Chromium Code Reviews Chromium Code Reviews
Issue 241143002:
Allows AwCookieManager to block ThirdParty cookies (Closed)
Base URL: https://chromium.googlesource.com/chromium/src.git@master| OLD | NEW |
|---|---|
| (Empty) | |
| 1 // Copyright (c) 2012 The Chromium Authors. All rights reserved. | |
|
mkosiba (inactive)
2014/04/23 12:51:22
Back to the future? It's 2014 now :)
Seriously th
hjd_google
2014/04/24 12:48:30
The dangers of copy-paste :)
| |
| 2 // Use of this source code is governed by a BSD-style license that can be | |
| 3 // found in the LICENSE file. | |
| 4 | |
| 5 #include "android_webview/browser/aw_cookie_access_policy.h" | |
| 6 | |
| 7 #include "base/run_loop.h" | |
|
mkosiba (inactive)
2014/04/23 12:51:22
needed?
hjd_google
2014/04/24 12:48:30
See below.
| |
| 8 #include "net/base/request_priority.h" | |
| 9 #include "net/cookies/canonical_cookie.h" | |
| 10 #include "net/url_request/url_request_test_util.h" | |
| 11 | |
| 12 #include "testing/gtest/include/gtest/gtest.h" | |
| 13 | |
| 14 namespace content { | |
| 15 class ResourceContext; | |
| 16 } | |
| 17 | |
| 18 namespace net { | |
| 19 class CookieOptions; | |
| 20 } | |
| 21 | |
| 22 class GURL; | |
| 23 | |
| 24 using android_webview::AwCookieAccessPolicy; | |
| 25 using net::CookieList; | |
| 26 using net::TestDelegate; | |
| 27 using net::TestJobInterceptor; | |
| 28 using net::TestNetworkDelegate; | |
| 29 using net::TestURLRequestContext; | |
| 30 using net::TestURLRequest; | |
| 31 using testing::Test; | |
| 32 | |
| 33 class AwCookieAccessPolicyTest : public Test { | |
| 34 public: | |
| 35 static const GURL kUrlFirstParty; | |
| 36 static const GURL kUrlThirdParty; | |
| 37 | |
| 38 AwCookieAccessPolicyTest() | |
| 39 : loop_(), | |
| 40 context_(), | |
| 41 url_request_delegate_(), | |
| 42 network_delegate_(), | |
| 43 first_party_request_() {} | |
| 44 | |
| 45 virtual void SetUp() { | |
| 46 context_.set_network_delegate(&network_delegate_); | |
| 47 first_party_request_.reset(new TestURLRequest(kUrlFirstParty, | |
| 48 net::DEFAULT_PRIORITY, | |
| 49 &url_request_delegate_, | |
| 50 &context_)); | |
| 51 first_party_request_->set_method("GET"); | |
| 52 | |
| 53 third_party_request_.reset(new TestURLRequest(kUrlThirdParty, | |
| 54 net::DEFAULT_PRIORITY, | |
| 55 &url_request_delegate_, | |
| 56 &context_)); | |
| 57 third_party_request_->set_method("GET"); | |
| 58 third_party_request_->set_first_party_for_cookies(kUrlFirstParty); | |
| 59 } | |
| 60 | |
| 61 AwCookieAccessPolicy* policy() { | |
| 62 return AwCookieAccessPolicy::GetInstance(); | |
| 63 } | |
| 64 | |
| 65 bool GetGlobalAllowAccess() { | |
| 66 return policy()->GetGlobalAllowAccess(); | |
| 67 } | |
| 68 | |
| 69 void SetGlobalAllowAccess(bool allow) { | |
| 70 policy()->SetGlobalAllowAccess(allow); | |
| 71 } | |
| 72 | |
| 73 bool GetThirdPartyAllowAccess() { | |
| 74 return policy()->GetThirdPartyAllowAccess(); | |
| 75 } | |
| 76 | |
| 77 void SetThirdPartyAllowAccess(bool allow) { | |
| 78 policy()->SetThirdPartyAllowAccess(allow); | |
| 79 } | |
| 80 | |
| 81 bool OnCanGetCookies(const net::URLRequest& request) { | |
| 82 return policy()->OnCanGetCookies(request, CookieList()); | |
| 83 } | |
| 84 | |
| 85 bool OnCanSetCookie(const net::URLRequest& request) { | |
| 86 return policy()->OnCanSetCookie(request, "", NULL); | |
| 87 } | |
| 88 | |
| 89 bool AllowGetCookie(const GURL& url, const GURL& first_party) { | |
| 90 return policy()->AllowGetCookie(url, first_party, CookieList(), NULL, 0, 0); | |
| 91 } | |
| 92 | |
| 93 bool AllowSetCookie(const GURL& url, const GURL& first_party) { | |
| 94 return policy()->AllowSetCookie(url, first_party, "", NULL, 0, 0, NULL); | |
| 95 } | |
| 96 | |
| 97 protected: | |
| 98 base::MessageLoopForIO loop_; | |
|
mkosiba (inactive)
2014/04/23 12:51:22
do you still need this?
