Implements strict secure cookies as the default behavior in //net

net/cookies/cookie_monster_unittest.cc

 // Copyright (c) 2012 The Chromium Authors. All rights reserved.
 // Use of this source code is governed by a BSD-style license that can be
 // found in the LICENSE file.
 
 #include "net/cookies/cookie_monster.h"
 
 #include <algorithm>
 #include <memory>
 #include <string>
 #include <vector>
@@ skipping 89 matching lines @@
   static std::unique_ptr<CookieStore> Create() {
     return base::MakeUnique<CookieMonster>(nullptr, nullptr);
   }
 
   static const bool supports_http_only = true;
   static const bool supports_non_dotted_domains = true;
   static const bool preserves_trailing_dots = true;
   static const bool filters_schemes = true;
   static const bool has_path_prefix_bug = false;
   static const int creation_time_granularity_in_ms = 0;
-  static const bool enforce_strict_secure = false;
-};
-
-struct CookieMonsterEnforcingStrictSecure {
-  static std::unique_ptr<CookieStore> Create() {
-    return base::MakeUnique<CookieMonster>(nullptr, nullptr);
-  }
-
-  static const bool supports_http_only = true;
-  static const bool supports_non_dotted_domains = true;
-  static const bool preserves_trailing_dots = true;
-  static const bool filters_schemes = true;
-  static const bool has_path_prefix_bug = false;
-  static const int creation_time_granularity_in_ms = 0;
-  static const bool enforce_strict_secure = true;
 };
 
 INSTANTIATE_TYPED_TEST_CASE_P(CookieMonster,
                               CookieStoreTest,
                               CookieMonsterTestTraits);
 
-INSTANTIATE_TYPED_TEST_CASE_P(CookieMonsterStrictSecure,
-                              CookieStoreTest,
-                              CookieMonsterEnforcingStrictSecure);
-
 template <typename T>
 class CookieMonsterTestBase : public CookieStoreTest<T> {
  public:
   using CookieStoreTest<T>::SetCookie;
 
  protected:
   using CookieStoreTest<T>::http_www_google_;
   using CookieStoreTest<T>::https_www_google_;
 
   CookieList GetAllCookiesForURLWithOptions(CookieMonster* cm,
@@ skipping 652 matching lines @@
           it->Priority() == cookie.Priority()) {
         return true;
       }
     }
 
     return false;
   }
 };
 
 using CookieMonsterTest = CookieMonsterTestBase<CookieMonsterTestTraits>;
-using CookieMonsterStrictSecureTest =
-    CookieMonsterTestBase<CookieMonsterEnforcingStrictSecure>;
 
 // TODO(erikwright): Replace the other callbacks and synchronous helper methods
 // in this test suite with these Mocks.
 template <typename T, typename C>
 class MockCookieCallback {
  public:
   C AsCallback() {
     return base::Bind(&T::Invoke, base::Unretained(static_cast<T*>(this)));
   }
 };
@@ skipping 69 matching lines @@
           delete_begin,
           delete_end,
           callback) {
   cookie_monster->DeleteAllCreatedBetweenAsync(delete_begin, delete_end,
                                                callback->AsCallback());
 }
 ACTION_P3(SetCookieWithDetailsAction, cookie_monster, cc, callback) {
   cookie_monster->SetCookieWithDetailsAsync(
       cc.url, cc.name, cc.value, cc.domain, cc.path, base::Time(),
       cc.expiration_time, base::Time(), cc.secure, cc.http_only, cc.same_site,
-      false /* enforces strict secure cookies */, cc.priority,
-      callback->AsCallback());
+      cc.priority, callback->AsCallback());
 }
 
 ACTION_P2(GetAllCookiesAction, cookie_monster, callback) {
   cookie_monster->GetAllCookiesAsync(callback->AsCallback());
 }
 
 ACTION_P5(DeleteAllCreatedBetweenWithPredicateAction,
           cookie_monster,
           delete_begin,
           delete_end,
@@ skipping 178 matching lines @@
   CompleteLoading();
   loop.Run();
 }
 
