| OLD | NEW |
|---|
| 1 // Copyright (c) 2012 The Chromium Authors. All rights reserved. | 1 // Copyright (c) 2012 The Chromium Authors. All rights reserved. |
| 2 // Use of this source code is governed by a BSD-style license that can be | 2 // Use of this source code is governed by a BSD-style license that can be |
| 3 // found in the LICENSE file. | 3 // found in the LICENSE file. |
| 4 | 4 |
| 5 #include "net/cookies/canonical_cookie.h" | 5 #include "net/cookies/canonical_cookie.h" |
| 6 | 6 |
| 7 #include <memory> | 7 #include <memory> |
| 8 | 8 |
| 9 #include "base/test/histogram_tester.h" | 9 #include "base/test/histogram_tester.h" |
| 10 #include "net/cookies/cookie_constants.h" | 10 #include "net/cookies/cookie_constants.h" |
| (...skipping 153 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
| 164 EXPECT_FALSE(cookie->IsPersistent()); | 164 EXPECT_FALSE(cookie->IsPersistent()); |
| 165 EXPECT_FALSE(cookie->IsExpired(creation_time)); | 165 EXPECT_FALSE(cookie->IsExpired(creation_time)); |
| 166 EXPECT_EQ(base::Time(), cookie->ExpiryDate()); | 166 EXPECT_EQ(base::Time(), cookie->ExpiryDate()); |
| 167 } | 167 } |
| 168 | 168 |
| 169 TEST(CanonicalCookieTest, IsEquivalent) { | 169 TEST(CanonicalCookieTest, IsEquivalent) { |
| 170 GURL url("http://www.example.com/"); | 170 GURL url("http://www.example.com/"); |
| 171 std::string cookie_name = "A"; | 171 std::string cookie_name = "A"; |
| 172 std::string cookie_value = "2EDA-EF"; | 172 std::string cookie_value = "2EDA-EF"; |
| 173 std::string cookie_domain = ".www.example.com"; | 173 std::string cookie_domain = ".www.example.com"; |
| 174 std::string cookie_path = "/"; | 174 std::string cookie_path = "/path"; |
| 175 base::Time creation_time = base::Time::Now(); | 175 base::Time creation_time = base::Time::Now(); |
| 176 base::Time expiration_time = creation_time + base::TimeDelta::FromDays(2); | 176 base::Time expiration_time = creation_time + base::TimeDelta::FromDays(2); |
| 177 bool secure(false); | 177 bool secure(false); |
| 178 bool httponly(false); | 178 bool httponly(false); |
| 179 CookieSameSite same_site(CookieSameSite::NO_RESTRICTION); | 179 CookieSameSite same_site(CookieSameSite::NO_RESTRICTION); |
| 180 | 180 |
| 181 // Test that a cookie is equivalent to itself. | 181 // Test that a cookie is equivalent to itself. |
| 182 std::unique_ptr<CanonicalCookie> cookie(CanonicalCookie::Create( | 182 std::unique_ptr<CanonicalCookie> cookie(CanonicalCookie::Create( |
| 183 url, cookie_name, cookie_value, cookie_domain, cookie_path, creation_time, | 183 url, cookie_name, cookie_value, cookie_domain, cookie_path, creation_time, |
| 184 expiration_time, secure, httponly, same_site, false, | 184 expiration_time, secure, httponly, same_site, false, |
| 185 COOKIE_PRIORITY_MEDIUM)); | 185 COOKIE_PRIORITY_MEDIUM)); |
| 186 EXPECT_TRUE(cookie->IsEquivalent(*cookie)); | 186 EXPECT_TRUE(cookie->IsEquivalent(*cookie)); |
| 187 EXPECT_TRUE(cookie->IsEquivalentForSecureCookieMatching(*cookie)); |
| 187 | 188 |
| 188 // Test that two identical cookies are equivalent. | 189 // Test that two identical cookies are equivalent. |
| 189 std::unique_ptr<CanonicalCookie> other_cookie(CanonicalCookie::Create( | 190 std::unique_ptr<CanonicalCookie> other_cookie(CanonicalCookie::Create( |
