| OLD | NEW |
|---|
| 1 // Copyright (c) 2012 The Chromium Authors. All rights reserved. | 1 // Copyright (c) 2012 The Chromium Authors. All rights reserved. |
| 2 // Use of this source code is governed by a BSD-style license that can be | 2 // Use of this source code is governed by a BSD-style license that can be |
| 3 // found in the LICENSE file. | 3 // found in the LICENSE file. |
| 4 | 4 |
| 5 // Brought to you by number 42. | 5 // Brought to you by number 42. |
| 6 | 6 |
| 7 #ifndef NET_COOKIES_COOKIE_OPTIONS_H_ | 7 #ifndef NET_COOKIES_COOKIE_OPTIONS_H_ |
| 8 #define NET_COOKIES_COOKIE_OPTIONS_H_ | 8 #define NET_COOKIES_COOKIE_OPTIONS_H_ |
| 9 | 9 |
| 10 #include "base/time/time.h" | 10 #include "base/time/time.h" |
| 11 #include "net/base/net_export.h" | 11 #include "net/base/net_export.h" |
| 12 #include "net/cookies/cookie_constants.h" |
| 12 #include "url/gurl.h" | 13 #include "url/gurl.h" |
| 13 | 14 |
| 14 namespace net { | 15 namespace net { |
| 15 | 16 |
| 16 class NET_EXPORT CookieOptions { | 17 class NET_EXPORT CookieOptions { |
| 17 public: | 18 public: |
| 19 enum class SameSiteCookieMode { |
| 20 INCLUDE_STRICT_AND_LAX, |
| 21 INCLUDE_LAX, |
| 22 DO_NOT_INCLUDE |
| 23 }; |
| 24 |
| 18 // Creates a CookieOptions object which: | 25 // Creates a CookieOptions object which: |
| 19 // | 26 // |
| 20 // * Excludes HttpOnly cookies | 27 // * Excludes HttpOnly cookies |
| 21 // * Excludes SameSite cookies | 28 // * Excludes SameSite cookies |
| 22 // * Does not enforce prefix restrictions (e.g. "$Secure-*") | 29 // * Does not enforce prefix restrictions (e.g. "$Secure-*") |
| 23 // * Updates last-accessed time. | 30 // * Updates last-accessed time. |
| 24 // | 31 // |
| 25 // These settings can be altered by calling: | 32 // These settings can be altered by calling: |
| 26 // | 33 // |
| 27 // * |set_{include,exclude}_httponly()| | 34 // * |set_{include,exclude}_httponly()| |
| 28 // * |set_include_same_site()| | 35 // * |set_same_site_cookie_mode( |
| 36 // CookieOptions::SameSiteCookieMode::INCLUDE_STRICT_AND_LAX)| |
| 29 // * |set_enforce_prefixes()| | 37 // * |set_enforce_prefixes()| |
| 30 // * |set_do_not_update_access_time()| | 38 // * |set_do_not_update_access_time()| |
| 31 CookieOptions(); | 39 CookieOptions(); |
| 32 | 40 |
| 33 void set_exclude_httponly() { exclude_httponly_ = true; } | 41 void set_exclude_httponly() { exclude_httponly_ = true; } |
| 34 void set_include_httponly() { exclude_httponly_ = false; } | 42 void set_include_httponly() { exclude_httponly_ = false; } |
| 35 bool exclude_httponly() const { return exclude_httponly_; } | 43 bool exclude_httponly() const { return exclude_httponly_; } |
| 36 | 44 |
| 37 // Default is to exclude 'same_site' cookies. | 45 // Default is to exclude 'same_site' cookies. |
| 38 void set_include_same_site() { include_same_site_ = true; } | 46 void set_same_site_cookie_mode(SameSiteCookieMode mode) { |
| 39 bool include_same_site() const { return include_same_site_; } | 47 same_site_cookie_mode_ = mode; |
| 48 } |
| 49 SameSiteCookieMode same_site_cookie_mode() const { |
| 50 return same_site_cookie_mode_; |
| 51 } |
| 40 | 52 |
| 41 // TODO(jww): Remove once we decide whether to ship modifying 'secure' cookies | 53 // TODO(jww): Remove once we decide whether to ship modifying 'secure' cookies |
| 42 // only from secure schemes. https://crbug.com/546820 | 54 // only from secure schemes. https://crbug.com/546820 |
| 43 void set_enforce_strict_secure() { enforce_strict_secure_ = true; } | 55 void set_enforce_strict_secure() { enforce_strict_secure_ = true; } |
| 44 bool enforce_strict_secure() const { return enforce_strict_secure_; } | 56 bool enforce_strict_secure() const { return enforce_strict_secure_; } |
| 45 | 57 |
| 46 // |server_time| indicates what the server sending us the Cookie thought the | 58 // |server_time| indicates what the server sending us the Cookie thought the |
| 47 // current time was when the cookie was produced. This is used to adjust for | 59 // current time was when the cookie was produced. This is used to adjust for |
| 48 // clock skew between server and host. | 60 // clock skew between server and host. |
| 49 void set_server_time(const base::Time& server_time) { | 61 void set_server_time(const base::Time& server_time) { |
| 50 server_time_ = server_time; | 62 server_time_ = server_time; |
| 51 } | 63 } |
| 52 bool has_server_time() const { return !server_time_.is_null(); } | 64 bool has_server_time() const { return !server_time_.is_null(); } |
| 53 base::Time server_time() const { return server_time_; } | 65 base::Time server_time() const { return server_time_; } |
| 54 | 66 |
| 55 void set_do_not_update_access_time() { update_access_time_ = false; } | 67 void set_do_not_update_access_time() { update_access_time_ = false; } |
| 56 bool update_access_time() const { return update_access_time_; } | 68 bool update_access_time() const { return update_access_time_; } |
| 57 | 69 |
| 58 private: | 70 private: |
| 59 bool exclude_httponly_; | 71 bool exclude_httponly_; |
| 60 bool include_same_site_; | 72 SameSiteCookieMode same_site_cookie_mode_; |
| 61 bool enforce_strict_secure_; | 73 bool enforce_strict_secure_; |
| 62 bool update_access_time_; | 74 bool update_access_time_; |
| 63 base::Time server_time_; | 75 base::Time server_time_; |
| 64 }; | 76 }; |
| 65 | 77 |
| 66 } // namespace net | 78 } // namespace net |
| 67 | 79 |
| 68 #endif // NET_COOKIES_COOKIE_OPTIONS_H_ | 80 #endif // NET_COOKIES_COOKIE_OPTIONS_H_ |
| OLD | NEW |
|---|
Chromium Code Reviews
Issue 1783813002:
SameSite: Strict/Lax behavior. (Closed)
Base URL: https://chromium.googlesource.com/chromium/src.git@strict-lax