Loosen strict 'Secure' checks for non-overlapping paths.

net/cookies/canonical_cookie.h

Index: net/cookies/canonical_cookie.h
diff --git a/net/cookies/canonical_cookie.h b/net/cookies/canonical_cookie.h
index 965396b58b01b5011d53dc6c96a2cadd018d1ff4..b0778e660e11a4bb3dfa631a286da4604db2de86 100644
--- a/net/cookies/canonical_cookie.h
+++ b/net/cookies/canonical_cookie.h
@@ -103,13 +103,13 @@ class NET_EXPORT CanonicalCookie {
             && path_ == ecc.Path());
   }
 
-  // Checks if two cookies have the same name and domain-match per RFC 6265.
-  // Note that this purposefully ignores paths, and that this function is
-  // guaranteed to return |true| for a superset of the inputs that
-  // IsEquivalent() above returns |true| for.
+  // Checks a looser set of equivalency rules than 'IsEquivalent()' in order
+  // to support the stricter 'Secure' behaviors specified in
+  // https://tools.ietf.org/html/draft-ietf-httpbis-cookie-alone#section-3
   //
-  // This is needed for the updates to RFC6265 as per
-  // https://tools.ietf.org/html/draft-west-leave-secure-cookies-alone.
+  // Returns 'true' if this cookie's name matches |ecc|, and this cookie is
+  // a domain-match for |ecc| (or vice versa), and |ecc|'s path is "on" this
+  // cookie's path (as per 'IsOnPath()').

[jww, 2016/09/06 22:45:10]

nit: Maybe make a more explicit note that this is not a symmetric check? It took
me a minute to fully grok that this is one purpose with the path change.

   bool IsEquivalentForSecureCookieMatching(const CanonicalCookie& ecc) const;
 
   void SetLastAccessDate(const base::Time& date) {