Chromium Code Reviews
chromiumcodereview-hr@appspot.gserviceaccount.com (chromiumcodereview-hr) | Please choose your nickname with Settings | Help | Chromium Project | Gerrit Changes | Sign out
(1121)

Issues Search
    My Issues | Starred     Open | Closed | All

Side by Side Diff: net/cookies/canonical_cookie_unittest.cc

Issue 1411813003: Teach URLRequest about initiator checks for First-Party-Only cookies. (Closed) Base URL: https://chromium.googlesource.com/chromium/src.git@master
Patch Set: Feedback. Created 4 years, 11 months ago
Use n/p to move between diff chunks; N/P to move between comments. Draft comments are only viewable by you.
Jump to:
View unified diff | Download patch
« no previous file with comments | « net/cookies/canonical_cookie.cc ('k') | net/cookies/cookie_monster.cc » ('j') | net/url_request/url_fetcher_core.cc » ('J')
Toggle Intra-line Diffs ('i') | Expand Comments ('e') | Collapse Comments ('c') | Show Comments Hide Comments ('s')
OLDNEW
1 // Copyright (c) 2012 The Chromium Authors. All rights reserved. 1 // Copyright (c) 2012 The Chromium Authors. All rights reserved.
2 // Use of this source code is governed by a BSD-style license that can be 2 // Use of this source code is governed by a BSD-style license that can be
3 // found in the LICENSE file. 3 // found in the LICENSE file.
4 4
5 #include "net/cookies/canonical_cookie.h" 5 #include "net/cookies/canonical_cookie.h"
6 6
7 #include "base/memory/scoped_ptr.h" 7 #include "base/memory/scoped_ptr.h"
8 #include "base/test/histogram_tester.h" 8 #include "base/test/histogram_tester.h"
9 #include "net/cookies/cookie_constants.h" 9 #include "net/cookies/cookie_constants.h"
10 #include "net/cookies/cookie_options.h" 10 #include "net/cookies/cookie_options.h"
(...skipping 67 matching lines...) Expand 10 before | Expand all | Expand 10 after
78 CanonicalCookie::Create(url, "A=2; HttpOnly", creation_time, options)); 78 CanonicalCookie::Create(url, "A=2; HttpOnly", creation_time, options));
79 EXPECT_FALSE(cookie.get()); 79 EXPECT_FALSE(cookie.get());
80 CookieOptions httponly_options; 80 CookieOptions httponly_options;
81 httponly_options.set_include_httponly(); 81 httponly_options.set_include_httponly();
82 cookie.reset(CanonicalCookie::Create(url, "A=2; HttpOnly", creation_time, 82 cookie.reset(CanonicalCookie::Create(url, "A=2; HttpOnly", creation_time,
83 httponly_options)); 83 httponly_options));
84 EXPECT_TRUE(cookie->IsHttpOnly()); 84 EXPECT_TRUE(cookie->IsHttpOnly());
85 85
86 // Test creating http only cookies. 86 // Test creating http only cookies.
87 CookieOptions first_party_options; 87 CookieOptions first_party_options;
88 first_party_options.set_first_party(url::Origin(url)); 88 first_party_options.set_include_first_party_only_cookies();
89 cookie.reset(CanonicalCookie::Create(url, "A=2; First-Party-Only", 89 cookie.reset(CanonicalCookie::Create(url, "A=2; First-Party-Only",
90 creation_time, httponly_options)); 90 creation_time, httponly_options));
91 EXPECT_TRUE(cookie.get()); 91 EXPECT_TRUE(cookie.get());
92 EXPECT_TRUE(cookie->IsFirstPartyOnly()); 92 EXPECT_TRUE(cookie->IsFirstPartyOnly());
93 93
94 // Test the creating cookies using specific parameter instead of a cookie 94 // Test the creating cookies using specific parameter instead of a cookie
95 // string. 95 // string.