 TEST_F(DeferredCookieTaskTest, DeferredSetAllCookies) {
   MockSetCookiesCallback set_cookies_callback;
   CookieList list;
   list.push_back(*CanonicalCookie::Create(
       http_www_google_.url(), "A", "B", http_www_google_.domain(), "/",
       base::Time::Now(), base::Time(), false, true,
-      CookieSameSite::DEFAULT_MODE, false, COOKIE_PRIORITY_DEFAULT));
+      CookieSameSite::DEFAULT_MODE, COOKIE_PRIORITY_DEFAULT));
   list.push_back(*CanonicalCookie::Create(
       http_www_google_.url(), "C", "D", http_www_google_.domain(), "/",
       base::Time::Now(), base::Time(), false, true,
-      CookieSameSite::DEFAULT_MODE, false, COOKIE_PRIORITY_DEFAULT));
+      CookieSameSite::DEFAULT_MODE, COOKIE_PRIORITY_DEFAULT));
 
   BeginWith(
       SetAllCookiesAction(&cookie_monster(), list, &set_cookies_callback));
 
   WaitForLoadCall();
 
   EXPECT_CALL(set_cookies_callback, Invoke(true))
       .WillOnce(
           SetAllCookiesAction(&cookie_monster(), list, &set_cookies_callback));
   base::RunLoop loop;
@@ skipping 477 matching lines @@
 }
 
 TEST_F(CookieMonsterTest, TestPriorityAwareGarbageCollectionNonSecure) {
   TestPriorityAwareGarbageCollectHelperNonSecure();
 }
 
 TEST_F(CookieMonsterTest, TestPriorityAwareGarbageCollectionSecure) {
   TestPriorityAwareGarbageCollectHelperSecure();
 }
 
-TEST_F(CookieMonsterStrictSecureTest, TestPriorityAwareGarbageCollectionMixed) {
+TEST_F(CookieMonsterTest, TestPriorityAwareGarbageCollectionMixed) {
   TestPriorityAwareGarbageCollectHelperMixed();
 }
 
 TEST_F(CookieMonsterTest, SetCookieableSchemes) {
   std::unique_ptr<CookieMonster> cm(new CookieMonster(nullptr, nullptr));
   std::unique_ptr<CookieMonster> cm_foo(new CookieMonster(nullptr, nullptr));
 
   // Only cm_foo should allow foo:// cookies.
   std::vector<std::string> schemes;
   schemes.push_back("foo");
@@ skipping 971 matching lines @@
   cm->SetPersistSessionCookies(true);
 
   EXPECT_TRUE(SetCookie(cm.get(), http_www_google_.url(), "U=V; path=/"));
   EXPECT_TRUE(SetCookie(cm.get(), http_www_google_.url(), "W=X; path=/foo"));
   EXPECT_TRUE(SetCookie(cm.get(), http_www_google_.url(), "Y=Z; path=/"));
 
   CookieList list;
   list.push_back(*CanonicalCookie::Create(
       http_www_google_.url(), "A", "B", http_www_google_.url().host(), "/",
       base::Time::Now(), base::Time(), false, false,
-      CookieSameSite::DEFAULT_MODE, false, COOKIE_PRIORITY_DEFAULT));
+      CookieSameSite::DEFAULT_MODE, COOKIE_PRIORITY_DEFAULT));
   list.push_back(*CanonicalCookie::Create(
       http_www_google_.url(), "W", "X", http_www_google_.url().host(), "/bar",
       base::Time::Now(), base::Time(), false, false,
-      CookieSameSite::DEFAULT_MODE, false, COOKIE_PRIORITY_DEFAULT));
+      CookieSameSite::DEFAULT_MODE, COOKIE_PRIORITY_DEFAULT));
   list.push_back(*CanonicalCookie::Create(
       http_www_google_.url(), "Y", "Z", http_www_google_.url().host(), "/",
       base::Time::Now(), base::Time(), false, false,
-      CookieSameSite::DEFAULT_MODE, false, COOKIE_PRIORITY_DEFAULT));
+      CookieSameSite::DEFAULT_MODE, COOKIE_PRIORITY_DEFAULT));
 
   // SetAllCookies must not flush.
   ASSERT_EQ(0, store->flush_count());
   EXPECT_TRUE(SetAllCookies(cm.get(), list));
   EXPECT_EQ(0, store->flush_count());
 
   CookieList cookies = GetAllCookies(cm.get());
   size_t expected_size = 3;  // "A", "W" and "Y". "U" is gone.
   EXPECT_EQ(expected_size, cookies.size());
   CookieList::iterator it = cookies.begin();
@@ skipping 14 matching lines @@
 
