Chromium Code Reviews
chromiumcodereview-hr@appspot.gserviceaccount.com (chromiumcodereview-hr) | Please choose your nickname with Settings | Help | Chromium Project | Gerrit Changes | Sign out
(1489)

Issues Search
    My Issues | Starred     Open | Closed | All

Side by Side Diff: net/cookies/canonical_cookie_unittest.cc

Issue 876973003: Implement the "first-party-only" cookie flag. (Closed) Base URL: https://chromium.googlesource.com/chromium/src.git@master
Patch Set: FirstPartyOnly. Created 5 years, 10 months ago
Use n/p to move between diff chunks; N/P to move between comments. Draft comments are only viewable by you.
Jump to:
View unified diff | Download patch
« no previous file with comments | « net/cookies/canonical_cookie.cc ('k') | net/cookies/cookie_monster.h » ('j') | no next file with comments »
Toggle Intra-line Diffs ('i') | Expand Comments ('e') | Collapse Comments ('c') | Show Comments Hide Comments ('s')
OLDNEW
1 // Copyright (c) 2012 The Chromium Authors. All rights reserved. 1 // Copyright (c) 2012 The Chromium Authors. All rights reserved.
2 // Use of this source code is governed by a BSD-style license that can be 2 // Use of this source code is governed by a BSD-style license that can be
3 // found in the LICENSE file. 3 // found in the LICENSE file.
4 4
5 #include "net/cookies/canonical_cookie.h" 5 #include "net/cookies/canonical_cookie.h"
6 6
7 #include "base/memory/scoped_ptr.h" 7 #include "base/memory/scoped_ptr.h"
8 #include "net/cookies/cookie_constants.h" 8 #include "net/cookies/cookie_constants.h"
9 #include "net/cookies/cookie_options.h" 9 #include "net/cookies/cookie_options.h"
10 #include "testing/gtest/include/gtest/gtest.h" 10 #include "testing/gtest/include/gtest/gtest.h"
(...skipping 21 matching lines...) Expand all
32 EXPECT_EQ("http://example.com/", CanonicalCookie::GetCookieSourceFromURL( 32 EXPECT_EQ("http://example.com/", CanonicalCookie::GetCookieSourceFromURL(
33 GURL("http://example.com/test#foo"))); 33 GURL("http://example.com/test#foo")));
34 } 34 }
35 35
36 TEST(CanonicalCookieTest, Constructor) { 36 TEST(CanonicalCookieTest, Constructor) {
37 GURL url("http://www.example.com/test"); 37 GURL url("http://www.example.com/test");
38 base::Time current_time = base::Time::Now(); 38 base::Time current_time = base::Time::Now();
39 39
40 CanonicalCookie cookie(url, "A", "2", "www.example.com", "/test", 40 CanonicalCookie cookie(url, "A", "2", "www.example.com", "/test",
41 current_time, base::Time(), current_time, false, false, 41 current_time, base::Time(), current_time, false, false,
42 COOKIE_PRIORITY_DEFAULT); 42 false, COOKIE_PRIORITY_DEFAULT);
43 EXPECT_EQ(url.GetOrigin().spec(), cookie.Source()); 43 EXPECT_EQ(url.GetOrigin().spec(), cookie.Source());
44 EXPECT_EQ("A", cookie.Name()); 44 EXPECT_EQ("A", cookie.Name());
45 EXPECT_EQ("2", cookie.Value()); 45 EXPECT_EQ("2", cookie.Value());
46 EXPECT_EQ("www.example.com", cookie.Domain()); 46 EXPECT_EQ("www.example.com", cookie.Domain());
47 EXPECT_EQ("/test", cookie.Path()); 47 EXPECT_EQ("/test", cookie.Path());
