OLD | NEW |
1 // Copyright (c) 2012 The Chromium Authors. All rights reserved. | 1 // Copyright (c) 2012 The Chromium Authors. All rights reserved. |
2 // Use of this source code is governed by a BSD-style license that can be | 2 // Use of this source code is governed by a BSD-style license that can be |
3 // found in the LICENSE file. | 3 // found in the LICENSE file. |
4 | 4 |
5 // Portions of this code based on Mozilla: | 5 // Portions of this code based on Mozilla: |
6 // (netwerk/cookie/src/nsCookieService.cpp) | 6 // (netwerk/cookie/src/nsCookieService.cpp) |
7 /* ***** BEGIN LICENSE BLOCK ***** | 7 /* ***** BEGIN LICENSE BLOCK ***** |
8 * Version: MPL 1.1/GPL 2.0/LGPL 2.1 | 8 * Version: MPL 1.1/GPL 2.0/LGPL 2.1 |
9 * | 9 * |
10 * The contents of this file are subject to the Mozilla Public License Version | 10 * The contents of this file are subject to the Mozilla Public License Version |
(...skipping 116 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
127 CanonicalCookie::CanonicalCookie(const GURL& url, | 127 CanonicalCookie::CanonicalCookie(const GURL& url, |
128 const std::string& name, | 128 const std::string& name, |
129 const std::string& value, | 129 const std::string& value, |
130 const std::string& domain, | 130 const std::string& domain, |
131 const std::string& path, | 131 const std::string& path, |
132 const base::Time& creation, | 132 const base::Time& creation, |
133 const base::Time& expiration, | 133 const base::Time& expiration, |
134 const base::Time& last_access, | 134 const base::Time& last_access, |
135 bool secure, | 135 bool secure, |
136 bool httponly, | 136 bool httponly, |
137 bool same_site, | 137 CookieSameSite same_site, |
138 CookiePriority priority) | 138 CookiePriority priority) |
139 : source_(url.SchemeIsFile() ? url : url.GetOrigin()), | 139 : source_(url.SchemeIsFile() ? url : url.GetOrigin()), |
140 name_(name), | 140 name_(name), |
141 value_(value), | 141 value_(value), |
142 domain_(domain), | 142 domain_(domain), |
143 path_(path), | 143 path_(path), |
144 creation_date_(creation), | 144 creation_date_(creation), |
145 expiry_date_(expiration), | 145 expiry_date_(expiration), |
146 last_access_date_(last_access), | 146 last_access_date_(last_access), |
147 secure_(secure), | 147 secure_(secure), |
148 httponly_(httponly), | 148 httponly_(httponly), |
149 same_site_(same_site), | 149 same_site_(same_site), |
150 priority_(priority) {} | 150 priority_(priority) {} |
151 | 151 |
152 CanonicalCookie::CanonicalCookie(const GURL& url, const ParsedCookie& pc) | 152 CanonicalCookie::CanonicalCookie(const GURL& url, const ParsedCookie& pc) |
153 : source_(url.SchemeIsFile() ? url : url.GetOrigin()), | 153 : source_(url.SchemeIsFile() ? url : url.GetOrigin()), |
154 name_(pc.Name()), | 154 name_(pc.Name()), |
155 value_(pc.Value()), | 155 value_(pc.Value()), |
156 path_(CanonPath(url, pc)), | 156 path_(CanonPath(url, pc)), |
157 creation_date_(Time::Now()), | 157 creation_date_(Time::Now()), |
158 last_access_date_(Time()), | 158 last_access_date_(Time()), |
159 secure_(pc.IsSecure()), | 159 secure_(pc.IsSecure()), |
160 httponly_(pc.IsHttpOnly()), | 160 httponly_(pc.IsHttpOnly()), |
161 same_site_(pc.IsSameSite()), | 161 same_site_(pc.SameSite()), |
162 priority_(pc.Priority()) { | 162 priority_(pc.Priority()) { |
163 if (pc.HasExpires()) | 163 if (pc.HasExpires()) |
164 expiry_date_ = CanonExpiration(pc, creation_date_, creation_date_); | 164 expiry_date_ = CanonExpiration(pc, creation_date_, creation_date_); |
165 | 165 |
166 // Do the best we can with the domain. | 166 // Do the best we can with the domain. |
167 std::string cookie_domain; | 167 std::string cookie_domain; |
168 std::string domain_string; | 168 std::string domain_string; |
169 if (pc.HasDomain()) { | 169 if (pc.HasDomain()) { |
170 domain_string = pc.Domain(); | 170 domain_string = pc.Domain(); |
171 } | 171 } |
(...skipping 98 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
270 if (!is_cookie_valid) { | 270 if (!is_cookie_valid) { |
271 VLOG(kVlogSetCookies) | 271 VLOG(kVlogSetCookies) |
272 << "Create() failed because the cookie violated prefix rules."; | 272 << "Create() failed because the cookie violated prefix rules."; |
273 return nullptr; | 273 return nullptr; |
274 } | 274 } |
275 | 275 |
276 return make_scoped_ptr(new CanonicalCookie( | 276 return make_scoped_ptr(new CanonicalCookie( |
277 url, parsed_cookie.Name(), parsed_cookie.Value(), cookie_domain, | 277 url, parsed_cookie.Name(), parsed_cookie.Value(), cookie_domain, |
278 cookie_path, creation_time, cookie_expires, creation_time, | 278 cookie_path, creation_time, cookie_expires, creation_time, |
279 parsed_cookie.IsSecure(), parsed_cookie.IsHttpOnly(), | 279 parsed_cookie.IsSecure(), parsed_cookie.IsHttpOnly(), |