| 190 url, cookie_name, cookie_value, cookie_domain, cookie_path, creation_time, | 191 url, cookie_name, cookie_value, cookie_domain, cookie_path, creation_time, |
| 191 expiration_time, secure, httponly, same_site, false, | 192 expiration_time, secure, httponly, same_site, false, |
| 192 COOKIE_PRIORITY_MEDIUM)); | 193 COOKIE_PRIORITY_MEDIUM)); |
| 193 EXPECT_TRUE(cookie->IsEquivalent(*other_cookie)); | 194 EXPECT_TRUE(cookie->IsEquivalent(*other_cookie)); |
| 195 EXPECT_TRUE(other_cookie->IsEquivalentForSecureCookieMatching(*cookie)); |
| 194 | 196 |
| 195 // Tests that use different variations of attribute values that | 197 // Tests that use different variations of attribute values that |
| 196 // DON'T affect cookie equivalence. | 198 // DON'T affect cookie equivalence. |
| 197 other_cookie = | 199 other_cookie = |
| 198 CanonicalCookie::Create(url, cookie_name, "2", cookie_domain, cookie_path, | 200 CanonicalCookie::Create(url, cookie_name, "2", cookie_domain, cookie_path, |
| 199 creation_time, expiration_time, secure, httponly, | 201 creation_time, expiration_time, secure, httponly, |
| 200 same_site, false, COOKIE_PRIORITY_HIGH); | 202 same_site, false, COOKIE_PRIORITY_HIGH); |
| 201 EXPECT_TRUE(cookie->IsEquivalent(*other_cookie)); | 203 EXPECT_TRUE(cookie->IsEquivalent(*other_cookie)); |
| 204 EXPECT_TRUE(cookie->IsEquivalentForSecureCookieMatching(*other_cookie)); |
| 205 EXPECT_TRUE(other_cookie->IsEquivalentForSecureCookieMatching(*cookie)); |
| 202 | 206 |
| 203 base::Time other_creation_time = | 207 base::Time other_creation_time = |
| 204 creation_time + base::TimeDelta::FromMinutes(2); | 208 creation_time + base::TimeDelta::FromMinutes(2); |
| 205 other_cookie = CanonicalCookie::Create( | 209 other_cookie = CanonicalCookie::Create( |
| 206 url, cookie_name, "2", cookie_domain, cookie_path, other_creation_time, | 210 url, cookie_name, "2", cookie_domain, cookie_path, other_creation_time, |
| 207 expiration_time, secure, httponly, same_site, false, | 211 expiration_time, secure, httponly, same_site, false, |
| 208 COOKIE_PRIORITY_MEDIUM); | 212 COOKIE_PRIORITY_MEDIUM); |
| 209 EXPECT_TRUE(cookie->IsEquivalent(*other_cookie)); | 213 EXPECT_TRUE(cookie->IsEquivalent(*other_cookie)); |
| 214 EXPECT_TRUE(cookie->IsEquivalentForSecureCookieMatching(*other_cookie)); |
| 215 EXPECT_TRUE(other_cookie->IsEquivalentForSecureCookieMatching(*cookie)); |
| 210 | 216 |
| 211 other_cookie = CanonicalCookie::Create( | 217 other_cookie = CanonicalCookie::Create( |
| 212 url, cookie_name, cookie_name, cookie_domain, cookie_path, creation_time, | 218 url, cookie_name, cookie_name, cookie_domain, cookie_path, creation_time, |
| 213 expiration_time, true, httponly, same_site, false, COOKIE_PRIORITY_LOW); | 219 expiration_time, true, httponly, same_site, false, COOKIE_PRIORITY_LOW); |
| 214 EXPECT_TRUE(cookie->IsEquivalent(*other_cookie)); | 220 EXPECT_TRUE(cookie->IsEquivalent(*other_cookie)); |
| 221 EXPECT_TRUE(cookie->IsEquivalentForSecureCookieMatching(*other_cookie)); |
| 222 EXPECT_TRUE(other_cookie->IsEquivalentForSecureCookieMatching(*cookie)); |
| 215 | 223 |
| 216 other_cookie = CanonicalCookie::Create( | 224 other_cookie = CanonicalCookie::Create( |
| 217 url, cookie_name, cookie_name, cookie_domain, cookie_path, creation_time, | 225 url, cookie_name, cookie_name, cookie_domain, cookie_path, creation_time, |
