Add removal filter support for Cookies, Storage, and Content Settings.

chrome/browser/browsing_data/origin_filter_builder_unittest.cc

Index: chrome/browser/browsing_data/origin_filter_builder_unittest.cc
diff --git a/chrome/browser/browsing_data/origin_filter_builder_unittest.cc b/chrome/browser/browsing_data/origin_filter_builder_unittest.cc
index 32fef25dadf3028c49a8e48852343732e3b5e3fd..8b83d293e649f6a27db3f185509c0df86fb070b0 100644
--- a/chrome/browser/browsing_data/origin_filter_builder_unittest.cc
+++ b/chrome/browser/browsing_data/origin_filter_builder_unittest.cc
@@ -9,6 +9,7 @@
 #include <vector>
 
 #include "base/callback.h"
+#include "components/content_settings/core/common/content_settings_pattern.h"
 #include "testing/gtest/include/gtest/gtest.h"
 #include "url/gurl.h"
 #include "url/origin.h"
@@ -24,12 +25,58 @@ struct TestCase {
 
 void RunTestCase(
     TestCase test_case, const base::Callback<bool(const GURL&)>& filter) {
+  GURL url(test_case.url);
+  EXPECT_TRUE(url.is_valid()) << test_case.url << " is not valid.";
   if (test_case.should_match)
     EXPECT_TRUE(filter.Run(GURL(test_case.url)));
   else
     EXPECT_FALSE(filter.Run(GURL(test_case.url)));
 }
 
+void RunTestCase(
+    TestCase test_case,
+    const base::Callback<bool(const ContentSettingsPattern&)>& filter) {
+  ContentSettingsPattern pattern =
+      ContentSettingsPattern::FromString(test_case.url);
+  EXPECT_TRUE(pattern.IsValid()) << test_case.url << " is not valid.";
+  if (test_case.should_match)
+    EXPECT_TRUE(filter.Run(pattern)) << pattern.ToString() << " should match.";
+  else
+    EXPECT_FALSE(filter.Run(pattern)) << pattern.ToString()
+                                      << " should not match.";
+}
+
+void RunTestCase(
+    TestCase test_case,
+    const base::Callback<bool(const net::CanonicalCookie&)>& filter) {
+  std::string cookie_line = "A=2";

[Mike West, 2016/03/11 08:36:11]

It would be helpful to verify that cookie attributes like `HttpOnly`, `Secure`,
etc. do not have an effect on the filter.

[dmurph, 2016/04/05 00:16:28]

Done.
QUESTION:::
Does this mean that 'Secure' cookies should NOT be cleared for an http origin?

+  GURL test_url(test_case.url);
+  EXPECT_TRUE(test_url.is_valid()) << test_case.url;
+  scoped_ptr<net::CanonicalCookie> cookie = net::CanonicalCookie::Create(
+      test_url, cookie_line, base::Time::Now(), net::CookieOptions());
+  EXPECT_TRUE(cookie) << cookie_line << " from " << test_case.url
+                      << " is not a valid cookie";
+  if (cookie) {
+    if (test_case.should_match)
+      EXPECT_TRUE(filter.Run(*cookie)) << cookie->DebugString()
+                                       << " should match.";
+    else
+      EXPECT_FALSE(filter.Run(*cookie)) << cookie->DebugString()
+                                        << " should not match.";

[Mike West, 2016/03/11 08:36:11]

This pattern could be simplified to `EXPECT_EQ(test_case.should_match,
filter.Run(*cookie))`, here and elsewhere.

[dmurph, 2016/04/05 00:16:28]

Done.

+  }
+  cookie_line = std::string("A=2;domain=") + test_url.host();
+  cookie = net::CanonicalCookie::Create(
+      test_url, cookie_line, base::Time::Now(), net::CookieOptions());
+  if (cookie) {
+    if (test_case.should_match)
+      EXPECT_TRUE(filter.Run(*cookie)) << cookie->DebugString()
+                                       << " should match.";
+    else
+      EXPECT_FALSE(filter.Run(*cookie)) << cookie->DebugString()
+                                        << " should not match.";
+  }
+}
+
 }  // namespace
 
 TEST(OriginFilterBuilderTest, Noop) {
@@ -77,6 +124,54 @@ TEST(OriginFilterBuilderTest, Whitelist) {
     RunTestCase(test_case, filter);
 }
 
