 // Don't include cookies for requests that don't apply to the cookie domain.
400 if (!IsDomainMatch(url.host())) 401 if (!IsDomainMatch(url.host()))
401 return false; 402 return false;
402 // Don't include cookies for requests with a url path that does not path 403 // Don't include cookies for requests with a url path that does not path
403 // match the cookie-path. 404 // match the cookie-path.
404 if (!IsOnPath(url.path())) 405 if (!IsOnPath(url.path()))
405 return false; 406 return false;
406 407
407 // Include first-party-only cookies iff |options| tells us to include all of 408 // Include first-party-only cookies if one of the following is true:
408 // them, or if a first-party URL is set and its origin matches the origin of 409 //
409 // |url|. 410 // 1. |options| tells us to include all of them
410 if (IsFirstPartyOnly() && !options.include_first_party_only() && 411 // 2. A first-party URL is set and its origin matches the origin of |url|,
411 options.first_party_url().GetOrigin() != url.GetOrigin()) { 412 // _and_ that first-party URL is same-origin with the requestor origin.
412 return false; 413 if (IsFirstPartyOnly() && !options.include_first_party_only()) {
414 url::Origin first_party(options.first_party_url());
415 url::Origin request(url);
416 if (!first_party.IsSameOriginWith(request) || !options.requestor_origin().Is SameOriginWith(request)) {
417 return false;
418 }
413 } 419 }
414 420
415 return true; 421 return true;
416 } 422 }
417 423
418 std::string CanonicalCookie::DebugString() const { 424 std::string CanonicalCookie::DebugString() const {
419 return base::StringPrintf( 425 return base::StringPrintf(
420 "name: %s value: %s domain: %s path: %s creation: %" 426 "name: %s value: %s domain: %s path: %s creation: %"
421 PRId64, 427 PRId64,
422 name_.c_str(), value_.c_str(), 428 name_.c_str(), value_.c_str(),
(...skipping 30 matching lines...) Expand all
453 if (IsSecure() != other.IsSecure()) 459 if (IsSecure() != other.IsSecure())
454 return IsSecure(); 460 return IsSecure();
455 461
456 if (IsHttpOnly() != other.IsHttpOnly()) 462 if (IsHttpOnly() != other.IsHttpOnly())
457 return IsHttpOnly(); 463 return IsHttpOnly();
458 464
459 return Priority() < other.Priority(); 465 return Priority() < other.Priority();
460 } 466 }
461 467
462 } // namespace net 468 } // namespace net
OLDNEW
« no previous file with comments | « content/common/resource_messages.h ('k') | net/cookies/canonical_cookie_unittest.cc » ('j') | no next file with comments »

Powered by Google App Engine
This is Rietveld 408576698