Implement the "first-party-only" cookie flag.

content/browser/net/sqlite_persistent_cookie_store.cc

 // Copyright (c) 2012 The Chromium Authors. All rights reserved.
 // Use of this source code is governed by a BSD-style license that can be
 // found in the LICENSE file.
 
 #include "content/browser/net/sqlite_persistent_cookie_store.h"
 
 #include <list>
 #include <map>
 #include <set>
 #include <utility>
@@ skipping 293 matching lines @@
   // Not owned.
   CookieCryptoDelegate* crypto_;
 
   DISALLOW_COPY_AND_ASSIGN(Backend);
 };
 
 namespace {
 
 // Version number of the database.
 //
+// Version 8 adds "first-party only" cookies.
+//
 // Version 7 adds encrypted values.  Old values will continue to be used but
 // all new values written will be encrypted on selected operating systems.  New
 // records read by old clients will simply get an empty cookie value while old
 // records read by new clients will continue to operate with the unencrypted
 // version.  New and old clients alike will always write/update records with
 // what they support.
 //
 // Version 6 adds cookie priorities. This allows developers to influence the
 // order in which cookies are evicted in order to meet domain cookie limits.
 //
 // Version 5 adds the columns has_expires and is_persistent, so that the
 // database can store session cookies as well as persistent cookies. Databases
 // of version 5 are incompatible with older versions of code. If a database of
 // version 5 is read by older code, session cookies will be treated as normal
 // cookies. Currently, these fields are written, but not read anymore.
 //
 // In version 4, we migrated the time epoch.  If you open the DB with an older
 // version on Mac or Linux, the times will look wonky, but the file will likely
 // be usable. On Windows version 3 and 4 are the same.
 //
 // Version 3 updated the database to include the last access time, so we can
 // expire them in decreasing order of use when we've reached the maximum
 // number of cookies.
-const int kCurrentVersionNumber = 7;
+const int kCurrentVersionNumber = 8;
 const int kCompatibleVersionNumber = 5;
 
 // Possible values for the 'priority' column.
 enum DBCookiePriority {
   kCookiePriorityLow = 0,
   kCookiePriorityMedium = 1,
   kCookiePriorityHigh = 2,
 };
 
 DBCookiePriority CookiePriorityToDBCookiePriority(net::CookiePriority value) {
@@ skipping 45 matching lines @@
   base::Time start_;
 
   DISALLOW_COPY_AND_ASSIGN(IncrementTimeDelta);
 };
 
 // Initializes the cookies table, returning true on success.
 bool InitTable(sql::Connection* db) {
   if (!db->DoesTableExist("cookies")) {
     std::string stmt(base::StringPrintf(
         "CREATE TABLE cookies ("
-            "creation_utc INTEGER NOT NULL UNIQUE PRIMARY KEY,"
-            "host_key TEXT NOT NULL,"
-            "name TEXT NOT NULL,"
-            "value TEXT NOT NULL,"
-            "path TEXT NOT NULL,"
-            "expires_utc INTEGER NOT NULL,"
-            "secure INTEGER NOT NULL,"
-            "httponly INTEGER NOT NULL,"
-            "last_access_utc INTEGER NOT NULL, "
-            "has_expires INTEGER NOT NULL DEFAULT 1, "
-            "persistent INTEGER NOT NULL DEFAULT 1,"
-            "priority INTEGER NOT NULL DEFAULT %d,"
-            "encrypted_value BLOB DEFAULT '')",
+        "creation_utc INTEGER NOT NULL UNIQUE PRIMARY KEY,"
+        "host_key TEXT NOT NULL,"
+        "name TEXT NOT NULL,"
+        "value TEXT NOT NULL,"
+        "path TEXT NOT NULL,"
+        "expires_utc INTEGER NOT NULL,"
+        "secure INTEGER NOT NULL,"
+        "httponly INTEGER NOT NULL,"
+        "last_access_utc INTEGER NOT NULL, "
+        "has_expires INTEGER NOT NULL DEFAULT 1, "
+        "persistent INTEGER NOT NULL DEFAULT 1,"
+        "priority INTEGER NOT NULL DEFAULT %d,"
+        "encrypted_value BLOB DEFAULT '',"
+        "firstpartyonly INTEGER NOT NULL DEFAULT 0)",
         CookiePriorityToDBCookiePriority(net::COOKIE_PRIORITY_DEFAULT)));
     if (!db->Execute(stmt.c_str()))
       return false;
   }
 
   // Older code created an index on creation_utc, which is already
   // primary key for the table.
   if (!db->Execute("DROP INDEX IF EXISTS cookie_times"))
     return false;
 
