Chromium Code Reviews Chromium Code Reviews
Issue 2655443003:
Unify the "get" and "set" cookie access settings. (Closed)
| OLD | NEW |
|---|---|
| 1 // Copyright (c) 2012 The Chromium Authors. All rights reserved. | 1 // Copyright (c) 2012 The Chromium Authors. All rights reserved. |
| 2 // Use of this source code is governed by a BSD-style license that can be | 2 // Use of this source code is governed by a BSD-style license that can be |
| 3 // found in the LICENSE file. | 3 // found in the LICENSE file. |
| 4 | 4 |
| 5 #include "components/content_settings/core/browser/cookie_settings.h" | 5 #include "components/content_settings/core/browser/cookie_settings.h" |
| 6 | 6 |
| 7 #include "base/bind.h" | 7 #include "base/bind.h" |
| 8 #include "base/logging.h" | 8 #include "base/logging.h" |
| 9 #include "components/content_settings/core/browser/content_settings_utils.h" | 9 #include "components/content_settings/core/browser/content_settings_utils.h" |
| 10 #include "components/content_settings/core/browser/host_content_settings_map.h" | 10 #include "components/content_settings/core/browser/host_content_settings_map.h" |
| (...skipping 38 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... | |
| 49 base::Bind(&CookieSettings::OnBlockThirdPartyCookiesChanged, | 49 base::Bind(&CookieSettings::OnBlockThirdPartyCookiesChanged, |
| 50 base::Unretained(this))); | 50 base::Unretained(this))); |
| 51 } | 51 } |
| 52 | 52 |
| 53 ContentSetting CookieSettings::GetDefaultCookieSetting( | 53 ContentSetting CookieSettings::GetDefaultCookieSetting( |
| 54 std::string* provider_id) const { | 54 std::string* provider_id) const { |
| 55 return host_content_settings_map_->GetDefaultContentSetting( | 55 return host_content_settings_map_->GetDefaultContentSetting( |
| 56 CONTENT_SETTINGS_TYPE_COOKIES, provider_id); | 56 CONTENT_SETTINGS_TYPE_COOKIES, provider_id); |
| 57 } | 57 } |
| 58 | 58 |
| 59 bool CookieSettings::IsReadingCookieAllowed(const GURL& url, | 59 bool CookieSettings::IsCookieAccessAllowed(const GURL& url, |
| 60 const GURL& first_party_url) const { | 60 const GURL& first_party_url) const { |
| 61 ContentSetting reading_setting; | 61 ContentSetting setting; |
| 62 GetCookieSetting(url, first_party_url, nullptr, &reading_setting, | 62 GetCookieSetting(url, first_party_url, nullptr, &setting); |
| 63 nullptr /* setting_cookie */); | 63 return IsAllowed(setting); |
| 64 return IsAllowed(reading_setting); | |
| 65 } | |
| 66 | |
| 67 bool CookieSettings::IsSettingCookieAllowed(const GURL& url, | |
| 68 const GURL& first_party_url) const { | |
| 69 ContentSetting setting_setting; | |
| 70 GetCookieSetting(url, first_party_url, nullptr, nullptr /* reading_cookie */, | |
| 71 &setting_setting); | |
| 72 return IsAllowed(setting_setting); | |
| 73 } | |
| 74 | |
| 75 void CookieSettings::GetReadingAndSettingCookieAllowed( | |
| 76 const GURL& url, | |
| 77 const GURL& first_party_url, | |
| 78 bool* reading_cookie_allowed, | |
| 79 bool* setting_cookie_allowed) const { | |
| 80 ContentSetting reading_setting; | |
| 81 ContentSetting setting_setting; | |
| 82 GetCookieSetting(url, first_party_url, nullptr, &reading_setting, | |
| 83 &setting_setting); | |
| 84 *reading_cookie_allowed = IsAllowed(reading_setting); | |
| 85 *setting_cookie_allowed = IsAllowed(setting_setting); | |
| 86 } | 64 } |
| 87 | 65 |
| 88 bool CookieSettings::IsCookieSessionOnly(const GURL& origin) const { | 66 bool CookieSettings::IsCookieSessionOnly(const GURL& origin) const { |
