Implement $Secure- cookie prefix

net/cookies/cookie_monster_unittest.cc

 // Copyright (c) 2012 The Chromium Authors. All rights reserved.
 // Use of this source code is governed by a BSD-style license that can be
 // found in the LICENSE file.
 
 #include "net/cookies/cookie_store_unittest.h"
 
 #include <algorithm>
 #include <string>
 #include <vector>
 
@@ skipping 83 matching lines @@
     return new CookieMonster(NULL, NULL);
   }
 
   static const bool is_cookie_monster = true;
   static const bool supports_http_only = true;
   static const bool supports_non_dotted_domains = true;
   static const bool preserves_trailing_dots = true;
   static const bool filters_schemes = true;
   static const bool has_path_prefix_bug = false;
   static const int creation_time_granularity_in_ms = 0;
+  static const bool enforces_prefixes = true;
 };
 
 INSTANTIATE_TYPED_TEST_CASE_P(CookieMonster,
                               CookieStoreTest,
                               CookieMonsterTestTraits);
 
 INSTANTIATE_TYPED_TEST_CASE_P(CookieMonster,
                               MultiThreadedCookieStoreTest,
                               CookieMonsterTestTraits);
 
@@ skipping 40 matching lines @@
                             const std::string& path,
                             const base::Time& expiration_time,
                             bool secure,
                             bool http_only,
                             bool first_party_only,
                             CookiePriority priority) {
     DCHECK(cm);
     ResultSavingCookieCallback<bool> callback;
     cm->SetCookieWithDetailsAsync(
         url, name, value, domain, path, expiration_time, secure, http_only,
-        first_party_only, priority,
+        first_party_only, false /* enforce prefixes */, priority,
         base::Bind(&ResultSavingCookieCallback<bool>::Run,
                    base::Unretained(&callback)));
     RunFor(kTimeout);
     EXPECT_TRUE(callback.did_run());
     return callback.result();
   }
 
   bool SetAllCookies(CookieMonster* cm, const CookieList& list) {
     DCHECK(cm);
     ResultSavingCookieCallback<bool> callback;
@@ skipping 485 matching lines @@
           cookie_monster,
           delete_begin,
           delete_end,
           callback) {
   cookie_monster->DeleteAllCreatedBetweenAsync(delete_begin, delete_end,
                                                callback->AsCallback());
 }
 ACTION_P3(SetCookieWithDetailsAction, cookie_monster, cc, callback) {
   cookie_monster->SetCookieWithDetailsAsync(
       cc.url, cc.name, cc.value, cc.domain, cc.path, cc.expiration_time,
-      cc.secure, cc.http_only, cc.first_party_only, cc.priority,
-      callback->AsCallback());
+      cc.secure, cc.http_only, cc.first_party_only,
+      false /* enforce prefixes */, cc.priority, callback->AsCallback());
 }
 
 ACTION_P2(GetAllCookiesAction, cookie_monster, callback) {
   cookie_monster->GetAllCookiesAsync(callback->AsCallback());
 }
 
 ACTION_P3(DeleteAllForHostAction, cookie_monster, url, callback) {
   cookie_monster->DeleteAllForHostAsync(url, callback->AsCallback());
 }
 
@@ skipping 1737 matching lines @@
     std::string value = "B";
     std::string domain = std::string();
     std::string path = "/foo";
     base::Time expiration_time = base::Time();
     bool secure = false;
     bool http_only = false;
     bool first_party_only = false;
     CookiePriority priority = COOKIE_PRIORITY_DEFAULT;
     cm->SetCookieWithDetailsAsync(
         url, name, value, domain, path, expiration_time, secure, http_only,
-        first_party_only, priority,
+        first_party_only, false /* enforce prefixes */, priority,
         base::Bind(&ResultSavingCookieCallback<bool>::Run,
                    base::Unretained(callback)));
   }
 
   void DeleteAllCreatedBetweenTask(CookieMonster* cm,
                                    const base::Time& delete_begin,
                                    const base::Time& delete_end,
                                    ResultSavingCookieCallback<int>* callback) {
     cm->DeleteAllCreatedBetweenAsync(
         delete_begin, delete_end,
@@ skipping 454 matching lines @@
   histograms.ExpectTotalCount(cookie_source_histogram, 5);
 
   // Set a non-Secure cookie on a non-cryptographic scheme.
   EXPECT_TRUE(SetCookie(cm.get(), url_google_, "H=I; path=/"));
   histograms.ExpectTotalCount(cookie_source_histogram, 6);
   histograms.ExpectBucketCount(
       cookie_source_histogram,
       CookieMonster::COOKIE_SOURCE_NONSECURE_COOKIE_NONCRYPTOGRAPHIC_SCHEME, 1);
 }
 
+TEST_F(CookieMonsterTest, SecureCookiePrefix) {
+  scoped_refptr<CookieMonster> cm(new CookieMonster(NULL, NULL));
+  // A $Secure- cookie must be Secure.
+  EXPECT_FALSE(SetCookie(cm.get(), url_google_, "$Secure-A=B"));
+  EXPECT_FALSE(SetCookie(cm.get(), url_google_, "$Secure-A=B; httponly"));
+
+  // A typoed prefix does not have to be Secure.
+  EXPECT_TRUE(SetCookie(cm.get(), url_google_, "$secure-A=B; Secure"));
+  EXPECT_TRUE(SetCookie(cm.get(), url_google_, "$secure-A=C;"));
+  EXPECT_TRUE(SetCookie(cm.get(), url_google_, "$SecureA=B; Secure"));
+  EXPECT_TRUE(SetCookie(cm.get(), url_google_, "$SecureA=C;"));
+
+  EXPECT_TRUE(SetCookie(cm.get(), url_google_, "$Secure-A=B; Secure"));
+}
+
 class CookieMonsterNotificationTest : public CookieMonsterTest {
  public:
   CookieMonsterNotificationTest()
       : test_url_("http://www.google.com/foo"),
         store_(new MockPersistentCookieStore),
         monster_(new CookieMonster(store_.get(), NULL)) {}
 
   ~CookieMonsterNotificationTest() override {}
 
   CookieMonster* monster() { return monster_.get(); }
@@ skipping 137 matching lines @@
       monster()->AddCallbackForCookie(
           test_url_, "abc",
           base::Bind(&RecordCookieChanges, &cookies1, nullptr)));
   SetCookie(monster(), test_url_, "abc=def");
   base::MessageLoop::current()->RunUntilIdle();
   EXPECT_EQ(1U, cookies0.size());
   EXPECT_EQ(1U, cookies0.size());
 }
 
 }  // namespace net