OLD | NEW |
1 // Copyright (c) 2012 The Chromium Authors. All rights reserved. | 1 // Copyright (c) 2012 The Chromium Authors. All rights reserved. |
2 // Use of this source code is governed by a BSD-style license that can be | 2 // Use of this source code is governed by a BSD-style license that can be |
3 // found in the LICENSE file. | 3 // found in the LICENSE file. |
4 | 4 |
5 #include "net/cookies/canonical_cookie.h" | 5 #include "net/cookies/canonical_cookie.h" |
6 | 6 |
7 #include "base/memory/scoped_ptr.h" | 7 #include "base/memory/scoped_ptr.h" |
8 #include "base/test/histogram_tester.h" | 8 #include "base/test/histogram_tester.h" |
9 #include "net/cookies/cookie_constants.h" | 9 #include "net/cookies/cookie_constants.h" |
10 #include "net/cookies/cookie_options.h" | 10 #include "net/cookies/cookie_options.h" |
(...skipping 67 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
78 CanonicalCookie::Create(url, "A=2; HttpOnly", creation_time, options); | 78 CanonicalCookie::Create(url, "A=2; HttpOnly", creation_time, options); |
79 EXPECT_FALSE(cookie.get()); | 79 EXPECT_FALSE(cookie.get()); |
80 CookieOptions httponly_options; | 80 CookieOptions httponly_options; |
81 httponly_options.set_include_httponly(); | 81 httponly_options.set_include_httponly(); |
82 cookie = CanonicalCookie::Create(url, "A=2; HttpOnly", creation_time, | 82 cookie = CanonicalCookie::Create(url, "A=2; HttpOnly", creation_time, |
83 httponly_options); | 83 httponly_options); |
84 EXPECT_TRUE(cookie->IsHttpOnly()); | 84 EXPECT_TRUE(cookie->IsHttpOnly()); |
85 | 85 |
86 // Test creating SameSite cookies. | 86 // Test creating SameSite cookies. |
87 CookieOptions same_site_options; | 87 CookieOptions same_site_options; |
88 same_site_options.set_include_same_site(); | 88 same_site_options.set_same_site_cookie_mode( |
| 89 CookieOptions::SameSiteCookieMode::INCLUDE_STRICT_AND_LAX); |
89 cookie = CanonicalCookie::Create(url, "A=2; SameSite=Strict", creation_time, | 90 cookie = CanonicalCookie::Create(url, "A=2; SameSite=Strict", creation_time, |
90 same_site_options); | 91 same_site_options); |
91 EXPECT_TRUE(cookie.get()); | 92 EXPECT_TRUE(cookie.get()); |
92 EXPECT_EQ(CookieSameSite::STRICT_MODE, cookie->SameSite()); | 93 EXPECT_EQ(CookieSameSite::STRICT_MODE, cookie->SameSite()); |
93 cookie = CanonicalCookie::Create(url, "A=2; SameSite=Lax", creation_time, | 94 cookie = CanonicalCookie::Create(url, "A=2; SameSite=Lax", creation_time, |
94 same_site_options); | 95 same_site_options); |
95 EXPECT_TRUE(cookie.get()); | 96 EXPECT_TRUE(cookie.get()); |
96 EXPECT_EQ(CookieSameSite::LAX_MODE, cookie->SameSite()); | 97 EXPECT_EQ(CookieSameSite::LAX_MODE, cookie->SameSite()); |
97 cookie = CanonicalCookie::Create(url, "A=2; SameSite", creation_time, | 98 cookie = CanonicalCookie::Create(url, "A=2; SameSite", creation_time, |
98 same_site_options); | 99 same_site_options); |
(...skipping 339 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
438 options.set_include_httponly(); | 439 options.set_include_httponly(); |
439 cookie = | 440 cookie = |
440 CanonicalCookie::Create(url, "A=2; HttpOnly", creation_time, options); | 441 CanonicalCookie::Create(url, "A=2; HttpOnly", creation_time, options); |
