Add removal filter support for Cookies, Storage, and Content Settings.

chrome/browser/browsing_data/origin_filter_builder.h

 // Copyright 2016 The Chromium Authors. All rights reserved.
 // Use of this source code is governed by a BSD-style license that can be
 // found in the LICENSE file.
 
 #ifndef CHROME_BROWSER_BROWSING_DATA_ORIGIN_FILTER_BUILDER_H_
 #define CHROME_BROWSER_BROWSING_DATA_ORIGIN_FILTER_BUILDER_H_
 
 #include <ostream>
 #include <set>
 #include <vector>
 
 #include "base/callback.h"
+#include "net/cookies/canonical_cookie.h"
 #include "url/gurl.h"
 #include "url/origin.h"
 
+class ContentSettingsPattern;
+
 // A class that constructs URL deletion filters (represented as GURL->bool
 // predicates) that match certain origins.
 class OriginFilterBuilder {
  public:
   enum Mode {
+    // This means that only the origins given will be deleted.
     WHITELIST,
+    // This means that the origins given will NOT be deleted.

[Mike West, 2016/03/11 08:36:10]

Nit: "This means that everything EXCEPT the origins given will be deleted."
right? I think that's important information that's somewhat obscured with the
current text.

[dmurph, 2016/03/30 22:21:26]

Done.

     BLACKLIST
   };
 
   // Constructs a filter with the given |mode| - whitelist or blacklist.
   explicit OriginFilterBuilder(Mode mode);
 
   ~OriginFilterBuilder();
 
   // Adds the |origin| to the (white- or black-) list.
   void AddOrigin(const url::Origin& origin);
 
   // Sets the |mode| of the filter.
   void SetMode(Mode mode);
 
+  // Returns if we're an empty blacklist, where we delete everything.

[Mike West, 2016/03/11 08:36:10]

Nit: Returns true

[dmurph, 2016/03/30 22:21:26]

Done.

+  bool IsEmptyBlacklist() const;
+
   // Builds a filter that matches URLs whose origins are in the whitelist,
   // or aren't in the blacklist.
   base::Callback<bool(const GURL&)> BuildSameOriginFilter() const;
 
+  // Builds a filter that calls ContentSettingsPattern::Matches on the origins
+  // in this filter.
+  base::Callback<bool(const ContentSettingsPattern& pattern)>
+      BuildWebsiteSettingsPatternMatchesFilter() const;
+
+  // We compare the tld+1 of the origins and the cookie. This makes sure that
+  // websites don't have a partial cookie state.
+  // * If we're a blacklist, we will return true (to delete) if NONE of the
+  //   origins can see the cookie.
+  // * If we're a whitelist, we will return true (to delete) if ANY of the
+  //   origins can see the cookie.
+  // This means that origins not in the list can see the effects of this filter,
+  // as they will either be cleared as well, or have their cookies still around.
+  // Examples of tld+1s:
+  // * google.com
+  // * website.misawa.aomori.jp (the last three are the tld)
+  // * 192.168.1.1

[Mike West, 2016/03/11 08:36:10]

I'd rephrase this a bit for clarity, perhaps something like:

"""
Builds a filter that compares the registrable domain of the filter's origins
and the registrable domain of the cookie's domain. A whitelist filter will
return
true if any of its origins match the cookie. A blacklist filter will return true
only if none of its origins match the cookie.

For example, a whitelist which contains the origin "https://site.example.com/"
will return true for a cookie whose domain is "site.example.com", but also for
cookies whose domains are "example.com", ".example.com", "subdomain.example.com"
and so on.

See net/base/registry_controlled_domains/registry_controlled_domain.h for more
details on registrable domains and the current list of effective TLDs.
"""

[dmurph, 2016/03/30 22:21:26]

Done, thanks.

+  base::Callback<bool(const net::CanonicalCookie& pattern)>
+      BuildDomainCookieFilter() const;
+
   // Build a filter that matches URLs whose origins, or origins obtained by
   // replacing the host with any superdomain, are listed in the whitelist,
   // or are not listed in the blacklist.
   base::Callback<bool(const GURL&)> BuildDomainFilter() const;
 
   // A convenience method to produce an empty blacklist, a filter that matches
   // everything.
   static base::Callback<bool(const GURL&)> BuildNoopFilter();
 
  private:
   // True if the origin of |url| is in the whitelist, or isn't in the blacklist.
   // The whitelist or blacklist is represented as |origins| and |mode|.
   static bool MatchesURL(
       std::set<url::Origin>* origins, Mode mode, const GURL& url);
 
+  // True if the pattern something in the whitelist, or doesn't match something
+  // in the blacklist.
+  // The whitelist or blacklist is represented as |origins| and |mode|.
+  static bool MatchesWebsiteSettingsPattern(
+      std::set<url::Origin>* origins,
+      Mode mode,
+      const ContentSettingsPattern& pattern);
+
+  // True if no origins can see the given cookie and we're a blacklist, or any
+  // origins can see the cookie and we're a whitelist.
+  // The whitelist or blacklist is represented as |origins| and |mode|.
+  static bool MatchesCookieForTLDPlusOne(std::set<url::Origin>* origins,
+                                         Mode mode,
+                                         const net::CanonicalCookie& cookie);
+
   // True if any origin [scheme, host, port], such that |url| has the same
   // scheme and port, and |url|'s host is the same or a subdomain of that host,
   // is in the whitelist, or isn't in the blacklist. The whitelist or blacklist
   // is represented as |origins| and |mode|.
   static bool MatchesURLWithSubdomains(
       std::set<url::Origin>* origins, Mode mode, const GURL& url);
 
   // The list of origins and whether they should be interpreted as a whitelist
   // or blacklist.
   std::set<url::Origin> origin_list_;
   Mode mode_;
 
   DISALLOW_COPY_AND_ASSIGN(OriginFilterBuilder);
 };
 
 #endif  // CHROME_BROWSER_BROWSING_DATA_ORIGIN_FILTER_BUILDER_H_