| OLD | NEW |
|---|
| 1 // Copyright (c) 2012 The Chromium Authors. All rights reserved. | 1 // Copyright (c) 2012 The Chromium Authors. All rights reserved. |
| 2 // Use of this source code is governed by a BSD-style license that can be | 2 // Use of this source code is governed by a BSD-style license that can be |
| 3 // found in the LICENSE file. | 3 // found in the LICENSE file. |
| 4 | 4 |
| 5 // Portions of this code based on Mozilla: | 5 // Portions of this code based on Mozilla: |
| 6 // (netwerk/cookie/src/nsCookieService.cpp) | 6 // (netwerk/cookie/src/nsCookieService.cpp) |
| 7 /* ***** BEGIN LICENSE BLOCK ***** | 7 /* ***** BEGIN LICENSE BLOCK ***** |
| 8 * Version: MPL 1.1/GPL 2.0/LGPL 2.1 | 8 * Version: MPL 1.1/GPL 2.0/LGPL 2.1 |
| 9 * | 9 * |
| 10 * The contents of this file are subject to the Mozilla Public License Version | 10 * The contents of this file are subject to the Mozilla Public License Version |
| (...skipping 115 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
| 126 CanonicalCookie::CanonicalCookie(const GURL& url, | 126 CanonicalCookie::CanonicalCookie(const GURL& url, |
| 127 const std::string& name, | 127 const std::string& name, |
| 128 const std::string& value, | 128 const std::string& value, |
| 129 const std::string& domain, | 129 const std::string& domain, |
| 130 const std::string& path, | 130 const std::string& path, |
| 131 const base::Time& creation, | 131 const base::Time& creation, |
| 132 const base::Time& expiration, | 132 const base::Time& expiration, |
| 133 const base::Time& last_access, | 133 const base::Time& last_access, |
| 134 bool secure, | 134 bool secure, |
| 135 bool httponly, | 135 bool httponly, |
| 136 bool firstpartyonly, | 136 bool same_site, |
| 137 CookiePriority priority) | 137 CookiePriority priority) |
| 138 : source_(url.SchemeIsFile() ? url : url.GetOrigin()), | 138 : source_(url.SchemeIsFile() ? url : url.GetOrigin()), |
| 139 name_(name), | 139 name_(name), |
| 140 value_(value), | 140 value_(value), |
| 141 domain_(domain), | 141 domain_(domain), |
| 142 path_(path), | 142 path_(path), |
| 143 creation_date_(creation), | 143 creation_date_(creation), |
| 144 expiry_date_(expiration), | 144 expiry_date_(expiration), |
| 145 last_access_date_(last_access), | 145 last_access_date_(last_access), |
| 146 secure_(secure), | 146 secure_(secure), |
| 147 httponly_(httponly), | 147 httponly_(httponly), |
| 148 first_party_only_(firstpartyonly), | 148 same_site_(same_site), |
| 149 priority_(priority) {} | 149 priority_(priority) {} |
| 150 | 150 |
| 151 CanonicalCookie::CanonicalCookie(const GURL& url, const ParsedCookie& pc) | 151 CanonicalCookie::CanonicalCookie(const GURL& url, const ParsedCookie& pc) |
| 152 : source_(url.SchemeIsFile() ? url : url.GetOrigin()), | 152 : source_(url.SchemeIsFile() ? url : url.GetOrigin()), |
| 153 name_(pc.Name()), | 153 name_(pc.Name()), |
| 154 value_(pc.Value()), | 154 value_(pc.Value()), |
| 155 path_(CanonPath(url, pc)), | 155 path_(CanonPath(url, pc)), |
| 156 creation_date_(Time::Now()), | 156 creation_date_(Time::Now()), |
| 157 last_access_date_(Time()), | 157 last_access_date_(Time()), |
| 158 secure_(pc.IsSecure()), | 158 secure_(pc.IsSecure()), |
| 159 httponly_(pc.IsHttpOnly()), | 159 httponly_(pc.IsHttpOnly()), |
| 160 first_party_only_(pc.IsFirstPartyOnly()), | 160 same_site_(pc.IsSameSite()), |
| 161 priority_(pc.Priority()) { | 161 priority_(pc.Priority()) { |
| 162 if (pc.HasExpires()) | 162 if (pc.HasExpires()) |
| 163 expiry_date_ = CanonExpiration(pc, creation_date_, creation_date_); | 163 expiry_date_ = CanonExpiration(pc, creation_date_, creation_date_); |
| 164 | 164 |
| 165 // Do the best we can with the domain. | 165 // Do the best we can with the domain. |
| 166 std::string cookie_domain; | 166 std::string cookie_domain; |
| 167 std::string domain_string; | 167 std::string domain_string; |
| 168 if (pc.HasDomain()) { | 168 if (pc.HasDomain()) { |