 TEST_F(CookieMonsterTest, ComputeCookieDiff) {
   std::unique_ptr<CookieMonster> cm(new CookieMonster(nullptr, nullptr));
 
   base::Time now = base::Time::Now();
   base::Time creation_time = now - base::TimeDelta::FromSeconds(1);
 
   std::unique_ptr<CanonicalCookie> cookie1(CanonicalCookie::Create(
       http_www_google_.url(), "A", "B", http_www_google_.url().host(), "/",
       creation_time, base::Time(), false, false, CookieSameSite::DEFAULT_MODE,
-      false, COOKIE_PRIORITY_DEFAULT));
+      COOKIE_PRIORITY_DEFAULT));
   std::unique_ptr<CanonicalCookie> cookie2(CanonicalCookie::Create(
       http_www_google_.url(), "C", "D", http_www_google_.url().host(), "/",
       creation_time, base::Time(), false, false, CookieSameSite::DEFAULT_MODE,
-      false, COOKIE_PRIORITY_DEFAULT));
+      COOKIE_PRIORITY_DEFAULT));
   std::unique_ptr<CanonicalCookie> cookie3(CanonicalCookie::Create(
       http_www_google_.url(), "E", "F", http_www_google_.url().host(), "/",
       creation_time, base::Time(), false, false, CookieSameSite::DEFAULT_MODE,
-      false, COOKIE_PRIORITY_DEFAULT));
+      COOKIE_PRIORITY_DEFAULT));
   std::unique_ptr<CanonicalCookie> cookie4(CanonicalCookie::Create(
       http_www_google_.url(), "G", "H", http_www_google_.url().host(), "/",
       creation_time, base::Time(), false, false, CookieSameSite::DEFAULT_MODE,
-      false, COOKIE_PRIORITY_DEFAULT));
+      COOKIE_PRIORITY_DEFAULT));
   std::unique_ptr<CanonicalCookie> cookie4_with_new_value(
       CanonicalCookie::Create(
           http_www_google_.url(), "G", "iamnew", http_www_google_.url().host(),
           "/", creation_time, base::Time(), false, false,
-          CookieSameSite::DEFAULT_MODE, false, COOKIE_PRIORITY_DEFAULT));
+          CookieSameSite::DEFAULT_MODE, COOKIE_PRIORITY_DEFAULT));
   std::unique_ptr<CanonicalCookie> cookie5(CanonicalCookie::Create(
       http_www_google_.url(), "I", "J", http_www_google_.url().host(), "/",
       creation_time, base::Time(), false, false, CookieSameSite::DEFAULT_MODE,
-      false, COOKIE_PRIORITY_DEFAULT));
+      COOKIE_PRIORITY_DEFAULT));
   std::unique_ptr<CanonicalCookie> cookie5_with_new_creation_time(
       CanonicalCookie::Create(
           http_www_google_.url(), "I", "J", http_www_google_.url().host(), "/",
-          now, base::Time(), false, false, CookieSameSite::DEFAULT_MODE, false,
+          now, base::Time(), false, false, CookieSameSite::DEFAULT_MODE,
           COOKIE_PRIORITY_DEFAULT));
   std::unique_ptr<CanonicalCookie> cookie6(CanonicalCookie::Create(
       http_www_google_.url(), "K", "L", http_www_google_.url().host(), "/foo",
       creation_time, base::Time(), false, false, CookieSameSite::DEFAULT_MODE,
-      false, COOKIE_PRIORITY_DEFAULT));
+      COOKIE_PRIORITY_DEFAULT));
   std::unique_ptr<CanonicalCookie> cookie6_with_new_path(
       CanonicalCookie::Create(
           http_www_google_.url(), "K", "L", http_www_google_.url().host(),
           "/bar", creation_time, base::Time(), false, false,
-          CookieSameSite::DEFAULT_MODE, false, COOKIE_PRIORITY_DEFAULT));
+          CookieSameSite::DEFAULT_MODE, COOKIE_PRIORITY_DEFAULT));
   std::unique_ptr<CanonicalCookie> cookie7(CanonicalCookie::Create(
       http_www_google_.url(), "M", "N", http_www_google_.url().host(), "/foo",
       creation_time, base::Time(), false, false, CookieSameSite::DEFAULT_MODE,
-      false, COOKIE_PRIORITY_DEFAULT));
+      COOKIE_PRIORITY_DEFAULT));
   std::unique_ptr<CanonicalCookie> cookie7_with_new_path(
       CanonicalCookie::Create(
           http_www_google_.url(), "M", "N", http_www_google_.url().host(),
           "/bar", creation_time, base::Time(), false, false,
-          CookieSameSite::DEFAULT_MODE, false, COOKIE_PRIORITY_DEFAULT));
+          CookieSameSite::DEFAULT_MODE, COOKIE_PRIORITY_DEFAULT));
 
