Chromium Code Reviews
chromiumcodereview-hr@appspot.gserviceaccount.com (chromiumcodereview-hr) | Please choose your nickname with Settings | Help | Chromium Project | Gerrit Changes | Sign out
(814)

Issues Search
    My Issues | Starred     Open | Closed | All

Side by Side Diff: net/cookies/cookie_monster.cc

Issue 2861063003: Remove dangerous CanonicalCookie::Create method. (Closed)
Patch Set: Use creation_time for last_access_time as per Elly's suggestion. Created 3 years, 7 months ago
Use n/p to move between diff chunks; N/P to move between comments. Draft comments are only viewable by you.
Jump to:
View unified diff | Download patch
« no previous file with comments | « net/cookies/canonical_cookie_unittest.cc ('k') | net/cookies/cookie_monster_store_test.cc » ('j') | no next file with comments »
Toggle Intra-line Diffs ('i') | Expand Comments ('e') | Collapse Comments ('c') | Show Comments Hide Comments ('s')
OLDNEW
1 // Copyright (c) 2012 The Chromium Authors. All rights reserved. 1 // Copyright (c) 2012 The Chromium Authors. All rights reserved.
2 // Use of this source code is governed by a BSD-style license that can be 2 // Use of this source code is governed by a BSD-style license that can be
3 // found in the LICENSE file. 3 // found in the LICENSE file.
4 4
5 // Portions of this code based on Mozilla: 5 // Portions of this code based on Mozilla:
6 // (netwerk/cookie/src/nsCookieService.cpp) 6 // (netwerk/cookie/src/nsCookieService.cpp)
7 /* ***** BEGIN LICENSE BLOCK ***** 7 /* ***** BEGIN LICENSE BLOCK *****
8 * Version: MPL 1.1/GPL 2.0/LGPL 2.1 8 * Version: MPL 1.1/GPL 2.0/LGPL 2.1
9 * 9 *
10 * The contents of this file are subject to the Mozilla Public License Version 10 * The contents of this file are subject to the Mozilla Public License Version
(...skipping 1040 matching lines...) Expand 10 before | Expand all | Expand 10 after
1051 // TODO(mmenke): This class assumes each cookie to have a unique creation 1051 // TODO(mmenke): This class assumes each cookie to have a unique creation
1052 // time. Allowing the caller to set the creation time violates that 1052 // time. Allowing the caller to set the creation time violates that
1053 // assumption. Worth fixing? Worth noting that time changes between browser 1053 // assumption. Worth fixing? Worth noting that time changes between browser
1054 // restarts can cause the same issue. 1054 // restarts can cause the same issue.
1055 base::Time actual_creation_time = creation_time; 1055 base::Time actual_creation_time = creation_time;
1056 if (creation_time.is_null()) { 1056 if (creation_time.is_null()) {
1057 actual_creation_time = CurrentTime(); 1057 actual_creation_time = CurrentTime();
1058 last_time_seen_ = actual_creation_time; 1058 last_time_seen_ = actual_creation_time;
1059 } 1059 }
1060 1060
1061 // Validate consistency of passed arguments.
1062 if (ParsedCookie::ParseTokenString(name) != name ||
1063 ParsedCookie::ParseValueString(value) != value ||
1064 ParsedCookie::ParseValueString(domain) != domain ||
1065 ParsedCookie::ParseValueString(path) != path) {
1066 return false;
1067 }
1068
1069 // Validate passed arguments against URL.
1070 if (secure && !url.SchemeIsCryptographic())
1071 return false;
1072
1073 std::string cookie_domain;
1074 if (!cookie_util::GetCookieDomainWithString(url, domain, &cookie_domain))
1075 return false;
1076
1077 std::string cookie_path = CanonicalCookie::CanonPathWithString(url, path);
1078 if (!path.empty() && cookie_path != path)
1079 return false;
1080
1081 // Canonicalize path again to make sure it escapes characters as needed.
1082 url::Component path_component(0, cookie_path.length());
1083 url::RawCanonOutputT<char> canon_path;
1084 url::Component canon_path_component;
1085 url::CanonicalizePath(cookie_path.data(), path_component, &canon_path,
1086 &canon_path_component);
1087 cookie_path = std::string(canon_path.data() + canon_path_component.begin,
1088 canon_path_component.len);
1089
1061 std::unique_ptr<CanonicalCookie> cc(CanonicalCookie::Create( 1090 std::unique_ptr<CanonicalCookie> cc(CanonicalCookie::Create(
1062 url, name, value, domain, path, actual_creation_time, expiration_time, 1091 name, value, cookie_domain, cookie_path, actual_creation_time,
1063 secure, http_only, same_site, priority)); 1092 expiration_time, last_access_time, secure, http_only, same_site,
1093 priority));
1064 1094
1065 if (!cc.get()) 1095 if (!cc.get())
1066 return false; 1096 return false;
1067 1097
1068 if (!last_access_time.is_null())
1069 cc->SetLastAccessDate(last_access_time);
1070
1071 CookieOptions options; 1098 CookieOptions options;
1072 options.set_include_httponly(); 1099 options.set_include_httponly();
1073 options.set_same_site_cookie_mode( 1100 options.set_same_site_cookie_mode(
1074 CookieOptions::SameSiteCookieMode::INCLUDE_STRICT_AND_LAX); 1101 CookieOptions::SameSiteCookieMode::INCLUDE_STRICT_AND_LAX);
1075 return SetCanonicalCookie(std::move(cc), url, options); 1102 return SetCanonicalCookie(std::move(cc), url, options);
1076 } 1103 }
1077 1104
1078 CookieList CookieMonster::GetAllCookies() { 1105 CookieList CookieMonster::GetAllCookies() {
1079 DCHECK(thread_checker_.CalledOnValidThread()); 1106 DCHECK(thread_checker_.CalledOnValidThread());
1080 1107
(...skipping 1287 matching lines...) Expand 10 before | Expand all | Expand 10 after
2368 it != hook_map_.end(); ++it) { 2395 it != hook_map_.end(); ++it) {
2369 std::pair<GURL, std::string> key = it->first; 2396 std::pair<GURL, std::string> key = it->first;
2370 if (cookie.IncludeForRequestURL(key.first, opts) && 2397 if (cookie.IncludeForRequestURL(key.first, opts) &&
2371 cookie.Name() == key.second) { 2398 cookie.Name() == key.second) {
2372 it->second->Notify(cookie, cause); 2399 it->second->Notify(cookie, cause);
2373 } 2400 }
2374 } 2401 }
2375 } 2402 }
2376 2403
2377 } // namespace net 2404 } // namespace net
OLDNEW
« no previous file with comments | « net/cookies/canonical_cookie_unittest.cc ('k') | net/cookies/cookie_monster_store_test.cc » ('j') | no next file with comments »

Powered by Google App Engine
This is Rietveld 408576698