OLD | NEW |
1 // Copyright (c) 2012 The Chromium Authors. All rights reserved. | 1 // Copyright (c) 2012 The Chromium Authors. All rights reserved. |
2 // Use of this source code is governed by a BSD-style license that can be | 2 // Use of this source code is governed by a BSD-style license that can be |
3 // found in the LICENSE file. | 3 // found in the LICENSE file. |
4 | 4 |
5 #include <utility> | 5 #include <utility> |
6 | 6 |
7 #include "build/build_config.h" | 7 #include "build/build_config.h" |
8 | 8 |
9 #if defined(OS_WIN) | 9 #if defined(OS_WIN) |
10 #include <windows.h> | 10 #include <windows.h> |
(...skipping 2646 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
2657 | 2657 |
2658 TestNetworkDelegate network_delegate; | 2658 TestNetworkDelegate network_delegate; |
2659 network_delegate.set_experimental_cookie_features_enabled(true); | 2659 network_delegate.set_experimental_cookie_features_enabled(true); |
2660 default_context_.set_network_delegate(&network_delegate); | 2660 default_context_.set_network_delegate(&network_delegate); |
2661 | 2661 |
2662 // Set up a 'SameSite' cookie (on '127.0.0.1', as that's where | 2662 // Set up a 'SameSite' cookie (on '127.0.0.1', as that's where |
2663 // LocalHttpTestServer points). | 2663 // LocalHttpTestServer points). |
2664 { | 2664 { |
2665 TestDelegate d; | 2665 TestDelegate d; |
2666 scoped_ptr<URLRequest> req(default_context_.CreateRequest( | 2666 scoped_ptr<URLRequest> req(default_context_.CreateRequest( |
2667 test_server.GetURL("/set-cookie?SameSiteCookieToSet=1;SameSite=Strict"), | 2667 test_server.GetURL("/set-cookie?StrictSameSiteCookie=1;SameSite=Strict&L
axSameSiteCookie=1;SameSite=Lax"), |
2668 DEFAULT_PRIORITY, &d)); | 2668 DEFAULT_PRIORITY, &d)); |
2669 req->Start(); | 2669 req->Start(); |
2670 base::RunLoop().Run(); | 2670 base::RunLoop().Run(); |
2671 EXPECT_EQ(0, network_delegate.blocked_get_cookies_count()); | 2671 EXPECT_EQ(0, network_delegate.blocked_get_cookies_count()); |
2672 EXPECT_EQ(0, network_delegate.blocked_set_cookie_count()); | 2672 EXPECT_EQ(0, network_delegate.blocked_set_cookie_count()); |
2673 EXPECT_EQ(1, network_delegate.set_cookie_count()); | 2673 EXPECT_EQ(2, network_delegate.set_cookie_count()); |
2674 } | 2674 } |
2675 | 2675 |
2676 // Verify that the cookie is sent for same-site requests. | 2676 // Verify that both cookies are sent for same-site requests. |
2677 { | 2677 { |
2678 TestDelegate d; | 2678 TestDelegate d; |
2679 scoped_ptr<URLRequest> req(default_context_.CreateRequest( | 2679 scoped_ptr<URLRequest> req(default_context_.CreateRequest( |
2680 test_server.GetURL("/echoheader?Cookie"), DEFAULT_PRIORITY, &d)); | 2680 test_server.GetURL("/echoheader?Cookie"), DEFAULT_PRIORITY, &d)); |
2681 req->set_first_party_for_cookies(test_server.GetURL("/")); | 2681 req->set_first_party_for_cookies(test_server.GetURL("/")); |
2682 req->set_initiator(url::Origin(test_server.GetURL("/"))); | 2682 req->set_initiator(url::Origin(test_server.GetURL("/"))); |
2683 req->Start(); | 2683 req->Start(); |
2684 base::RunLoop().Run(); | 2684 base::RunLoop().Run(); |
2685 | 2685 |
2686 EXPECT_TRUE(d.data_received().find("SameSiteCookieToSet=1") != | 2686 EXPECT_NE(std::string::npos, d.data_received().find("StrictSameSiteCookie=1"
)); |
2687 std::string::npos); | 2687 EXPECT_NE(std::string::npos, d.data_received().find("LaxSameSiteCookie=1")); |
2688 EXPECT_EQ(0, network_delegate.blocked_get_cookies_count()); | 2688 EXPECT_EQ(0, network_delegate.blocked_get_cookies_count()); |
2689 EXPECT_EQ(0, network_delegate.blocked_set_cookie_count()); | 2689 EXPECT_EQ(0, network_delegate.blocked_set_cookie_count()); |
2690 } | 2690 } |
2691 | 2691 |
