| OLD | NEW |
|---|
| 1 // Copyright (c) 2012 The Chromium Authors. All rights reserved. | 1 // Copyright (c) 2012 The Chromium Authors. All rights reserved. |
| 2 // Use of this source code is governed by a BSD-style license that can be | 2 // Use of this source code is governed by a BSD-style license that can be |
| 3 // found in the LICENSE file. | 3 // found in the LICENSE file. |
| 4 | 4 |
| 5 #include <utility> | 5 #include <utility> |
| 6 | 6 |
| 7 #include "build/build_config.h" | 7 #include "build/build_config.h" |
| 8 | 8 |
| 9 #if defined(OS_WIN) | 9 #if defined(OS_WIN) |
| 10 #include <windows.h> | 10 #include <windows.h> |
| (...skipping 2628 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
| 2639 EXPECT_TRUE(d.data_received().find("CookieToNotSave=1") | 2639 EXPECT_TRUE(d.data_received().find("CookieToNotSave=1") |
| 2640 == std::string::npos); | 2640 == std::string::npos); |
| 2641 EXPECT_TRUE(d.data_received().find("CookieToNotUpdate=2") | 2641 EXPECT_TRUE(d.data_received().find("CookieToNotUpdate=2") |
| 2642 != std::string::npos); | 2642 != std::string::npos); |
| 2643 | 2643 |
| 2644 EXPECT_EQ(0, network_delegate.blocked_get_cookies_count()); | 2644 EXPECT_EQ(0, network_delegate.blocked_get_cookies_count()); |
| 2645 EXPECT_EQ(0, network_delegate.blocked_set_cookie_count()); | 2645 EXPECT_EQ(0, network_delegate.blocked_set_cookie_count()); |
| 2646 } | 2646 } |
| 2647 } | 2647 } |
| 2648 | 2648 |
| 2649 TEST_F(URLRequestTest, FirstPartyOnlyCookiesEnabled) { | 2649 TEST_F(URLRequestTest, SameSiteCookiesEnabled) { |
| 2650 LocalHttpTestServer test_server; | 2650 LocalHttpTestServer test_server; |
| 2651 ASSERT_TRUE(test_server.Start()); | 2651 ASSERT_TRUE(test_server.Start()); |
| 2652 | 2652 |
| 2653 TestNetworkDelegate network_delegate; | 2653 TestNetworkDelegate network_delegate; |
| 2654 network_delegate.set_experimental_cookie_features_enabled(true); | 2654 network_delegate.set_experimental_cookie_features_enabled(true); |
| 2655 default_context_.set_network_delegate(&network_delegate); | 2655 default_context_.set_network_delegate(&network_delegate); |
| 2656 | 2656 |
| 2657 // Set up a 'First-Party-Only' cookie (on '127.0.0.1', as that's where | 2657 // Set up a 'SameSite' cookie (on '127.0.0.1', as that's where |
| 2658 // LocalHttpTestServer points). | 2658 // LocalHttpTestServer points). |
| 2659 { | 2659 { |
| 2660 TestDelegate d; | 2660 TestDelegate d; |
| 2661 scoped_ptr<URLRequest> req(default_context_.CreateRequest( | 2661 scoped_ptr<URLRequest> req(default_context_.CreateRequest( |
| 2662 test_server.GetURL( | 2662 test_server.GetURL("/set-cookie?SameSiteCookieToSet=1;SameSite"), |
| 2663 "/set-cookie?FirstPartyCookieToSet=1;First-Party-Only"), | |
| 2664 DEFAULT_PRIORITY, &d)); | 2663 DEFAULT_PRIORITY, &d)); |
| 2665 req->Start(); | 2664 req->Start(); |
| 2666 base::RunLoop().Run(); | 2665 base::RunLoop().Run(); |
| 2667 EXPECT_EQ(0, network_delegate.blocked_get_cookies_count()); | 2666 EXPECT_EQ(0, network_delegate.blocked_get_cookies_count()); |
| 2668 EXPECT_EQ(0, network_delegate.blocked_set_cookie_count()); | 2667 EXPECT_EQ(0, network_delegate.blocked_set_cookie_count()); |