441 EXPECT_TRUE(cookie->IsHttpOnly()); | 442 EXPECT_TRUE(cookie->IsHttpOnly()); |
442 EXPECT_TRUE(cookie->IncludeForRequestURL(url, options)); | 443 EXPECT_TRUE(cookie->IncludeForRequestURL(url, options)); |
443 options.set_exclude_httponly(); | 444 options.set_exclude_httponly(); |
444 EXPECT_FALSE(cookie->IncludeForRequestURL(url, options)); | 445 EXPECT_FALSE(cookie->IncludeForRequestURL(url, options)); |
445 } | 446 } |
446 | 447 |
447 TEST(CanonicalCookieTest, IncludeSameSiteForSameSiteURL) { | 448 TEST(CanonicalCookieTest, IncludeSameSiteForSameSiteURL) { |
448 GURL insecure_url("http://example.test"); | 449 GURL url("https://example.test"); |
449 GURL secure_url("https://example.test"); | |
450 GURL secure_url_with_path("https://example.test/foo/bar/index.html"); | |
451 GURL third_party_url("https://not-example.test"); | |
452 base::Time creation_time = base::Time::Now(); | 450 base::Time creation_time = base::Time::Now(); |
453 CookieOptions options; | 451 CookieOptions options; |
454 scoped_ptr<CanonicalCookie> cookie; | 452 scoped_ptr<CanonicalCookie> cookie; |
455 | 453 |
456 // Same-site cookies are not included for cross-site requests, | 454 // `SameSite=Strict` cookies are included for a URL only if the options' |
457 // even if other properties match: | 455 // SameSiteCookieMode is INCLUDE_STRICT_AND_LAX. |
458 cookie = CanonicalCookie::Create(secure_url, "A=2; SameSite=Strict", | 456 cookie = CanonicalCookie::Create(url, "A=2; SameSite=Strict", creation_time, |
459 creation_time, options); | 457 options); |
460 EXPECT_EQ(CookieSameSite::STRICT_MODE, cookie->SameSite()); | 458 EXPECT_EQ(CookieSameSite::STRICT_MODE, cookie->SameSite()); |
461 EXPECT_FALSE(cookie->IncludeForRequestURL(secure_url, options)); | 459 options.set_same_site_cookie_mode( |
462 cookie = CanonicalCookie::Create(secure_url, "A=2; Secure; SameSite=Strict", | 460 CookieOptions::SameSiteCookieMode::DO_NOT_INCLUDE); |
463 creation_time, options); | 461 EXPECT_FALSE(cookie->IncludeForRequestURL(url, options)); |
464 EXPECT_EQ(CookieSameSite::STRICT_MODE, cookie->SameSite()); | 462 options.set_same_site_cookie_mode( |
465 EXPECT_FALSE(cookie->IncludeForRequestURL(secure_url, options)); | 463 CookieOptions::SameSiteCookieMode::INCLUDE_LAX); |
466 cookie = CanonicalCookie::Create(secure_url_with_path, | 464 EXPECT_FALSE(cookie->IncludeForRequestURL(url, options)); |
467 "A=2; SameSite=Strict; path=/foo/bar", | 465 options.set_same_site_cookie_mode( |
468 creation_time, options); | 466 CookieOptions::SameSiteCookieMode::INCLUDE_STRICT_AND_LAX); |
469 EXPECT_EQ(CookieSameSite::STRICT_MODE, cookie->SameSite()); | 467 EXPECT_TRUE(cookie->IncludeForRequestURL(url, options)); |
470 EXPECT_FALSE(cookie->IncludeForRequestURL(secure_url, options)); | |
471 | 468 |
472 // Same-site cookies are included for same-site requests: | 469 // `SameSite=Lax` cookies are included for a URL only if the options' |
473 options.set_include_same_site(); | 470 // SameSiteCookieMode is INCLUDE_STRICT_AND_LAX. |
474 cookie = CanonicalCookie::Create(secure_url, "A=2; SameSite=Strict", | 471 cookie = |