96 cookie.reset(CanonicalCookie::Create( 96 cookie.reset(CanonicalCookie::Create(
97 url, "A", "2", "www.example.com", "/test", creation_time, base::Time(), 97 url, "A", "2", "www.example.com", "/test", creation_time, base::Time(),
98 false, false, false, false, COOKIE_PRIORITY_DEFAULT)); 98 false, false, false, false, COOKIE_PRIORITY_DEFAULT));
(...skipping 340 matching lines...) Expand 10 before | Expand all | Expand 10 after
439 439
440 TEST(CanonicalCookieTest, IncludeFirstPartyForFirstPartyURL) { 440 TEST(CanonicalCookieTest, IncludeFirstPartyForFirstPartyURL) {
441 GURL insecure_url("http://example.test"); 441 GURL insecure_url("http://example.test");
442 GURL secure_url("https://example.test"); 442 GURL secure_url("https://example.test");
443 GURL secure_url_with_path("https://example.test/foo/bar/index.html"); 443 GURL secure_url_with_path("https://example.test/foo/bar/index.html");
444 GURL third_party_url("https://not-example.test"); 444 GURL third_party_url("https://not-example.test");
445 base::Time creation_time = base::Time::Now(); 445 base::Time creation_time = base::Time::Now();
446 CookieOptions options; 446 CookieOptions options;
447 scoped_ptr<CanonicalCookie> cookie; 447 scoped_ptr<CanonicalCookie> cookie;
448 448
449 // First-party-only cookies are not inlcuded if a top-level URL is unset. 449 // First-party-only cookies are not included for non-first-party requests,
450 // even if other properties match:
450 cookie.reset(CanonicalCookie::Create(secure_url, "A=2; First-Party-Only", 451 cookie.reset(CanonicalCookie::Create(secure_url, "A=2; First-Party-Only",
451 creation_time, options)); 452 creation_time, options));
452 EXPECT_TRUE(cookie->IsFirstPartyOnly()); 453 EXPECT_TRUE(cookie->IsFirstPartyOnly());
453 options.set_first_party(url::Origin());
454 EXPECT_FALSE(cookie->IncludeForRequestURL(secure_url, options)); 454 EXPECT_FALSE(cookie->IncludeForRequestURL(secure_url, options));
455
456 // First-party-only cookies are included only if the cookie's origin matches
457 // the
458 // first-party origin.
459 options.set_first_party(url::Origin(secure_url));
460 EXPECT_TRUE(cookie->IncludeForRequestURL(secure_url, options));
461 options.set_first_party(url::Origin(insecure_url));
462 EXPECT_FALSE(cookie->IncludeForRequestURL(secure_url, options));
463 options.set_first_party(url::Origin(third_party_url));
464 EXPECT_FALSE(cookie->IncludeForRequestURL(secure_url, options));
465
466 // "First-Party-Only" doesn't override the 'secure' flag.
467 cookie.reset(CanonicalCookie::Create( 455 cookie.reset(CanonicalCookie::Create(
468 secure_url, "A=2; Secure; First-Party-Only", creation_time, options)); 456 secure_url, "A=2; Secure; First-Party-Only", creation_time, options));
469 options.set_first_party(url::Origin(secure_url)); 457 EXPECT_TRUE(cookie->IsFirstPartyOnly());
470 EXPECT_TRUE(cookie->IncludeForRequestURL(secure_url, options));
471 EXPECT_FALSE(cookie->IncludeForRequestURL(insecure_url, options));
472 options.set_first_party(url::Origin(insecure_url));
473 EXPECT_FALSE(cookie->IncludeForRequestURL(secure_url, options)); 458 EXPECT_FALSE(cookie->IncludeForRequestURL(secure_url, options));
474 EXPECT_FALSE(cookie->IncludeForRequestURL(insecure_url, options));
475
476 // "First-Party-Only" doesn't override the 'path' flag.