| 2669 EXPECT_EQ(1, network_delegate.set_cookie_count()); | 2668 EXPECT_EQ(1, network_delegate.set_cookie_count()); |
| 2670 } | 2669 } |
| 2671 | 2670 |
| 2672 // Verify that the cookie is sent for first-party requests. | 2671 // Verify that the cookie is sent for same-site requests. |
| 2673 { | 2672 { |
| 2674 TestDelegate d; | 2673 TestDelegate d; |
| 2675 scoped_ptr<URLRequest> req(default_context_.CreateRequest( | 2674 scoped_ptr<URLRequest> req(default_context_.CreateRequest( |
| 2676 test_server.GetURL("/echoheader?Cookie"), DEFAULT_PRIORITY, &d)); | 2675 test_server.GetURL("/echoheader?Cookie"), DEFAULT_PRIORITY, &d)); |
| 2677 req->set_first_party_for_cookies(test_server.GetURL("/")); | 2676 req->set_first_party_for_cookies(test_server.GetURL("/")); |
| 2678 req->set_initiator(url::Origin(test_server.GetURL("/"))); | 2677 req->set_initiator(url::Origin(test_server.GetURL("/"))); |
| 2679 req->Start(); | 2678 req->Start(); |
| 2680 base::RunLoop().Run(); | 2679 base::RunLoop().Run(); |
| 2681 | 2680 |
| 2682 EXPECT_TRUE(d.data_received().find("FirstPartyCookieToSet=1") != | 2681 EXPECT_TRUE(d.data_received().find("SameSiteCookieToSet=1") != |
| 2683 std::string::npos); | 2682 std::string::npos); |
| 2684 EXPECT_EQ(0, network_delegate.blocked_get_cookies_count()); | 2683 EXPECT_EQ(0, network_delegate.blocked_get_cookies_count()); |
| 2685 EXPECT_EQ(0, network_delegate.blocked_set_cookie_count()); | 2684 EXPECT_EQ(0, network_delegate.blocked_set_cookie_count()); |
| 2686 } | 2685 } |
| 2687 | 2686 |
| 2688 // Verify that the cookie is not sent for non-first-party requests. | 2687 // Verify that the cookie is not sent for cross-site requests. |
| 2689 { | 2688 { |
| 2690 TestDelegate d; | 2689 TestDelegate d; |
| 2691 scoped_ptr<URLRequest> req(default_context_.CreateRequest( | 2690 scoped_ptr<URLRequest> req(default_context_.CreateRequest( |
| 2692 test_server.GetURL("/echoheader?Cookie"), DEFAULT_PRIORITY, &d)); | 2691 test_server.GetURL("/echoheader?Cookie"), DEFAULT_PRIORITY, &d)); |
| 2693 req->set_first_party_for_cookies(GURL("http://third-party.test/")); | 2692 req->set_first_party_for_cookies(GURL("http://cross-site.test/")); |
| 2694 req->set_initiator(url::Origin(GURL("http://third-party.test/"))); | 2693 req->set_initiator(url::Origin(GURL("http://cross-site.test/"))); |
| 2695 req->Start(); | 2694 req->Start(); |
| 2696 base::RunLoop().Run(); | 2695 base::RunLoop().Run(); |
| 2697 | 2696 |
| 2698 EXPECT_TRUE(d.data_received().find("FirstPartyCookieToSet=1") == | 2697 EXPECT_TRUE(d.data_received().find("SameSiteCookieToSet=1") == |
| 2699 std::string::npos); | 2698 std::string::npos); |
| 2700 EXPECT_EQ(0, network_delegate.blocked_get_cookies_count()); | 2699 EXPECT_EQ(0, network_delegate.blocked_get_cookies_count()); |
| 2701 EXPECT_EQ(0, network_delegate.blocked_set_cookie_count()); | 2700 EXPECT_EQ(0, network_delegate.blocked_set_cookie_count()); |
| 2702 } | 2701 } |
| 2703 | 2702 |
| 2704 // Verify that the cookie is sent for non-first-party initiators when the | 2703 // Verify that the cookie is sent for cross-site initiators when the |
