Implement $Secure- cookie prefix

net/cookies/cookie_monster_unittest.cc

Index: net/cookies/cookie_monster_unittest.cc
diff --git a/net/cookies/cookie_monster_unittest.cc b/net/cookies/cookie_monster_unittest.cc
index c4df76558d7ccde4f6d40add0a4cbfca65bdbc51..1c77fbd8b6ce9f8fc5f5a436034597feeda70a84 100644
--- a/net/cookies/cookie_monster_unittest.cc
+++ b/net/cookies/cookie_monster_unittest.cc
@@ -101,6 +101,7 @@ struct CookieMonsterTestTraits {
   static const bool filters_schemes = true;
   static const bool has_path_prefix_bug = false;
   static const int creation_time_granularity_in_ms = 0;
+  static const bool enforces_prefixes = true;
 };
 
 INSTANTIATE_TYPED_TEST_CASE_P(CookieMonster,
@@ -161,7 +162,7 @@ class CookieMonsterTest : public CookieStoreTest<CookieMonsterTestTraits> {
     ResultSavingCookieCallback<bool> callback;
     cm->SetCookieWithDetailsAsync(
         url, name, value, domain, path, expiration_time, secure, http_only,
-        first_party_only, priority,
+        first_party_only, false /* enforce prefixes */, priority,
         base::Bind(&ResultSavingCookieCallback<bool>::Run,
                    base::Unretained(&callback)));
     RunFor(kTimeout);
@@ -667,8 +668,8 @@ ACTION_P4(DeleteAllCreatedBetweenAction,
 ACTION_P3(SetCookieWithDetailsAction, cookie_monster, cc, callback) {
   cookie_monster->SetCookieWithDetailsAsync(
       cc.url, cc.name, cc.value, cc.domain, cc.path, cc.expiration_time,
-      cc.secure, cc.http_only, cc.first_party_only, cc.priority,
-      callback->AsCallback());
+      cc.secure, cc.http_only, cc.first_party_only,
+      false /* enforce prefixes */, cc.priority, callback->AsCallback());
 }
 
 ACTION_P2(GetAllCookiesAction, cookie_monster, callback) {
@@ -2426,7 +2427,7 @@ class MultiThreadedCookieMonsterTest : public CookieMonsterTest {
     CookiePriority priority = COOKIE_PRIORITY_DEFAULT;
     cm->SetCookieWithDetailsAsync(
         url, name, value, domain, path, expiration_time, secure, http_only,
-        first_party_only, priority,
+        first_party_only, false /* enforce prefixes */, priority,
         base::Bind(&ResultSavingCookieCallback<bool>::Run,
                    base::Unretained(callback)));
   }
@@ -2901,6 +2902,25 @@ TEST_F(CookieMonsterTest, CookieSourceHistogram) {
       CookieMonster::COOKIE_SOURCE_NONSECURE_COOKIE_NONCRYPTOGRAPHIC_SCHEME, 1);
 }
 
+TEST_F(CookieMonsterTest, SecureCookiePrefix) {
+  scoped_refptr<CookieMonster> cm(new CookieMonster(NULL, NULL));
+  // A $Secure- cookie must be Secure.
+  EXPECT_FALSE(SetCookie(cm.get(), url_google_secure_, "$Secure-A=B"));
+  EXPECT_FALSE(
+      SetCookie(cm.get(), url_google_secure_, "$Secure-A=B; httponly"));
+
+  // A typoed prefix does not have to be Secure.
+  EXPECT_TRUE(SetCookie(cm.get(), url_google_secure_, "$secure-A=B; Secure"));
+  EXPECT_TRUE(SetCookie(cm.get(), url_google_secure_, "$secure-A=C;"));
+  EXPECT_TRUE(SetCookie(cm.get(), url_google_secure_, "$SecureA=B; Secure"));
+  EXPECT_TRUE(SetCookie(cm.get(), url_google_secure_, "$SecureA=C;"));
+
+  EXPECT_TRUE(SetCookie(cm.get(), url_google_secure_, "$Secure-A=B; Secure"));
+
+  // A $Secure- cookie can't be set on a non-secure origin.
+  EXPECT_FALSE(SetCookie(cm.get(), url_google_, "$Secure-A=B; Secure"));
+}
+
 class CookieMonsterNotificationTest : public CookieMonsterTest {
  public:
   CookieMonsterNotificationTest()