Chromium Code Reviews
chromiumcodereview-hr@appspot.gserviceaccount.com (chromiumcodereview-hr) | Please choose your nickname with Settings | Help | Chromium Project | Gerrit Changes | Sign out
(209)

Issues Search
    My Issues | Starred     Open | Closed | All

Side by Side Diff: content/renderer/render_frame_impl.cc

Issue 1411813003: Teach URLRequest about initiator checks for First-Party-Only cookies. (Closed) Base URL: https://chromium.googlesource.com/chromium/src.git@master
Patch Set: Feedback. Created 5 years, 2 months ago
Use n/p to move between diff chunks; N/P to move between comments. Draft comments are only viewable by you.
Jump to:
View unified diff | Download patch
« content/child/resource_dispatcher.cc ('K') | « content/common/resource_messages.h ('k') | net/cookies/canonical_cookie.cc » ('j') | net/cookies/cookie_options.h » ('J')
Toggle Intra-line Diffs ('i') | Expand Comments ('e') | Collapse Comments ('c') | Show Comments Hide Comments ('s')
OLDNEW
1 // Copyright 2013 The Chromium Authors. All rights reserved. 1 // Copyright 2013 The Chromium Authors. All rights reserved.
2 // Use of this source code is governed by a BSD-style license that can be 2 // Use of this source code is governed by a BSD-style license that can be
3 // found in the LICENSE file. 3 // found in the LICENSE file.
4 4
5 #include "content/renderer/render_frame_impl.h" 5 #include "content/renderer/render_frame_impl.h"
6 6
7 #include <map> 7 #include <map>
8 #include <string> 8 #include <string>
9 9
10 #include "base/auto_reset.h" 10 #include "base/auto_reset.h"
(...skipping 3206 matching lines...) Expand 10 before | Expand all | Expand 10 after
3217 blink::WebLocalFrame* frame, 3217 blink::WebLocalFrame* frame,
3218 unsigned identifier, 3218 unsigned identifier,
3219 blink::WebURLRequest& request, 3219 blink::WebURLRequest& request,
3220 const blink::WebURLResponse& redirect_response) { 3220 const blink::WebURLResponse& redirect_response) {
3221 DCHECK(!frame_ || frame_ == frame); 3221 DCHECK(!frame_ || frame_ == frame);
3222 // The request my be empty during tests. 3222 // The request my be empty during tests.
3223 if (request.url().isEmpty()) 3223 if (request.url().isEmpty())
3224 return; 3224 return;
3225 3225
3226 // Set the first party for cookies url if it has not been set yet (new 3226 // Set the first party for cookies url if it has not been set yet (new
3227 // requests). For redirects, it is updated by WebURLLoaderImpl. 3227 // requests). This value will be updated during redirects, consistent with
3228 // https://tools.ietf.org/html/draft-west-first-party-cookies-04#section-2.1.1
3228 if (request.firstPartyForCookies().isEmpty()) { 3229 if (request.firstPartyForCookies().isEmpty()) {
3229 if (request.frameType() == blink::WebURLRequest::FrameTypeTopLevel) { 3230 if (request.frameType() == blink::WebURLRequest::FrameTypeTopLevel) {
3230 request.setFirstPartyForCookies(request.url()); 3231 request.setFirstPartyForCookies(request.url());
3231 } else { 3232 } else {
3232 // TODO(nasko): When the top-level frame is remote, there is no document. 3233 // TODO(nasko): When the top-level frame is remote, there is no document.
3233 // This is broken and should be fixed to propagate the first party. 3234 // This is broken and should be fixed to propagate the first party.
3234 WebFrame* top = frame->top(); 3235 WebFrame* top = frame->top();
3235 if (top->isWebLocalFrame()) { 3236 if (top->isWebLocalFrame()) {
3236 request.setFirstPartyForCookies( 3237 request.setFirstPartyForCookies(
3237 frame->top()->document().firstPartyForCookies()); 3238 frame->top()->document().firstPartyForCookies());
3238 } 3239 }
3239 } 3240 }
3241
3242 // If we need to set the first party, then we need to set the request's
3243 // initiator as well; it will not be updated during redirects.
3244 request.setRequestorOrigin(frame->document().securityOrigin());
3240 } 3245 }
3241 3246
3242 WebDataSource* provisional_data_source = frame->provisionalDataSource(); 3247 WebDataSource* provisional_data_source = frame->provisionalDataSource();
3243 WebDataSource* data_source = 3248 WebDataSource* data_source =
3244 provisional_data_source ? provisional_data_source : frame->dataSource(); 3249 provisional_data_source ? provisional_data_source : frame->dataSource();
3245 3250
3246 DocumentState* document_state = DocumentState::FromDataSource(data_source); 3251 DocumentState* document_state = DocumentState::FromDataSource(data_source);
3247 DCHECK(document_state); 3252 DCHECK(document_state);
3248 InternalDocumentStateData* internal_data = 3253 InternalDocumentStateData* internal_data =
3249 InternalDocumentStateData::FromDocumentState(document_state); 3254 InternalDocumentStateData::FromDocumentState(document_state);
(...skipping 1944 matching lines...) Expand 10 before | Expand all | Expand 10 after
5194 mojo::ServiceProviderPtr service_provider; 5199 mojo::ServiceProviderPtr service_provider;
5195 mojo::URLRequestPtr request(mojo::URLRequest::New()); 5200 mojo::URLRequestPtr request(mojo::URLRequest::New());
5196 request->url = mojo::String::From(url); 5201 request->url = mojo::String::From(url);
5197 mojo_shell_->ConnectToApplication(request.Pass(), GetProxy(&service_provider), 5202 mojo_shell_->ConnectToApplication(request.Pass(), GetProxy(&service_provider),
5198 nullptr, nullptr, 5203 nullptr, nullptr,
5199 base::Bind(&OnGotContentHandlerID)); 5204 base::Bind(&OnGotContentHandlerID));
5200 return service_provider.Pass(); 5205 return service_provider.Pass();
5201 } 5206 }
5202 5207
5203 } // namespace content 5208 } // namespace content
OLDNEW
« content/child/resource_dispatcher.cc ('K') | « content/common/resource_messages.h ('k') | net/cookies/canonical_cookie.cc » ('j') | net/cookies/cookie_options.h » ('J')

Powered by Google App Engine
This is Rietveld 408576698