Chromium Code Reviews Chromium Code Reviews
Issue 1411813003:
Teach URLRequest about initiator checks for First-Party-Only cookies. (Closed)
Base URL: https://chromium.googlesource.com/chromium/src.git@master| OLD | NEW |
|---|---|
| 1 // Copyright (c) 2012 The Chromium Authors. All rights reserved. | 1 // Copyright (c) 2012 The Chromium Authors. All rights reserved. |
| 2 // Use of this source code is governed by a BSD-style license that can be | 2 // Use of this source code is governed by a BSD-style license that can be |
| 3 // found in the LICENSE file. | 3 // found in the LICENSE file. |
| 4 | 4 |
| 5 #include <utility> | 5 #include <utility> |
| 6 | 6 |
| 7 #include "build/build_config.h" | 7 #include "build/build_config.h" |
| 8 | 8 |
| 9 #if defined(OS_WIN) | 9 #if defined(OS_WIN) |
| 10 #include <windows.h> | 10 #include <windows.h> |
| (...skipping 2660 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... | |
| 2671 | 2671 |
| 2672 // Verify that the cookie is sent for first-party requests. | 2672 // Verify that the cookie is sent for first-party requests. |
| 2673 { | 2673 { |
| 2674 TestNetworkDelegate network_delegate; | 2674 TestNetworkDelegate network_delegate; |
| 2675 network_delegate.set_experimental_cookie_features_enabled(true); | 2675 network_delegate.set_experimental_cookie_features_enabled(true); |
| 2676 default_context_.set_network_delegate(&network_delegate); | 2676 default_context_.set_network_delegate(&network_delegate); |
| 2677 TestDelegate d; | 2677 TestDelegate d; |
| 2678 scoped_ptr<URLRequest> req(default_context_.CreateRequest( | 2678 scoped_ptr<URLRequest> req(default_context_.CreateRequest( |
| 2679 test_server.GetURL("/echoheader?Cookie"), DEFAULT_PRIORITY, &d)); | 2679 test_server.GetURL("/echoheader?Cookie"), DEFAULT_PRIORITY, &d)); |
| 2680 req->set_first_party_for_cookies(test_server.GetURL("/")); | 2680 req->set_first_party_for_cookies(test_server.GetURL("/")); |
| 2681 req->set_initiator(url::Origin(test_server.GetURL("/"))); | |
| 2681 req->Start(); | 2682 req->Start(); |
| 2682 base::RunLoop().Run(); | 2683 base::RunLoop().Run(); |
| 2683 | 2684 |
| 2684 EXPECT_TRUE(d.data_received().find("FirstPartyCookieToSet=1") != | 2685 EXPECT_TRUE(d.data_received().find("FirstPartyCookieToSet=1") != |
| 2685 std::string::npos); | 2686 std::string::npos); |
| 2686 EXPECT_EQ(0, network_delegate.blocked_get_cookies_count()); | 2687 EXPECT_EQ(0, network_delegate.blocked_get_cookies_count()); |
| 2687 EXPECT_EQ(0, network_delegate.blocked_set_cookie_count()); | 2688 EXPECT_EQ(0, network_delegate.blocked_set_cookie_count()); |
| 2688 } | 2689 } |
| 2689 | 2690 |
| 2690 // Verify that the cookie is not-sent for non-first-party requests. | 2691 // Verify that the cookie is not sent for non-first-party requests. |
| 2691 { | 2692 { |
| 2692 TestNetworkDelegate network_delegate; | 2693 TestNetworkDelegate network_delegate; |
| 2693 network_delegate.set_experimental_cookie_features_enabled(true); | 2694 network_delegate.set_experimental_cookie_features_enabled(true); |
| 2694 default_context_.set_network_delegate(&network_delegate); | 2695 default_context_.set_network_delegate(&network_delegate); |
| 2695 TestDelegate d; | 2696 TestDelegate d; |
| 2696 scoped_ptr<URLRequest> req(default_context_.CreateRequest( | 2697 scoped_ptr<URLRequest> req(default_context_.CreateRequest( |
| 2697 test_server.GetURL("/echoheader?Cookie"), DEFAULT_PRIORITY, &d)); | 2698 test_server.GetURL("/echoheader?Cookie"), DEFAULT_PRIORITY, &d)); |
| 2698 req->set_first_party_for_cookies(GURL("http://third-party.test/")); | 2699 req->set_first_party_for_cookies(GURL("http://third-party.test/")); |
| 2700 req->set_initiator(url::Origin(GURL("http://third-party.test/"))); | |
| 2699 req->Start(); | 2701 req->Start(); |
| 2700 base::RunLoop().Run(); | 2702 base::RunLoop().Run(); |
| 2701 | 2703 |
| 2704 EXPECT_TRUE(d.data_received().find("FirstPartyCookieToSet=1") == | |
| 2705 std::string::npos); | |
| 2706 EXPECT_EQ(0, network_delegate.blocked_get_cookies_count()); | |
| 2707 EXPECT_EQ(0, network_delegate.blocked_set_cookie_count()); | |
| 2708 } | |
| 2709 | |
| 2710 // Verify that the cookie is sent for non-first-party initiators when the | |
| 2711 // method is "safe" | |
|
mmenke
2016/01/12 16:20:59
+period.
