Chromium Code Reviews Chromium Code Reviews
Issue 241143002:
Allows AwCookieManager to block ThirdParty cookies (Closed)
Base URL: https://chromium.googlesource.com/chromium/src.git@master| OLD | NEW |
|---|---|
| (Empty) | |
| 1 // Copyright (c) 2012 The Chromium Authors. All rights reserved. | |
| 2 // Use of this source code is governed by a BSD-style license that can be | |
| 3 // found in the LICENSE file. | |
| 4 | |
| 5 #include "android_webview/browser/aw_cookie_access_policy.h" | |
| 6 | |
| 7 #include "base/run_loop.h" | |
| 8 #include "net/base/request_priority.h" | |
| 9 #include "net/cookies/canonical_cookie.h" | |
| 10 #include "net/url_request/url_request_test_util.h" | |
| 11 | |
| 12 #include "testing/gmock/include/gmock/gmock.h" | |
| 13 #include "testing/gtest/include/gtest/gtest.h" | |
| 14 | |
| 15 namespace content { | |
| 16 class ResourceContext; | |
| 17 } | |
| 18 | |
| 19 namespace net { | |
| 20 class CookieOptions; | |
| 21 } | |
| 22 | |
| 23 class GURL; | |
| 24 | |
| 25 using android_webview::AwCookieAccessPolicy; | |
| 26 using net::CookieList; | |
| 27 using net::TestDelegate; | |
| 28 using net::TestJobInterceptor; | |
| 29 using net::TestNetworkDelegate; | |
| 30 using net::TestURLRequestContext; | |
| 31 using net::TestURLRequest; | |
| 32 using testing::Test; | |
| 33 | |
| 34 class AwCookieAccessPolicyTest : public Test { | |
| 35 public: | |
| 36 AwCookieAccessPolicyTest() | |
| 37 : loop_(), | |
| 38 context_(), | |
| 39 url_request_delegate_(), | |
| 40 network_delegate_(), | |
| 41 first_party_request_(), | |
| 42 url_google_("http://www.google.izzle"), | |
| 43 url_google_analytics_("http://www.googleanalytics.izzle") { | |
|
mkosiba (inactive)
2014/04/17 18:27:30
url_first_party_("http://first/")
url_third_party_
hjd_google
2014/04/22 13:34:41
Yeah, these were the values from the existing cook
| |
| 44 } | |
| 45 | |
| 46 virtual void SetUp() { | |
| 47 context_.set_network_delegate(&network_delegate_); | |
| 48 first_party_request_.reset(new TestURLRequest(url_google_, | |
| 49 net::DEFAULT_PRIORITY, | |
| 50 &url_request_delegate_, | |
| 51 &context_)); | |
| 52 first_party_request_->set_method("GET"); | |
| 53 | |
| 54 third_party_request_.reset(new TestURLRequest(url_google_analytics_, | |
| 55 net::DEFAULT_PRIORITY, | |
| 56 &url_request_delegate_, | |
| 57 &context_)); | |
| 58 third_party_request_->set_method("GET"); | |
| 59 third_party_request_->set_first_party_for_cookies(url_google_); | |
| 60 | |
|
mkosiba (inactive)
2014/04/17 18:27:30
are any of the lines below actually needed for the
hjd_google
2014/04/22 13:34:41
Apparently not, I'm confused about what errors I w
| |
| 61 first_party_request_->Start(); | |
| 62 third_party_request_->Start(); | |
| 63 | |
| 64 // The TestDelegate will quit the message loop on request completion. | |
| 65 base::MessageLoop::current()->Run(); | |
| 66 } | |
| 67 | |
| 68 | |
| 69 bool GetGlobalAllowAccess() { | |
| 70 return AwCookieAccessPolicy::GetInstance()->GetGlobalAllowAccess(); | |
|
mkosiba (inactive)
2014/04/17 18:27:30
to make these shorter maybe add a method to your t
hjd_google
2014/04/22 13:34:41
Done.
