Chromium Code Reviews
chromiumcodereview-hr@appspot.gserviceaccount.com (chromiumcodereview-hr) | Please choose your nickname with Settings | Help | Chromium Project | Gerrit Changes | Sign out
(651)

Issues Search
    My Issues | Starred     Open | Closed | All

Unified Diff: android_webview/browser/aw_cookie_access_policy_unittest.cc

Issue 241143002: Allows AwCookieManager to block ThirdParty cookies (Closed) Base URL: https://chromium.googlesource.com/chromium/src.git@master
Patch Set: Created 6 years, 8 months ago
Use n/p to move between diff chunks; N/P to move between comments. Draft comments are only viewable by you.
Jump to:
View side-by-side diff with in-line comments
Download patch
« android_webview/browser/aw_cookie_access_policy.h ('K') | « android_webview/browser/aw_cookie_access_policy.cc ('k') | android_webview/java/src/org/chromium/android_webview/AwCookieManager.java » ('j') | android_webview/javatests/src/org/chromium/android_webview/test/CookieManagerTest.java » ('J')
Expand Comments ('e') | Collapse Comments ('c') | Show Comments Hide Comments ('s')
Index: android_webview/browser/aw_cookie_access_policy_unittest.cc
diff --git a/android_webview/browser/aw_cookie_access_policy_unittest.cc b/android_webview/browser/aw_cookie_access_policy_unittest.cc
new file mode 100644
index 0000000000000000000000000000000000000000..8c8b3d62d03cf325135f807c1307c7d7da2372c8
--- /dev/null
+++ b/android_webview/browser/aw_cookie_access_policy_unittest.cc
@@ -0,0 +1,236 @@
+// Copyright (c) 2012 The Chromium Authors. All rights reserved.
+// Use of this source code is governed by a BSD-style license that can be
+// found in the LICENSE file.
+
+#include "android_webview/browser/aw_cookie_access_policy.h"
+
+#include "base/run_loop.h"
+#include "net/base/request_priority.h"
+#include "net/cookies/canonical_cookie.h"
+#include "net/url_request/url_request_test_util.h"
+
+#include "testing/gmock/include/gmock/gmock.h"
+#include "testing/gtest/include/gtest/gtest.h"
+
+namespace content {
+class ResourceContext;
+}
+
+namespace net {
+class CookieOptions;
+}
+
+class GURL;
+
+using android_webview::AwCookieAccessPolicy;
+using net::CookieList;
+using net::TestDelegate;
+using net::TestJobInterceptor;
+using net::TestNetworkDelegate;
+using net::TestURLRequestContext;
+using net::TestURLRequest;
+using testing::Test;
+
+class AwCookieAccessPolicyTest : public Test {
+ public:
+ AwCookieAccessPolicyTest()
+ : loop_(),
+ context_(),
+ url_request_delegate_(),
+ network_delegate_(),
+ first_party_request_(),
+ url_google_("http://www.google.izzle"),
+ url_google_analytics_("http://www.googleanalytics.izzle") {
mkosiba (inactive) 2014/04/17 18:27:30 url_first_party_("http://first/") url_third_party_
hjd_google 2014/04/22 13:34:41 Yeah, these were the values from the existing cook
+ }
+
+ virtual void SetUp() {
+ context_.set_network_delegate(&network_delegate_);
+ first_party_request_.reset(new TestURLRequest(url_google_,
+ net::DEFAULT_PRIORITY,
+ &url_request_delegate_,
+ &context_));
+ first_party_request_->set_method("GET");
+
+ third_party_request_.reset(new TestURLRequest(url_google_analytics_,
+ net::DEFAULT_PRIORITY,
+ &url_request_delegate_,
+ &context_));
+ third_party_request_->set_method("GET");
+ third_party_request_->set_first_party_for_cookies(url_google_);
+
mkosiba (inactive) 2014/04/17 18:27:30 are any of the lines below actually needed for the
hjd_google 2014/04/22 13:34:41 Apparently not, I'm confused about what errors I w
+ first_party_request_->Start();
+ third_party_request_->Start();
+
+ // The TestDelegate will quit the message loop on request completion.