| 89 ContentSetting setting; | 67 ContentSetting setting; |
| 90 GetCookieSetting(origin, origin, nullptr, nullptr, &setting); | 68 GetCookieSetting(origin, origin, nullptr, &setting); |
| 91 DCHECK(IsValidSetting(setting)); | 69 DCHECK(IsValidSetting(setting)); |
| 92 return (setting == CONTENT_SETTING_SESSION_ONLY); | 70 return (setting == CONTENT_SETTING_SESSION_ONLY); |
| 93 } | 71 } |
| 94 | 72 |
| 95 void CookieSettings::GetCookieSettings( | 73 void CookieSettings::GetCookieSettings( |
| 96 ContentSettingsForOneType* settings) const { | 74 ContentSettingsForOneType* settings) const { |
| 97 host_content_settings_map_->GetSettingsForOneType( | 75 host_content_settings_map_->GetSettingsForOneType( |
| 98 CONTENT_SETTINGS_TYPE_COOKIES, std::string(), settings); | 76 CONTENT_SETTINGS_TYPE_COOKIES, std::string(), settings); |
| 99 } | 77 } |
| 100 | 78 |
| (...skipping 35 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... | |
| 136 } | 114 } |
| 137 | 115 |
| 138 void CookieSettings::ShutdownOnUIThread() { | 116 void CookieSettings::ShutdownOnUIThread() { |
| 139 DCHECK(thread_checker_.CalledOnValidThread()); | 117 DCHECK(thread_checker_.CalledOnValidThread()); |
| 140 pref_change_registrar_.RemoveAll(); | 118 pref_change_registrar_.RemoveAll(); |
| 141 } | 119 } |
| 142 | 120 |
| 143 void CookieSettings::GetCookieSetting(const GURL& url, | 121 void CookieSettings::GetCookieSetting(const GURL& url, |
| 144 const GURL& first_party_url, | 122 const GURL& first_party_url, |
| 145 content_settings::SettingSource* source, | 123 content_settings::SettingSource* source, |
| 146 ContentSetting* reading_cookie, | 124 ContentSetting* cookie_setting) const { |
| 147 ContentSetting* setting_cookie) const { | 125 DCHECK(cookie_setting); |
| 148 // Auto-allow in extensions or for WebUI embedded in a secure origin. | 126 // Auto-allow in extensions or for WebUI embedded in a secure origin. |
| 149 if (first_party_url.SchemeIs(kChromeUIScheme) && | 127 if (first_party_url.SchemeIs(kChromeUIScheme) && |
| 150 url.SchemeIsCryptographic()) { | 128 url.SchemeIsCryptographic()) { |
| 151 if (reading_cookie) | 129 *cookie_setting = CONTENT_SETTING_ALLOW; |
| 152 *reading_cookie = CONTENT_SETTING_ALLOW; | |
| 153 if (setting_cookie) | |
| 154 *setting_cookie = CONTENT_SETTING_ALLOW; | |
| 155 return; | 130 return; |
| 156 } | 131 } |
| 157 | 132 |
| 158 #if BUILDFLAG(ENABLE_EXTENSIONS) | 133 #if BUILDFLAG(ENABLE_EXTENSIONS) |
| 159 if (url.SchemeIs(extension_scheme_) && | 134 if (url.SchemeIs(extension_scheme_) && |
| 160 first_party_url.SchemeIs(extension_scheme_)) { | 135 first_party_url.SchemeIs(extension_scheme_)) { |
| 161 if (reading_cookie) | 136 *cookie_setting = CONTENT_SETTING_ALLOW; |
| 162 *reading_cookie = CONTENT_SETTING_ALLOW; | |
| 163 if (setting_cookie) | |
| 164 *setting_cookie = CONTENT_SETTING_ALLOW; | |
| 165 return; | 137 return; |
| 166 } | 138 } |
| 167 #endif | 139 #endif |
| 168 | 140 |
| 169 // First get any host-specific settings. | 141 // First get any host-specific settings. |
| 170 SettingInfo info; | 142 SettingInfo info; |
| 171 std::unique_ptr<base::Value> value = | 143 std::unique_ptr<base::Value> value = |
| 172 host_content_settings_map_->GetWebsiteSetting( | 144 host_content_settings_map_->GetWebsiteSetting( |
| 173 url, first_party_url, CONTENT_SETTINGS_TYPE_COOKIES, std::string(), | 145 url, first_party_url, CONTENT_SETTINGS_TYPE_COOKIES, std::string(), |
