| OLD | NEW |
|---|
| 1 // Copyright (c) 2012 The Chromium Authors. All rights reserved. | 1 // Copyright (c) 2012 The Chromium Authors. All rights reserved. |
| 2 // Use of this source code is governed by a BSD-style license that can be | 2 // Use of this source code is governed by a BSD-style license that can be |
| 3 // found in the LICENSE file. | 3 // found in the LICENSE file. |
| 4 | 4 |
| 5 #include <utility> | 5 #include <utility> |
| 6 | 6 |
| 7 #include "build/build_config.h" | 7 #include "build/build_config.h" |
| 8 | 8 |
| 9 #if defined(OS_WIN) | 9 #if defined(OS_WIN) |
| 10 #include <windows.h> | 10 #include <windows.h> |
| (...skipping 2632 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
| 2643 EXPECT_TRUE(d.data_received().find("CookieToNotSave=1") | 2643 EXPECT_TRUE(d.data_received().find("CookieToNotSave=1") |
| 2644 == std::string::npos); | 2644 == std::string::npos); |
| 2645 EXPECT_TRUE(d.data_received().find("CookieToNotUpdate=2") | 2645 EXPECT_TRUE(d.data_received().find("CookieToNotUpdate=2") |
| 2646 != std::string::npos); | 2646 != std::string::npos); |
| 2647 | 2647 |
| 2648 EXPECT_EQ(0, network_delegate.blocked_get_cookies_count()); | 2648 EXPECT_EQ(0, network_delegate.blocked_get_cookies_count()); |
| 2649 EXPECT_EQ(0, network_delegate.blocked_set_cookie_count()); | 2649 EXPECT_EQ(0, network_delegate.blocked_set_cookie_count()); |
| 2650 } | 2650 } |
| 2651 } | 2651 } |
| 2652 | 2652 |
| 2653 TEST_F(URLRequestTest, FirstPartyOnlyCookiesEnabled) { | 2653 TEST_F(URLRequestTest, SameSiteCookiesEnabled) { |
| 2654 LocalHttpTestServer test_server; | 2654 LocalHttpTestServer test_server; |
| 2655 ASSERT_TRUE(test_server.Start()); | 2655 ASSERT_TRUE(test_server.Start()); |
| 2656 | 2656 |
| 2657 TestNetworkDelegate network_delegate; | 2657 TestNetworkDelegate network_delegate; |
| 2658 network_delegate.set_experimental_cookie_features_enabled(true); | 2658 network_delegate.set_experimental_cookie_features_enabled(true); |
| 2659 default_context_.set_network_delegate(&network_delegate); | 2659 default_context_.set_network_delegate(&network_delegate); |
| 2660 | 2660 |
| 2661 // Set up a 'First-Party-Only' cookie (on '127.0.0.1', as that's where | 2661 // Set up a 'SameSite' cookie (on '127.0.0.1', as that's where |
| 2662 // LocalHttpTestServer points). | 2662 // LocalHttpTestServer points). |
| 2663 { | 2663 { |
| 2664 TestDelegate d; | 2664 TestDelegate d; |
| 2665 scoped_ptr<URLRequest> req(default_context_.CreateRequest( | 2665 scoped_ptr<URLRequest> req(default_context_.CreateRequest( |
| 2666 test_server.GetURL( | 2666 test_server.GetURL("/set-cookie?SameSiteCookieToSet=1;SameSite"), |
| 2667 "/set-cookie?FirstPartyCookieToSet=1;First-Party-Only"), | |
| 2668 DEFAULT_PRIORITY, &d)); | 2667 DEFAULT_PRIORITY, &d)); |
| 2669 req->Start(); | 2668 req->Start(); |
| 2670 base::RunLoop().Run(); | 2669 base::RunLoop().Run(); |
| 2671 EXPECT_EQ(0, network_delegate.blocked_get_cookies_count()); | 2670 EXPECT_EQ(0, network_delegate.blocked_get_cookies_count()); |
| 2672 EXPECT_EQ(0, network_delegate.blocked_set_cookie_count()); | 2671 EXPECT_EQ(0, network_delegate.blocked_set_cookie_count()); |
