| Index: net/cookies/canonical_cookie_unittest.cc
|
| diff --git a/net/cookies/canonical_cookie_unittest.cc b/net/cookies/canonical_cookie_unittest.cc
|
| index fa9eb6caa83145b5c3bace04a89c253dbe88027e..2386e850cc50ad0f5aa35b369b1473529cacfec5 100644
|
| --- a/net/cookies/canonical_cookie_unittest.cc
|
| +++ b/net/cookies/canonical_cookie_unittest.cc
|
| @@ -20,7 +20,7 @@ TEST(CanonicalCookieTest, Constructor) {
|
|
|
| std::unique_ptr<CanonicalCookie> cookie(CanonicalCookie::Create(
|
| url, "A", "2", std::string(), "/test", current_time, base::Time(), false,
|
| - false, CookieSameSite::DEFAULT_MODE, false, COOKIE_PRIORITY_DEFAULT));
|
| + false, CookieSameSite::DEFAULT_MODE, COOKIE_PRIORITY_DEFAULT));
|
| EXPECT_EQ("A", cookie->Name());
|
| EXPECT_EQ("2", cookie->Value());
|
| EXPECT_EQ("www.example.com", cookie->Domain());
|
| @@ -31,7 +31,7 @@ TEST(CanonicalCookieTest, Constructor) {
|
|
|
| std::unique_ptr<CanonicalCookie> cookie2(CanonicalCookie::Create(
|
| url, "A", "2", ".www.example.com", std::string(), current_time,
|
| - base::Time(), false, false, CookieSameSite::DEFAULT_MODE, false,
|
| + base::Time(), false, false, CookieSameSite::DEFAULT_MODE,
|
| COOKIE_PRIORITY_DEFAULT));
|
| EXPECT_EQ("A", cookie2->Name());
|
| EXPECT_EQ("2", cookie2->Value());
|
| @@ -64,11 +64,11 @@ TEST(CanonicalCookieTest, Create) {
|
| EXPECT_EQ("/", cookie->Path());
|
| EXPECT_FALSE(cookie->IsSecure());
|
|
|
| - // Test creating secure cookies. RFC 6265 allows insecure urls to set secure
|
| - // cookies.
|
| + // Test creating secure cookies.
|
| + // https://tools.ietf.org/html/draft-ietf-httpbis-cookie-alone disallows
|
| + // insecure URLs from setting secure cookies.
|
| cookie = CanonicalCookie::Create(url, "A=2; Secure", creation_time, options);
|
| - EXPECT_TRUE(cookie.get());
|
| - EXPECT_TRUE(cookie->IsSecure());
|
| + EXPECT_FALSE(cookie.get());
|
|
|
| // Test creating http only cookies.
|
| cookie =
|
| @@ -93,10 +93,9 @@ TEST(CanonicalCookieTest, Create) {
|
|
|
| // Test the creating cookies using specific parameter instead of a cookie
|
| // string.
|
| - cookie = CanonicalCookie::Create(url, "A", "2", "www.example.com", "/test",
|
| - creation_time, base::Time(), false, false,
|
| - CookieSameSite::DEFAULT_MODE, false,
|
| - COOKIE_PRIORITY_DEFAULT);
|
| + cookie = CanonicalCookie::Create(
|
| + url, "A", "2", "www.example.com", "/test", creation_time, base::Time(),
|
| + false, false, CookieSameSite::DEFAULT_MODE, COOKIE_PRIORITY_DEFAULT);
|
| EXPECT_EQ("A", cookie->Name());
|
| EXPECT_EQ("2", cookie->Value());
|
| EXPECT_EQ(".www.example.com", cookie->Domain());
|
| @@ -105,10 +104,9 @@ TEST(CanonicalCookieTest, Create) {
|
| EXPECT_FALSE(cookie->IsHttpOnly());
|
| EXPECT_EQ(CookieSameSite::NO_RESTRICTION, cookie->SameSite());
|
|
|
| - cookie = CanonicalCookie::Create(url, "A", "2", ".www.example.com", "/test",
|
| - creation_time, base::Time(), false, false,
|
| - CookieSameSite::DEFAULT_MODE, false,
|
| - COOKIE_PRIORITY_DEFAULT);
|
| + cookie = CanonicalCookie::Create(
|
| + url, "A", "2", ".www.example.com", "/test", creation_time, base::Time(),
|
| + false, false, CookieSameSite::DEFAULT_MODE, COOKIE_PRIORITY_DEFAULT);
|
| EXPECT_EQ("A", cookie->Name());
|
| EXPECT_EQ("2", cookie->Value());
|
| EXPECT_EQ(".www.example.com", cookie->Domain());
|
| @@ -167,7 +165,7 @@ TEST(CanonicalCookieTest, EmptyExpiry) {
|
| }
|
|
|
| TEST(CanonicalCookieTest, IsEquivalent) {
|
| - GURL url("http://www.example.com/");
|
| + GURL url("https://www.example.com/");
|
| std::string cookie_name = "A";
|
| std::string cookie_value = "2EDA-EF";
|
| std::string cookie_domain = ".www.example.com";
|
| @@ -181,25 +179,22 @@ TEST(CanonicalCookieTest, IsEquivalent) {
|
| // Test that a cookie is equivalent to itself.