280 parsed_cookie.IsSameSite(), parsed_cookie.Priority())); | 280 parsed_cookie.SameSite(), parsed_cookie.Priority())); |
281 } | 281 } |
282 | 282 |
283 // static | 283 // static |
284 scoped_ptr<CanonicalCookie> CanonicalCookie::Create( | 284 scoped_ptr<CanonicalCookie> CanonicalCookie::Create( |
285 const GURL& url, | 285 const GURL& url, |
286 const std::string& name, | 286 const std::string& name, |
287 const std::string& value, | 287 const std::string& value, |
288 const std::string& domain, | 288 const std::string& domain, |
289 const std::string& path, | 289 const std::string& path, |
290 const base::Time& creation, | 290 const base::Time& creation, |
291 const base::Time& expiration, | 291 const base::Time& expiration, |
292 bool secure, | 292 bool secure, |
293 bool http_only, | 293 bool http_only, |
294 bool same_site, | 294 CookieSameSite same_site, |
295 bool enforce_strict_secure, | 295 bool enforce_strict_secure, |
296 CookiePriority priority) { | 296 CookiePriority priority) { |
297 // Expect valid attribute tokens and values, as defined by the ParsedCookie | 297 // Expect valid attribute tokens and values, as defined by the ParsedCookie |
298 // logic, otherwise don't create the cookie. | 298 // logic, otherwise don't create the cookie. |
299 std::string parsed_name = ParsedCookie::ParseTokenString(name); | 299 std::string parsed_name = ParsedCookie::ParseTokenString(name); |
300 if (parsed_name != name) | 300 if (parsed_name != name) |
301 return nullptr; | 301 return nullptr; |
302 std::string parsed_value = ParsedCookie::ParseValueString(value); | 302 std::string parsed_value = ParsedCookie::ParseValueString(value); |
303 if (parsed_value != value) | 303 if (parsed_value != value) |
304 return nullptr; | 304 return nullptr; |
(...skipping 110 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
415 if (IsSecure() && !url.SchemeIsCryptographic()) | 415 if (IsSecure() && !url.SchemeIsCryptographic()) |
416 return false; | 416 return false; |
417 // Don't include cookies for requests that don't apply to the cookie domain. | 417 // Don't include cookies for requests that don't apply to the cookie domain. |
418 if (!IsDomainMatch(url.host())) | 418 if (!IsDomainMatch(url.host())) |
419 return false; | 419 return false; |
420 // Don't include cookies for requests with a url path that does not path | 420 // Don't include cookies for requests with a url path that does not path |
421 // match the cookie-path. | 421 // match the cookie-path. |
422 if (!IsOnPath(url.path())) | 422 if (!IsOnPath(url.path())) |
423 return false; | 423 return false; |
424 // Don't include same-site cookies for cross-site requests. | 424 // Don't include same-site cookies for cross-site requests. |
425 if (IsSameSite() && !options.include_same_site()) | 425 // |
| 426 // TODO(mkwst): This currently treats both "strict" and "lax" SameSite cookies |
| 427 // in the same way. https://codereview.chromium.org/1783813002 will eventually |
| 428 // distinguish between them based on attributes of the request. |
| 429 if (SameSite() != CookieSameSite::NO_RESTRICTION && |
| 430 !options.include_same_site()) { |
426 return false; | 431 return false; |
| 432 } |
427 | 433 |
428 return true; | 434 return true; |
429 } | 435 } |
430 | 436 |
431 std::string CanonicalCookie::DebugString() const { | 437 std::string CanonicalCookie::DebugString() const { |
432 return base::StringPrintf( | 438 return base::StringPrintf( |
433 "name: %s value: %s domain: %s path: %s creation: %" PRId64, | 439 "name: %s value: %s domain: %s path: %s creation: %" PRId64, |
434 name_.c_str(), value_.c_str(), domain_.c_str(), path_.c_str(), | 440 name_.c_str(), value_.c_str(), domain_.c_str(), path_.c_str(), |
435 static_cast<int64_t>(creation_date_.ToTimeT())); | 441 static_cast<int64_t>(creation_date_.ToTimeT())); |
436 } | 442 } |
(...skipping 70 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
507 if (prefix == CanonicalCookie::COOKIE_PREFIX_SECURE) | 513 if (prefix == CanonicalCookie::COOKIE_PREFIX_SECURE) |
508 return parsed_cookie.IsSecure() && url.SchemeIsCryptographic(); | 514 return parsed_cookie.IsSecure() && url.SchemeIsCryptographic(); |
509 if (prefix == CanonicalCookie::COOKIE_PREFIX_HOST) { | 515 if (prefix == CanonicalCookie::COOKIE_PREFIX_HOST) { |
510 return parsed_cookie.IsSecure() && url.SchemeIsCryptographic() && | 516 return parsed_cookie.IsSecure() && url.SchemeIsCryptographic() && |
511 !parsed_cookie.HasDomain() && parsed_cookie.Path() == "/"; | 517 !parsed_cookie.HasDomain() && parsed_cookie.Path() == "/"; |
512 } | 518 } |
513 return true; | 519 return true; |
514 } | 520 } |
515 | 521 |
516 } // namespace net | 522 } // namespace net |
OLD | NEW |