Add removal filter support for Cookies, Storage, and Content Settings.

chrome/browser/browsing_data/origin_filter_builder.h

Index: chrome/browser/browsing_data/origin_filter_builder.h
diff --git a/chrome/browser/browsing_data/origin_filter_builder.h b/chrome/browser/browsing_data/origin_filter_builder.h
index 092ec42b161422ee8c87132d9a155c3d8e2fe4f7..f1c030f87f29a70b4fbe5ac281963e429c3745f0 100644
--- a/chrome/browser/browsing_data/origin_filter_builder.h
+++ b/chrome/browser/browsing_data/origin_filter_builder.h
@@ -10,15 +10,20 @@
 #include <vector>
 
 #include "base/callback.h"
+#include "net/cookies/canonical_cookie.h"
 #include "url/gurl.h"
 #include "url/origin.h"
 
+class ContentSettingsPattern;
+
 // A class that constructs URL deletion filters (represented as GURL->bool
 // predicates) that match certain origins.
 class OriginFilterBuilder {
  public:
   enum Mode {
+    // This means that only the origins given will be deleted.
     WHITELIST,
+    // This means that the origins given will NOT be deleted.

[Mike West, 2016/03/11 08:36:10]

Nit: "This means that everything EXCEPT the origins given will be deleted."
right? I think that's important information that's somewhat obscured with the
current text.

[dmurph, 2016/03/30 22:21:26]

Done.

     BLACKLIST
   };
 
@@ -33,10 +38,33 @@ class OriginFilterBuilder {
   // Sets the |mode| of the filter.
   void SetMode(Mode mode);
 
+  // Returns if we're an empty blacklist, where we delete everything.

[Mike West, 2016/03/11 08:36:10]

Nit: Returns true

[dmurph, 2016/03/30 22:21:26]

Done.

+  bool IsEmptyBlacklist() const;
+
   // Builds a filter that matches URLs whose origins are in the whitelist,
   // or aren't in the blacklist.
   base::Callback<bool(const GURL&)> BuildSameOriginFilter() const;
 
+  // Builds a filter that calls ContentSettingsPattern::Matches on the origins
+  // in this filter.
+  base::Callback<bool(const ContentSettingsPattern& pattern)>
+      BuildWebsiteSettingsPatternMatchesFilter() const;
+
+  // We compare the tld+1 of the origins and the cookie. This makes sure that
+  // websites don't have a partial cookie state.
+  // * If we're a blacklist, we will return true (to delete) if NONE of the
+  //   origins can see the cookie.
+  // * If we're a whitelist, we will return true (to delete) if ANY of the
+  //   origins can see the cookie.
+  // This means that origins not in the list can see the effects of this filter,
+  // as they will either be cleared as well, or have their cookies still around.
+  // Examples of tld+1s:
+  // * google.com
+  // * website.misawa.aomori.jp (the last three are the tld)
+  // * 192.168.1.1

[Mike West, 2016/03/11 08:36:10]

I'd rephrase this a bit for clarity, perhaps something like:

"""
Builds a filter that compares the registrable domain of the filter's origins
and the registrable domain of the cookie's domain. A whitelist filter will
return
true if any of its origins match the cookie. A blacklist filter will return true
only if none of its origins match the cookie.

For example, a whitelist which contains the origin "https://site.example.com/"
will return true for a cookie whose domain is "site.example.com", but also for
cookies whose domains are "example.com", ".example.com", "subdomain.example.com"
and so on.

See net/base/registry_controlled_domains/registry_controlled_domain.h for more
details on registrable domains and the current list of effective TLDs.
"""

[dmurph, 2016/03/30 22:21:26]

Done, thanks.

+  base::Callback<bool(const net::CanonicalCookie& pattern)>
+      BuildDomainCookieFilter() const;
+
   // Build a filter that matches URLs whose origins, or origins obtained by
   // replacing the host with any superdomain, are listed in the whitelist,
   // or are not listed in the blacklist.
@@ -52,6 +80,21 @@ class OriginFilterBuilder {
   static bool MatchesURL(
       std::set<url::Origin>* origins, Mode mode, const GURL& url);
 
+  // True if the pattern something in the whitelist, or doesn't match something
+  // in the blacklist.
+  // The whitelist or blacklist is represented as |origins| and |mode|.
+  static bool MatchesWebsiteSettingsPattern(
+      std::set<url::Origin>* origins,
+      Mode mode,
+      const ContentSettingsPattern& pattern);
+
+  // True if no origins can see the given cookie and we're a blacklist, or any
+  // origins can see the cookie and we're a whitelist.
+  // The whitelist or blacklist is represented as |origins| and |mode|.
+  static bool MatchesCookieForTLDPlusOne(std::set<url::Origin>* origins,
+                                         Mode mode,
+                                         const net::CanonicalCookie& cookie);
+
   // True if any origin [scheme, host, port], such that |url| has the same
   // scheme and port, and |url|'s host is the same or a subdomain of that host,
   // is in the whitelist, or isn't in the blacklist. The whitelist or blacklist