+TEST(OriginFilterBuilderTest, WhitelistContentSettings) {
+  OriginFilterBuilder builder(OriginFilterBuilder::WHITELIST);
+  builder.AddOrigin(Origin(GURL("https://www.google.com")));
+  builder.AddOrigin(Origin(GURL("http://www.example.com")));
+  base::Callback<bool(const ContentSettingsPattern&)> filter =
+      builder.BuildWebsiteSettingsPatternMatchesFilter();
+
+  TestCase test_cases[] = {
+      // Whitelist matches any patterns that include the whitelist origins.
+      {"https://www.google.com", true},
+      {"https://[*.]google.com", true},
+      {"https://[*.]google.com:443", true},
+      {"[*.]google.com", true},
+      {"[*.]google.com/foo/bar", true},
+      {"www.google.com/?q=test", true},
+      {"http://www.example.com", true},
+      {"[*.]example.com:80", true},
+      {"http://www.example.com/index.html", true},
+      {"http://www.example.com/foo/bar", true},
+      {"*", true},
+      {"*:80", true},
+      {"*:443", true},
+
+      // Subdomains are different origins.
+      {"https://test.www.google.com", false},
+      {"https://google.com", false},
+
+      // Different TLDs are different origins.
+      {"[*.]google", false},
+      {"[*.]google.net", false},
+      {"https://[*.]google.org", false},
+
+      // Different scheme or port is a different origin.
+      {"http://www.google.com", false},
+      {"http://[*.].google.com", false},
+      {"*:8000", false},
+      {"https://www.example.com/index.html", false},
+
+      // Different host is a different origin.
+      {"https://www.youtube.com", false},
+      {"https://www.chromium.org", false},
+      {"[*.]youtube", false},
+  };
+
+  for (TestCase test_case : test_cases)
+    RunTestCase(test_case, filter);
+}
+
 TEST(OriginFilterBuilderTest, Blacklist) {
   OriginFilterBuilder builder(OriginFilterBuilder::BLACKLIST);
   builder.AddOrigin(Origin(GURL("https://www.google.com")));
@@ -108,6 +203,146 @@ TEST(OriginFilterBuilderTest, Blacklist) {
     RunTestCase(test_case, filter);
 }
 
+TEST(OriginFilterBuilderTest, BlacklistContentSettings) {
+  OriginFilterBuilder builder(OriginFilterBuilder::BLACKLIST);
+  builder.AddOrigin(Origin(GURL("https://www.google.com")));
+  builder.AddOrigin(Origin(GURL("http://www.example.com")));
+  base::Callback<bool(const ContentSettingsPattern&)> filter =
+      builder.BuildWebsiteSettingsPatternMatchesFilter();
+
+  TestCase test_cases[] = {
+      // Blacklist matches any patterns that don't include the origins.
+      {"https://www.google.com", false},
+      {"https://[*.]google.com", false},
+      {"https://[*.]google.com:443", false},
+      {"[*.]google.com", false},
+      {"[*.]google.com/foo/bar", false},
+      {"www.google.com/?q=test", false},
+      {"http://www.example.com", false},
+      {"[*.]example.com:80", false},
+      {"http://www.example.com/index.html", false},
+      {"http://www.example.com/foo/bar", false},
+      {"*", false},
+      {"*:80", false},
+      {"*:443", false},
+
+      // Subdomains are different origins.
+      {"https://test.www.google.com", true},
+      {"https://google.com", true},
+
+      // Different TLDs are different origins.
+      {"[*.]google", true},
+      {"[*.]google.net", true},
+      {"https://[*.]google.org", true},
+
+      // Different scheme or port is a different origin.
+      {"http://www.google.com", true},
+      {"http://[*.].google.com", true},
+      {"*:8000", true},
+      {"https://www.example.com/index.html", true},
+
+      // Different host is a different origin.
+      {"https://www.youtube.com", true},
+      {"https://www.chromium.org", true},
+      {"[*.]youtube", true},
+  };
+
+  for (TestCase test_case : test_cases)
+    RunTestCase(test_case, filter);
+}
+
+TEST(OriginFilterBuilderTest, MatchesCookiesWhitelist) {
+  OriginFilterBuilder builder(OriginFilterBuilder::WHITELIST);
+  // Regular site.
+  builder.AddOrigin(Origin(GURL("https://www.google.com")));

[Mike West, 2016/03/11 08:36:11]

I'd like to see an origin with multiple subdomains in the filter and multiple
subdomains in the tests. For instance:

sub.sub.google.com -> google.com, sub.google.com, sub.sub.google.com,
www.google.com, sub.www.google.com

[dmurph, 2016/04/05 00:16:28]

Done.

