OLD | NEW |
---|---|
1 // Copyright (c) 2012 The Chromium Authors. All rights reserved. | 1 // Copyright (c) 2012 The Chromium Authors. All rights reserved. |
2 // Use of this source code is governed by a BSD-style license that can be | 2 // Use of this source code is governed by a BSD-style license that can be |
3 // found in the LICENSE file. | 3 // found in the LICENSE file. |
4 | 4 |
5 #include "net/url_request/url_request_http_job.h" | 5 #include "net/url_request/url_request_http_job.h" |
6 | 6 |
7 #include "base/base_switches.h" | 7 #include "base/base_switches.h" |
8 #include "base/bind.h" | 8 #include "base/bind.h" |
9 #include "base/bind_helpers.h" | 9 #include "base/bind_helpers.h" |
10 #include "base/command_line.h" | 10 #include "base/command_line.h" |
(...skipping 656 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... | |
667 weak_factory_.GetWeakPtr())); | 667 weak_factory_.GetWeakPtr())); |
668 } else { | 668 } else { |
669 DoStartTransaction(); | 669 DoStartTransaction(); |
670 } | 670 } |
671 } | 671 } |
672 | 672 |
673 void URLRequestHttpJob::DoLoadCookies() { | 673 void URLRequestHttpJob::DoLoadCookies() { |
674 CookieOptions options; | 674 CookieOptions options; |
675 options.set_include_httponly(); | 675 options.set_include_httponly(); |
676 | 676 |
677 // TODO(mkwst): Drop this `if` once we decide whether or not to ship | 677 // TODO(mkwst): If first-party-only cookies aren't enabled, pretend the |
678 // first-party cookies: https://crbug.com/459154 | 678 // request is first-party regardless, in order to include all cookies. Drop |
679 if (network_delegate() && | 679 // this check once we decide whether or not we're shipping this feature: |
680 network_delegate()->AreExperimentalCookieFeaturesEnabled()) | 680 // https://crbug.com/459154 |
681 options.set_first_party(url::Origin(request_->first_party_for_cookies())); | 681 url::Origin origin(request_->url()); |
682 else | 682 if (!network_delegate() || |
683 options.set_include_first_party_only(); | 683 !network_delegate()->AreExperimentalCookieFeaturesEnabled()) { |
684 options.set_include_first_party_only_cookies(); | |
685 } else if (origin.IsSameOriginWith( | |
686 url::Origin(request_->first_party_for_cookies())) && | |
687 (request_->IsMethodSafe() || | |
688 origin.IsSameOriginWith(request_->initiator()))) { | |
mmenke
2016/01/12 16:20:58
So for "unsafe" requests without an initiator set,
Mike West
2016/01/13 08:10:22
Well, we can decide how this ought to work. Since
mmenke
2016/01/13 16:30:16
This sounds reasonable.
| |
689 options.set_include_first_party_only_cookies(); | |
690 } | |
684 | 691 |
685 request_->context()->cookie_store()->GetCookiesWithOptionsAsync( | 692 request_->context()->cookie_store()->GetCookiesWithOptionsAsync( |
686 request_->url(), options, base::Bind(&URLRequestHttpJob::OnCookiesLoaded, | 693 request_->url(), options, base::Bind(&URLRequestHttpJob::OnCookiesLoaded, |
687 weak_factory_.GetWeakPtr())); | 694 weak_factory_.GetWeakPtr())); |
688 } | 695 } |
689 | 696 |
690 void URLRequestHttpJob::CheckCookiePolicyAndLoad( | 697 void URLRequestHttpJob::CheckCookiePolicyAndLoad( |
691 const CookieList& cookie_list) { | 698 const CookieList& cookie_list) { |
692 if (CanGetCookies(cookie_list)) | 699 if (CanGetCookies(cookie_list)) |
693 DoLoadCookies(); | 700 DoLoadCookies(); |
(...skipping 916 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... | |
1610 return override_response_headers_.get() ? | 1617 return override_response_headers_.get() ? |
1611 override_response_headers_.get() : | 1618 override_response_headers_.get() : |
1612 transaction_->GetResponseInfo()->headers.get(); | 1619 transaction_->GetResponseInfo()->headers.get(); |
1613 } | 1620 } |
1614 | 1621 |
1615 void URLRequestHttpJob::NotifyURLRequestDestroyed() { | 1622 void URLRequestHttpJob::NotifyURLRequestDestroyed() { |
1616 awaiting_callback_ = false; | 1623 awaiting_callback_ = false; |
1617 } | 1624 } |
1618 | 1625 |
1619 } // namespace net | 1626 } // namespace net |
OLD | NEW |