48 EXPECT_FALSE(cookie.IsSecure()); 48 EXPECT_FALSE(cookie.IsSecure());
49 EXPECT_FALSE(cookie.IsHttpOnly());
50 EXPECT_FALSE(cookie.IsFirstPartyOnly());
49 51
50 CanonicalCookie cookie2(url, "A", "2", std::string(), std::string(), 52 CanonicalCookie cookie2(url, "A", "2", std::string(), std::string(),
51 current_time, base::Time(), current_time, false, 53 current_time, base::Time(), current_time, false,
52 false, COOKIE_PRIORITY_DEFAULT); 54 false, false, COOKIE_PRIORITY_DEFAULT);
53 EXPECT_EQ(url.GetOrigin().spec(), cookie.Source()); 55 EXPECT_EQ(url.GetOrigin().spec(), cookie.Source());
54 EXPECT_EQ("A", cookie2.Name()); 56 EXPECT_EQ("A", cookie2.Name());
55 EXPECT_EQ("2", cookie2.Value()); 57 EXPECT_EQ("2", cookie2.Value());
56 EXPECT_EQ("", cookie2.Domain()); 58 EXPECT_EQ("", cookie2.Domain());
57 EXPECT_EQ("", cookie2.Path()); 59 EXPECT_EQ("", cookie2.Path());
58 EXPECT_FALSE(cookie2.IsSecure()); 60 EXPECT_FALSE(cookie2.IsSecure());
61 EXPECT_FALSE(cookie2.IsHttpOnly());
62 EXPECT_FALSE(cookie2.IsFirstPartyOnly());
59 } 63 }
60 64
61 TEST(CanonicalCookieTest, Create) { 65 TEST(CanonicalCookieTest, Create) {
62 // Test creating cookies from a cookie string. 66 // Test creating cookies from a cookie string.
63 GURL url("http://www.example.com/test/foo.html"); 67 GURL url("http://www.example.com/test/foo.html");
64 base::Time creation_time = base::Time::Now(); 68 base::Time creation_time = base::Time::Now();
65 CookieOptions options; 69 CookieOptions options;
66 70
67 scoped_ptr<CanonicalCookie> cookie( 71 scoped_ptr<CanonicalCookie> cookie(
68 CanonicalCookie::Create(url, "A=2", creation_time, options)); 72 CanonicalCookie::Create(url, "A=2", creation_time, options));
(...skipping 23 matching lines...) Expand all
92 // Test creating http only cookies. 96 // Test creating http only cookies.
93 cookie.reset( 97 cookie.reset(
94 CanonicalCookie::Create(url, "A=2; HttpOnly", creation_time, options)); 98 CanonicalCookie::Create(url, "A=2; HttpOnly", creation_time, options));
95 EXPECT_FALSE(cookie.get()); 99 EXPECT_FALSE(cookie.get());
96 CookieOptions httponly_options; 100 CookieOptions httponly_options;
97 httponly_options.set_include_httponly(); 101 httponly_options.set_include_httponly();
98 cookie.reset(CanonicalCookie::Create(url, "A=2; HttpOnly", creation_time, 102 cookie.reset(CanonicalCookie::Create(url, "A=2; HttpOnly", creation_time,
99 httponly_options)); 103 httponly_options));
100 EXPECT_TRUE(cookie->IsHttpOnly()); 104 EXPECT_TRUE(cookie->IsHttpOnly());
101 105
106 // Test creating http only cookies.
107 CookieOptions first_party_options;
108 first_party_options.set_first_party_url(url);
109 cookie.reset(CanonicalCookie::Create(url, "A=2; First-Party-Only",
110 creation_time, httponly_options));
111 EXPECT_TRUE(cookie.get());
112 EXPECT_TRUE(cookie->IsFirstPartyOnly());
113
102 // Test the creating cookies using specific parameter instead of a cookie 114 // Test the creating cookies using specific parameter instead of a cookie
103 // string. 115 // string.