| |
| 71 } | |
| 72 | |
| 73 void SetGlobalAllowAccess(bool allow) { | |
| 74 AwCookieAccessPolicy::GetInstance()->SetGlobalAllowAccess(allow); | |
| 75 } | |
| 76 | |
| 77 bool GetThirdPartyAllowAccess() { | |
| 78 return AwCookieAccessPolicy::GetInstance()->GetThirdPartyAllowAccess(); | |
| 79 } | |
| 80 | |
| 81 void SetThirdPartyAllowAccess(bool allow) { | |
| 82 AwCookieAccessPolicy::GetInstance()->SetThirdPartyAllowAccess(allow); | |
| 83 } | |
| 84 | |
| 85 bool OnCanGetCookies(const net::URLRequest& request, | |
| 86 const net::CookieList& cookie_list) { | |
| 87 return AwCookieAccessPolicy::GetInstance() | |
| 88 ->OnCanGetCookies(request, cookie_list); | |
| 89 } | |
| 90 | |
| 91 bool OnCanSetCookie(const net::URLRequest& request, | |
| 92 const std::string& cookie_line, | |
| 93 net::CookieOptions* options) { | |
| 94 return AwCookieAccessPolicy::GetInstance() | |
| 95 ->OnCanSetCookie(request, cookie_line, options); | |
| 96 } | |
| 97 | |
| 98 bool AllowGetCookie(const GURL& url, | |
| 99 const GURL& first_party, | |
| 100 const net::CookieList& cookie_list, | |
| 101 content::ResourceContext* context, | |
| 102 int render_process_id, | |
| 103 int render_frame_id) { | |
| 104 return AwCookieAccessPolicy::GetInstance() | |
| 105 ->AllowGetCookie(url, | |
| 106 first_party, | |
| 107 cookie_list, | |
| 108 context, | |
| 109 render_process_id, | |
| 110 render_frame_id); | |
| 111 } | |
| 112 | |
| 113 bool AllowSetCookie(const GURL& url, | |
| 114 const GURL& first_party, | |
| 115 const std::string& cookie_line, | |
| 116 content::ResourceContext* context, | |
| 117 int render_process_id, | |
| 118 int render_frame_id, | |
| 119 net::CookieOptions* options) { | |
| 120 return AwCookieAccessPolicy::GetInstance() | |
| 121 ->AllowSetCookie(url, | |
| 122 first_party, | |
| 123 cookie_line, | |
| 124 context, | |
| 125 render_process_id, | |
| 126 render_frame_id, | |
| 127 options); | |
| 128 } | |
| 129 | |
| 130 protected: | |
| 131 base::MessageLoopForIO loop_; | |
| 132 TestURLRequestContext context_; | |
| 133 TestDelegate url_request_delegate_; | |
| 134 TestNetworkDelegate network_delegate_; | |
| 135 scoped_ptr<TestURLRequest> first_party_request_; | |
| 136 scoped_ptr<TestURLRequest> third_party_request_; | |
| 137 GURL url_google_; | |
| 138 GURL url_google_analytics_; | |
| 139 }; | |
| 140 | |
| 141 TEST_F(AwCookieAccessPolicyTest, AllowAllCookies) { | |
| 142 SetGlobalAllowAccess(true); | |
| 143 SetThirdPartyAllowAccess(true); | |
| 144 | |
| 145 // First party | |
| 146 EXPECT_TRUE(AllowSetCookie(url_google_, url_google_, "", NULL, 0, 0, NULL)); | |
|
mkosiba (inactive)
2014/04/17 18:27:30
since you've already bothered to write test wrappe
hjd_google
2014/04/22 13:34:41
Done.