   CookieList old_cookies;
   old_cookies.push_back(*cookie1);
   old_cookies.push_back(*cookie2);
   old_cookies.push_back(*cookie4);
   old_cookies.push_back(*cookie5);
   old_cookies.push_back(*cookie6);
   old_cookies.push_back(*cookie7);
 
   CookieList new_cookies;
@@ skipping 196 matching lines @@
 
   AddCookieToList(url, "foo=bar; path=" + path, now1, &initial_cookies);
 
   // We have to manually build this cookie because it contains a control
   // character, and our cookie line parser rejects control characters.
   std::unique_ptr<CanonicalCookie> cc = CanonicalCookie::Create(
       url, "baz",
       "\x05"
       "boo",
       domain, path, now2, later, false, false, CookieSameSite::DEFAULT_MODE,
-      false, COOKIE_PRIORITY_DEFAULT);
+      COOKIE_PRIORITY_DEFAULT);
   initial_cookies.push_back(std::move(cc));
 
   AddCookieToList(url, "hello=world; path=" + path, now3, &initial_cookies);
 
   // Inject our initial cookies into the mock PersistentCookieStore.
   store->SetLoadExpectation(true, std::move(initial_cookies));
 
   std::unique_ptr<CookieMonster> cm(new CookieMonster(store.get(), nullptr));
 
   EXPECT_EQ("foo=bar; hello=world", GetCookies(cm.get(), url));
@@ skipping 18 matching lines @@
       CookieMonster::COOKIE_SOURCE_SECURE_COOKIE_CRYPTOGRAPHIC_SCHEME, 1);
 
   // Set a non-secure cookie on a cryptographic scheme.
   EXPECT_TRUE(SetCookie(cm.get(), https_www_google_.url(), "C=D; path=/;"));
   histograms.ExpectTotalCount(cookie_source_histogram, 2);
   histograms.ExpectBucketCount(
       cookie_source_histogram,
       CookieMonster::COOKIE_SOURCE_NONSECURE_COOKIE_CRYPTOGRAPHIC_SCHEME, 1);
 
   // Set a secure cookie on a non-cryptographic scheme.
-  EXPECT_TRUE(
+  EXPECT_FALSE(
       SetCookie(cm.get(), http_www_google_.url(), "D=E; path=/; Secure"));
-  histograms.ExpectTotalCount(cookie_source_histogram, 3);
+  histograms.ExpectTotalCount(cookie_source_histogram, 2);
   histograms.ExpectBucketCount(
       cookie_source_histogram,
-      CookieMonster::COOKIE_SOURCE_SECURE_COOKIE_NONCRYPTOGRAPHIC_SCHEME, 1);
+      CookieMonster::COOKIE_SOURCE_SECURE_COOKIE_NONCRYPTOGRAPHIC_SCHEME, 0);
 
   // Overwrite a secure cookie (set by a cryptographic scheme) on a
   // non-cryptographic scheme.
-  EXPECT_TRUE(
+  EXPECT_FALSE(
       SetCookie(cm.get(), http_www_google_.url(), "A=B; path=/; Secure"));
-  histograms.ExpectTotalCount(cookie_source_histogram, 4);
+  histograms.ExpectTotalCount(cookie_source_histogram, 2);
   histograms.ExpectBucketCount(
       cookie_source_histogram,
       CookieMonster::COOKIE_SOURCE_SECURE_COOKIE_CRYPTOGRAPHIC_SCHEME, 1);
   histograms.ExpectBucketCount(
       cookie_source_histogram,
-      CookieMonster::COOKIE_SOURCE_SECURE_COOKIE_NONCRYPTOGRAPHIC_SCHEME, 2);
+      CookieMonster::COOKIE_SOURCE_SECURE_COOKIE_NONCRYPTOGRAPHIC_SCHEME, 0);
 