hjd_google
2014/04/24 12:48:30
When I remove it I get an error at url_request.cc(
mkosiba (inactive)
2014/04/24 13:19:29
ah, ok. That's fine. It just means that URLRequest
| |
| 99 TestURLRequestContext context_; | |
| 100 TestDelegate url_request_delegate_; | |
| 101 TestNetworkDelegate network_delegate_; | |
| 102 scoped_ptr<TestURLRequest> first_party_request_; | |
| 103 scoped_ptr<TestURLRequest> third_party_request_; | |
| 104 }; | |
| 105 | |
| 106 const GURL AwCookieAccessPolicyTest::kUrlFirstParty = | |
| 107 GURL("http://first.example"); | |
| 108 const GURL AwCookieAccessPolicyTest::kUrlThirdParty = | |
| 109 GURL("http://third.example"); | |
| 110 | |
| 111 TEST_F(AwCookieAccessPolicyTest, AllowAllCookies) { | |
| 112 SetGlobalAllowAccess(true); | |
| 113 SetThirdPartyAllowAccess(true); | |
| 114 | |
| 115 EXPECT_TRUE(AllowSetCookie(kUrlFirstParty, kUrlFirstParty)); | |
|
mkosiba (inactive)
2014/04/23 12:51:22
you could refactor this into a separate method, so
hjd_google
2014/04/24 12:48:30
I had a look at the parameterized tests I think it
mkosiba (inactive)
2014/04/24 13:19:29
current approach looks great!
| |
| 116 EXPECT_TRUE(AllowGetCookie(kUrlFirstParty, kUrlFirstParty)); | |
| 117 EXPECT_TRUE(OnCanGetCookies(*first_party_request_)); | |
| 118 EXPECT_TRUE(OnCanSetCookie(*first_party_request_)); | |
| 119 | |
| 120 EXPECT_TRUE(AllowSetCookie(kUrlFirstParty, kUrlThirdParty)); | |
| 121 EXPECT_TRUE(AllowGetCookie(kUrlFirstParty, kUrlThirdParty)); | |
| 122 EXPECT_TRUE(OnCanGetCookies(*third_party_request_)); | |
| 123 EXPECT_TRUE(OnCanSetCookie(*third_party_request_)); | |
| 124 } | |
| 125 | |
| 126 TEST_F(AwCookieAccessPolicyTest, BlockAllCookies) { | |
| 127 SetGlobalAllowAccess(false); | |
| 128 SetThirdPartyAllowAccess(false); | |
| 129 | |
| 130 EXPECT_FALSE(AllowSetCookie(kUrlFirstParty, kUrlFirstParty)); | |
| 131 EXPECT_FALSE(AllowGetCookie(kUrlFirstParty, kUrlFirstParty)); | |
| 132 EXPECT_FALSE(OnCanGetCookies(*first_party_request_)); | |
| 133 EXPECT_FALSE(OnCanSetCookie(*first_party_request_)); | |
| 134 | |
| 135 EXPECT_FALSE(AllowSetCookie(kUrlFirstParty, kUrlThirdParty)); | |
| 136 EXPECT_FALSE(AllowGetCookie(kUrlFirstParty, kUrlThirdParty)); | |
| 137 EXPECT_FALSE(OnCanGetCookies(*third_party_request_)); | |
| 138 EXPECT_FALSE(OnCanSetCookie(*third_party_request_)); | |
| 139 } | |
| 140 | |
| 141 TEST_F(AwCookieAccessPolicyTest, BlockAllCookiesWithThirdPartySet) { | |
| 142 SetGlobalAllowAccess(false); | |
| 143 SetThirdPartyAllowAccess(true); | |
| 144 | |
| 145 EXPECT_FALSE(AllowSetCookie(kUrlFirstParty, kUrlFirstParty)); | |
| 146 EXPECT_FALSE(AllowGetCookie(kUrlFirstParty, kUrlFirstParty)); | |
| 147 EXPECT_FALSE(OnCanGetCookies(*first_party_request_)); | |
| 148 EXPECT_FALSE(OnCanSetCookie(*first_party_request_)); | |
| 149 | |
| 150 EXPECT_FALSE(AllowSetCookie(kUrlFirstParty, kUrlThirdParty)); | |
| 151 EXPECT_FALSE(AllowGetCookie(kUrlFirstParty, kUrlThirdParty)); | |
| 152 EXPECT_FALSE(OnCanGetCookies(*third_party_request_)); | |
| 153 EXPECT_FALSE(OnCanSetCookie(*third_party_request_)); | |
| 154 } | |
| 155 | |
| 156 TEST_F(AwCookieAccessPolicyTest, FirstPartyCookiesOnly) { | |
| 157 SetGlobalAllowAccess(true); | |
| 158 SetThirdPartyAllowAccess(false); | |
| 159 | |
| 160 EXPECT_TRUE(AllowSetCookie(kUrlFirstParty, kUrlFirstParty)); | |
| 161 EXPECT_TRUE(AllowGetCookie(kUrlFirstParty, kUrlFirstParty)); | |
| 162 EXPECT_TRUE(OnCanGetCookies(*first_party_request_)); | |
| 163 EXPECT_TRUE(OnCanSetCookie(*first_party_request_)); | |
| 164 | |
| 165 EXPECT_FALSE(AllowSetCookie(kUrlFirstParty, kUrlThirdParty)); | |
| 166 EXPECT_FALSE(AllowGetCookie(kUrlFirstParty, kUrlThirdParty)); | |
| 167 EXPECT_FALSE(OnCanGetCookies(*third_party_request_)); | |
| 168 EXPECT_FALSE(OnCanSetCookie(*third_party_request_)); | |
| 169 } | |
| 170 | |
| OLD | NEW |