+  // sp.nom.br is a TLD.
+  builder.AddOrigin(Origin(GURL("https://www.website.sp.nom.br")));
+  // misawa.aomori.jp is a TLD and possibly not.

[Mike West, 2016/03/11 08:36:11]

and possibly not what?

[dmurph, 2016/04/05 00:16:28]

Clarified.

+  builder.AddOrigin(Origin(GURL("http://www.misawa.aomori.jp")));
+  // Here we're doing no subdomain.
+  builder.AddOrigin(Origin(GURL("http://example.com")));
+  builder.AddOrigin(Origin(GURL("http://192.168.1.1:80")));
+  base::Callback<bool(const net::CanonicalCookie&)> filter =
+      builder.BuildDomainCookieFilter();
+
+  TestCase test_cases[] = {
+      // Any cookie with the same tld+1 is matched
+      {"https://www.google.com", true},
+      {"http://www.google.com", true},
+      {"http://www.google.com:300", true},
+      {"https://mail.google.com", true},
+      {"http://mail.google.com", true},
+      {"http://google.com", true},
+      {"https://website.sp.nom.br", true},
+      {"https://sub.website.sp.nom.br", true},
+      {"http://www.misawa.aomori.jp", true},
+      {"http://www.example.com", true},
+      {"http://192.168.1.1", true},
+      {"http://192.168.1.1:10", true},
+
+      // Different tlds.
+      {"https://www.google.org", false},
+
+      // We treat tld+1 and bare tld as different domains.
+      {"https://www.sp.nom.br", false},

[Mike West, 2016/03/11 08:36:11]

This would be clearer if it was something like "site1.sp.nom.br" in the filter,
and "site2.sp.nom.br" in the test. Ditto for "misawa.aomori.jp".

[dmurph, 2016/04/05 00:16:28]

Done.

+      {"http://www.website.misawa.aomori.jp", false},
+
+      // Different hosts in general.
+      {"https://www.chrome.com", false},
+      {"http://youtube.com", false},
+      {"http://192.168.2.1", false}
+  };
+
+  for (TestCase test_case : test_cases)
+    RunTestCase(test_case, filter);
+}
+
+TEST(OriginFilterBuilderTest, MatchesCookiesBlacklist) {
+  OriginFilterBuilder builder(OriginFilterBuilder::BLACKLIST);
+  // Regular site.
+  builder.AddOrigin(Origin(GURL("https://www.google.com")));
+  // sp.nom.br is a TLD.
+  builder.AddOrigin(Origin(GURL("https://www.website.sp.nom.br")));
+  // misawa.aomori.jp is a TLD and possibly not.
+  builder.AddOrigin(Origin(GURL("http://www.misawa.aomori.jp")));
+  // Here we're doing no subdomain.
+  builder.AddOrigin(Origin(GURL("http://example.com")));
+  builder.AddOrigin(Origin(GURL("http://192.168.1.1:80")));
+  base::Callback<bool(const net::CanonicalCookie&)> filter =
+      builder.BuildDomainCookieFilter();
+
+  TestCase test_cases[] = {
+      // Any cookie with the same tld+1 is matched
+      {"https://www.google.com", false},
+      {"http://www.google.com", false},
+      {"http://www.google.com:300", false},
+      {"https://mail.google.com", false},
+      {"http://mail.google.com", false},
+      {"http://google.com", false},
+      {"https://website.sp.nom.br", false},
+      {"https://sub.website.sp.nom.br", false},
+      {"http://www.misawa.aomori.jp", false},
+      {"http://www.example.com", false},
+      {"http://192.168.1.1", false},
+      {"http://192.168.1.1:10", false},
+
+      // Different tlds.
+      {"https://www.google.org", true},
+
+      // We treat tld+1 and bare tld as different domains.
+      {"https://www.sp.nom.br", true},
+      {"http://www.website.misawa.aomori.jp", true},
+
+      // Different hosts in general.
+      {"https://www.chrome.com", true},
+      {"http://youtube.com", true},
+      {"http://192.168.2.1", true}
+  };
+
+  for (TestCase test_case : test_cases)
+    RunTestCase(test_case, filter);
+}
+
 TEST(OriginFilterBuilderTest, MatchesURLWithSubdomain) {
   OriginFilterBuilder builder(OriginFilterBuilder::WHITELIST);
   builder.AddOrigin(Origin(GURL("https://www.google.com")));