| 218 expiration_time, secure, true, same_site, false, COOKIE_PRIORITY_LOW); | 226 expiration_time, secure, true, same_site, false, COOKIE_PRIORITY_LOW); |
| 219 EXPECT_TRUE(cookie->IsEquivalent(*other_cookie)); | 227 EXPECT_TRUE(cookie->IsEquivalent(*other_cookie)); |
| 228 EXPECT_TRUE(cookie->IsEquivalentForSecureCookieMatching(*other_cookie)); |
| 229 EXPECT_TRUE(other_cookie->IsEquivalentForSecureCookieMatching(*cookie)); |
| 220 | 230 |
| 221 other_cookie = CanonicalCookie::Create( | 231 other_cookie = CanonicalCookie::Create( |
| 222 url, cookie_name, cookie_name, cookie_domain, cookie_path, creation_time, | 232 url, cookie_name, cookie_name, cookie_domain, cookie_path, creation_time, |
| 223 expiration_time, secure, httponly, CookieSameSite::STRICT_MODE, false, | 233 expiration_time, secure, httponly, CookieSameSite::STRICT_MODE, false, |
| 224 COOKIE_PRIORITY_LOW); | 234 COOKIE_PRIORITY_LOW); |
| 225 EXPECT_TRUE(cookie->IsEquivalent(*other_cookie)); | 235 EXPECT_TRUE(cookie->IsEquivalent(*other_cookie)); |
| 236 EXPECT_TRUE(cookie->IsEquivalentForSecureCookieMatching(*other_cookie)); |
| 237 EXPECT_TRUE(other_cookie->IsEquivalentForSecureCookieMatching(*cookie)); |
| 226 | 238 |
| 227 // Tests that use different variations of attribute values that | 239 // Cookies whose names mismatch are not equivalent. |
| 228 // DO affect cookie equivalence. | |
| 229 other_cookie = CanonicalCookie::Create( | 240 other_cookie = CanonicalCookie::Create( |
| 230 url, "B", cookie_value, cookie_domain, cookie_path, creation_time, | 241 url, "B", cookie_value, cookie_domain, cookie_path, creation_time, |
| 231 expiration_time, secure, httponly, same_site, false, | 242 expiration_time, secure, httponly, same_site, false, |
| 232 COOKIE_PRIORITY_MEDIUM); | 243 COOKIE_PRIORITY_MEDIUM); |
| 233 EXPECT_FALSE(cookie->IsEquivalent(*other_cookie)); | 244 EXPECT_FALSE(cookie->IsEquivalent(*other_cookie)); |
| 245 EXPECT_FALSE(cookie->IsEquivalentForSecureCookieMatching(*other_cookie)); |
| 246 EXPECT_FALSE(other_cookie->IsEquivalentForSecureCookieMatching(*cookie)); |
| 234 | 247 |
| 248 // A domain cookie at 'www.example.com' is not equivalent to a host cookie |
| 249 // at the same domain. These are, however, equivalent according to the laxer |
| 250 // rules of 'IsEquivalentForSecureCookieMatching'. |
| 235 other_cookie = CanonicalCookie::Create( | 251 other_cookie = CanonicalCookie::Create( |
| 236 url, cookie_name, cookie_value, std::string(), cookie_path, creation_time, | 252 url, cookie_name, cookie_value, std::string(), cookie_path, creation_time, |
| 237 expiration_time, secure, httponly, same_site, false, | 253 expiration_time, secure, httponly, same_site, false, |
| 238 COOKIE_PRIORITY_MEDIUM); | 254 COOKIE_PRIORITY_MEDIUM); |
| 239 EXPECT_TRUE(cookie->IsDomainCookie()); | 255 EXPECT_TRUE(cookie->IsDomainCookie()); |
| 240 EXPECT_FALSE(other_cookie->IsDomainCookie()); | 256 EXPECT_FALSE(other_cookie->IsDomainCookie()); |
| 241 EXPECT_FALSE(cookie->IsEquivalent(*other_cookie)); | 257 EXPECT_FALSE(cookie->IsEquivalent(*other_cookie)); |
| 258 EXPECT_TRUE(cookie->IsEquivalentForSecureCookieMatching(*other_cookie)); |
| 259 EXPECT_TRUE(other_cookie->IsEquivalentForSecureCookieMatching(*cookie)); |
| 242 | 260 |
