Chromium Code Reviews
chromiumcodereview-hr@appspot.gserviceaccount.com (chromiumcodereview-hr) | Please choose your nickname with Settings | Help | Chromium Project | Gerrit Changes | Sign out
(2)

Issues Search
    My Issues | Starred     Open | Closed | All

Side by Side Diff: android_webview/browser/aw_cookie_access_policy.h

Issue 241143002: Allows AwCookieManager to block ThirdParty cookies (Closed) Base URL: https://chromium.googlesource.com/chromium/src.git@master
Patch Set: Fixed toThirdPartyUrl use Created 6 years, 8 months ago
Use n/p to move between diff chunks; N/P to move between comments. Draft comments are only viewable by you.
Jump to:
View unified diff | Download patch
« no previous file with comments | « android_webview/android_webview_tests.gypi ('k') | android_webview/browser/aw_cookie_access_policy.cc » ('j') | no next file with comments »
Toggle Intra-line Diffs ('i') | Expand Comments ('e') | Collapse Comments ('c') | Show Comments Hide Comments ('s')
OLDNEW
1 // Copyright (c) 2012 The Chromium Authors. All rights reserved. 1 // Copyright (c) 2012 The Chromium Authors. All rights reserved.
2 // Use of this source code is governed by a BSD-style license that can be 2 // Use of this source code is governed by a BSD-style license that can be
3 // found in the LICENSE file. 3 // found in the LICENSE file.
4 4
5 #ifndef ANDROID_WEBVIEW_BROWSER_AW_COOKIE_ACCESS_POLICY_H_ 5 #ifndef ANDROID_WEBVIEW_BROWSER_AW_COOKIE_ACCESS_POLICY_H_
6 #define ANDROID_WEBVIEW_BROWSER_AW_COOKIE_ACCESS_POLICY_H_ 6 #define ANDROID_WEBVIEW_BROWSER_AW_COOKIE_ACCESS_POLICY_H_
7 7
8 #include "base/basictypes.h" 8 #include "base/basictypes.h"
9 #include "base/lazy_instance.h" 9 #include "base/lazy_instance.h"
10 #include "base/synchronization/lock.h" 10 #include "base/synchronization/lock.h"
11 #include "net/base/static_cookie_policy.h"
11 #include "net/cookies/canonical_cookie.h" 12 #include "net/cookies/canonical_cookie.h"
13 #include "net/url_request/url_request.h"
12 14
13 namespace content { 15 namespace content {
14 class ResourceContext; 16 class ResourceContext;
15 } 17 }
16 18
17 namespace net { 19 namespace net {
18 class CookieOptions; 20 class CookieOptions;
19 class URLRequest;
20 } 21 }
21 22
22 class GURL; 23 class GURL;
23 24
24 namespace android_webview { 25 namespace android_webview {
25 26
26 // Manages the cookie access (both setting and getting) policy for WebView. 27 // Manages the cookie access (both setting and getting) policy for WebView.
27 class AwCookieAccessPolicy { 28 class AwCookieAccessPolicy {
28 public: 29 public:
29 static AwCookieAccessPolicy* GetInstance(); 30 static AwCookieAccessPolicy* GetInstance();
30 31
31 // These manage the global access state shared across requests regardless of 32 // These manage the global access state shared across requests regardless of
32 // source (i.e. network or JavaScript). 33 // source (i.e. network or JavaScript).
33 bool GetGlobalAllowAccess(); 34 bool GetGlobalAllowAccess();
34 void SetGlobalAllowAccess(bool allow); 35 void SetGlobalAllowAccess(bool allow);
35 36
37 // These allow more fine grained control over requests depending on whether
38 // the cookie is third party or not.
39 bool GetThirdPartyAllowAccess();
40 void SetThirdPartyAllowAccess(bool allow);
41
36 // These are the functions called when operating over cookies from the 42 // These are the functions called when operating over cookies from the
37 // network. See NetworkDelegate for further descriptions. 43 // network. See NetworkDelegate for further descriptions.
38 bool OnCanGetCookies(const net::URLRequest& request, 44 bool OnCanGetCookies(const net::URLRequest& request,
39 const net::CookieList& cookie_list); 45 const net::CookieList& cookie_list);
40 bool OnCanSetCookie(const net::URLRequest& request, 46 bool OnCanSetCookie(const net::URLRequest& request,
41 const std::string& cookie_line, 47 const std::string& cookie_line,
42 net::CookieOptions* options); 48 net::CookieOptions* options);
43 49
44 // These are the functions called when operating over cookies from the 50 // These are the functions called when operating over cookies from the
45 // renderer. See ContentBrowserClient for further descriptions. 51 // renderer. See ContentBrowserClient for further descriptions.
(...skipping 10 matching lines...) Expand all
56 int render_process_id, 62 int render_process_id,
57 int render_frame_id, 63 int render_frame_id,
58 net::CookieOptions* options); 64 net::CookieOptions* options);
59 65
60 private: 66 private:
61 friend struct base::DefaultLazyInstanceTraits<AwCookieAccessPolicy>; 67 friend struct base::DefaultLazyInstanceTraits<AwCookieAccessPolicy>;
62 68
63 AwCookieAccessPolicy(); 69 AwCookieAccessPolicy();
64 ~AwCookieAccessPolicy(); 70 ~AwCookieAccessPolicy();
65 bool allow_access_; 71 bool allow_access_;
72 bool allow_third_party_access_;
66 base::Lock lock_; 73 base::Lock lock_;
67 74
75 // We have two bits of state but only three different cases:
76 // If !GlobalAllowAccess then reject all cookies.
77 // If GlobalAllowAccess and !ThirdPartyAllowAccess then reject third party.
78 // If GlobalAllowAccess and ThirdPartyAllowAccess then allow all cookies.
79 net::StaticCookiePolicy::Type GetPolicy(void);
80
81 bool AllowGet(const GURL& url, const GURL& first_party);
82 bool AllowSet(const GURL& url, const GURL& first_party);
83
68 DISALLOW_COPY_AND_ASSIGN(AwCookieAccessPolicy); 84 DISALLOW_COPY_AND_ASSIGN(AwCookieAccessPolicy);
69 }; 85 };
70 86
71 } // namespace android_webview 87 } // namespace android_webview
72 88
73 #endif // ANDROID_WEBVIEW_BROWSER_AW_COOKIE_ACCESS_POLICY_H_ 89 #endif // ANDROID_WEBVIEW_BROWSER_AW_COOKIE_ACCESS_POLICY_H_
OLDNEW
« no previous file with comments | « android_webview/android_webview_tests.gypi ('k') | android_webview/browser/aw_cookie_access_policy.cc » ('j') | no next file with comments »

Powered by Google App Engine
This is Rietveld 408576698