2692 // Verify that the cookie is not sent for cross-site requests. | 2692 // Verify that neither cookie is not sent for cross-site requests. |
2693 { | 2693 { |
2694 TestDelegate d; | 2694 TestDelegate d; |
2695 scoped_ptr<URLRequest> req(default_context_.CreateRequest( | 2695 scoped_ptr<URLRequest> req(default_context_.CreateRequest( |
2696 test_server.GetURL("/echoheader?Cookie"), DEFAULT_PRIORITY, &d)); | 2696 test_server.GetURL("/echoheader?Cookie"), DEFAULT_PRIORITY, &d)); |
2697 req->set_first_party_for_cookies(GURL("http://cross-site.test/")); | 2697 req->set_first_party_for_cookies(GURL("http://cross-site.test/")); |
2698 req->set_initiator(url::Origin(GURL("http://cross-site.test/"))); | 2698 req->set_initiator(url::Origin(GURL("http://cross-site.test/"))); |
2699 req->Start(); | 2699 req->Start(); |
2700 base::RunLoop().Run(); | 2700 base::RunLoop().Run(); |
2701 | 2701 |
2702 EXPECT_TRUE(d.data_received().find("SameSiteCookieToSet=1") == | 2702 EXPECT_EQ(std::string::npos, d.data_received().find("StrictSameSiteCookie=1"
)); |
2703 std::string::npos); | 2703 EXPECT_EQ(std::string::npos, d.data_received().find("LaxSameSiteCookie=1")); |
2704 EXPECT_EQ(0, network_delegate.blocked_get_cookies_count()); | 2704 EXPECT_EQ(0, network_delegate.blocked_get_cookies_count()); |
2705 EXPECT_EQ(0, network_delegate.blocked_set_cookie_count()); | 2705 EXPECT_EQ(0, network_delegate.blocked_set_cookie_count()); |
2706 } | 2706 } |
2707 | 2707 |
2708 // Verify that the cookie is sent for cross-site initiators when the | 2708 // Verify that the lax cookie is sent for cross-site initiators when the |
2709 // method is "safe". | 2709 // method is "safe". |
2710 { | 2710 { |
2711 TestDelegate d; | 2711 TestDelegate d; |
2712 scoped_ptr<URLRequest> req(default_context_.CreateRequest( | 2712 scoped_ptr<URLRequest> req(default_context_.CreateRequest( |
2713 test_server.GetURL("/echoheader?Cookie"), DEFAULT_PRIORITY, &d)); | 2713 test_server.GetURL("/echoheader?Cookie"), DEFAULT_PRIORITY, &d)); |
2714 req->set_first_party_for_cookies(test_server.GetURL("/")); | 2714 req->set_first_party_for_cookies(test_server.GetURL("/")); |
2715 req->set_initiator(url::Origin(GURL("http://cross-site.test/"))); | 2715 req->set_initiator(url::Origin(GURL("http://cross-site.test/"))); |
2716 req->Start(); | 2716 req->Start(); |
2717 base::RunLoop().Run(); | 2717 base::RunLoop().Run(); |
2718 | 2718 |
2719 EXPECT_FALSE(d.data_received().find("SameSiteCookieToSet=1") == | 2719 EXPECT_EQ(std::string::npos, d.data_received().find("StrictSameSiteCookie=1"
)); |
2720 std::string::npos); | 2720 EXPECT_NE(std::string::npos, d.data_received().find("LaxSameSiteCookie=1")); |
2721 EXPECT_EQ(0, network_delegate.blocked_get_cookies_count()); | 2721 EXPECT_EQ(0, network_delegate.blocked_get_cookies_count()); |
2722 EXPECT_EQ(0, network_delegate.blocked_set_cookie_count()); | 2722 EXPECT_EQ(0, network_delegate.blocked_set_cookie_count()); |
2723 } | 2723 } |
2724 | 2724 |
2725 // Verify that the cookie is not sent for cross-site initiators when the | 2725 // Verify that neither cookie is sent for cross-site initiators when the |
2726 // method is unsafe (e.g. POST). | 2726 // method is unsafe (e.g. POST). |
2727 { | 2727 { |
2728 TestDelegate d; | 2728 TestDelegate d; |
2729 scoped_ptr<URLRequest> req(default_context_.CreateRequest( | 2729 scoped_ptr<URLRequest> req(default_context_.CreateRequest( |
2730 test_server.GetURL("/echoheader?Cookie"), DEFAULT_PRIORITY, &d)); | 2730 test_server.GetURL("/echoheader?Cookie"), DEFAULT_PRIORITY, &d)); |
2731 req->set_first_party_for_cookies(test_server.GetURL("/")); | 2731 req->set_first_party_for_cookies(test_server.GetURL("/")); |