| 261 // Likewise, a cookie on 'example.com' is not equivalent to a cookie on |
| 262 // 'www.example.com', but they are equivalent for secure cookie matching. |
| 243 other_cookie = CanonicalCookie::Create( | 263 other_cookie = CanonicalCookie::Create( |
| 244 url, cookie_name, cookie_value, ".example.com", cookie_path, | 264 url, cookie_name, cookie_value, ".example.com", cookie_path, |
| 245 creation_time, expiration_time, secure, httponly, same_site, false, | 265 creation_time, expiration_time, secure, httponly, same_site, false, |
| 246 COOKIE_PRIORITY_MEDIUM); | 266 COOKIE_PRIORITY_MEDIUM); |
| 247 EXPECT_FALSE(cookie->IsEquivalent(*other_cookie)); | 267 EXPECT_FALSE(cookie->IsEquivalent(*other_cookie)); |
| 268 EXPECT_TRUE(cookie->IsEquivalentForSecureCookieMatching(*other_cookie)); |
| 269 EXPECT_TRUE(other_cookie->IsEquivalentForSecureCookieMatching(*cookie)); |
| 248 | 270 |
| 271 // Paths are a bit more complicated. 'IsEquivalent' requires an exact path |
| 272 // match, while secure cookie matching uses a more relaxed 'IsOnPath' check. |
| 273 // That is, |cookie| set on '/path' is not equivalent in either way to |
| 274 // |other_cookie| set on '/test' or '/path/subpath'. It is, however, |
| 275 // equivalent for secure cookie matching to |other_cookie| set on '/'. |
| 249 other_cookie = CanonicalCookie::Create( | 276 other_cookie = CanonicalCookie::Create( |
| 250 url, cookie_name, cookie_value, cookie_domain, "/test/0", creation_time, | 277 url, cookie_name, cookie_value, cookie_domain, "/test", creation_time, |
| 251 expiration_time, secure, httponly, same_site, false, | 278 expiration_time, secure, httponly, same_site, false, |
| 252 COOKIE_PRIORITY_MEDIUM); | 279 COOKIE_PRIORITY_MEDIUM); |
| 253 EXPECT_FALSE(cookie->IsEquivalent(*other_cookie)); | 280 EXPECT_FALSE(cookie->IsEquivalent(*other_cookie)); |
| 254 } | 281 EXPECT_FALSE(cookie->IsEquivalentForSecureCookieMatching(*other_cookie)); |
| 282 EXPECT_FALSE(other_cookie->IsEquivalentForSecureCookieMatching(*cookie)); |
| 255 | 283 |
| 256 TEST(CanonicalCookieTest, IsEquivalentForSecureCookieMatching) { | 284 other_cookie = CanonicalCookie::Create( |
| 257 GURL url("http://www.example.com/"); | 285 url, cookie_name, cookie_value, cookie_domain, cookie_path + "/subpath", |
| 258 std::string cookie_name = "A"; | 286 creation_time, expiration_time, secure, httponly, same_site, false, |
| 259 std::string cookie_value = "2EDA-EF"; | 287 COOKIE_PRIORITY_MEDIUM); |
| 260 std::string cookie_domain = ".www.example.com"; | 288 EXPECT_FALSE(cookie->IsEquivalent(*other_cookie)); |
| 261 std::string cookie_path = "/"; | 289 EXPECT_FALSE(cookie->IsEquivalentForSecureCookieMatching(*other_cookie)); |
| 262 base::Time creation_time = base::Time::Now(); | 290 EXPECT_TRUE(other_cookie->IsEquivalentForSecureCookieMatching(*cookie)); |
| 263 base::Time expiration_time = creation_time + base::TimeDelta::FromDays(2); | |
| 264 bool secure(false); | |
| 265 bool httponly(false); | |
| 266 CookieSameSite same_site(CookieSameSite::NO_RESTRICTION); | |
| 267 | 291 |
| 268 // Test that a cookie is equivalent to itself. | |
| 269 std::unique_ptr<CanonicalCookie> cookie(CanonicalCookie::Create( | |
| 270 url, cookie_name, cookie_value, cookie_domain, cookie_path, creation_time, | |
| 271 expiration_time, secure, httponly, same_site, false, | |