| |
| 147 EXPECT_TRUE(AllowGetCookie(url_google_, | |
| 148 url_google_, | |
| 149 CookieList(), | |
| 150 NULL, 0, 0)); | |
| 151 EXPECT_TRUE(OnCanGetCookies(*first_party_request_, CookieList())); | |
| 152 EXPECT_TRUE(OnCanSetCookie(*first_party_request_, "", NULL)); | |
| 153 | |
| 154 // Third party | |
| 155 EXPECT_TRUE(AllowSetCookie(url_google_, | |
| 156 url_google_analytics_, | |
| 157 "", NULL, 0, 0, NULL)); | |
| 158 EXPECT_TRUE(AllowGetCookie(url_google_, | |
| 159 url_google_analytics_, | |
| 160 CookieList(), | |
| 161 NULL, 0, 0)); | |
| 162 EXPECT_TRUE(OnCanGetCookies(*third_party_request_, CookieList())); | |
| 163 EXPECT_TRUE(OnCanSetCookie(*third_party_request_, "", NULL)); | |
| 164 } | |
| 165 | |
| 166 TEST_F(AwCookieAccessPolicyTest, BlockAllCookies) { | |
| 167 SetGlobalAllowAccess(false); | |
| 168 SetThirdPartyAllowAccess(false); | |
| 169 | |
| 170 EXPECT_FALSE(AllowSetCookie(url_google_, url_google_, "", NULL, 0, 0, NULL)); | |
| 171 EXPECT_FALSE(AllowGetCookie(url_google_, | |
| 172 url_google_, | |
| 173 CookieList(), | |
| 174 NULL, 0, 0)); | |
| 175 EXPECT_FALSE(OnCanGetCookies(*first_party_request_, CookieList())); | |
| 176 EXPECT_FALSE(OnCanSetCookie(*first_party_request_, "", NULL)); | |
| 177 | |
| 178 EXPECT_FALSE(AllowSetCookie(url_google_, | |
| 179 url_google_analytics_, | |
| 180 "", NULL, 0, 0, NULL)); | |
| 181 EXPECT_FALSE(AllowGetCookie(url_google_, | |
| 182 url_google_analytics_, | |
| 183 CookieList(), | |
| 184 NULL, 0, 0)); | |
| 185 EXPECT_FALSE(OnCanGetCookies(*third_party_request_, CookieList())); | |
| 186 EXPECT_FALSE(OnCanSetCookie(*third_party_request_, "", NULL)); | |
| 187 | |
| 188 // Even if ThirdPartyAllowAccess is true. | |
| 189 SetThirdPartyAllowAccess(true); | |
|
mkosiba (inactive)
2014/04/17 18:27:30
this should probably be a separate test
hjd_google
2014/04/22 13:34:41
Done.
| |
| 190 | |
| 191 EXPECT_FALSE(AllowSetCookie(url_google_, | |
| 192 url_google_, | |
| 193 "", NULL, 0, 0, NULL)); | |
| 194 EXPECT_FALSE(AllowGetCookie(url_google_, | |
| 195 url_google_, | |
| 196 CookieList(), | |
| 197 NULL, 0, 0)); | |
| 198 EXPECT_FALSE(OnCanGetCookies(*first_party_request_, CookieList())); | |
| 199 EXPECT_FALSE(OnCanSetCookie(*first_party_request_, "", NULL)); | |
| 200 | |
| 201 EXPECT_FALSE(AllowSetCookie(url_google_, | |
| 202 url_google_analytics_, | |
| 203 "", NULL, 0, 0, NULL)); | |
| 204 EXPECT_FALSE(AllowGetCookie(url_google_, | |
| 205 url_google_analytics_, | |
| 206 CookieList(), | |
| 207 NULL, 0, 0)); | |
| 208 EXPECT_FALSE(OnCanGetCookies(*third_party_request_, CookieList())); | |
| 209 EXPECT_FALSE(OnCanSetCookie(*third_party_request_, "", NULL)); | |
| 210 } | |
| 211 | |
| 212 TEST_F(AwCookieAccessPolicyTest, FirstPartyCookiesOnly) { | |
| 213 SetGlobalAllowAccess(true); | |
| 214 SetThirdPartyAllowAccess(false); | |
| 215 | |
| 216 EXPECT_TRUE(AllowSetCookie(url_google_, | |
| 217 url_google_, | |
| 218 "", NULL, 0, 0, NULL)); | |
| 219 EXPECT_TRUE(AllowGetCookie(url_google_, | |
| 220 url_google_, | |
| 221 CookieList(), | |
| 222 NULL, 0, 0)); | |
| 223 EXPECT_TRUE(OnCanGetCookies(*first_party_request_, CookieList())); | |
| 224 EXPECT_TRUE(OnCanSetCookie(*first_party_request_, "", NULL)); | |
| 225 | |
| 226 EXPECT_FALSE(AllowSetCookie(url_google_, | |
| 227 url_google_analytics_, | |
| 228 "", NULL, 0, 0, NULL)); | |
| 229 EXPECT_FALSE(AllowGetCookie(url_google_, | |
| 230 url_google_analytics_, | |
| 231 CookieList(), | |
| 232 NULL, 0, 0)); | |
| 233 EXPECT_FALSE(OnCanGetCookies(*third_party_request_, CookieList())); | |
| 234 EXPECT_FALSE(OnCanSetCookie(*third_party_request_, "", NULL)); | |
| 235 } | |
| 236 | |
| OLD | NEW |
