Index: net/url_request/url_request_http_job.cc |
diff --git a/net/url_request/url_request_http_job.cc b/net/url_request/url_request_http_job.cc |
index ccc38d544ead9009417fdda7e4b7595c53defc7e..96d1f6f642ae8d223ea03cd5c516e0d1bf16ca29 100644 |
--- a/net/url_request/url_request_http_job.cc |
+++ b/net/url_request/url_request_http_job.cc |
@@ -26,6 +26,7 @@ |
#include "net/base/net_errors.h" |
#include "net/base/network_delegate.h" |
#include "net/base/network_quality_estimator.h" |
+#include "net/base/registry_controlled_domains/registry_controlled_domain.h" |
#include "net/base/sdch_manager.h" |
#include "net/base/sdch_net_log_params.h" |
#include "net/base/url_util.h" |
@@ -730,14 +731,23 @@ void URLRequestHttpJob::AddCookieHeaderAndStart() { |
// once we decide whether or not we're shipping this feature: |
// https://crbug.com/459154 |
url::Origin requested_origin(request_->url()); |
+ url::Origin site_for_cookies(request_->first_party_for_cookies()); |
+ |
if (!network_delegate() || |
!network_delegate()->AreExperimentalCookieFeaturesEnabled()) { |
- options.set_include_same_site(); |
- } else if (requested_origin.IsSameOriginWith( |
- url::Origin(request_->first_party_for_cookies())) && |
- (IsMethodSafe(request_->method()) || |
- requested_origin.IsSameOriginWith(request_->initiator()))) { |
- options.set_include_same_site(); |
+ options.set_same_site_mode( |
+ CookieOptions::SameSiteMode::INCLUDE_STRICT_AND_LAX); |
+ } else if (registry_controlled_domains::SameDomainOrHost( |
+ requested_origin, site_for_cookies, |
+ registry_controlled_domains::INCLUDE_PRIVATE_REGISTRIES)) { |
mmenke
2016/03/17 19:15:57
Add draft RFC link here? (Could add it near eithe
Mike West
2016/03/18 14:27:17
I added a comment block at the top of this section
|
+ if (registry_controlled_domains::SameDomainOrHost( |
+ requested_origin, request_->initiator(), |
+ registry_controlled_domains::INCLUDE_PRIVATE_REGISTRIES)) { |
+ options.set_same_site_mode( |
+ CookieOptions::SameSiteMode::INCLUDE_STRICT_AND_LAX); |
+ } else if (IsMethodSafe(request_->method())) { |
+ options.set_same_site_mode(CookieOptions::SameSiteMode::INCLUDE_LAX); |
+ } |
} |
cookie_store->GetCookieListWithOptionsAsync( |