SameSite: Strict/Lax behavior.

net/cookies/canonical_cookie.cc

 // Copyright (c) 2012 The Chromium Authors. All rights reserved.
 // Use of this source code is governed by a BSD-style license that can be
 // found in the LICENSE file.
 
 // Portions of this code based on Mozilla:
 //   (netwerk/cookie/src/nsCookieService.cpp)
 /* ***** BEGIN LICENSE BLOCK *****
  * Version: MPL 1.1/GPL 2.0/LGPL 2.1
  *
  * The contents of this file are subject to the Mozilla Public License Version
@@ skipping 404 matching lines @@
   if (IsSecure() && !url.SchemeIsCryptographic())
     return false;
   // Don't include cookies for requests that don't apply to the cookie domain.
   if (!IsDomainMatch(url.host()))
     return false;
   // Don't include cookies for requests with a url path that does not path
   // match the cookie-path.
   if (!IsOnPath(url.path()))
     return false;
   // Don't include same-site cookies for cross-site requests.
-  //
-  // TODO(mkwst): This currently treats both "strict" and "lax" SameSite cookies
-  // in the same way. https://codereview.chromium.org/1783813002 will eventually
-  // distinguish between them based on attributes of the request.
-  if (SameSite() != CookieSameSite::NO_RESTRICTION &&
-      !options.include_same_site()) {
+  if (SameSite() > options.include_same_site())
     return false;
-  }
 
   return true;
 }
 
 std::string CanonicalCookie::DebugString() const {
   return base::StringPrintf(
       "name: %s value: %s domain: %s path: %s creation: %" PRId64,
       name_.c_str(), value_.c_str(), domain_.c_str(), path_.c_str(),
       static_cast<int64_t>(creation_date_.ToTimeT()));
 }
@@ skipping 70 matching lines @@
   if (prefix == CanonicalCookie::COOKIE_PREFIX_SECURE)
     return parsed_cookie.IsSecure() && url.SchemeIsCryptographic();
   if (prefix == CanonicalCookie::COOKIE_PREFIX_HOST) {
     return parsed_cookie.IsSecure() && url.SchemeIsCryptographic() &&
            !parsed_cookie.HasDomain() && parsed_cookie.Path() == "/";
   }
   return true;
 }
 
 }  // namespace net