SameSite: Strict/Lax behavior.

content/browser/frame_host/render_frame_message_filter.cc

Index: content/browser/frame_host/render_frame_message_filter.cc
diff --git a/content/browser/frame_host/render_frame_message_filter.cc b/content/browser/frame_host/render_frame_message_filter.cc
index 803ce426f4fd58617fe21657165e315d13ca83b6..b715d61c4f8006757eea7242391bf1eb1da5549e 100644
--- a/content/browser/frame_host/render_frame_message_filter.cc
+++ b/content/browser/frame_host/render_frame_message_filter.cc
@@ -394,7 +394,8 @@ void RenderFrameMessageFilter::OnGetCookies(int render_frame_id,
   net::URLRequestContext* context = GetRequestContextForURL(url);
 
   net::CookieOptions options;
-  options.set_include_same_site();
+  options.set_same_site_mode(
+      net::CookieOptions::SameSiteMode::INCLUDE_STRICT_AND_LAX);

[mmenke, 2016/03/17 19:15:56]

Is this right?  Seems like for an iframe with an origin that doesn't match that
of one of its parent frames, this should be
net::CookieOptions::SameSiteMode::INCLUDE_LAX.

[Mike West, 2016/03/17 19:57:11]

Hrm. I think you're right, which is unfortunate, as it's going to make this more
complicated. Not much more complicated, though; we just need to compare the
registrable domains of |url| and |first_party_for_cookies|, as the latter takes
the kinds of things into account that you're mentioning.

[Mike West, 2016/03/18 14:27:17]

Done, and added a browser test to cover.

   context->cookie_store()->GetCookieListWithOptionsAsync(
       url, options,
       base::Bind(&RenderFrameMessageFilter::CheckPolicyForCookies, this,