104 cookie.reset(CanonicalCookie::Create(url, "A", "2", "www.example.com", 116 cookie.reset(CanonicalCookie::Create(
105 "/test", creation_time, base::Time(), 117 url, "A", "2", "www.example.com", "/test", creation_time, base::Time(),
106 false, false, COOKIE_PRIORITY_DEFAULT)); 118 false, false, false, COOKIE_PRIORITY_DEFAULT));
107 EXPECT_EQ(url.GetOrigin().spec(), cookie->Source()); 119 EXPECT_EQ(url.GetOrigin().spec(), cookie->Source());
108 EXPECT_EQ("A", cookie->Name()); 120 EXPECT_EQ("A", cookie->Name());
109 EXPECT_EQ("2", cookie->Value()); 121 EXPECT_EQ("2", cookie->Value());
110 EXPECT_EQ(".www.example.com", cookie->Domain()); 122 EXPECT_EQ(".www.example.com", cookie->Domain());
111 EXPECT_EQ("/test", cookie->Path()); 123 EXPECT_EQ("/test", cookie->Path());
112 EXPECT_FALSE(cookie->IsSecure()); 124 EXPECT_FALSE(cookie->IsSecure());
125 EXPECT_FALSE(cookie->IsHttpOnly());
126 EXPECT_FALSE(cookie->IsFirstPartyOnly());
113 127
114 cookie.reset(CanonicalCookie::Create(url, "A", "2", ".www.example.com", 128 cookie.reset(CanonicalCookie::Create(
115 "/test", creation_time, base::Time(), 129 url, "A", "2", ".www.example.com", "/test", creation_time, base::Time(),
116 false, false, COOKIE_PRIORITY_DEFAULT)); 130 false, false, false, COOKIE_PRIORITY_DEFAULT));
117 EXPECT_EQ(url.GetOrigin().spec(), cookie->Source()); 131 EXPECT_EQ(url.GetOrigin().spec(), cookie->Source());
118 EXPECT_EQ("A", cookie->Name()); 132 EXPECT_EQ("A", cookie->Name());
119 EXPECT_EQ("2", cookie->Value()); 133 EXPECT_EQ("2", cookie->Value());
120 EXPECT_EQ(".www.example.com", cookie->Domain()); 134 EXPECT_EQ(".www.example.com", cookie->Domain());
121 EXPECT_EQ("/test", cookie->Path()); 135 EXPECT_EQ("/test", cookie->Path());
122 EXPECT_FALSE(cookie->IsSecure()); 136 EXPECT_FALSE(cookie->IsSecure());
137 EXPECT_FALSE(cookie->IsHttpOnly());
138 EXPECT_FALSE(cookie->IsFirstPartyOnly());
123 } 139 }
124 140
125 TEST(CanonicalCookieTest, EmptyExpiry) { 141 TEST(CanonicalCookieTest, EmptyExpiry) {
126 GURL url("http://www7.ipdl.inpit.go.jp/Tokujitu/tjkta.ipdl?N0000=108"); 142 GURL url("http://www7.ipdl.inpit.go.jp/Tokujitu/tjkta.ipdl?N0000=108");
127 base::Time creation_time = base::Time::Now(); 143 base::Time creation_time = base::Time::Now();
128 CookieOptions options; 144 CookieOptions options;
129 145
130 std::string cookie_line = 146 std::string cookie_line =
131 "ACSTM=20130308043820420042; path=/; domain=ipdl.inpit.go.jp; Expires="; 147 "ACSTM=20130308043820420042; path=/; domain=ipdl.inpit.go.jp; Expires=";
132 scoped_ptr<CanonicalCookie> cookie( 148 scoped_ptr<CanonicalCookie> cookie(
(...skipping 26 matching lines...) Expand all
159 GURL url("http://www.example.com/"); 175 GURL url("http://www.example.com/");
160 std::string cookie_name = "A"; 176 std::string cookie_name = "A";
161 std::string cookie_value = "2EDA-EF"; 177 std::string cookie_value = "2EDA-EF";
162 std::string cookie_domain = ".www.example.com"; 178 std::string cookie_domain = ".www.example.com";
163 std::string cookie_path = "/"; 179 std::string cookie_path = "/";
164 base::Time creation_time = base::Time::Now(); 180 base::Time creation_time = base::Time::Now();
165 base::Time last_access_time = creation_time; 181 base::Time last_access_time = creation_time;
166 base::Time expiration_time = creation_time + base::TimeDelta::FromDays(2); 182 base::Time expiration_time = creation_time + base::TimeDelta::FromDays(2);
167 bool secure(false); 183 bool secure(false);
168 bool httponly(false); 184 bool httponly(false);
185 bool firstparty(false);
169 186
170 // Test that a cookie is equivalent to itself. 187 // Test that a cookie is equivalent to itself.
