Chromium Code Reviews
chromiumcodereview-hr@appspot.gserviceaccount.com (chromiumcodereview-hr) | Please choose your nickname with Settings | Help | Chromium Project | Gerrit Changes | Sign out
(482)

Issues Search
    My Issues | Starred     Open | Closed | All

Side by Side Diff: net/cookies/canonical_cookie.cc

Issue 1411813003: Teach URLRequest about initiator checks for First-Party-Only cookies. (Closed) Base URL: https://chromium.googlesource.com/chromium/src.git@master
Patch Set: Feedback. Created 4 years, 11 months ago
Use n/p to move between diff chunks; N/P to move between comments. Draft comments are only viewable by you.
Jump to:
View unified diff | Download patch
« no previous file with comments | « content/renderer/render_frame_impl.cc ('k') | net/cookies/canonical_cookie_unittest.cc » ('j') | net/url_request/url_fetcher_core.cc » ('J')
Toggle Intra-line Diffs ('i') | Expand Comments ('e') | Collapse Comments ('c') | Show Comments Hide Comments ('s')
OLDNEW
1 // Copyright (c) 2012 The Chromium Authors. All rights reserved. 1 // Copyright (c) 2012 The Chromium Authors. All rights reserved.
2 // Use of this source code is governed by a BSD-style license that can be 2 // Use of this source code is governed by a BSD-style license that can be
3 // found in the LICENSE file. 3 // found in the LICENSE file.
4 4
5 // Portions of this code based on Mozilla: 5 // Portions of this code based on Mozilla:
6 // (netwerk/cookie/src/nsCookieService.cpp) 6 // (netwerk/cookie/src/nsCookieService.cpp)
7 /* ***** BEGIN LICENSE BLOCK ***** 7 /* ***** BEGIN LICENSE BLOCK *****
8 * Version: MPL 1.1/GPL 2.0/LGPL 2.1 8 * Version: MPL 1.1/GPL 2.0/LGPL 2.1
9 * 9 *
10 * The contents of this file are subject to the Mozilla Public License Version 10 * The contents of this file are subject to the Mozilla Public License Version
(...skipping 398 matching lines...) Expand 10 before | Expand all | Expand 10 after
409 // insecure scheme. 409 // insecure scheme.
410 if (IsSecure() && !url.SchemeIsCryptographic()) 410 if (IsSecure() && !url.SchemeIsCryptographic())
411 return false; 411 return false;
412 // Don't include cookies for requests that don't apply to the cookie domain. 412 // Don't include cookies for requests that don't apply to the cookie domain.
413 if (!IsDomainMatch(url.host())) 413 if (!IsDomainMatch(url.host()))
414 return false; 414 return false;
415 // Don't include cookies for requests with a url path that does not path 415 // Don't include cookies for requests with a url path that does not path
416 // match the cookie-path. 416 // match the cookie-path.
417 if (!IsOnPath(url.path())) 417 if (!IsOnPath(url.path()))
418 return false; 418 return false;
419 419 // Don't include first-party-only cookies for non-first-party requests.
420 // Include first-party-only cookies if: 420 if (IsFirstPartyOnly() && !options.include_first_party_only_cookies())
421 //
422 // * |options| tells us to include all of them
423 // * a first-party origin is set, and they matches the origin of |url|
424 if (IsFirstPartyOnly() && !options.include_first_party_only() &&
425 !options.first_party().IsSameOriginWith(url::Origin(url))) {
426 return false; 421 return false;
427 }
428 422
429 return true; 423 return true;
430 } 424 }
431 425
432 std::string CanonicalCookie::DebugString() const { 426 std::string CanonicalCookie::DebugString() const {
433 return base::StringPrintf( 427 return base::StringPrintf(
434 "name: %s value: %s domain: %s path: %s creation: %" PRId64, 428 "name: %s value: %s domain: %s path: %s creation: %" PRId64,
435 name_.c_str(), value_.c_str(), domain_.c_str(), path_.c_str(), 429 name_.c_str(), value_.c_str(), domain_.c_str(), path_.c_str(),
436 static_cast<int64_t>(creation_date_.ToTimeT())); 430 static_cast<int64_t>(creation_date_.ToTimeT()));
437 } 431 }
(...skipping 70 matching lines...) Expand 10 before | Expand all | Expand 10 after
508 if (prefix == CanonicalCookie::COOKIE_PREFIX_SECURE) 502 if (prefix == CanonicalCookie::COOKIE_PREFIX_SECURE)
509 return parsed_cookie.IsSecure() && url.SchemeIsCryptographic(); 503 return parsed_cookie.IsSecure() && url.SchemeIsCryptographic();
510 if (prefix == CanonicalCookie::COOKIE_PREFIX_HOST) { 504 if (prefix == CanonicalCookie::COOKIE_PREFIX_HOST) {
511 return parsed_cookie.IsSecure() && url.SchemeIsCryptographic() && 505 return parsed_cookie.IsSecure() && url.SchemeIsCryptographic() &&
512 !parsed_cookie.HasDomain() && parsed_cookie.Path() == "/"; 506 !parsed_cookie.HasDomain() && parsed_cookie.Path() == "/";
513 } 507 }
514 return true; 508 return true;
515 } 509 }
516 510
517 } // namespace net 511 } // namespace net
OLDNEW
« no previous file with comments | « content/renderer/render_frame_impl.cc ('k') | net/cookies/canonical_cookie_unittest.cc » ('j') | net/url_request/url_fetcher_core.cc » ('J')

Powered by Google App Engine
This is Rietveld 408576698