| 2705 // method is "safe". | 2704 // method is "safe". |
| 2706 { | 2705 { |
| 2707 TestDelegate d; | 2706 TestDelegate d; |
| 2708 scoped_ptr<URLRequest> req(default_context_.CreateRequest( | 2707 scoped_ptr<URLRequest> req(default_context_.CreateRequest( |
| 2709 test_server.GetURL("/echoheader?Cookie"), DEFAULT_PRIORITY, &d)); | 2708 test_server.GetURL("/echoheader?Cookie"), DEFAULT_PRIORITY, &d)); |
| 2710 req->set_first_party_for_cookies(test_server.GetURL("/")); | 2709 req->set_first_party_for_cookies(test_server.GetURL("/")); |
| 2711 req->set_initiator(url::Origin(GURL("http://third-party.test/"))); | 2710 req->set_initiator(url::Origin(GURL("http://cross-site.test/"))); |
| 2712 req->Start(); | 2711 req->Start(); |
| 2713 base::RunLoop().Run(); | 2712 base::RunLoop().Run(); |
| 2714 | 2713 |
| 2715 EXPECT_FALSE(d.data_received().find("FirstPartyCookieToSet=1") == | 2714 EXPECT_FALSE(d.data_received().find("SameSiteCookieToSet=1") == |
| 2716 std::string::npos); | 2715 std::string::npos); |
| 2717 EXPECT_EQ(0, network_delegate.blocked_get_cookies_count()); | 2716 EXPECT_EQ(0, network_delegate.blocked_get_cookies_count()); |
| 2718 EXPECT_EQ(0, network_delegate.blocked_set_cookie_count()); | 2717 EXPECT_EQ(0, network_delegate.blocked_set_cookie_count()); |
| 2719 } | 2718 } |
| 2720 | 2719 |
| 2721 // Verify that the cookie is not sent for non-first-party initiators when the | 2720 // Verify that the cookie is not sent for cross-site initiators when the |
| 2722 // method is unsafe (e.g. POST). | 2721 // method is unsafe (e.g. POST). |
| 2723 { | 2722 { |
| 2724 TestDelegate d; | 2723 TestDelegate d; |
| 2725 scoped_ptr<URLRequest> req(default_context_.CreateRequest( | 2724 scoped_ptr<URLRequest> req(default_context_.CreateRequest( |
| 2726 test_server.GetURL("/echoheader?Cookie"), DEFAULT_PRIORITY, &d)); | 2725 test_server.GetURL("/echoheader?Cookie"), DEFAULT_PRIORITY, &d)); |
| 2727 req->set_first_party_for_cookies(test_server.GetURL("/")); | 2726 req->set_first_party_for_cookies(test_server.GetURL("/")); |
| 2728 req->set_initiator(url::Origin(GURL("http://third-party.test/"))); | 2727 req->set_initiator(url::Origin(GURL("http://cross-site.test/"))); |
| 2729 req->set_method("POST"); | 2728 req->set_method("POST"); |
| 2730 req->Start(); | 2729 req->Start(); |
| 2731 base::RunLoop().Run(); | 2730 base::RunLoop().Run(); |
| 2732 | 2731 |
| 2733 EXPECT_TRUE(d.data_received().find("FirstPartyCookieToSet=1") == | 2732 EXPECT_TRUE(d.data_received().find("SameSiteCookieToSet=1") == |
| 2734 std::string::npos); | 2733 std::string::npos); |
| 2735 EXPECT_EQ(0, network_delegate.blocked_get_cookies_count()); | 2734 EXPECT_EQ(0, network_delegate.blocked_get_cookies_count()); |
| 2736 EXPECT_EQ(0, network_delegate.blocked_set_cookie_count()); | 2735 EXPECT_EQ(0, network_delegate.blocked_set_cookie_count()); |
| 2737 } | 2736 } |
| 2738 } | 2737 } |
| 2739 | 2738 |
| 2740 TEST_F(URLRequestTest, FirstPartyOnlyCookiesDisabled) { | 2739 TEST_F(URLRequestTest, SameSiteCookiesDisabled) { |
| 2741 LocalHttpTestServer test_server; | 2740 LocalHttpTestServer test_server; |