| 272 COOKIE_PRIORITY_MEDIUM)); | |
| 273 EXPECT_TRUE(cookie->IsEquivalentForSecureCookieMatching(*cookie)); | |
| 274 | |
| 275 // Test that two identical cookies are equivalent. | |
| 276 std::unique_ptr<CanonicalCookie> other_cookie(CanonicalCookie::Create( | |
| 277 url, cookie_name, cookie_value, cookie_domain, cookie_path, creation_time, | |
| 278 expiration_time, secure, httponly, same_site, false, | |
| 279 COOKIE_PRIORITY_MEDIUM)); | |
| 280 EXPECT_TRUE(cookie->IsEquivalentForSecureCookieMatching(*other_cookie)); | |
| 281 | |
| 282 // Tests that use different variations of attribute values that | |
| 283 // DON'T affect cookie equivalence. Differs from the IsEquivalent tests above | |
| 284 // as follows: | |
| 285 // * Should return true even if paths differ. | |
| 286 // * Should return true if the domains "domain-match" (but are not | |
| 287 // identical). | |
| 288 other_cookie = | |
| 289 CanonicalCookie::Create(url, cookie_name, "2", cookie_domain, cookie_path, | |
| 290 creation_time, expiration_time, secure, httponly, | |
| 291 same_site, false, COOKIE_PRIORITY_HIGH); | |
| 292 EXPECT_TRUE(cookie->IsEquivalentForSecureCookieMatching(*other_cookie)); | |
| 293 | |
| 294 base::Time other_creation_time = | |
| 295 creation_time + base::TimeDelta::FromMinutes(2); | |
| 296 other_cookie = CanonicalCookie::Create( | 292 other_cookie = CanonicalCookie::Create( |
| 297 url, cookie_name, "2", cookie_domain, cookie_path, other_creation_time, | 293 url, cookie_name, cookie_value, cookie_domain, "/", creation_time, |
| 298 expiration_time, secure, httponly, same_site, false, | 294 expiration_time, secure, httponly, same_site, false, |
| 299 COOKIE_PRIORITY_MEDIUM); | 295 COOKIE_PRIORITY_MEDIUM); |
| 296 EXPECT_FALSE(cookie->IsEquivalent(*other_cookie)); |
| 300 EXPECT_TRUE(cookie->IsEquivalentForSecureCookieMatching(*other_cookie)); | 297 EXPECT_TRUE(cookie->IsEquivalentForSecureCookieMatching(*other_cookie)); |
| 301 | 298 EXPECT_FALSE(other_cookie->IsEquivalentForSecureCookieMatching(*cookie)); |
| 302 other_cookie = CanonicalCookie::Create( | |
| 303 url, cookie_name, cookie_name, cookie_domain, cookie_path, creation_time, | |
| 304 expiration_time, true, httponly, same_site, false, COOKIE_PRIORITY_LOW); | |
| 305 EXPECT_TRUE(cookie->IsEquivalentForSecureCookieMatching(*other_cookie)); | |
| 306 | |
| 307 other_cookie = CanonicalCookie::Create( | |
| 308 url, cookie_name, cookie_name, cookie_domain, cookie_path, creation_time, | |
| 309 expiration_time, secure, true, same_site, false, COOKIE_PRIORITY_LOW); | |
| 310 EXPECT_TRUE(cookie->IsEquivalentForSecureCookieMatching(*other_cookie)); | |
| 311 | |
| 312 other_cookie = CanonicalCookie::Create( | |
| 313 url, cookie_name, cookie_name, cookie_domain, cookie_path, creation_time, | |
| 314 expiration_time, secure, httponly, CookieSameSite::STRICT_MODE, false, | |
| 315 COOKIE_PRIORITY_LOW); | |
| 316 EXPECT_TRUE(cookie->IsEquivalentForSecureCookieMatching(*other_cookie)); | |
| 317 | |
| 318 // The following 3 tests' expected results differ from their IsEquivalent | |
| 319 // counterparts above. | |
| 320 other_cookie = CanonicalCookie::Create( | |
| 321 url, cookie_name, cookie_value, cookie_domain, "/test/0", creation_time, | |
| 322 expiration_time, secure, httponly, same_site, false, | |