477 cookie.reset(CanonicalCookie::Create(secure_url_with_path, 459 cookie.reset(CanonicalCookie::Create(secure_url_with_path,
478 "A=2; First-Party-Only; path=/foo/bar", 460 "A=2; First-Party-Only; path=/foo/bar",
479 creation_time, options)); 461 creation_time, options));
480 options.set_first_party(url::Origin(secure_url_with_path)); 462 EXPECT_TRUE(cookie->IsFirstPartyOnly());
463 EXPECT_FALSE(cookie->IncludeForRequestURL(secure_url, options));
464
465 // First-party-only cookies are included for first-party requests:
466 options.set_include_first_party_only_cookies();
467 cookie.reset(CanonicalCookie::Create(secure_url, "A=2; First-Party-Only",
468 creation_time, options));
469 EXPECT_TRUE(cookie->IsFirstPartyOnly());
470 EXPECT_TRUE(cookie->IncludeForRequestURL(secure_url, options));
471 cookie.reset(CanonicalCookie::Create(
472 secure_url, "A=2; Secure; First-Party-Only", creation_time, options));
473 EXPECT_TRUE(cookie->IsFirstPartyOnly());
474 EXPECT_TRUE(cookie->IncludeForRequestURL(secure_url, options));
475 cookie.reset(CanonicalCookie::Create(secure_url_with_path,
476 "A=2; First-Party-Only; path=/foo/bar",
477 creation_time, options));
478 EXPECT_TRUE(cookie->IsFirstPartyOnly());
481 EXPECT_TRUE(cookie->IncludeForRequestURL(secure_url_with_path, options)); 479 EXPECT_TRUE(cookie->IncludeForRequestURL(secure_url_with_path, options));
482 EXPECT_FALSE(cookie->IncludeForRequestURL(secure_url, options));
483 options.set_first_party(url::Origin(secure_url));
484 EXPECT_TRUE(cookie->IncludeForRequestURL(secure_url_with_path, options));
485 EXPECT_FALSE(cookie->IncludeForRequestURL(secure_url, options));
486 } 480 }
487 481
488 TEST(CanonicalCookieTest, PartialCompare) { 482 TEST(CanonicalCookieTest, PartialCompare) {
489 GURL url("http://www.example.com"); 483 GURL url("http://www.example.com");
490 base::Time creation_time = base::Time::Now(); 484 base::Time creation_time = base::Time::Now();
491 CookieOptions options; 485 CookieOptions options;
492 scoped_ptr<CanonicalCookie> cookie( 486 scoped_ptr<CanonicalCookie> cookie(
493 CanonicalCookie::Create(url, "a=b", creation_time, options)); 487 CanonicalCookie::Create(url, "a=b", creation_time, options));
494 scoped_ptr<CanonicalCookie> cookie_different_path( 488 scoped_ptr<CanonicalCookie> cookie_different_path(
495 CanonicalCookie::Create(url, "a=b; path=/foo", creation_time, options)); 489 CanonicalCookie::Create(url, "a=b; path=/foo", creation_time, options));
(...skipping 235 matching lines...) Expand 10 before | Expand all | Expand 10 after
731 EXPECT_NE(nullptr, make_scoped_ptr(CanonicalCookie::Create( 725 EXPECT_NE(nullptr, make_scoped_ptr(CanonicalCookie::Create(
732 https_url, "__SecureA=B; Path=/; Secure", 726 https_url, "__SecureA=B; Path=/; Secure",
733 creation_time, options))); 727 creation_time, options)));
734 histograms.ExpectBucketCount(kCookiePrefixHistogram, 728 histograms.ExpectBucketCount(kCookiePrefixHistogram,
735 CanonicalCookie::COOKIE_PREFIX_SECURE, 2); 729 CanonicalCookie::COOKIE_PREFIX_SECURE, 2);
736 histograms.ExpectBucketCount(kCookiePrefixBlockedHistogram, 730 histograms.ExpectBucketCount(kCookiePrefixBlockedHistogram,
737 CanonicalCookie::COOKIE_PREFIX_SECURE, 1); 731 CanonicalCookie::COOKIE_PREFIX_SECURE, 1);
738 } 732 }
739 733
740 } // namespace net 734 } // namespace net
OLDNEW
« no previous file with comments | « net/cookies/canonical_cookie.cc ('k') | net/cookies/cookie_monster.cc » ('j') | net/url_request/url_fetcher_core.cc » ('J')

Powered by Google App Engine
This is Rietveld 408576698