| 2742 ASSERT_TRUE(test_server.Start()); | 2741 ASSERT_TRUE(test_server.Start()); |
| 2743 | 2742 |
| 2744 // Set up a 'First-Party-Only' cookie (on '127.0.0.1', as that's where | 2743 // Set up a 'SameSite' cookie (on '127.0.0.1', as that's where |
| 2745 // LocalHttpTestServer points). | 2744 // LocalHttpTestServer points). |
| 2746 { | 2745 { |
| 2747 TestNetworkDelegate network_delegate; | 2746 TestNetworkDelegate network_delegate; |
| 2748 network_delegate.set_experimental_cookie_features_enabled(false); | 2747 network_delegate.set_experimental_cookie_features_enabled(false); |
| 2749 default_context_.set_network_delegate(&network_delegate); | 2748 default_context_.set_network_delegate(&network_delegate); |
| 2750 | 2749 |
| 2751 TestDelegate d; | 2750 TestDelegate d; |
| 2752 scoped_ptr<URLRequest> req(default_context_.CreateRequest( | 2751 scoped_ptr<URLRequest> req(default_context_.CreateRequest( |
| 2753 test_server.GetURL( | 2752 test_server.GetURL("/set-cookie?SameSiteCookieToSet=1;SameSite"), |
| 2754 "/set-cookie?FirstPartyCookieToSet=1;First-Party-Only"), | |
| 2755 DEFAULT_PRIORITY, &d)); | 2753 DEFAULT_PRIORITY, &d)); |
| 2756 req->Start(); | 2754 req->Start(); |
| 2757 base::RunLoop().Run(); | 2755 base::RunLoop().Run(); |
| 2758 EXPECT_EQ(0, network_delegate.blocked_get_cookies_count()); | 2756 EXPECT_EQ(0, network_delegate.blocked_get_cookies_count()); |
| 2759 EXPECT_EQ(0, network_delegate.blocked_set_cookie_count()); | 2757 EXPECT_EQ(0, network_delegate.blocked_set_cookie_count()); |
| 2760 EXPECT_EQ(1, network_delegate.set_cookie_count()); | 2758 EXPECT_EQ(1, network_delegate.set_cookie_count()); |
| 2761 } | 2759 } |
| 2762 | 2760 |
| 2763 // Verify that the cookie is sent for first-party requests. | 2761 // Verify that the cookie is sent for same-site requests. |
| 2764 { | 2762 { |
| 2765 TestNetworkDelegate network_delegate; | 2763 TestNetworkDelegate network_delegate; |
| 2766 network_delegate.set_experimental_cookie_features_enabled(false); | 2764 network_delegate.set_experimental_cookie_features_enabled(false); |
| 2767 default_context_.set_network_delegate(&network_delegate); | 2765 default_context_.set_network_delegate(&network_delegate); |
| 2768 TestDelegate d; | 2766 TestDelegate d; |
| 2769 scoped_ptr<URLRequest> req(default_context_.CreateRequest( | 2767 scoped_ptr<URLRequest> req(default_context_.CreateRequest( |
| 2770 test_server.GetURL("/echoheader?Cookie"), DEFAULT_PRIORITY, &d)); | 2768 test_server.GetURL("/echoheader?Cookie"), DEFAULT_PRIORITY, &d)); |
| 2771 req->set_first_party_for_cookies(test_server.GetURL("/")); | 2769 req->set_first_party_for_cookies(test_server.GetURL("/")); |
| 2772 req->Start(); | 2770 req->Start(); |
| 2773 base::RunLoop().Run(); | 2771 base::RunLoop().Run(); |
| 2774 | 2772 |
| 2775 EXPECT_TRUE(d.data_received().find("FirstPartyCookieToSet=1") != | 2773 EXPECT_TRUE(d.data_received().find("SameSiteCookieToSet=1") != |
| 2776 std::string::npos); | 2774 std::string::npos); |
| 2777 EXPECT_EQ(0, network_delegate.blocked_get_cookies_count()); | 2775 EXPECT_EQ(0, network_delegate.blocked_get_cookies_count()); |