171 scoped_ptr<CanonicalCookie> cookie(new CanonicalCookie( 188 scoped_ptr<CanonicalCookie> cookie(new CanonicalCookie(
172 url, cookie_name, cookie_value, cookie_domain, cookie_path, creation_time, 189 url, cookie_name, cookie_value, cookie_domain, cookie_path, creation_time,
173 expiration_time, last_access_time, secure, httponly, 190 expiration_time, last_access_time, secure, httponly, firstparty,
174 COOKIE_PRIORITY_MEDIUM)); 191 COOKIE_PRIORITY_MEDIUM));
175 EXPECT_TRUE(cookie->IsEquivalent(*cookie)); 192 EXPECT_TRUE(cookie->IsEquivalent(*cookie));
176 193
177 // Test that two identical cookies are equivalent. 194 // Test that two identical cookies are equivalent.
178 scoped_ptr<CanonicalCookie> other_cookie(new CanonicalCookie( 195 scoped_ptr<CanonicalCookie> other_cookie(new CanonicalCookie(
179 url, cookie_name, cookie_value, cookie_domain, cookie_path, creation_time, 196 url, cookie_name, cookie_value, cookie_domain, cookie_path, creation_time,
180 expiration_time, last_access_time, secure, httponly, 197 expiration_time, last_access_time, secure, httponly, firstparty,
181 COOKIE_PRIORITY_MEDIUM)); 198 COOKIE_PRIORITY_MEDIUM));
182 EXPECT_TRUE(cookie->IsEquivalent(*other_cookie)); 199 EXPECT_TRUE(cookie->IsEquivalent(*other_cookie));
183 200
184 // Tests that use different variations of attribute values that 201 // Tests that use different variations of attribute values that
185 // DON'T affect cookie equivalence. 202 // DON'T affect cookie equivalence.
186 other_cookie.reset( 203 other_cookie.reset(
187 new CanonicalCookie(url, cookie_name, "2", cookie_domain, cookie_path, 204 new CanonicalCookie(url, cookie_name, "2", cookie_domain, cookie_path,
188 creation_time, expiration_time, last_access_time, 205 creation_time, expiration_time, last_access_time,
189 secure, httponly, COOKIE_PRIORITY_HIGH)); 206 secure, httponly, firstparty, COOKIE_PRIORITY_HIGH));
190 EXPECT_TRUE(cookie->IsEquivalent(*other_cookie)); 207 EXPECT_TRUE(cookie->IsEquivalent(*other_cookie));
191 208
192 base::Time other_creation_time = 209 base::Time other_creation_time =
193 creation_time + base::TimeDelta::FromMinutes(2); 210 creation_time + base::TimeDelta::FromMinutes(2);
194 other_cookie.reset(new CanonicalCookie( 211 other_cookie.reset(new CanonicalCookie(
195 url, cookie_name, "2", cookie_domain, cookie_path, other_creation_time, 212 url, cookie_name, "2", cookie_domain, cookie_path, other_creation_time,
196 expiration_time, last_access_time, secure, httponly, 213 expiration_time, last_access_time, secure, httponly, firstparty,
197 COOKIE_PRIORITY_MEDIUM)); 214 COOKIE_PRIORITY_MEDIUM));
198 EXPECT_TRUE(cookie->IsEquivalent(*other_cookie)); 215 EXPECT_TRUE(cookie->IsEquivalent(*other_cookie));
199 216
200 other_cookie.reset(new CanonicalCookie( 217 other_cookie.reset(new CanonicalCookie(
201 url, cookie_name, cookie_name, cookie_domain, cookie_path, creation_time, 218 url, cookie_name, cookie_name, cookie_domain, cookie_path, creation_time,