-  // Test that clearing a secure cookie on a http:// URL does not get
-  // counted.
+  // Test that attempting to clear a secure cookie on a http:// URL does
+  // nothing.
   EXPECT_TRUE(
       SetCookie(cm.get(), https_www_google_.url(), "F=G; path=/; Secure"));
-  histograms.ExpectTotalCount(cookie_source_histogram, 5);
+  histograms.ExpectTotalCount(cookie_source_histogram, 3);
   std::string cookies1 = GetCookies(cm.get(), https_www_google_.url());
   EXPECT_NE(std::string::npos, cookies1.find("F=G"));
-  EXPECT_TRUE(SetCookie(cm.get(), http_www_google_.url(),
-                        "F=G; path=/; Expires=Thu, 01-Jan-1970 00:00:01 GMT"));
+  EXPECT_FALSE(SetCookie(cm.get(), http_www_google_.url(),
+                         "F=G; path=/; Expires=Thu, 01-Jan-1970 00:00:01 GMT"));
   std::string cookies2 = GetCookies(cm.get(), https_www_google_.url());
-  EXPECT_EQ(std::string::npos, cookies2.find("F=G"));
-  histograms.ExpectTotalCount(cookie_source_histogram, 5);
+  EXPECT_NE(std::string::npos, cookies2.find("F=G"));
+  histograms.ExpectTotalCount(cookie_source_histogram, 3);
 
   // Set a non-secure cookie on a non-cryptographic scheme.
   EXPECT_TRUE(SetCookie(cm.get(), http_www_google_.url(), "H=I; path=/"));
-  histograms.ExpectTotalCount(cookie_source_histogram, 6);
+  histograms.ExpectTotalCount(cookie_source_histogram, 4);
   histograms.ExpectBucketCount(
       cookie_source_histogram,
       CookieMonster::COOKIE_SOURCE_NONSECURE_COOKIE_NONCRYPTOGRAPHIC_SCHEME, 1);
 }
 
-// Test that cookie delete equivalent histograms are recorded correctly when
-// strict secure cookies are not enabled.
+// Test that cookie delete equivalent histograms are recorded correctly.
 TEST_F(CookieMonsterTest, CookieDeleteEquivalentHistogramTest) {
   base::HistogramTester histograms;
   const std::string cookie_source_histogram = "Cookie.CookieDeleteEquivalent";
 
   scoped_refptr<MockPersistentCookieStore> store(new MockPersistentCookieStore);
   std::unique_ptr<CookieMonster> cm(new CookieMonster(store.get(), nullptr));
 
   // Set a secure cookie from a secure origin
   EXPECT_TRUE(SetCookie(cm.get(), https_www_google_.url(), "A=B; Secure"));
   histograms.ExpectTotalCount(cookie_source_histogram, 1);
   histograms.ExpectBucketCount(cookie_source_histogram,
                                CookieMonster::COOKIE_DELETE_EQUIVALENT_ATTEMPT,
                                1);
 
   // Set a new cookie with a different name from a variety of origins (including
   // the same one).
   EXPECT_TRUE(SetCookie(cm.get(), https_www_google_.url(), "B=A;"));
   histograms.ExpectTotalCount(cookie_source_histogram, 2);
   histograms.ExpectBucketCount(cookie_source_histogram,
                                CookieMonster::COOKIE_DELETE_EQUIVALENT_ATTEMPT,
                                2);
   EXPECT_TRUE(SetCookie(cm.get(), http_www_google_.url(), "C=A;"));
   histograms.ExpectTotalCount(cookie_source_histogram, 3);
   histograms.ExpectBucketCount(cookie_source_histogram,
                                CookieMonster::COOKIE_DELETE_EQUIVALENT_ATTEMPT,
                                3);
 