|
| std::unique_ptr<CanonicalCookie> cookie(CanonicalCookie::Create(
|
| url, cookie_name, cookie_value, cookie_domain, cookie_path, creation_time,
|
| - expiration_time, secure, httponly, same_site, false,
|
| - COOKIE_PRIORITY_MEDIUM));
|
| + expiration_time, secure, httponly, same_site, COOKIE_PRIORITY_MEDIUM));
|
| EXPECT_TRUE(cookie->IsEquivalent(*cookie));
|
| EXPECT_TRUE(cookie->IsEquivalentForSecureCookieMatching(*cookie));
|
|
|
| // Test that two identical cookies are equivalent.
|
| std::unique_ptr<CanonicalCookie> other_cookie(CanonicalCookie::Create(
|
| url, cookie_name, cookie_value, cookie_domain, cookie_path, creation_time,
|
| - expiration_time, secure, httponly, same_site, false,
|
| - COOKIE_PRIORITY_MEDIUM));
|
| + expiration_time, secure, httponly, same_site, COOKIE_PRIORITY_MEDIUM));
|
| EXPECT_TRUE(cookie->IsEquivalent(*other_cookie));
|
| EXPECT_TRUE(other_cookie->IsEquivalentForSecureCookieMatching(*cookie));
|
|
|
| // Tests that use different variations of attribute values that
|
| // DON'T affect cookie equivalence.
|
| - other_cookie =
|
| - CanonicalCookie::Create(url, cookie_name, "2", cookie_domain, cookie_path,
|
| - creation_time, expiration_time, secure, httponly,
|
| - same_site, false, COOKIE_PRIORITY_HIGH);
|
| + other_cookie = CanonicalCookie::Create(
|
| + url, cookie_name, "2", cookie_domain, cookie_path, creation_time,
|
| + expiration_time, secure, httponly, same_site, COOKIE_PRIORITY_HIGH);
|
| EXPECT_TRUE(cookie->IsEquivalent(*other_cookie));
|
| EXPECT_TRUE(cookie->IsEquivalentForSecureCookieMatching(*other_cookie));
|
| EXPECT_TRUE(other_cookie->IsEquivalentForSecureCookieMatching(*cookie));
|
| @@ -208,29 +203,28 @@ TEST(CanonicalCookieTest, IsEquivalent) {
|
| creation_time + base::TimeDelta::FromMinutes(2);
|
| other_cookie = CanonicalCookie::Create(
|
| url, cookie_name, "2", cookie_domain, cookie_path, other_creation_time,
|
| - expiration_time, secure, httponly, same_site, false,
|
| - COOKIE_PRIORITY_MEDIUM);
|
| + expiration_time, secure, httponly, same_site, COOKIE_PRIORITY_MEDIUM);
|
| EXPECT_TRUE(cookie->IsEquivalent(*other_cookie));
|
| EXPECT_TRUE(cookie->IsEquivalentForSecureCookieMatching(*other_cookie));
|
| EXPECT_TRUE(other_cookie->IsEquivalentForSecureCookieMatching(*cookie));
|
|
|
| other_cookie = CanonicalCookie::Create(
|
| url, cookie_name, cookie_name, cookie_domain, cookie_path, creation_time,
|
| - expiration_time, true, httponly, same_site, false, COOKIE_PRIORITY_LOW);
|
| + expiration_time, true, httponly, same_site, COOKIE_PRIORITY_LOW);
|
| EXPECT_TRUE(cookie->IsEquivalent(*other_cookie));
|
| EXPECT_TRUE(cookie->IsEquivalentForSecureCookieMatching(*other_cookie));
|
| EXPECT_TRUE(other_cookie->IsEquivalentForSecureCookieMatching(*cookie));
|
|
|
| other_cookie = CanonicalCookie::Create(
|
| url, cookie_name, cookie_name, cookie_domain, cookie_path, creation_time,
|
| - expiration_time, secure, true, same_site, false, COOKIE_PRIORITY_LOW);
|
| + expiration_time, secure, true, same_site, COOKIE_PRIORITY_LOW);
|
| EXPECT_TRUE(cookie->IsEquivalent(*other_cookie));
|
| EXPECT_TRUE(cookie->IsEquivalentForSecureCookieMatching(*other_cookie));
|
| EXPECT_TRUE(other_cookie->IsEquivalentForSecureCookieMatching(*cookie));
|
|
|
| other_cookie = CanonicalCookie::Create(
|
| url, cookie_name, cookie_name, cookie_domain, cookie_path, creation_time,
|
| - expiration_time, secure, httponly, CookieSameSite::STRICT_MODE, false,
|
| + expiration_time, secure, httponly, CookieSameSite::STRICT_MODE,
|
| COOKIE_PRIORITY_LOW);
|
| EXPECT_TRUE(cookie->IsEquivalent(*other_cookie));
|
| EXPECT_TRUE(cookie->IsEquivalentForSecureCookieMatching(*other_cookie));
|
| @@ -239,8 +233,7 @@ TEST(CanonicalCookieTest, IsEquivalent) {
|
| // Cookies whose names mismatch are not equivalent.