202 expiration_time, last_access_time, true, httponly, COOKIE_PRIORITY_LOW)); 219 expiration_time, last_access_time, true, httponly, firstparty,
220 COOKIE_PRIORITY_LOW));
221 EXPECT_TRUE(cookie->IsEquivalent(*other_cookie));
222
223 other_cookie.reset(new CanonicalCookie(
224 url, cookie_name, cookie_name, cookie_domain, cookie_path, creation_time,
225 expiration_time, last_access_time, secure, true, firstparty,
226 COOKIE_PRIORITY_LOW));
227 EXPECT_TRUE(cookie->IsEquivalent(*other_cookie));
228
229 other_cookie.reset(new CanonicalCookie(
230 url, cookie_name, cookie_name, cookie_domain, cookie_path, creation_time,
231 expiration_time, last_access_time, secure, httponly, true,
232 COOKIE_PRIORITY_LOW));
203 EXPECT_TRUE(cookie->IsEquivalent(*other_cookie)); 233 EXPECT_TRUE(cookie->IsEquivalent(*other_cookie));
204 234
205 // Tests that use different variations of attribute values that 235 // Tests that use different variations of attribute values that
206 // DO affect cookie equivalence. 236 // DO affect cookie equivalence.
207 other_cookie.reset( 237 other_cookie.reset(new CanonicalCookie(
208 new CanonicalCookie(url, "B", cookie_value, cookie_domain, cookie_path, 238 url, "B", cookie_value, cookie_domain, cookie_path, creation_time,
209 creation_time, expiration_time, last_access_time, 239 expiration_time, last_access_time, secure, httponly, firstparty,
210 secure, httponly, COOKIE_PRIORITY_MEDIUM)); 240 COOKIE_PRIORITY_MEDIUM));
211 EXPECT_FALSE(cookie->IsEquivalent(*other_cookie)); 241 EXPECT_FALSE(cookie->IsEquivalent(*other_cookie));
212 242
213 other_cookie.reset(new CanonicalCookie( 243 other_cookie.reset(new CanonicalCookie(
214 url, cookie_name, cookie_value, "www.example.com", cookie_path, 244 url, cookie_name, cookie_value, "www.example.com", cookie_path,
215 creation_time, expiration_time, last_access_time, secure, httponly, 245 creation_time, expiration_time, last_access_time, secure, httponly,
216 COOKIE_PRIORITY_MEDIUM)); 246 firstparty, COOKIE_PRIORITY_MEDIUM));
217 EXPECT_TRUE(cookie->IsDomainCookie()); 247 EXPECT_TRUE(cookie->IsDomainCookie());
218 EXPECT_FALSE(other_cookie->IsDomainCookie()); 248 EXPECT_FALSE(other_cookie->IsDomainCookie());
219 EXPECT_FALSE(cookie->IsEquivalent(*other_cookie)); 249 EXPECT_FALSE(cookie->IsEquivalent(*other_cookie));
220 250
221 other_cookie.reset(new CanonicalCookie( 251 other_cookie.reset(new CanonicalCookie(
222 url, cookie_name, cookie_value, ".example.com", cookie_path, 252 url, cookie_name, cookie_value, ".example.com", cookie_path,
223 creation_time, expiration_time, last_access_time, secure, httponly, 253 creation_time, expiration_time, last_access_time, secure, httponly,
224 COOKIE_PRIORITY_MEDIUM)); 254 firstparty, COOKIE_PRIORITY_MEDIUM));
225 EXPECT_FALSE(cookie->IsEquivalent(*other_cookie)); 255 EXPECT_FALSE(cookie->IsEquivalent(*other_cookie));