| 2778 EXPECT_EQ(0, network_delegate.blocked_set_cookie_count()); | 2776 EXPECT_EQ(0, network_delegate.blocked_set_cookie_count()); |
| 2779 } | 2777 } |
| 2780 | 2778 |
| 2781 // Verify that the cookie is also sent for non-first-party requests. | 2779 // Verify that the cookie is also sent for cross-site requests. |
| 2782 { | 2780 { |
| 2783 TestNetworkDelegate network_delegate; | 2781 TestNetworkDelegate network_delegate; |
| 2784 network_delegate.set_experimental_cookie_features_enabled(false); | 2782 network_delegate.set_experimental_cookie_features_enabled(false); |
| 2785 default_context_.set_network_delegate(&network_delegate); | 2783 default_context_.set_network_delegate(&network_delegate); |
| 2786 TestDelegate d; | 2784 TestDelegate d; |
| 2787 scoped_ptr<URLRequest> req(default_context_.CreateRequest( | 2785 scoped_ptr<URLRequest> req(default_context_.CreateRequest( |
| 2788 test_server.GetURL("/echoheader?Cookie"), DEFAULT_PRIORITY, &d)); | 2786 test_server.GetURL("/echoheader?Cookie"), DEFAULT_PRIORITY, &d)); |
| 2789 req->set_first_party_for_cookies(GURL("http://third-party.test/")); | 2787 req->set_first_party_for_cookies(GURL("http://cross-site.test/")); |
| 2790 req->Start(); | 2788 req->Start(); |
| 2791 base::RunLoop().Run(); | 2789 base::RunLoop().Run(); |
| 2792 | 2790 |
| 2793 EXPECT_NE(d.data_received().find("FirstPartyCookieToSet=1"), | 2791 EXPECT_NE(d.data_received().find("SameSiteCookieToSet=1"), |
| 2794 std::string::npos); | 2792 std::string::npos); |
| 2795 EXPECT_EQ(0, network_delegate.blocked_get_cookies_count()); | 2793 EXPECT_EQ(0, network_delegate.blocked_get_cookies_count()); |
| 2796 EXPECT_EQ(0, network_delegate.blocked_set_cookie_count()); | 2794 EXPECT_EQ(0, network_delegate.blocked_set_cookie_count()); |
| 2797 } | 2795 } |
| 2798 } | 2796 } |
| 2799 | 2797 |
| 2800 // Tests that __Secure- cookies can't be set on non-secure origins. | 2798 // Tests that __Secure- cookies can't be set on non-secure origins. |
| 2801 TEST_F(URLRequestTest, SecureCookiePrefixOnNonsecureOrigin) { | 2799 TEST_F(URLRequestTest, SecureCookiePrefixOnNonsecureOrigin) { |
| 2802 EmbeddedTestServer http_server; | 2800 EmbeddedTestServer http_server; |
| 2803 http_server.AddDefaultHandlers( | 2801 http_server.AddDefaultHandlers( |
| (...skipping 6995 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
| 9799 AddTestInterceptor()->set_main_intercept_job(std::move(job)); | 9797 AddTestInterceptor()->set_main_intercept_job(std::move(job)); |
| 9800 | 9798 |
| 9801 req->Start(); | 9799 req->Start(); |
| 9802 req->Cancel(); | 9800 req->Cancel(); |
| 9803 base::RunLoop().RunUntilIdle(); | 9801 base::RunLoop().RunUntilIdle(); |
| 9804 EXPECT_EQ(URLRequestStatus::CANCELED, req->status().status()); | 9802 EXPECT_EQ(URLRequestStatus::CANCELED, req->status().status()); |
| 9805 EXPECT_EQ(0, d.received_redirect_count()); | 9803 EXPECT_EQ(0, d.received_redirect_count()); |
| 9806 } | 9804 } |
| 9807 | 9805 |
| 9808 } // namespace net | 9806 } // namespace net |
| OLD | NEW |
|---|
Chromium Code Reviews
Issue 1615773005:
Rename first-party-only cookies to same-site cookies. (Closed)
Base URL: https://chromium.googlesource.com/chromium/src.git@master