| 323 COOKIE_PRIORITY_MEDIUM); | |
| 324 EXPECT_TRUE(cookie->IsEquivalentForSecureCookieMatching(*other_cookie)); | |
| 325 | |
| 326 other_cookie = CanonicalCookie::Create( | |
| 327 url, cookie_name, cookie_value, std::string(), cookie_path, creation_time, | |
| 328 expiration_time, secure, httponly, same_site, false, | |
| 329 COOKIE_PRIORITY_MEDIUM); | |
| 330 EXPECT_TRUE(cookie->IsDomainCookie()); | |
| 331 EXPECT_FALSE(other_cookie->IsDomainCookie()); | |
| 332 EXPECT_TRUE(cookie->IsEquivalentForSecureCookieMatching(*other_cookie)); | |
| 333 | |
| 334 other_cookie = CanonicalCookie::Create( | |
| 335 url, cookie_name, cookie_value, ".example.com", cookie_path, | |
| 336 creation_time, expiration_time, secure, httponly, same_site, false, | |
| 337 COOKIE_PRIORITY_MEDIUM); | |
| 338 EXPECT_TRUE(cookie->IsEquivalentForSecureCookieMatching(*other_cookie)); | |
| 339 | |
| 340 // Tests that use different variations of attribute values that | |
| 341 // DO affect cookie equivalence. Note that unlike the IsEquivalent tests | |
| 342 // above, this does *not* include tests for differing paths or domains that | |
| 343 // "domain-match". | |
| 344 other_cookie = CanonicalCookie::Create( | |
| 345 url, "B", cookie_value, cookie_domain, cookie_path, creation_time, | |
| 346 expiration_time, secure, httponly, same_site, false, | |
| 347 COOKIE_PRIORITY_MEDIUM); | |
| 348 EXPECT_FALSE(cookie->IsEquivalentForSecureCookieMatching(*other_cookie)); | |
| 349 } | 299 } |
| 350 | 300 |
| 351 TEST(CanonicalCookieTest, IsDomainMatch) { | 301 TEST(CanonicalCookieTest, IsDomainMatch) { |
| 352 GURL url("http://www.example.com/test/foo.html"); | 302 GURL url("http://www.example.com/test/foo.html"); |
| 353 base::Time creation_time = base::Time::Now(); | 303 base::Time creation_time = base::Time::Now(); |
| 354 CookieOptions options; | 304 CookieOptions options; |
| 355 | 305 |
| 356 std::unique_ptr<CanonicalCookie> cookie( | 306 std::unique_ptr<CanonicalCookie> cookie( |
| 357 CanonicalCookie::Create(url, "A=2", creation_time, options)); | 307 CanonicalCookie::Create(url, "A=2", creation_time, options)); |
| 358 EXPECT_TRUE(cookie->IsHostCookie()); | 308 EXPECT_TRUE(cookie->IsHostCookie()); |
| (...skipping 349 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
| 708 CanonicalCookie::COOKIE_PREFIX_SECURE, 1); | 658 CanonicalCookie::COOKIE_PREFIX_SECURE, 1); |
| 709 EXPECT_TRUE(CanonicalCookie::Create(https_url, "__SecureA=B; Path=/; Secure", | 659 EXPECT_TRUE(CanonicalCookie::Create(https_url, "__SecureA=B; Path=/; Secure", |
| 710 creation_time, options)); | 660 creation_time, options)); |
| 711 histograms.ExpectBucketCount(kCookiePrefixHistogram, | 661 histograms.ExpectBucketCount(kCookiePrefixHistogram, |
| 712 CanonicalCookie::COOKIE_PREFIX_SECURE, 2); | 662 CanonicalCookie::COOKIE_PREFIX_SECURE, 2); |
| 713 histograms.ExpectBucketCount(kCookiePrefixBlockedHistogram, | 663 histograms.ExpectBucketCount(kCookiePrefixBlockedHistogram, |
| 714 CanonicalCookie::COOKIE_PREFIX_SECURE, 1); | 664 CanonicalCookie::COOKIE_PREFIX_SECURE, 1); |
| 715 } | 665 } |
| 716 | 666 |
| 717 } // namespace net | 667 } // namespace net |
| OLD | NEW |
|---|
Chromium Code Reviews
Issue 2306393002:
Loosen strict 'Secure' checks for non-overlapping paths. (Closed)