|
| other_cookie = CanonicalCookie::Create(
|
| url, "B", cookie_value, cookie_domain, cookie_path, creation_time,
|
| - expiration_time, secure, httponly, same_site, false,
|
| - COOKIE_PRIORITY_MEDIUM);
|
| + expiration_time, secure, httponly, same_site, COOKIE_PRIORITY_MEDIUM);
|
| EXPECT_FALSE(cookie->IsEquivalent(*other_cookie));
|
| EXPECT_FALSE(cookie->IsEquivalentForSecureCookieMatching(*other_cookie));
|
| EXPECT_FALSE(other_cookie->IsEquivalentForSecureCookieMatching(*cookie));
|
| @@ -250,8 +243,7 @@ TEST(CanonicalCookieTest, IsEquivalent) {
|
| // rules of 'IsEquivalentForSecureCookieMatching'.
|
| other_cookie = CanonicalCookie::Create(
|
| url, cookie_name, cookie_value, std::string(), cookie_path, creation_time,
|
| - expiration_time, secure, httponly, same_site, false,
|
| - COOKIE_PRIORITY_MEDIUM);
|
| + expiration_time, secure, httponly, same_site, COOKIE_PRIORITY_MEDIUM);
|
| EXPECT_TRUE(cookie->IsDomainCookie());
|
| EXPECT_FALSE(other_cookie->IsDomainCookie());
|
| EXPECT_FALSE(cookie->IsEquivalent(*other_cookie));
|
| @@ -262,7 +254,7 @@ TEST(CanonicalCookieTest, IsEquivalent) {
|
| // 'www.example.com', but they are equivalent for secure cookie matching.
|
| other_cookie = CanonicalCookie::Create(
|
| url, cookie_name, cookie_value, ".example.com", cookie_path,
|
| - creation_time, expiration_time, secure, httponly, same_site, false,
|
| + creation_time, expiration_time, secure, httponly, same_site,
|
| COOKIE_PRIORITY_MEDIUM);
|
| EXPECT_FALSE(cookie->IsEquivalent(*other_cookie));
|
| EXPECT_TRUE(cookie->IsEquivalentForSecureCookieMatching(*other_cookie));
|
| @@ -275,15 +267,14 @@ TEST(CanonicalCookieTest, IsEquivalent) {
|
| // equivalent for secure cookie matching to |other_cookie| set on '/'.