| 2673 EXPECT_EQ(1, network_delegate.set_cookie_count()); | 2672 EXPECT_EQ(1, network_delegate.set_cookie_count()); |
| 2674 } | 2673 } |
| 2675 | 2674 |
| 2676 // Verify that the cookie is sent for first-party requests. | 2675 // Verify that the cookie is sent for same-site requests. |
| 2677 { | 2676 { |
| 2678 TestDelegate d; | 2677 TestDelegate d; |
| 2679 scoped_ptr<URLRequest> req(default_context_.CreateRequest( | 2678 scoped_ptr<URLRequest> req(default_context_.CreateRequest( |
| 2680 test_server.GetURL("/echoheader?Cookie"), DEFAULT_PRIORITY, &d)); | 2679 test_server.GetURL("/echoheader?Cookie"), DEFAULT_PRIORITY, &d)); |
| 2681 req->set_first_party_for_cookies(test_server.GetURL("/")); | 2680 req->set_first_party_for_cookies(test_server.GetURL("/")); |
| 2682 req->set_initiator(url::Origin(test_server.GetURL("/"))); | 2681 req->set_initiator(url::Origin(test_server.GetURL("/"))); |
| 2683 req->Start(); | 2682 req->Start(); |
| 2684 base::RunLoop().Run(); | 2683 base::RunLoop().Run(); |
| 2685 | 2684 |
| 2686 EXPECT_TRUE(d.data_received().find("FirstPartyCookieToSet=1") != | 2685 EXPECT_TRUE(d.data_received().find("SameSiteCookieToSet=1") != |
| 2687 std::string::npos); | 2686 std::string::npos); |
| 2688 EXPECT_EQ(0, network_delegate.blocked_get_cookies_count()); | 2687 EXPECT_EQ(0, network_delegate.blocked_get_cookies_count()); |
| 2689 EXPECT_EQ(0, network_delegate.blocked_set_cookie_count()); | 2688 EXPECT_EQ(0, network_delegate.blocked_set_cookie_count()); |
| 2690 } | 2689 } |
| 2691 | 2690 |
| 2692 // Verify that the cookie is not sent for non-first-party requests. | 2691 // Verify that the cookie is not sent for cross-site requests. |
| 2693 { | 2692 { |
| 2694 TestDelegate d; | 2693 TestDelegate d; |
| 2695 scoped_ptr<URLRequest> req(default_context_.CreateRequest( | 2694 scoped_ptr<URLRequest> req(default_context_.CreateRequest( |
| 2696 test_server.GetURL("/echoheader?Cookie"), DEFAULT_PRIORITY, &d)); | 2695 test_server.GetURL("/echoheader?Cookie"), DEFAULT_PRIORITY, &d)); |
| 2697 req->set_first_party_for_cookies(GURL("http://third-party.test/")); | 2696 req->set_first_party_for_cookies(GURL("http://cross-site.test/")); |
| 2698 req->set_initiator(url::Origin(GURL("http://third-party.test/"))); | 2697 req->set_initiator(url::Origin(GURL("http://cross-site.test/"))); |
| 2699 req->Start(); | 2698 req->Start(); |
| 2700 base::RunLoop().Run(); | 2699 base::RunLoop().Run(); |
| 2701 | 2700 |
| 2702 EXPECT_TRUE(d.data_received().find("FirstPartyCookieToSet=1") == | 2701 EXPECT_TRUE(d.data_received().find("SameSiteCookieToSet=1") == |
| 2703 std::string::npos); | 2702 std::string::npos); |
| 2704 EXPECT_EQ(0, network_delegate.blocked_get_cookies_count()); | 2703 EXPECT_EQ(0, network_delegate.blocked_get_cookies_count()); |
| 2705 EXPECT_EQ(0, network_delegate.blocked_set_cookie_count()); | 2704 EXPECT_EQ(0, network_delegate.blocked_set_cookie_count()); |
| 2706 } | 2705 } |
| 2707 | 2706 |
| 2708 // Verify that the cookie is sent for non-first-party initiators when the | 2707 // Verify that the cookie is sent for cross-site initiators when the |