+ base::MessageLoop::current()->Run();
+ }
+
+
+ bool GetGlobalAllowAccess() {
+ return AwCookieAccessPolicy::GetInstance()->GetGlobalAllowAccess();
mkosiba (inactive) 2014/04/17 18:27:30 to make these shorter maybe add a method to your t
hjd_google 2014/04/22 13:34:41 Done.
+ }
+
+ void SetGlobalAllowAccess(bool allow) {
+ AwCookieAccessPolicy::GetInstance()->SetGlobalAllowAccess(allow);
+ }
+
+ bool GetThirdPartyAllowAccess() {
+ return AwCookieAccessPolicy::GetInstance()->GetThirdPartyAllowAccess();
+ }
+
+ void SetThirdPartyAllowAccess(bool allow) {
+ AwCookieAccessPolicy::GetInstance()->SetThirdPartyAllowAccess(allow);
+ }
+
+ bool OnCanGetCookies(const net::URLRequest& request,
+ const net::CookieList& cookie_list) {
+ return AwCookieAccessPolicy::GetInstance()
+ ->OnCanGetCookies(request, cookie_list);
+ }
+
+ bool OnCanSetCookie(const net::URLRequest& request,
+ const std::string& cookie_line,
+ net::CookieOptions* options) {
+ return AwCookieAccessPolicy::GetInstance()
+ ->OnCanSetCookie(request, cookie_line, options);
+ }
+
+ bool AllowGetCookie(const GURL& url,
+ const GURL& first_party,
+ const net::CookieList& cookie_list,
+ content::ResourceContext* context,
+ int render_process_id,
+ int render_frame_id) {
+ return AwCookieAccessPolicy::GetInstance()
+ ->AllowGetCookie(url,
+ first_party,
+ cookie_list,
+ context,
+ render_process_id,
+ render_frame_id);
+ }
+
+ bool AllowSetCookie(const GURL& url,
+ const GURL& first_party,
+ const std::string& cookie_line,
+ content::ResourceContext* context,
+ int render_process_id,
+ int render_frame_id,
+ net::CookieOptions* options) {
+ return AwCookieAccessPolicy::GetInstance()
+ ->AllowSetCookie(url,
+ first_party,
+ cookie_line,
+ context,
+ render_process_id,
+ render_frame_id,
+ options);
+ }
+
+ protected:
+ base::MessageLoopForIO loop_;
+ TestURLRequestContext context_;
+ TestDelegate url_request_delegate_;
+ TestNetworkDelegate network_delegate_;
+ scoped_ptr<TestURLRequest> first_party_request_;
+ scoped_ptr<TestURLRequest> third_party_request_;
+ GURL url_google_;
+ GURL url_google_analytics_;
+};
+
+TEST_F(AwCookieAccessPolicyTest, AllowAllCookies) {
+ SetGlobalAllowAccess(true);
+ SetThirdPartyAllowAccess(true);
+
+ // First party
+ EXPECT_TRUE(AllowSetCookie(url_google_, url_google_, "", NULL, 0, 0, NULL));
mkosiba (inactive) 2014/04/17 18:27:30 since you've already bothered to write test wrappe
hjd_google 2014/04/22 13:34:41 Done.