   // Set a non-secure cookie from an insecure origin that matches the name of an
   // already existing cookie and additionally is equivalent to the existing
-  // cookie.
-  EXPECT_TRUE(SetCookie(cm.get(), http_www_google_.url(), "A=B;"));
-  histograms.ExpectTotalCount(cookie_source_histogram, 5);
+  // cookie. This should fail since it's trying to overwrite a secure cookie.
+  EXPECT_FALSE(SetCookie(cm.get(), http_www_google_.url(), "A=B;"));
+  histograms.ExpectTotalCount(cookie_source_histogram, 6);
   histograms.ExpectBucketCount(cookie_source_histogram,
                                CookieMonster::COOKIE_DELETE_EQUIVALENT_ATTEMPT,
                                4);
   histograms.ExpectBucketCount(cookie_source_histogram,
                                CookieMonster::COOKIE_DELETE_EQUIVALENT_FOUND,
-                               1);
+                               0);
+  histograms.ExpectBucketCount(
+      cookie_source_histogram,
+      CookieMonster::COOKIE_DELETE_EQUIVALENT_SKIPPING_SECURE, 1);
+  histograms.ExpectBucketCount(
+      cookie_source_histogram,
+      CookieMonster::COOKIE_DELETE_EQUIVALENT_WOULD_HAVE_DELETED, 1);
 
   // Set a non-secure cookie from an insecure origin that matches the name of an
-  // already existing cookie but is not equivalent.
-  EXPECT_TRUE(
+  // already existing cookie but is not equivalent. This should fail since it's
+  // trying to shadow a secure cookie.
+  EXPECT_FALSE(
       SetCookie(cm.get(), http_www_google_.url(), "A=C; path=/some/path"));
-  histograms.ExpectTotalCount(cookie_source_histogram, 6);
+  histograms.ExpectTotalCount(cookie_source_histogram, 8);
   histograms.ExpectBucketCount(cookie_source_histogram,
                                CookieMonster::COOKIE_DELETE_EQUIVALENT_ATTEMPT,
                                5);
+  histograms.ExpectBucketCount(
+      cookie_source_histogram,
+      CookieMonster::COOKIE_DELETE_EQUIVALENT_SKIPPING_SECURE, 2);
 
   // Set a secure cookie from a secure origin that matches the name of an
   // already existing cookies and is equivalent.
   EXPECT_TRUE(SetCookie(cm.get(), https_www_google_.url(), "A=D; secure"));
-  histograms.ExpectTotalCount(cookie_source_histogram, 8);
+  histograms.ExpectTotalCount(cookie_source_histogram, 10);
   histograms.ExpectBucketCount(cookie_source_histogram,
                                CookieMonster::COOKIE_DELETE_EQUIVALENT_ATTEMPT,
                                6);
   histograms.ExpectBucketCount(cookie_source_histogram,
                                CookieMonster::COOKIE_DELETE_EQUIVALENT_FOUND,
-                               2);
+                               1);
 
   // Set a secure cookie from a secure origin that matches the name of an
   // already existing cookie and is not equivalent.
   EXPECT_TRUE(SetCookie(cm.get(), https_www_google_.url(),
                         "A=E; secure; path=/some/other/path"));
-  histograms.ExpectTotalCount(cookie_source_histogram, 9);
+  histograms.ExpectTotalCount(cookie_source_histogram, 11);
   histograms.ExpectBucketCount(cookie_source_histogram,
                                CookieMonster::COOKIE_DELETE_EQUIVALENT_ATTEMPT,
                                7);
 }
 
-TEST_F(CookieMonsterStrictSecureTest, SetSecureCookies) {
+TEST_F(CookieMonsterTest, SetSecureCookies) {
   std::unique_ptr<CookieMonster> cm(new CookieMonster(nullptr, nullptr));
   GURL http_url("http://www.google.com");
   GURL http_superdomain_url("http://google.com");
   GURL https_url("https://www.google.com");
 
   // A non-secure cookie can be created from either a URL with a secure or
   // insecure scheme.
   EXPECT_TRUE(SetCookie(cm.get(), http_url, "A=C;"));
   EXPECT_TRUE(SetCookie(cm.get(), https_url, "A=B;"));
 
@@ skipping 45 matching lines @@
   // so the insecure examples aren't trying to overwrite the one above.
   EXPECT_TRUE(SetCookie(cm.get(), https_url, "B=C; Secure; domain=google.com"));
   EXPECT_FALSE(SetCookie(cm.get(), http_url, "B=D; domain=google.com"));
   EXPECT_FALSE(SetCookie(cm.get(), http_url, "B=D"));
   EXPECT_FALSE(SetCookie(cm.get(), http_superdomain_url, "B=D"));
 