2732 req->set_initiator(url::Origin(GURL("http://cross-site.test/"))); | 2732 req->set_initiator(url::Origin(GURL("http://cross-site.test/"))); |
2733 req->set_method("POST"); | 2733 req->set_method("POST"); |
2734 req->Start(); | 2734 req->Start(); |
2735 base::RunLoop().Run(); | 2735 base::RunLoop().Run(); |
2736 | 2736 |
2737 EXPECT_TRUE(d.data_received().find("SameSiteCookieToSet=1") == | 2737 EXPECT_EQ(std::string::npos, d.data_received().find("StrictSameSiteCookie=1"
)); |
2738 std::string::npos); | 2738 EXPECT_EQ(std::string::npos, d.data_received().find("LaxSameSiteCookie=1")); |
2739 EXPECT_EQ(0, network_delegate.blocked_get_cookies_count()); | 2739 EXPECT_EQ(0, network_delegate.blocked_get_cookies_count()); |
2740 EXPECT_EQ(0, network_delegate.blocked_set_cookie_count()); | 2740 EXPECT_EQ(0, network_delegate.blocked_set_cookie_count()); |
2741 } | 2741 } |
2742 } | 2742 } |
2743 | 2743 |
2744 TEST_F(URLRequestTest, SameSiteCookiesDisabled) { | 2744 TEST_F(URLRequestTest, SameSiteCookiesDisabled) { |
2745 LocalHttpTestServer test_server; | 2745 LocalHttpTestServer test_server; |
2746 ASSERT_TRUE(test_server.Start()); | 2746 ASSERT_TRUE(test_server.Start()); |
2747 | 2747 |
2748 // Set up a 'SameSite' cookie (on '127.0.0.1', as that's where | 2748 // Set up a 'SameSite' cookie (on '127.0.0.1', as that's where |
2749 // LocalHttpTestServer points). | 2749 // LocalHttpTestServer points). |
2750 { | 2750 { |
2751 TestNetworkDelegate network_delegate; | 2751 TestNetworkDelegate network_delegate; |
2752 network_delegate.set_experimental_cookie_features_enabled(false); | 2752 network_delegate.set_experimental_cookie_features_enabled(false); |
2753 default_context_.set_network_delegate(&network_delegate); | 2753 default_context_.set_network_delegate(&network_delegate); |
2754 | 2754 |
2755 TestDelegate d; | 2755 TestDelegate d; |
2756 scoped_ptr<URLRequest> req(default_context_.CreateRequest( | 2756 scoped_ptr<URLRequest> req(default_context_.CreateRequest( |
2757 test_server.GetURL("/set-cookie?SameSiteCookieToSet=1;SameSite"), | 2757 test_server.GetURL("/set-cookie?StrictSameSiteCookie=1;SameSite=Strict&L
axSameSiteCookie=1;SameSite=Lax"), |
2758 DEFAULT_PRIORITY, &d)); | 2758 DEFAULT_PRIORITY, &d)); |
2759 req->Start(); | 2759 req->Start(); |
2760 base::RunLoop().Run(); | 2760 base::RunLoop().Run(); |
2761 EXPECT_EQ(0, network_delegate.blocked_get_cookies_count()); | 2761 EXPECT_EQ(0, network_delegate.blocked_get_cookies_count()); |
2762 EXPECT_EQ(0, network_delegate.blocked_set_cookie_count()); | 2762 EXPECT_EQ(0, network_delegate.blocked_set_cookie_count()); |
2763 EXPECT_EQ(1, network_delegate.set_cookie_count()); | 2763 EXPECT_EQ(2, network_delegate.set_cookie_count()); |
2764 } | 2764 } |
2765 | 2765 |
2766 // Verify that the cookie is sent for same-site requests. | 2766 // Verify that the cookie is sent for same-site requests. |
2767 { | 2767 { |
2768 TestNetworkDelegate network_delegate; | 2768 TestNetworkDelegate network_delegate; |
2769 network_delegate.set_experimental_cookie_features_enabled(false); | 2769 network_delegate.set_experimental_cookie_features_enabled(false); |
2770 default_context_.set_network_delegate(&network_delegate); | 2770 default_context_.set_network_delegate(&network_delegate); |
2771 TestDelegate d; | 2771 TestDelegate d; |
2772 scoped_ptr<URLRequest> req(default_context_.CreateRequest( | 2772 scoped_ptr<URLRequest> req(default_context_.CreateRequest( |
2773 test_server.GetURL("/echoheader?Cookie"), DEFAULT_PRIORITY, &d)); | 2773 test_server.GetURL("/echoheader?Cookie"), DEFAULT_PRIORITY, &d)); |
2774 req->set_first_party_for_cookies(test_server.GetURL("/")); | 2774 req->set_first_party_for_cookies(test_server.GetURL("/")); |