475 creation_time, options); | 472 CanonicalCookie::Create(url, "A=2; SameSite=Lax", creation_time, options); |
476 EXPECT_EQ(CookieSameSite::STRICT_MODE, cookie->SameSite()); | 473 EXPECT_EQ(CookieSameSite::LAX_MODE, cookie->SameSite()); |
477 EXPECT_TRUE(cookie->IncludeForRequestURL(secure_url, options)); | 474 options.set_same_site_cookie_mode( |
478 cookie = CanonicalCookie::Create(secure_url, "A=2; Secure; SameSite=Strict", | 475 CookieOptions::SameSiteCookieMode::DO_NOT_INCLUDE); |
479 creation_time, options); | 476 EXPECT_FALSE(cookie->IncludeForRequestURL(url, options)); |
480 EXPECT_EQ(CookieSameSite::STRICT_MODE, cookie->SameSite()); | 477 options.set_same_site_cookie_mode( |
481 EXPECT_TRUE(cookie->IncludeForRequestURL(secure_url, options)); | 478 CookieOptions::SameSiteCookieMode::INCLUDE_LAX); |
482 cookie = CanonicalCookie::Create(secure_url_with_path, | 479 EXPECT_TRUE(cookie->IncludeForRequestURL(url, options)); |
483 "A=2; SameSite=Strict; path=/foo/bar", | 480 options.set_same_site_cookie_mode( |
484 creation_time, options); | 481 CookieOptions::SameSiteCookieMode::INCLUDE_STRICT_AND_LAX); |
485 EXPECT_EQ(CookieSameSite::STRICT_MODE, cookie->SameSite()); | 482 EXPECT_TRUE(cookie->IncludeForRequestURL(url, options)); |
486 EXPECT_TRUE(cookie->IncludeForRequestURL(secure_url_with_path, options)); | |
487 } | 483 } |
488 | 484 |
489 TEST(CanonicalCookieTest, PartialCompare) { | 485 TEST(CanonicalCookieTest, PartialCompare) { |
490 GURL url("http://www.example.com"); | 486 GURL url("http://www.example.com"); |
491 base::Time creation_time = base::Time::Now(); | 487 base::Time creation_time = base::Time::Now(); |
492 CookieOptions options; | 488 CookieOptions options; |
493 scoped_ptr<CanonicalCookie> cookie( | 489 scoped_ptr<CanonicalCookie> cookie( |
494 CanonicalCookie::Create(url, "a=b", creation_time, options)); | 490 CanonicalCookie::Create(url, "a=b", creation_time, options)); |
495 scoped_ptr<CanonicalCookie> cookie_different_path( | 491 scoped_ptr<CanonicalCookie> cookie_different_path( |
496 CanonicalCookie::Create(url, "a=b; path=/foo", creation_time, options)); | 492 CanonicalCookie::Create(url, "a=b; path=/foo", creation_time, options)); |
(...skipping 215 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
712 CanonicalCookie::COOKIE_PREFIX_SECURE, 1); | 708 CanonicalCookie::COOKIE_PREFIX_SECURE, 1); |
713 EXPECT_TRUE(CanonicalCookie::Create(https_url, "__SecureA=B; Path=/; Secure", | 709 EXPECT_TRUE(CanonicalCookie::Create(https_url, "__SecureA=B; Path=/; Secure", |
714 creation_time, options)); | 710 creation_time, options)); |
715 histograms.ExpectBucketCount(kCookiePrefixHistogram, | 711 histograms.ExpectBucketCount(kCookiePrefixHistogram, |
716 CanonicalCookie::COOKIE_PREFIX_SECURE, 2); | 712 CanonicalCookie::COOKIE_PREFIX_SECURE, 2); |
717 histograms.ExpectBucketCount(kCookiePrefixBlockedHistogram, | 713 histograms.ExpectBucketCount(kCookiePrefixBlockedHistogram, |
718 CanonicalCookie::COOKIE_PREFIX_SECURE, 1); | 714 CanonicalCookie::COOKIE_PREFIX_SECURE, 1); |
719 } | 715 } |
720 | 716 |
721 } // namespace net | 717 } // namespace net |
OLD | NEW |