| 2709 // method is "safe". | 2708 // method is "safe". |
| 2710 { | 2709 { |
| 2711 TestDelegate d; | 2710 TestDelegate d; |
| 2712 scoped_ptr<URLRequest> req(default_context_.CreateRequest( | 2711 scoped_ptr<URLRequest> req(default_context_.CreateRequest( |
| 2713 test_server.GetURL("/echoheader?Cookie"), DEFAULT_PRIORITY, &d)); | 2712 test_server.GetURL("/echoheader?Cookie"), DEFAULT_PRIORITY, &d)); |
| 2714 req->set_first_party_for_cookies(test_server.GetURL("/")); | 2713 req->set_first_party_for_cookies(test_server.GetURL("/")); |
| 2715 req->set_initiator(url::Origin(GURL("http://third-party.test/"))); | 2714 req->set_initiator(url::Origin(GURL("http://cross-site.test/"))); |
| 2716 req->Start(); | 2715 req->Start(); |
| 2717 base::RunLoop().Run(); | 2716 base::RunLoop().Run(); |
| 2718 | 2717 |
| 2719 EXPECT_FALSE(d.data_received().find("FirstPartyCookieToSet=1") == | 2718 EXPECT_FALSE(d.data_received().find("SameSiteCookieToSet=1") == |
| 2720 std::string::npos); | 2719 std::string::npos); |
| 2721 EXPECT_EQ(0, network_delegate.blocked_get_cookies_count()); | 2720 EXPECT_EQ(0, network_delegate.blocked_get_cookies_count()); |
| 2722 EXPECT_EQ(0, network_delegate.blocked_set_cookie_count()); | 2721 EXPECT_EQ(0, network_delegate.blocked_set_cookie_count()); |
| 2723 } | 2722 } |
| 2724 | 2723 |
| 2725 // Verify that the cookie is not sent for non-first-party initiators when the | 2724 // Verify that the cookie is not sent for cross-site initiators when the |
| 2726 // method is unsafe (e.g. POST). | 2725 // method is unsafe (e.g. POST). |
| 2727 { | 2726 { |
| 2728 TestDelegate d; | 2727 TestDelegate d; |
| 2729 scoped_ptr<URLRequest> req(default_context_.CreateRequest( | 2728 scoped_ptr<URLRequest> req(default_context_.CreateRequest( |
| 2730 test_server.GetURL("/echoheader?Cookie"), DEFAULT_PRIORITY, &d)); | 2729 test_server.GetURL("/echoheader?Cookie"), DEFAULT_PRIORITY, &d)); |
| 2731 req->set_first_party_for_cookies(test_server.GetURL("/")); | 2730 req->set_first_party_for_cookies(test_server.GetURL("/")); |
| 2732 req->set_initiator(url::Origin(GURL("http://third-party.test/"))); | 2731 req->set_initiator(url::Origin(GURL("http://cross-site.test/"))); |
| 2733 req->set_method("POST"); | 2732 req->set_method("POST"); |
| 2734 req->Start(); | 2733 req->Start(); |
| 2735 base::RunLoop().Run(); | 2734 base::RunLoop().Run(); |
| 2736 | 2735 |
| 2737 EXPECT_TRUE(d.data_received().find("FirstPartyCookieToSet=1") == | 2736 EXPECT_TRUE(d.data_received().find("SameSiteCookieToSet=1") == |
| 2738 std::string::npos); | 2737 std::string::npos); |
| 2739 EXPECT_EQ(0, network_delegate.blocked_get_cookies_count()); | 2738 EXPECT_EQ(0, network_delegate.blocked_get_cookies_count()); |
| 2740 EXPECT_EQ(0, network_delegate.blocked_set_cookie_count()); | 2739 EXPECT_EQ(0, network_delegate.blocked_set_cookie_count()); |
| 2741 } | 2740 } |
| 2742 } | 2741 } |
| 2743 | 2742 |
| 2744 TEST_F(URLRequestTest, FirstPartyOnlyCookiesDisabled) { | 2743 TEST_F(URLRequestTest, SameSiteCookiesDisabled) { |
| 2745 LocalHttpTestServer test_server; | 2744 LocalHttpTestServer test_server; |