+ EXPECT_TRUE(AllowGetCookie(url_google_,
+ url_google_,
+ CookieList(),
+ NULL, 0, 0));
+ EXPECT_TRUE(OnCanGetCookies(*first_party_request_, CookieList()));
+ EXPECT_TRUE(OnCanSetCookie(*first_party_request_, "", NULL));
+
+ // Third party
+ EXPECT_TRUE(AllowSetCookie(url_google_,
+ url_google_analytics_,
+ "", NULL, 0, 0, NULL));
+ EXPECT_TRUE(AllowGetCookie(url_google_,
+ url_google_analytics_,
+ CookieList(),
+ NULL, 0, 0));
+ EXPECT_TRUE(OnCanGetCookies(*third_party_request_, CookieList()));
+ EXPECT_TRUE(OnCanSetCookie(*third_party_request_, "", NULL));
+}
+
+TEST_F(AwCookieAccessPolicyTest, BlockAllCookies) {
+ SetGlobalAllowAccess(false);
+ SetThirdPartyAllowAccess(false);
+
+ EXPECT_FALSE(AllowSetCookie(url_google_, url_google_, "", NULL, 0, 0, NULL));
+ EXPECT_FALSE(AllowGetCookie(url_google_,
+ url_google_,
+ CookieList(),
+ NULL, 0, 0));
+ EXPECT_FALSE(OnCanGetCookies(*first_party_request_, CookieList()));
+ EXPECT_FALSE(OnCanSetCookie(*first_party_request_, "", NULL));
+
+ EXPECT_FALSE(AllowSetCookie(url_google_,
+ url_google_analytics_,
+ "", NULL, 0, 0, NULL));
+ EXPECT_FALSE(AllowGetCookie(url_google_,
+ url_google_analytics_,
+ CookieList(),
+ NULL, 0, 0));
+ EXPECT_FALSE(OnCanGetCookies(*third_party_request_, CookieList()));
+ EXPECT_FALSE(OnCanSetCookie(*third_party_request_, "", NULL));
+
+ // Even if ThirdPartyAllowAccess is true.
+ SetThirdPartyAllowAccess(true);
mkosiba (inactive) 2014/04/17 18:27:30 this should probably be a separate test
hjd_google 2014/04/22 13:34:41 Done.
+
+ EXPECT_FALSE(AllowSetCookie(url_google_,
+ url_google_,
+ "", NULL, 0, 0, NULL));
+ EXPECT_FALSE(AllowGetCookie(url_google_,
+ url_google_,
+ CookieList(),
+ NULL, 0, 0));
+ EXPECT_FALSE(OnCanGetCookies(*first_party_request_, CookieList()));
+ EXPECT_FALSE(OnCanSetCookie(*first_party_request_, "", NULL));
+
+ EXPECT_FALSE(AllowSetCookie(url_google_,
+ url_google_analytics_,
+ "", NULL, 0, 0, NULL));
+ EXPECT_FALSE(AllowGetCookie(url_google_,
+ url_google_analytics_,
+ CookieList(),
+ NULL, 0, 0));
+ EXPECT_FALSE(OnCanGetCookies(*third_party_request_, CookieList()));
+ EXPECT_FALSE(OnCanSetCookie(*third_party_request_, "", NULL));
+}
+
+TEST_F(AwCookieAccessPolicyTest, FirstPartyCookiesOnly) {
+ SetGlobalAllowAccess(true);
+ SetThirdPartyAllowAccess(false);
+
+ EXPECT_TRUE(AllowSetCookie(url_google_,
+ url_google_,
+ "", NULL, 0, 0, NULL));
+ EXPECT_TRUE(AllowGetCookie(url_google_,
+ url_google_,
+ CookieList(),
+ NULL, 0, 0));
+ EXPECT_TRUE(OnCanGetCookies(*first_party_request_, CookieList()));
+ EXPECT_TRUE(OnCanSetCookie(*first_party_request_, "", NULL));
+
+ EXPECT_FALSE(AllowSetCookie(url_google_,
+ url_google_analytics_,
+ "", NULL, 0, 0, NULL));
+ EXPECT_FALSE(AllowGetCookie(url_google_,
+ url_google_analytics_,
+ CookieList(),
+ NULL, 0, 0));
+ EXPECT_FALSE(OnCanGetCookies(*third_party_request_, CookieList()));
+ EXPECT_FALSE(OnCanSetCookie(*third_party_request_, "", NULL));
+}
+
« android_webview/browser/aw_cookie_access_policy.h ('K') | « android_webview/browser/aw_cookie_access_policy.cc ('k') | android_webview/java/src/org/chromium/android_webview/AwCookieManager.java » ('j') | android_webview/javatests/src/org/chromium/android_webview/test/CookieManagerTest.java » ('J')

Powered by Google App Engine
This is Rietveld 408576698