|
| other_cookie = CanonicalCookie::Create(
|
| url, cookie_name, cookie_value, cookie_domain, "/test", creation_time,
|
| - expiration_time, secure, httponly, same_site, false,
|
| - COOKIE_PRIORITY_MEDIUM);
|
| + expiration_time, secure, httponly, same_site, COOKIE_PRIORITY_MEDIUM);
|
| EXPECT_FALSE(cookie->IsEquivalent(*other_cookie));
|
| EXPECT_FALSE(cookie->IsEquivalentForSecureCookieMatching(*other_cookie));
|
| EXPECT_FALSE(other_cookie->IsEquivalentForSecureCookieMatching(*cookie));
|
|
|
| other_cookie = CanonicalCookie::Create(
|
| url, cookie_name, cookie_value, cookie_domain, cookie_path + "/subpath",
|
| - creation_time, expiration_time, secure, httponly, same_site, false,
|
| + creation_time, expiration_time, secure, httponly, same_site,
|
| COOKIE_PRIORITY_MEDIUM);
|
| EXPECT_FALSE(cookie->IsEquivalent(*other_cookie));
|
| EXPECT_FALSE(cookie->IsEquivalentForSecureCookieMatching(*other_cookie));
|
| @@ -291,8 +282,7 @@ TEST(CanonicalCookieTest, IsEquivalent) {
|
|
|
| other_cookie = CanonicalCookie::Create(
|
| url, cookie_name, cookie_value, cookie_domain, "/", creation_time,
|
| - expiration_time, secure, httponly, same_site, false,
|
| - COOKIE_PRIORITY_MEDIUM);
|
| + expiration_time, secure, httponly, same_site, COOKIE_PRIORITY_MEDIUM);
|
| EXPECT_FALSE(cookie->IsEquivalent(*other_cookie));
|
| EXPECT_TRUE(cookie->IsEquivalentForSecureCookieMatching(*other_cookie));
|
| EXPECT_FALSE(other_cookie->IsEquivalentForSecureCookieMatching(*cookie));
|
| @@ -563,8 +553,8 @@ TEST(CanonicalCookieTest, HostCookiePrefix) {
|
|
|
| // Rules don't apply for a typoed prefix.
|
| EXPECT_TRUE(CanonicalCookie::Create(
|
| - http_url, "__host-A=B; Domain=" + domain + "; Path=/; Secure;",
|
| - creation_time, options));
|
| + http_url, "__host-A=B; Domain=" + domain + "; Path=/;", creation_time,
|
| + options));
|
| EXPECT_TRUE(CanonicalCookie::Create(
|
| https_url, "__HostA=B; Domain=" + domain + "; Secure;", creation_time,
|
| options));
|
| @@ -575,7 +565,6 @@ TEST(CanonicalCookieTest, EnforceSecureCookiesRequireSecureScheme) {
|
| GURL https_url("https://www.example.com");
|
| base::Time creation_time = base::Time::Now();
|
| CookieOptions options;
|
| - options.set_enforce_strict_secure();
|
|
|
| std::unique_ptr<CanonicalCookie> http_cookie_no_secure(
|
| CanonicalCookie::Create(http_url, "a=b", creation_time, options));
|
| @@ -594,19 +583,19 @@ TEST(CanonicalCookieTest, EnforceSecureCookiesRequireSecureScheme) {
|
| std::unique_ptr<CanonicalCookie> http_cookie_no_secure_extended(
|
| CanonicalCookie::Create(
|
| http_url, "a", "b", "", "", creation_time, creation_time, false,
|
| - false, CookieSameSite::STRICT_MODE, true, COOKIE_PRIORITY_DEFAULT));
|
| + false, CookieSameSite::STRICT_MODE, COOKIE_PRIORITY_DEFAULT));
|
| std::unique_ptr<CanonicalCookie> http_cookie_secure_extended(
|
| CanonicalCookie::Create(
|
| http_url, "a", "b", "", "", creation_time, creation_time, true, false,
|
| - CookieSameSite::STRICT_MODE, true, COOKIE_PRIORITY_DEFAULT));
|
| + CookieSameSite::STRICT_MODE, COOKIE_PRIORITY_DEFAULT));
|
| std::unique_ptr<CanonicalCookie> https_cookie_no_secure_extended(
|
| CanonicalCookie::Create(
|
| https_url, "a", "b", "", "", creation_time, creation_time, false,
|
| - false, CookieSameSite::STRICT_MODE, true, COOKIE_PRIORITY_DEFAULT));
|
| + false, CookieSameSite::STRICT_MODE, COOKIE_PRIORITY_DEFAULT));
|
| std::unique_ptr<CanonicalCookie> https_cookie_secure_extended(
|
| CanonicalCookie::Create(
|
| https_url, "a", "b", "", "", creation_time, creation_time, true,
|
| - false, CookieSameSite::STRICT_MODE, true, COOKIE_PRIORITY_DEFAULT));
|
| + false, CookieSameSite::STRICT_MODE, COOKIE_PRIORITY_DEFAULT));
|
|
|
| EXPECT_TRUE(http_cookie_no_secure_extended.get());
|
| EXPECT_FALSE(http_cookie_secure_extended.get());
|
|
|
Chromium Code Reviews
Issue 2633663003:
Implements strict secure cookies as the default behavior in //net (Closed)