| 169 domain_string = pc.Domain(); | 169 domain_string = pc.Domain(); |
| 170 } | 170 } |
| (...skipping 96 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
| 267 if (!is_cookie_valid) { | 267 if (!is_cookie_valid) { |
| 268 VLOG(kVlogSetCookies) | 268 VLOG(kVlogSetCookies) |
| 269 << "Create() failed because the cookie violated prefix rules."; | 269 << "Create() failed because the cookie violated prefix rules."; |
| 270 return nullptr; | 270 return nullptr; |
| 271 } | 271 } |
| 272 | 272 |
| 273 return make_scoped_ptr(new CanonicalCookie( | 273 return make_scoped_ptr(new CanonicalCookie( |
| 274 url, parsed_cookie.Name(), parsed_cookie.Value(), cookie_domain, | 274 url, parsed_cookie.Name(), parsed_cookie.Value(), cookie_domain, |
| 275 cookie_path, creation_time, cookie_expires, creation_time, | 275 cookie_path, creation_time, cookie_expires, creation_time, |
| 276 parsed_cookie.IsSecure(), parsed_cookie.IsHttpOnly(), | 276 parsed_cookie.IsSecure(), parsed_cookie.IsHttpOnly(), |
| 277 parsed_cookie.IsFirstPartyOnly(), parsed_cookie.Priority())); | 277 parsed_cookie.IsSameSite(), parsed_cookie.Priority())); |
| 278 } | 278 } |
| 279 | 279 |
| 280 // static | 280 // static |
| 281 scoped_ptr<CanonicalCookie> CanonicalCookie::Create( | 281 scoped_ptr<CanonicalCookie> CanonicalCookie::Create( |
| 282 const GURL& url, | 282 const GURL& url, |
| 283 const std::string& name, | 283 const std::string& name, |
| 284 const std::string& value, | 284 const std::string& value, |
| 285 const std::string& domain, | 285 const std::string& domain, |
| 286 const std::string& path, | 286 const std::string& path, |
| 287 const base::Time& creation, | 287 const base::Time& creation, |
| 288 const base::Time& expiration, | 288 const base::Time& expiration, |
| 289 bool secure, | 289 bool secure, |
| 290 bool http_only, | 290 bool http_only, |
| 291 bool first_party_only, | 291 bool same_site, |
| 292 bool enforce_strict_secure, | 292 bool enforce_strict_secure, |
| 293 CookiePriority priority) { | 293 CookiePriority priority) { |
| 294 // Expect valid attribute tokens and values, as defined by the ParsedCookie | 294 // Expect valid attribute tokens and values, as defined by the ParsedCookie |
| 295 // logic, otherwise don't create the cookie. | 295 // logic, otherwise don't create the cookie. |
| 296 std::string parsed_name = ParsedCookie::ParseTokenString(name); | 296 std::string parsed_name = ParsedCookie::ParseTokenString(name); |
| 297 if (parsed_name != name) | 297 if (parsed_name != name) |
| 298 return nullptr; | 298 return nullptr; |
| 299 std::string parsed_value = ParsedCookie::ParseValueString(value); | 299 std::string parsed_value = ParsedCookie::ParseValueString(value); |
| 300 if (parsed_value != value) | 300 if (parsed_value != value) |
| 301 return nullptr; | 301 return nullptr; |
| (...skipping 22 matching lines...) Expand all Loading... |
| 324 url::Component path_component(0, cookie_path.length()); | 324 url::Component path_component(0, cookie_path.length()); |
| 325 url::RawCanonOutputT<char> canon_path; | 325 url::RawCanonOutputT<char> canon_path; |
| 326 url::Component canon_path_component; | 326 url::Component canon_path_component; |
| 327 url::CanonicalizePath(cookie_path.data(), path_component, &canon_path, | 327 url::CanonicalizePath(cookie_path.data(), path_component, &canon_path, |
| 328 &canon_path_component); | 328 &canon_path_component); |
| 329 cookie_path = std::string(canon_path.data() + canon_path_component.begin, | 329 cookie_path = std::string(canon_path.data() + canon_path_component.begin, |
| 330 canon_path_component.len); | 330 canon_path_component.len); |
| 331 | 331 |
| 332 return make_scoped_ptr(new CanonicalCookie( | 332 return make_scoped_ptr(new CanonicalCookie( |
| 333 url, parsed_name, parsed_value, cookie_domain, cookie_path, creation, | 333 url, parsed_name, parsed_value, cookie_domain, cookie_path, creation, |