Mike West
2016/01/13 08:10:22
Done.
| |
| 2712 { | |
| 2713 TestNetworkDelegate network_delegate; | |
| 2714 network_delegate.set_experimental_cookie_features_enabled(true); | |
|
mmenke
2016/01/12 16:20:59
Optional nit: Can we just make a single network d
Mike West
2016/01/13 08:10:22
Sure. Done.
| |
| 2715 default_context_.set_network_delegate(&network_delegate); | |
| 2716 TestDelegate d; | |
| 2717 scoped_ptr<URLRequest> req(default_context_.CreateRequest( | |
| 2718 test_server.GetURL("/echoheader?Cookie"), DEFAULT_PRIORITY, &d)); | |
| 2719 req->set_first_party_for_cookies(test_server.GetURL("/")); | |
| 2720 req->set_initiator(url::Origin(GURL("http://third-party.test/"))); | |
| 2721 req->Start(); | |
| 2722 base::RunLoop().Run(); | |
| 2723 | |
| 2724 EXPECT_FALSE(d.data_received().find("FirstPartyCookieToSet=1") == | |
| 2725 std::string::npos); | |
| 2726 EXPECT_EQ(0, network_delegate.blocked_get_cookies_count()); | |
| 2727 EXPECT_EQ(0, network_delegate.blocked_set_cookie_count()); | |
| 2728 } | |
| 2729 | |
| 2730 // Verify that the cookie is not sent for non-first-party initiators when the | |
| 2731 // method is unsafe (e.g. POST). | |
| 2732 { | |
| 2733 TestNetworkDelegate network_delegate; | |
| 2734 network_delegate.set_experimental_cookie_features_enabled(true); | |
| 2735 default_context_.set_network_delegate(&network_delegate); | |
| 2736 TestDelegate d; | |
| 2737 scoped_ptr<URLRequest> req(default_context_.CreateRequest( | |
| 2738 test_server.GetURL("/echoheader?Cookie"), DEFAULT_PRIORITY, &d)); | |
| 2739 req->set_first_party_for_cookies(test_server.GetURL("/")); | |
| 2740 req->set_initiator(url::Origin(GURL("http://third-party.test/"))); | |
| 2741 req->set_method("POST"); | |
| 2742 req->Start(); | |
| 2743 base::RunLoop().Run(); | |
| 2744 | |
| 2702 EXPECT_TRUE(d.data_received().find("FirstPartyCookieToSet=1") == | 2745 EXPECT_TRUE(d.data_received().find("FirstPartyCookieToSet=1") == |
| 2703 std::string::npos); | 2746 std::string::npos); |
| 2704 EXPECT_EQ(0, network_delegate.blocked_get_cookies_count()); | 2747 EXPECT_EQ(0, network_delegate.blocked_get_cookies_count()); |
| 2705 EXPECT_EQ(0, network_delegate.blocked_set_cookie_count()); | 2748 EXPECT_EQ(0, network_delegate.blocked_set_cookie_count()); |
| 2706 } | 2749 } |
| 2707 } | 2750 } |
| 2708 | 2751 |
| 2709 TEST_F(URLRequestTest, FirstPartyOnlyCookiesDisabled) { | 2752 TEST_F(URLRequestTest, FirstPartyOnlyCookiesDisabled) { |
| 2710 LocalHttpTestServer test_server; | 2753 LocalHttpTestServer test_server; |
| 2711 ASSERT_TRUE(test_server.Start()); | 2754 ASSERT_TRUE(test_server.Start()); |
| (...skipping 7056 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... | |
| 9768 AddTestInterceptor()->set_main_intercept_job(std::move(job)); | 9811 AddTestInterceptor()->set_main_intercept_job(std::move(job)); |
| 9769 | 9812 |
| 9770 req->Start(); | 9813 req->Start(); |
| 9771 req->Cancel(); | 9814 req->Cancel(); |
| 9772 base::RunLoop().RunUntilIdle(); | 9815 base::RunLoop().RunUntilIdle(); |
| 9773 EXPECT_EQ(URLRequestStatus::CANCELED, req->status().status()); | 9816 EXPECT_EQ(URLRequestStatus::CANCELED, req->status().status()); |
| 9774 EXPECT_EQ(0, d.received_redirect_count()); | 9817 EXPECT_EQ(0, d.received_redirect_count()); |
| 9775 } | 9818 } |
| 9776 | 9819 |
| 9777 } // namespace net | 9820 } // namespace net |
| OLD | NEW |
