Implement the "first-party-only" cookie flag.

net/cookies/canonical_cookie.cc

 // Copyright (c) 2012 The Chromium Authors. All rights reserved.
 // Use of this source code is governed by a BSD-style license that can be
 // found in the LICENSE file.
 
 // Portions of this code based on Mozilla:
 //   (netwerk/cookie/src/nsCookieService.cpp)
 /* ***** BEGIN LICENSE BLOCK *****
  * Version: MPL 1.1/GPL 2.0/LGPL 2.1
  *
  * The contents of this file are subject to the Mozilla Public License Version
@@ skipping 91 matching lines @@
   return url_path.substr(0, idx);
 }
 
 }  // namespace
 
 CanonicalCookie::CanonicalCookie()
     : secure_(false),
       httponly_(false) {
 }
 
-CanonicalCookie::CanonicalCookie(
-    const GURL& url, const std::string& name, const std::string& value,
-    const std::string& domain, const std::string& path,
-    const base::Time& creation, const base::Time& expiration,
-    const base::Time& last_access, bool secure, bool httponly,
-    CookiePriority priority)
+CanonicalCookie::CanonicalCookie(const GURL& url,
+                                 const std::string& name,
+                                 const std::string& value,
+                                 const std::string& domain,
+                                 const std::string& path,
+                                 const base::Time& creation,
+                                 const base::Time& expiration,
+                                 const base::Time& last_access,
+                                 bool secure,
+                                 bool httponly,
+                                 bool firstpartyonly,
+                                 CookiePriority priority)
     : source_(GetCookieSourceFromURL(url)),
       name_(name),
       value_(value),
       domain_(domain),
       path_(path),
       creation_date_(creation),
       expiry_date_(expiration),
       last_access_date_(last_access),
       secure_(secure),
       httponly_(httponly),
+      first_party_only_(firstpartyonly),
       priority_(priority) {
 }
 
 CanonicalCookie::CanonicalCookie(const GURL& url, const ParsedCookie& pc)
     : source_(GetCookieSourceFromURL(url)),
       name_(pc.Name()),
       value_(pc.Value()),
       path_(CanonPath(url, pc)),
       creation_date_(Time::Now()),
       last_access_date_(Time()),
       secure_(pc.IsSecure()),
       httponly_(pc.IsHttpOnly()),
+      first_party_only_(pc.IsFirstPartyOnly()),
       priority_(pc.Priority()) {
   if (pc.HasExpires())
     expiry_date_ = CanonExpiration(pc, creation_date_, creation_date_);
 
   // Do the best we can with the domain.
   std::string cookie_domain;
   std::string domain_string;
   if (pc.HasDomain()) {
     domain_string = pc.Domain();
   }
@@ skipping 81 matching lines @@
 
   std::string cookie_path = CanonicalCookie::CanonPath(url, parsed_cookie);
   Time server_time(creation_time);
   if (options.has_server_time())
     server_time = options.server_time();
 
   Time cookie_expires = CanonicalCookie::CanonExpiration(parsed_cookie,
                                                          creation_time,
                                                          server_time);
 
-  return new CanonicalCookie(url, parsed_cookie.Name(), parsed_cookie.Value(),
-                             cookie_domain, cookie_path, creation_time,
-                             cookie_expires, creation_time,
-                             parsed_cookie.IsSecure(),
-                             parsed_cookie.IsHttpOnly(),
-                             parsed_cookie.Priority());
+  return new CanonicalCookie(
+      url, parsed_cookie.Name(), parsed_cookie.Value(), cookie_domain,
+      cookie_path, creation_time, cookie_expires, creation_time,
+      parsed_cookie.IsSecure(), parsed_cookie.IsHttpOnly(),
+      parsed_cookie.IsFirstPartyOnly(), parsed_cookie.Priority());
 }
 
 CanonicalCookie* CanonicalCookie::Create(const GURL& url,
                                          const std::string& name,
                                          const std::string& value,
                                          const std::string& domain,
                                          const std::string& path,
                                          const base::Time& creation,
                                          const base::Time& expiration,
                                          bool secure,
                                          bool http_only,
+                                         bool first_party_only,
                                          CookiePriority priority) {
   // Expect valid attribute tokens and values, as defined by the ParsedCookie
   // logic, otherwise don't create the cookie.
   std::string parsed_name = ParsedCookie::ParseTokenString(name);
   if (parsed_name != name)
     return NULL;
   std::string parsed_value = ParsedCookie::ParseValueString(value);
   if (parsed_value != value)
     return NULL;
 
@@ skipping 18 matching lines @@
   url::Component path_component(0, cookie_path.length());
   url::RawCanonOutputT<char> canon_path;
   url::Component canon_path_component;
   url::CanonicalizePath(cookie_path.data(), path_component, &canon_path,
                         &canon_path_component);
   cookie_path = std::string(canon_path.data() + canon_path_component.begin,
                             canon_path_component.len);
 
   return new CanonicalCookie(url, parsed_name, parsed_value, cookie_domain,
                              cookie_path, creation, expiration, creation,
-                             secure, http_only, priority);
+                             secure, http_only, first_party_only, priority);
 }
 
 bool CanonicalCookie::IsOnPath(const std::string& url_path) const {
 
   // A zero length would be unsafe for our trailing '/' checks, and
   // would also make no sense for our prefix match.  The code that
   // creates a CanonicalCookie should make sure the path is never zero length,
   // but we double check anyway.
   if (path_.empty())
     return false;
@@ skipping 68 matching lines @@
   if (IsSecure() && !url.SchemeIsSecure())
     return false;
   // Don't include cookies for requests that don't apply to the cookie domain.
   if (!IsDomainMatch(url.host()))
     return false;
   // Don't include cookies for requests with a url path that does not path
   // match the cookie-path.
   if (!IsOnPath(url.path()))
     return false;
 
+  // Include first-party-only cookies iff |options| tells us to include all of
+  // them, or if a first-party URL is set and its origin matches the origin of
+  // |url|.
+  if (IsFirstPartyOnly() && !options.include_first_party_only() &&
+      options.first_party_url().GetOrigin() != url.GetOrigin()) {
+    return false;
+  }
+
   return true;
 }
 
 std::string CanonicalCookie::DebugString() const {
   return base::StringPrintf(
       "name: %s value: %s domain: %s path: %s creation: %"
       PRId64,
       name_.c_str(), value_.c_str(),
       domain_.c_str(), path_.c_str(),
       static_cast<int64>(creation_date_.ToTimeT()));
 }
 
 CanonicalCookie* CanonicalCookie::Duplicate() const {
   CanonicalCookie* cc = new CanonicalCookie();
   cc->source_ = source_;
   cc->name_ = name_;
   cc->value_ = value_;
   cc->domain_ = domain_;
   cc->path_ = path_;
   cc->creation_date_ = creation_date_;
   cc->expiry_date_ = expiry_date_;
   cc->last_access_date_ = last_access_date_;
   cc->secure_ = secure_;
   cc->httponly_ = httponly_;
+  cc->first_party_only_ = first_party_only_;
   cc->priority_ = priority_;
   return cc;
 }
 
 }  // namespace net