2775 req->Start(); | 2775 req->Start(); |
2776 base::RunLoop().Run(); | 2776 base::RunLoop().Run(); |
2777 | 2777 |
2778 EXPECT_TRUE(d.data_received().find("SameSiteCookieToSet=1") != | 2778 EXPECT_TRUE(d.data_received().find("StrictSameSiteCookie=1") != |
| 2779 std::string::npos); |
| 2780 EXPECT_TRUE(d.data_received().find("LaxSameSiteCookie=1") != |
2779 std::string::npos); | 2781 std::string::npos); |
2780 EXPECT_EQ(0, network_delegate.blocked_get_cookies_count()); | 2782 EXPECT_EQ(0, network_delegate.blocked_get_cookies_count()); |
2781 EXPECT_EQ(0, network_delegate.blocked_set_cookie_count()); | 2783 EXPECT_EQ(0, network_delegate.blocked_set_cookie_count()); |
2782 } | 2784 } |
2783 | 2785 |
2784 // Verify that the cookie is also sent for cross-site requests. | 2786 // Verify that the cookie is also sent for cross-site requests. |
2785 { | 2787 { |
2786 TestNetworkDelegate network_delegate; | 2788 TestNetworkDelegate network_delegate; |
2787 network_delegate.set_experimental_cookie_features_enabled(false); | 2789 network_delegate.set_experimental_cookie_features_enabled(false); |
2788 default_context_.set_network_delegate(&network_delegate); | 2790 default_context_.set_network_delegate(&network_delegate); |
2789 TestDelegate d; | 2791 TestDelegate d; |
2790 scoped_ptr<URLRequest> req(default_context_.CreateRequest( | 2792 scoped_ptr<URLRequest> req(default_context_.CreateRequest( |
2791 test_server.GetURL("/echoheader?Cookie"), DEFAULT_PRIORITY, &d)); | 2793 test_server.GetURL("/echoheader?Cookie"), DEFAULT_PRIORITY, &d)); |
2792 req->set_first_party_for_cookies(GURL("http://cross-site.test/")); | 2794 req->set_first_party_for_cookies(GURL("http://cross-site.test/")); |
2793 req->Start(); | 2795 req->Start(); |
2794 base::RunLoop().Run(); | 2796 base::RunLoop().Run(); |
2795 | 2797 |
2796 EXPECT_NE(d.data_received().find("SameSiteCookieToSet=1"), | 2798 EXPECT_NE(d.data_received().find("StrictSameSiteCookie=1"), |
2797 std::string::npos); | 2799 std::string::npos); |
| 2800 EXPECT_TRUE(d.data_received().find("LaxSameSiteCookie=1") != |
| 2801 std::string::npos); |
2798 EXPECT_EQ(0, network_delegate.blocked_get_cookies_count()); | 2802 EXPECT_EQ(0, network_delegate.blocked_get_cookies_count()); |
2799 EXPECT_EQ(0, network_delegate.blocked_set_cookie_count()); | 2803 EXPECT_EQ(0, network_delegate.blocked_set_cookie_count()); |
2800 } | 2804 } |
2801 } | 2805 } |
2802 | 2806 |
2803 // Tests that __Secure- cookies can't be set on non-secure origins. | 2807 // Tests that __Secure- cookies can't be set on non-secure origins. |
2804 TEST_F(URLRequestTest, SecureCookiePrefixOnNonsecureOrigin) { | 2808 TEST_F(URLRequestTest, SecureCookiePrefixOnNonsecureOrigin) { |
2805 EmbeddedTestServer http_server; | 2809 EmbeddedTestServer http_server; |
2806 http_server.AddDefaultHandlers( | 2810 http_server.AddDefaultHandlers( |
2807 base::FilePath(FILE_PATH_LITERAL("net/data/ssl"))); | 2811 base::FilePath(FILE_PATH_LITERAL("net/data/ssl"))); |
(...skipping 7207 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
10015 AddTestInterceptor()->set_main_intercept_job(std::move(job)); | 10019 AddTestInterceptor()->set_main_intercept_job(std::move(job)); |
10016 | 10020 |
10017 req->Start(); | 10021 req->Start(); |
10018 req->Cancel(); | 10022 req->Cancel(); |
10019 base::RunLoop().RunUntilIdle(); | 10023 base::RunLoop().RunUntilIdle(); |
10020 EXPECT_EQ(URLRequestStatus::CANCELED, req->status().status()); | 10024 EXPECT_EQ(URLRequestStatus::CANCELED, req->status().status()); |
10021 EXPECT_EQ(0, d.received_redirect_count()); | 10025 EXPECT_EQ(0, d.received_redirect_count()); |
10022 } | 10026 } |
10023 | 10027 |
10024 } // namespace net | 10028 } // namespace net |
OLD | NEW |