@@ skipping 300 matching lines @@
 
 bool SQLitePersistentCookieStore::Backend::LoadCookiesForDomains(
   const std::set<std::string>& domains) {
   DCHECK(background_task_runner_->RunsTasksOnCurrentThread());
 
   sql::Statement smt;
   if (restore_old_session_cookies_) {
     smt.Assign(db_->GetCachedStatement(
         SQL_FROM_HERE,
         "SELECT creation_utc, host_key, name, value, encrypted_value, path, "
-        "expires_utc, secure, httponly, last_access_utc, has_expires, "
-        "persistent, priority FROM cookies WHERE host_key = ?"));
+        "expires_utc, secure, httponly, firstpartyonly, last_access_utc, "
+        "has_expires, persistent, priority FROM cookies WHERE host_key = ?"));
   } else {
     smt.Assign(db_->GetCachedStatement(
         SQL_FROM_HERE,
         "SELECT creation_utc, host_key, name, value, encrypted_value, path, "
-        "expires_utc, secure, httponly, last_access_utc, has_expires, "
-        "persistent, priority FROM cookies WHERE host_key = ? "
+        "expires_utc, secure, httponly, firstpartyonly, last_access_utc, "
+        "has_expires, persistent, priority FROM cookies WHERE host_key = ? "
         "AND persistent = 1"));
   }
   if (!smt.is_valid()) {
     smt.Clear();  // Disconnect smt_ref from db_.
     meta_table_.Reset();
     db_.reset();
     return false;
   }
 
   std::vector<net::CanonicalCookie*> cookies;
@@ skipping 18 matching lines @@
     std::string value;
     std::string encrypted_value = smt.ColumnString(4);
     if (!encrypted_value.empty() && crypto_) {
       crypto_->DecryptString(encrypted_value, &value);
     } else {
       DCHECK(encrypted_value.empty());
       value = smt.ColumnString(3);
     }
     scoped_ptr<net::CanonicalCookie> cc(new net::CanonicalCookie(
         // The "source" URL is not used with persisted cookies.
-        GURL(),                                       // Source
-        smt.ColumnString(2),                          // name
-        value,                                        // value
-        smt.ColumnString(1),                          // domain
-        smt.ColumnString(5),                          // path
-        Time::FromInternalValue(smt.ColumnInt64(0)),  // creation_utc
-        Time::FromInternalValue(smt.ColumnInt64(6)),  // expires_utc
-        Time::FromInternalValue(smt.ColumnInt64(9)),  // last_access_utc
-        smt.ColumnInt(7) != 0,                        // secure
-        smt.ColumnInt(8) != 0,                        // httponly
+        GURL(),                                        // Source
+        smt.ColumnString(2),                           // name
+        value,                                         // value
+        smt.ColumnString(1),                           // domain
+        smt.ColumnString(5),                           // path
+        Time::FromInternalValue(smt.ColumnInt64(0)),   // creation_utc
+        Time::FromInternalValue(smt.ColumnInt64(6)),   // expires_utc
+        Time::FromInternalValue(smt.ColumnInt64(10)),  // last_access_utc
+        smt.ColumnInt(7) != 0,                         // secure
+        smt.ColumnInt(8) != 0,                         // httponly
+        smt.ColumnInt(9) != 0,                         // firstpartyonly
         DBCookiePriorityToCookiePriority(
-            static_cast<DBCookiePriority>(smt.ColumnInt(12)))));  // priority
+            static_cast<DBCookiePriority>(smt.ColumnInt(13)))));  // priority
     DLOG_IF(WARNING, cc->CreationDate() > Time::Now())
         << L"CreationDate too recent";
     cookies_per_origin_[CookieOrigin(cc->Domain(), cc->IsSecure())]++;
     cookies->push_back(cc.release());
     ++num_cookies_read_;
   }
 }
 
 bool SQLitePersistentCookieStore::Backend::EnsureDatabaseVersion() {
   // Version check.
@@ skipping 115 matching lines @@
     }
     ++cur_version;
     meta_table_.SetVersionNumber(cur_version);
     meta_table_.SetCompatibleVersionNumber(
         std::min(cur_version, kCompatibleVersionNumber));
     transaction.Commit();
     UMA_HISTOGRAM_TIMES("Cookie.TimeDatabaseMigrationToV7",
                         base::TimeTicks::Now() - start_time);
   }
 