   // Verify that if an httponly version of the cookie exists, adding a Secure
   // version of the cookie still does not overwrite it.
   CookieOptions include_httponly;
   include_httponly.set_include_httponly();
-  include_httponly.set_enforce_strict_secure();
   EXPECT_TRUE(SetCookieWithOptions(cm.get(), https_url, "C=D; httponly",
                                    include_httponly));
   // Note that the lack of an explicit options object below uses the default,
   // which in this case includes "exclude_httponly = true".
   EXPECT_FALSE(SetCookie(cm.get(), https_url, "C=E; Secure"));
 }
 
-// Tests for behavior if strict secure cookies is enabled.
-TEST_F(CookieMonsterStrictSecureTest, EvictSecureCookies) {
+// Tests for behavior for strict secure cookies.
+TEST_F(CookieMonsterTest, EvictSecureCookies) {
   // Hard-coding limits in the test, but use DCHECK_EQ to enforce constraint.
   DCHECK_EQ(180U, CookieMonster::kDomainMaxCookies);
   DCHECK_EQ(150U, CookieMonster::kDomainMaxCookies -
                       CookieMonster::kDomainPurgeCookies);
   DCHECK_EQ(3300U, CookieMonster::kMaxCookies);
   DCHECK_EQ(30, CookieMonster::kSafeFromGlobalPurgeDays);
 
   // If secure cookies for one domain hit the per domain limit (180), a
   // non-secure cookie will not evict them (and, in fact, the non-secure cookie
   // will be removed right after creation).
@@ skipping 108 matching lines @@
   // cookies are removed so that the global total number of cookies is at the
   // global purge goal (3000), but the secure cookies are not evicted.
   const CookiesEntry test14[] = {{1U, true}};
   const AltHosts test14_alt_hosts(1500, 1800);
   TestSecureCookieEviction(test14, arraysize(test14), 1501U, 1499,
                            &test14_alt_hosts);
 }
 
 // Tests that strict secure cookies doesn't trip equivalent cookie checks
 // accidentally. Regression test for https://crbug.com/569943.
-TEST_F(CookieMonsterStrictSecureTest, EquivalentCookies) {
+TEST_F(CookieMonsterTest, EquivalentCookies) {
   std::unique_ptr<CookieMonster> cm(new CookieMonster(nullptr, nullptr));
   GURL http_url("http://www.google.com");
   GURL http_superdomain_url("http://google.com");
   GURL https_url("https://www.google.com");
 
   // Tests that non-equivalent cookies because of the path attribute can be set
   // successfully.
   EXPECT_TRUE(SetCookie(cm.get(), https_url, "A=B; Secure"));
   EXPECT_TRUE(SetCookie(cm.get(), https_url, "A=C; path=/some/other/path"));
   EXPECT_FALSE(SetCookie(cm.get(), http_url, "A=D; path=/some/other/path"));
 
   // Tests that non-equivalent cookies because of the domain attribute can be
   // set successfully.
   EXPECT_TRUE(SetCookie(cm.get(), https_url, "A=B; Secure"));
   EXPECT_TRUE(SetCookie(cm.get(), https_url, "A=C; domain=google.com"));
   EXPECT_FALSE(SetCookie(cm.get(), http_url, "A=D; domain=google.com"));
 }
 
