Chromium Code Reviews
chromiumcodereview-hr@appspot.gserviceaccount.com (chromiumcodereview-hr) | Please choose your nickname with Settings | Help | Chromium Project | Gerrit Changes | Sign out
(188)

Unified Diff: net/cookies/cookie_store_unittest.h

Issue 2861063003: Remove dangerous CanonicalCookie::Create method. (Closed)
Patch Set: Use creation_time for last_access_time as per Elly's suggestion. Created 3 years, 7 months ago
Use n/p to move between diff chunks; N/P to move between comments. Draft comments are only viewable by you.
Jump to:
View side-by-side diff with in-line comments
Download patch
Index: net/cookies/cookie_store_unittest.h
diff --git a/net/cookies/cookie_store_unittest.h b/net/cookies/cookie_store_unittest.h
index 48d9d8c54e249280d540f1589ac1ed5572878251..e8ac988290c4e75984e17bc212b8249bf74ae6ca 100644
--- a/net/cookies/cookie_store_unittest.h
+++ b/net/cookies/cookie_store_unittest.h
@@ -465,6 +465,34 @@ TYPED_TEST_P(CookieStoreTest, SetCookieWithDetailsAsync) {
EXPECT_TRUE(++it == cookies.end());
}
+// Test enforcement around setting secure cookies.
+TYPED_TEST_P(CookieStoreTest, SetCookieWithDetailsSecureEnforcement) {
+ CookieStore* cs = this->GetCookieStore();
+ GURL http_url(this->http_www_google_.url());
+ std::string http_domain(http_url.host());
+ GURL https_url(this->https_www_google_.url());
+ std::string https_domain(https_url.host());
+
+ // Confirm that setting the secure attribute on an HTTP URL fails, but
+ // the other combinations work.
+ EXPECT_TRUE(this->SetCookieWithDetails(
+ cs, http_url, "A", "B", http_domain, "/", base::Time::Now(), base::Time(),
+ base::Time(), false, false, CookieSameSite::NO_RESTRICTION,
+ COOKIE_PRIORITY_DEFAULT));
+ EXPECT_FALSE(this->SetCookieWithDetails(
+ cs, http_url, "A", "B", http_domain, "/", base::Time::Now(), base::Time(),
+ base::Time(), true, false, CookieSameSite::NO_RESTRICTION,
+ COOKIE_PRIORITY_DEFAULT));
+ EXPECT_TRUE(this->SetCookieWithDetails(
+ cs, https_url, "A", "B", https_domain, "/", base::Time::Now(),
+ base::Time(), base::Time(), false, false, CookieSameSite::NO_RESTRICTION,
+ COOKIE_PRIORITY_DEFAULT));
+ EXPECT_TRUE(this->SetCookieWithDetails(
+ cs, https_url, "A", "B", https_domain, "/", base::Time::Now(),
+ base::Time(), base::Time(), true, false, CookieSameSite::NO_RESTRICTION,
+ COOKIE_PRIORITY_DEFAULT));
+}
+
// The iOS networking stack uses the iOS cookie parser, which we do not
// control. While it is spec-compliant, that does not match the practical
// behavior of most UAs in some cases, which we try to replicate. See
@@ -1423,6 +1451,7 @@ TYPED_TEST_P(CookieStoreTest, DeleteSessionCookie) {
REGISTER_TYPED_TEST_CASE_P(CookieStoreTest,
SetCookieWithDetailsAsync,
+ SetCookieWithDetailsSecureEnforcement,
EmptyKeyTest,
DomainTest,
DomainWithTrailingDotTest,
« no previous file with comments | « net/cookies/cookie_monster_unittest.cc ('k') | net/extras/sqlite/sqlite_persistent_cookie_store_perftest.cc » ('j') | no next file with comments »

Powered by Google App Engine
This is Rietveld 408576698