+  if (cur_version == 7) {
+    const base::TimeTicks start_time = base::TimeTicks::Now();
+    sql::Transaction transaction(db_.get());
+    if (!transaction.Begin())
+      return false;
+    // Alter the table to add a 'firstpartyonly' column.
+    if (!db_->Execute(
+            "ALTER TABLE cookies "
+            "ADD COLUMN firstpartyonly INTEGER DEFAULT 0")) {
+      LOG(WARNING) << "Unable to update cookie database to version 8.";
+      return false;
+    }
+    ++cur_version;
+    meta_table_.SetVersionNumber(cur_version);
+    meta_table_.SetCompatibleVersionNumber(
+        std::min(cur_version, kCompatibleVersionNumber));
+    transaction.Commit();
+    UMA_HISTOGRAM_TIMES("Cookie.TimeDatabaseMigrationToV8",
+                        base::TimeTicks::Now() - start_time);
+  }
+
   // Put future migration cases here.
 
   if (cur_version < kCurrentVersionNumber) {
     UMA_HISTOGRAM_COUNTS_100("Cookie.CorruptMetaTable", 1);
 
     meta_table_.Reset();
     db_.reset(new sql::Connection);
     if (!base::DeleteFile(path_, false) ||
         !db_->Open(path_) ||
         !meta_table_.Init(
@@ skipping 63 matching lines @@
   {
     base::AutoLock locked(lock_);
     pending_.swap(ops);
     num_pending_ = 0;
   }
 
   // Maybe an old timer fired or we are already Close()'ed.
   if (!db_.get() || ops.empty())
     return;
 
-  sql::Statement add_smt(db_->GetCachedStatement(SQL_FROM_HERE,
+  sql::Statement add_smt(db_->GetCachedStatement(
+      SQL_FROM_HERE,
       "INSERT INTO cookies (creation_utc, host_key, name, value, "
-      "encrypted_value, path, expires_utc, secure, httponly, last_access_utc, "
-      "has_expires, persistent, priority) "
-      "VALUES (?,?,?,?,?,?,?,?,?,?,?,?,?)"));
+      "encrypted_value, path, expires_utc, secure, httponly, firstpartyonly, "
+      "last_access_utc, has_expires, persistent, priority) "
+      "VALUES (?,?,?,?,?,?,?,?,?,?,?,?,?,?)"));
   if (!add_smt.is_valid())
     return;
 
   sql::Statement update_access_smt(db_->GetCachedStatement(SQL_FROM_HERE,
       "UPDATE cookies SET last_access_utc=? WHERE creation_utc=?"));
   if (!update_access_smt.is_valid())
     return;
 
   sql::Statement del_smt(db_->GetCachedStatement(SQL_FROM_HERE,
                          "DELETE FROM cookies WHERE creation_utc=?"));
@@ skipping 24 matching lines @@
           add_smt.BindBlob(4, encrypted_value.data(),
                            static_cast<int>(encrypted_value.length()));
         } else {
           add_smt.BindString(3, po->cc().Value());
           add_smt.BindBlob(4, "", 0);  // encrypted_value
         }
         add_smt.BindString(5, po->cc().Path());
         add_smt.BindInt64(6, po->cc().ExpiryDate().ToInternalValue());
         add_smt.BindInt(7, po->cc().IsSecure());
         add_smt.BindInt(8, po->cc().IsHttpOnly());
-        add_smt.BindInt64(9, po->cc().LastAccessDate().ToInternalValue());
-        add_smt.BindInt(10, po->cc().IsPersistent());
+        add_smt.BindInt(9, po->cc().IsFirstPartyOnly());
+        add_smt.BindInt64(10, po->cc().LastAccessDate().ToInternalValue());
         add_smt.BindInt(11, po->cc().IsPersistent());
-        add_smt.BindInt(
-            12, CookiePriorityToDBCookiePriority(po->cc().Priority()));
+        add_smt.BindInt(12, po->cc().IsPersistent());
+        add_smt.BindInt(13,
+                        CookiePriorityToDBCookiePriority(po->cc().Priority()));
         if (!add_smt.Run())
           NOTREACHED() << "Could not add a cookie to the DB.";
         break;
 
       case PendingOperation::COOKIE_UPDATEACCESS:
         update_access_smt.Reset(true);
         update_access_smt.BindInt64(0,
             po->cc().LastAccessDate().ToInternalValue());
         update_access_smt.BindInt64(1,
             po->cc().CreationDate().ToInternalValue());
@@ skipping 295 matching lines @@
 
   if (base::CommandLine::ForCurrentProcess()->HasSwitch(
           switches::kEnableFileCookies)) {
     cookie_monster->SetEnableFileScheme(true);
   }
 
   return cookie_monster;
 }
 
 }  // namespace content