-// Test that cookie delete equivalent histograms are recorded correctly for
-// strict secure cookies.
-TEST_F(CookieMonsterStrictSecureTest, CookieDeleteEquivalentHistogramTest) {
-  base::HistogramTester histograms;
-  const std::string cookie_source_histogram = "Cookie.CookieDeleteEquivalent";
-
-  scoped_refptr<MockPersistentCookieStore> store(new MockPersistentCookieStore);
-  std::unique_ptr<CookieMonster> cm(new CookieMonster(store.get(), nullptr));
-
-  // Set a secure cookie from a secure origin
-  EXPECT_TRUE(SetCookie(cm.get(), https_www_google_.url(), "A=B; Secure"));
-  histograms.ExpectTotalCount(cookie_source_histogram, 1);
-  histograms.ExpectBucketCount(cookie_source_histogram,
-                               CookieMonster::COOKIE_DELETE_EQUIVALENT_ATTEMPT,
-                               1);
-
-  // Set a new cookie with a different name from a variety of origins (including
-  // the same one).
-  EXPECT_TRUE(SetCookie(cm.get(), https_www_google_.url(), "B=A;"));
-  histograms.ExpectTotalCount(cookie_source_histogram, 2);
-  histograms.ExpectBucketCount(cookie_source_histogram,
-                               CookieMonster::COOKIE_DELETE_EQUIVALENT_ATTEMPT,
-                               2);
-  EXPECT_TRUE(SetCookie(cm.get(), http_www_google_.url(), "C=A;"));
-  histograms.ExpectTotalCount(cookie_source_histogram, 3);
-  histograms.ExpectBucketCount(cookie_source_histogram,
-                               CookieMonster::COOKIE_DELETE_EQUIVALENT_ATTEMPT,
-                               3);
-
-  // Set a non-secure cookie from an insecure origin that matches the name of an
-  // already existing cookie and additionally is equivalent to the existing
-  // cookie.
-  EXPECT_FALSE(SetCookie(cm.get(), http_www_google_.url(), "A=B;"));
-  histograms.ExpectTotalCount(cookie_source_histogram, 6);
-  histograms.ExpectBucketCount(cookie_source_histogram,
-                               CookieMonster::COOKIE_DELETE_EQUIVALENT_ATTEMPT,
-                               4);
-  histograms.ExpectBucketCount(
-      cookie_source_histogram,
-      CookieMonster::COOKIE_DELETE_EQUIVALENT_SKIPPING_SECURE, 1);
-  histograms.ExpectBucketCount(
-      cookie_source_histogram,
-      CookieMonster::COOKIE_DELETE_EQUIVALENT_WOULD_HAVE_DELETED, 1);
-
-  // Set a non-secure cookie from an insecure origin that matches the name of an
-  // already existing cookie but is not equivalent.
-  EXPECT_FALSE(
-      SetCookie(cm.get(), http_www_google_.url(), "A=B; path=/some/path"));
-  histograms.ExpectTotalCount(cookie_source_histogram, 8);
-  histograms.ExpectBucketCount(cookie_source_histogram,
-                               CookieMonster::COOKIE_DELETE_EQUIVALENT_ATTEMPT,
-                               5);
-  histograms.ExpectBucketCount(
-      cookie_source_histogram,
-      CookieMonster::COOKIE_DELETE_EQUIVALENT_SKIPPING_SECURE, 2);
-
-  // Set a secure cookie from a secure origin that matches the name of an
-  // already existing cookies and is equivalent.
-  EXPECT_TRUE(SetCookie(cm.get(), https_www_google_.url(), "A=B; secure"));
-  histograms.ExpectTotalCount(cookie_source_histogram, 10);
-  histograms.ExpectBucketCount(cookie_source_histogram,
-                               CookieMonster::COOKIE_DELETE_EQUIVALENT_ATTEMPT,
-                               6);
-  histograms.ExpectBucketCount(cookie_source_histogram,
-                               CookieMonster::COOKIE_DELETE_EQUIVALENT_FOUND,
-                               1);
-
-  // Set a secure cookie from a secure origin that matches the name of an
-  // already existing cookie and is not equivalent.
-  EXPECT_TRUE(SetCookie(cm.get(), https_www_google_.url(),
-                        "A=C; secure; path=/some/path"));
-  histograms.ExpectTotalCount(cookie_source_histogram, 11);
-  histograms.ExpectBucketCount(cookie_source_histogram,
-                               CookieMonster::COOKIE_DELETE_EQUIVALENT_ATTEMPT,
-                               7);
-}
-
 class CookieMonsterNotificationTest : public CookieMonsterTest {
  public:
   CookieMonsterNotificationTest()
       : test_url_("http://www.google.com/foo"),
         store_(new MockPersistentCookieStore),
         monster_(new CookieMonster(store_.get(), nullptr)) {}
 
   ~CookieMonsterNotificationTest() override {}
 
   CookieMonster* monster() { return monster_.get(); }
@@ skipping 137 matching lines @@
       monster()->AddCallbackForCookie(
           test_url_, "abc",
           base::Bind(&RecordCookieChanges, &cookies1, nullptr)));
   SetCookie(monster(), test_url_, "abc=def");
   base::RunLoop().RunUntilIdle();
   EXPECT_EQ(1U, cookies0.size());
   EXPECT_EQ(1U, cookies0.size());
 }
 
 }  // namespace net