| 2746 ASSERT_TRUE(test_server.Start()); | 2745 ASSERT_TRUE(test_server.Start()); |
| 2747 | 2746 |
| 2748 // Set up a 'First-Party-Only' cookie (on '127.0.0.1', as that's where | 2747 // Set up a 'SameSite' cookie (on '127.0.0.1', as that's where |
| 2749 // LocalHttpTestServer points). | 2748 // LocalHttpTestServer points). |
| 2750 { | 2749 { |
| 2751 TestNetworkDelegate network_delegate; | 2750 TestNetworkDelegate network_delegate; |
| 2752 network_delegate.set_experimental_cookie_features_enabled(false); | 2751 network_delegate.set_experimental_cookie_features_enabled(false); |
| 2753 default_context_.set_network_delegate(&network_delegate); | 2752 default_context_.set_network_delegate(&network_delegate); |
| 2754 | 2753 |
| 2755 TestDelegate d; | 2754 TestDelegate d; |
| 2756 scoped_ptr<URLRequest> req(default_context_.CreateRequest( | 2755 scoped_ptr<URLRequest> req(default_context_.CreateRequest( |
| 2757 test_server.GetURL( | 2756 test_server.GetURL("/set-cookie?SameSiteCookieToSet=1;SameSite"), |
| 2758 "/set-cookie?FirstPartyCookieToSet=1;First-Party-Only"), | |
| 2759 DEFAULT_PRIORITY, &d)); | 2757 DEFAULT_PRIORITY, &d)); |
| 2760 req->Start(); | 2758 req->Start(); |
| 2761 base::RunLoop().Run(); | 2759 base::RunLoop().Run(); |
| 2762 EXPECT_EQ(0, network_delegate.blocked_get_cookies_count()); | 2760 EXPECT_EQ(0, network_delegate.blocked_get_cookies_count()); |
| 2763 EXPECT_EQ(0, network_delegate.blocked_set_cookie_count()); | 2761 EXPECT_EQ(0, network_delegate.blocked_set_cookie_count()); |
| 2764 EXPECT_EQ(1, network_delegate.set_cookie_count()); | 2762 EXPECT_EQ(1, network_delegate.set_cookie_count()); |
| 2765 } | 2763 } |
| 2766 | 2764 |
| 2767 // Verify that the cookie is sent for first-party requests. | 2765 // Verify that the cookie is sent for same-site requests. |
| 2768 { | 2766 { |
| 2769 TestNetworkDelegate network_delegate; | 2767 TestNetworkDelegate network_delegate; |
| 2770 network_delegate.set_experimental_cookie_features_enabled(false); | 2768 network_delegate.set_experimental_cookie_features_enabled(false); |
| 2771 default_context_.set_network_delegate(&network_delegate); | 2769 default_context_.set_network_delegate(&network_delegate); |
| 2772 TestDelegate d; | 2770 TestDelegate d; |
| 2773 scoped_ptr<URLRequest> req(default_context_.CreateRequest( | 2771 scoped_ptr<URLRequest> req(default_context_.CreateRequest( |
| 2774 test_server.GetURL("/echoheader?Cookie"), DEFAULT_PRIORITY, &d)); | 2772 test_server.GetURL("/echoheader?Cookie"), DEFAULT_PRIORITY, &d)); |
| 2775 req->set_first_party_for_cookies(test_server.GetURL("/")); | 2773 req->set_first_party_for_cookies(test_server.GetURL("/")); |
| 2776 req->Start(); | 2774 req->Start(); |
| 2777 base::RunLoop().Run(); | 2775 base::RunLoop().Run(); |
| 2778 | 2776 |
| 2779 EXPECT_TRUE(d.data_received().find("FirstPartyCookieToSet=1") != | 2777 EXPECT_TRUE(d.data_received().find("SameSiteCookieToSet=1") != |
| 2780 std::string::npos); | 2778 std::string::npos); |
| 2781 EXPECT_EQ(0, network_delegate.blocked_get_cookies_count()); | 2779 EXPECT_EQ(0, network_delegate.blocked_get_cookies_count()); |