| 174 &info); | 146 &info); |
| 175 if (source) | 147 if (source) |
| 176 *source = info.source; | 148 *source = info.source; |
| 177 | 149 |
| 178 // If no explicit exception has been made and third-party cookies are blocked | 150 // If no explicit exception has been made and third-party cookies are blocked |
| 179 // by default, apply CONTENT_SETTING_BLOCKED. | 151 // by default, apply CONTENT_SETTING_BLOCKED. |
| 180 bool block_third = info.primary_pattern.MatchesAllHosts() && | 152 bool block_third = info.primary_pattern.MatchesAllHosts() && |
| 181 info.secondary_pattern.MatchesAllHosts() && | 153 info.secondary_pattern.MatchesAllHosts() && |
| 182 ShouldBlockThirdPartyCookies() && | 154 ShouldBlockThirdPartyCookies() && |
| 183 !first_party_url.SchemeIs(extension_scheme_); | 155 !first_party_url.SchemeIs(extension_scheme_); |
| 184 net::StaticCookiePolicy policy( | 156 net::StaticCookiePolicy policy( |
| 185 net::StaticCookiePolicy::BLOCK_ALL_THIRD_PARTY_COOKIES); | 157 net::StaticCookiePolicy::BLOCK_ALL_THIRD_PARTY_COOKIES); |
| 186 | 158 |
| 187 // We should always have a value, at least from the default provider. | 159 // We should always have a value, at least from the default provider. |
| 188 DCHECK(value.get()); | 160 DCHECK(value.get()); |
| 189 ContentSetting setting = ValueToContentSetting(value.get()); | 161 ContentSetting setting = ValueToContentSetting(value.get()); |
| 190 if (reading_cookie) { | 162 bool block = |
| 191 bool block = | 163 block_third && policy.CanAccessCookies(url, first_party_url) != net::OK; |
| 192 block_third && policy.CanGetCookies(url, first_party_url) != net::OK; | 164 *cookie_setting = block ? CONTENT_SETTING_BLOCK : setting; |
|
msramek
2017/01/25 14:41:30
Please add a DCHECK for this pointer as well.
falken
2017/01/25 14:55:51
|cookie_setting| is already DCHECK'd at the beginn
msramek
2017/01/25 15:03:23
Nope! Sorry, looked at it wrong the first time.
falken
2017/01/25 15:05:40
Acknowledged.
| |
| 193 *reading_cookie = block ? CONTENT_SETTING_BLOCK : setting; | |
| 194 } | |
| 195 if (setting_cookie) { | |
| 196 bool block = | |
| 197 block_third && policy.CanSetCookie(url, first_party_url) != net::OK; | |
| 198 *setting_cookie = block ? CONTENT_SETTING_BLOCK : setting; | |
| 199 } | |
| 200 } | 165 } |
| 201 | 166 |
| 202 CookieSettings::~CookieSettings() { | 167 CookieSettings::~CookieSettings() { |
| 203 } | 168 } |
| 204 | 169 |
| 205 void CookieSettings::OnBlockThirdPartyCookiesChanged() { | 170 void CookieSettings::OnBlockThirdPartyCookiesChanged() { |
| 206 DCHECK(thread_checker_.CalledOnValidThread()); | 171 DCHECK(thread_checker_.CalledOnValidThread()); |
| 207 | 172 |
| 208 base::AutoLock auto_lock(lock_); | 173 base::AutoLock auto_lock(lock_); |
| 209 block_third_party_cookies_ = pref_change_registrar_.prefs()->GetBoolean( | 174 block_third_party_cookies_ = pref_change_registrar_.prefs()->GetBoolean( |
| 210 prefs::kBlockThirdPartyCookies); | 175 prefs::kBlockThirdPartyCookies); |
| 211 } | 176 } |
| 212 | 177 |
| 213 bool CookieSettings::ShouldBlockThirdPartyCookies() const { | 178 bool CookieSettings::ShouldBlockThirdPartyCookies() const { |
| 214 base::AutoLock auto_lock(lock_); | 179 base::AutoLock auto_lock(lock_); |
| 215 return block_third_party_cookies_; | 180 return block_third_party_cookies_; |
| 216 } | 181 } |
| 217 | 182 |
| 218 } // namespace content_settings | 183 } // namespace content_settings |
| OLD | NEW |