| 334 expiration, creation, secure, http_only, first_party_only, priority)); | 334 expiration, creation, secure, http_only, same_site, priority)); |
| 335 } | 335 } |
| 336 | 336 |
| 337 bool CanonicalCookie::IsOnPath(const std::string& url_path) const { | 337 bool CanonicalCookie::IsOnPath(const std::string& url_path) const { |
| 338 | 338 |
| 339 // A zero length would be unsafe for our trailing '/' checks, and | 339 // A zero length would be unsafe for our trailing '/' checks, and |
| 340 // would also make no sense for our prefix match. The code that | 340 // would also make no sense for our prefix match. The code that |
| 341 // creates a CanonicalCookie should make sure the path is never zero length, | 341 // creates a CanonicalCookie should make sure the path is never zero length, |
| 342 // but we double check anyway. | 342 // but we double check anyway. |
| 343 if (path_.empty()) | 343 if (path_.empty()) |
| 344 return false; | 344 return false; |
| (...skipping 67 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
| 412 // insecure scheme. | 412 // insecure scheme. |
| 413 if (IsSecure() && !url.SchemeIsCryptographic()) | 413 if (IsSecure() && !url.SchemeIsCryptographic()) |
| 414 return false; | 414 return false; |
| 415 // Don't include cookies for requests that don't apply to the cookie domain. | 415 // Don't include cookies for requests that don't apply to the cookie domain. |
| 416 if (!IsDomainMatch(url.host())) | 416 if (!IsDomainMatch(url.host())) |
| 417 return false; | 417 return false; |
| 418 // Don't include cookies for requests with a url path that does not path | 418 // Don't include cookies for requests with a url path that does not path |
| 419 // match the cookie-path. | 419 // match the cookie-path. |
| 420 if (!IsOnPath(url.path())) | 420 if (!IsOnPath(url.path())) |
| 421 return false; | 421 return false; |
| 422 // Don't include first-party-only cookies for non-first-party requests. | 422 // Don't include same-site cookies for cross-site requests. |
| 423 if (IsFirstPartyOnly() && !options.include_first_party_only_cookies()) | 423 if (IsSameSite() && !options.include_same_site()) |
| 424 return false; | 424 return false; |
| 425 | 425 |
| 426 return true; | 426 return true; |
| 427 } | 427 } |
| 428 | 428 |
| 429 std::string CanonicalCookie::DebugString() const { | 429 std::string CanonicalCookie::DebugString() const { |
| 430 return base::StringPrintf( | 430 return base::StringPrintf( |
| 431 "name: %s value: %s domain: %s path: %s creation: %" PRId64, | 431 "name: %s value: %s domain: %s path: %s creation: %" PRId64, |
| 432 name_.c_str(), value_.c_str(), domain_.c_str(), path_.c_str(), | 432 name_.c_str(), value_.c_str(), domain_.c_str(), path_.c_str(), |
| 433 static_cast<int64_t>(creation_date_.ToTimeT())); | 433 static_cast<int64_t>(creation_date_.ToTimeT())); |
| (...skipping 71 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
| 505 if (prefix == CanonicalCookie::COOKIE_PREFIX_SECURE) | 505 if (prefix == CanonicalCookie::COOKIE_PREFIX_SECURE) |
| 506 return parsed_cookie.IsSecure() && url.SchemeIsCryptographic(); | 506 return parsed_cookie.IsSecure() && url.SchemeIsCryptographic(); |
| 507 if (prefix == CanonicalCookie::COOKIE_PREFIX_HOST) { | 507 if (prefix == CanonicalCookie::COOKIE_PREFIX_HOST) { |
| 508 return parsed_cookie.IsSecure() && url.SchemeIsCryptographic() && | 508 return parsed_cookie.IsSecure() && url.SchemeIsCryptographic() && |
| 509 !parsed_cookie.HasDomain() && parsed_cookie.Path() == "/"; | 509 !parsed_cookie.HasDomain() && parsed_cookie.Path() == "/"; |
| 510 } | 510 } |
| 511 return true; | 511 return true; |
| 512 } | 512 } |
| 513 | 513 |
| 514 } // namespace net | 514 } // namespace net |
| OLD | NEW |
|---|
Chromium Code Reviews
Issue 1615773005:
Rename first-party-only cookies to same-site cookies. (Closed)
Base URL: https://chromium.googlesource.com/chromium/src.git@master