| 2782 EXPECT_EQ(0, network_delegate.blocked_set_cookie_count()); | 2780 EXPECT_EQ(0, network_delegate.blocked_set_cookie_count()); |
| 2783 } | 2781 } |
| 2784 | 2782 |
| 2785 // Verify that the cookie is also sent for non-first-party requests. | 2783 // Verify that the cookie is also sent for cross-site requests. |
| 2786 { | 2784 { |
| 2787 TestNetworkDelegate network_delegate; | 2785 TestNetworkDelegate network_delegate; |
| 2788 network_delegate.set_experimental_cookie_features_enabled(false); | 2786 network_delegate.set_experimental_cookie_features_enabled(false); |
| 2789 default_context_.set_network_delegate(&network_delegate); | 2787 default_context_.set_network_delegate(&network_delegate); |
| 2790 TestDelegate d; | 2788 TestDelegate d; |
| 2791 scoped_ptr<URLRequest> req(default_context_.CreateRequest( | 2789 scoped_ptr<URLRequest> req(default_context_.CreateRequest( |
| 2792 test_server.GetURL("/echoheader?Cookie"), DEFAULT_PRIORITY, &d)); | 2790 test_server.GetURL("/echoheader?Cookie"), DEFAULT_PRIORITY, &d)); |
| 2793 req->set_first_party_for_cookies(GURL("http://third-party.test/")); | 2791 req->set_first_party_for_cookies(GURL("http://cross-site.test/")); |
| 2794 req->Start(); | 2792 req->Start(); |
| 2795 base::RunLoop().Run(); | 2793 base::RunLoop().Run(); |
| 2796 | 2794 |
| 2797 EXPECT_NE(d.data_received().find("FirstPartyCookieToSet=1"), | 2795 EXPECT_NE(d.data_received().find("SameSiteCookieToSet=1"), |
| 2798 std::string::npos); | 2796 std::string::npos); |
| 2799 EXPECT_EQ(0, network_delegate.blocked_get_cookies_count()); | 2797 EXPECT_EQ(0, network_delegate.blocked_get_cookies_count()); |
| 2800 EXPECT_EQ(0, network_delegate.blocked_set_cookie_count()); | 2798 EXPECT_EQ(0, network_delegate.blocked_set_cookie_count()); |
| 2801 } | 2799 } |
| 2802 } | 2800 } |
| 2803 | 2801 |
| 2804 // Tests that __Secure- cookies can't be set on non-secure origins. | 2802 // Tests that __Secure- cookies can't be set on non-secure origins. |
| 2805 TEST_F(URLRequestTest, SecureCookiePrefixOnNonsecureOrigin) { | 2803 TEST_F(URLRequestTest, SecureCookiePrefixOnNonsecureOrigin) { |
| 2806 EmbeddedTestServer http_server; | 2804 EmbeddedTestServer http_server; |
| 2807 http_server.AddDefaultHandlers( | 2805 http_server.AddDefaultHandlers( |
| (...skipping 7057 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
| 9865 AddTestInterceptor()->set_main_intercept_job(std::move(job)); | 9863 AddTestInterceptor()->set_main_intercept_job(std::move(job)); |
| 9866 | 9864 |
| 9867 req->Start(); | 9865 req->Start(); |
| 9868 req->Cancel(); | 9866 req->Cancel(); |
| 9869 base::RunLoop().RunUntilIdle(); | 9867 base::RunLoop().RunUntilIdle(); |
| 9870 EXPECT_EQ(URLRequestStatus::CANCELED, req->status().status()); | 9868 EXPECT_EQ(URLRequestStatus::CANCELED, req->status().status()); |
| 9871 EXPECT_EQ(0, d.received_redirect_count()); | 9869 EXPECT_EQ(0, d.received_redirect_count()); |
| 9872 } | 9870 } |
| 9873 | 9871 |
| 9874 } // namespace net | 9872 } // namespace net |
| OLD | NEW |
|---|
Chromium Code Reviews
Issue 1615773005:
Rename first-party-only cookies to same-site cookies. (Closed)
Base URL: https://chromium.googlesource.com/chromium/src.git@master