226 256
227 other_cookie.reset(new CanonicalCookie( 257 other_cookie.reset(new CanonicalCookie(
228 url, cookie_name, cookie_value, cookie_domain, "/test/0", creation_time, 258 url, cookie_name, cookie_value, cookie_domain, "/test/0", creation_time,
229 expiration_time, last_access_time, secure, httponly, 259 expiration_time, last_access_time, secure, httponly, firstparty,
230 COOKIE_PRIORITY_MEDIUM)); 260 COOKIE_PRIORITY_MEDIUM));
231 EXPECT_FALSE(cookie->IsEquivalent(*other_cookie)); 261 EXPECT_FALSE(cookie->IsEquivalent(*other_cookie));
232 } 262 }
233 263
234 TEST(CanonicalCookieTest, IsDomainMatch) { 264 TEST(CanonicalCookieTest, IsDomainMatch) {
235 GURL url("http://www.example.com/test/foo.html"); 265 GURL url("http://www.example.com/test/foo.html");
236 base::Time creation_time = base::Time::Now(); 266 base::Time creation_time = base::Time::Now();
237 CookieOptions options; 267 CookieOptions options;
238 268
239 scoped_ptr<CanonicalCookie> cookie( 269 scoped_ptr<CanonicalCookie> cookie(
(...skipping 82 matching lines...) Expand 10 before | Expand all | Expand 10 after
322 // is set on the cookie options. 352 // is set on the cookie options.
323 options.set_include_httponly(); 353 options.set_include_httponly();
324 cookie.reset( 354 cookie.reset(
325 CanonicalCookie::Create(url, "A=2; HttpOnly", creation_time, options)); 355 CanonicalCookie::Create(url, "A=2; HttpOnly", creation_time, options));
326 EXPECT_TRUE(cookie->IsHttpOnly()); 356 EXPECT_TRUE(cookie->IsHttpOnly());
327 EXPECT_TRUE(cookie->IncludeForRequestURL(url, options)); 357 EXPECT_TRUE(cookie->IncludeForRequestURL(url, options));
328 options.set_exclude_httponly(); 358 options.set_exclude_httponly();
329 EXPECT_FALSE(cookie->IncludeForRequestURL(url, options)); 359 EXPECT_FALSE(cookie->IncludeForRequestURL(url, options));
330 } 360 }
331 361
362 TEST(CanonicalCookieTest, IncludeFirstPartyForFirstPartyURL) {
363 GURL insecure_url("http://example.test");
364 GURL secure_url("https://example.test");
365 GURL secure_url_with_path("https://example.test/foo/bar/index.html");
366 GURL third_party_url("https://not-example.test");
367 base::Time creation_time = base::Time::Now();
368 CookieOptions options;
369 scoped_ptr<CanonicalCookie> cookie;
370
371 // First-party-only cookies are not inlcuded if a top-level URL is unset.
372 cookie.reset(CanonicalCookie::Create(secure_url, "A=2; First-Party-Only",
373 creation_time, options));
374 EXPECT_TRUE(cookie->IsFirstPartyOnly());
375 options.set_first_party_url(GURL());
376 EXPECT_FALSE(cookie->IncludeForRequestURL(secure_url, options));
377
378 // First-party-only cookies are included only if the cookie's origin matches
379 // the
380 // first-party origin.
381 options.set_first_party_url(secure_url);
382 EXPECT_TRUE(cookie->IncludeForRequestURL(secure_url, options));
383 options.set_first_party_url(insecure_url);
384 EXPECT_FALSE(cookie->IncludeForRequestURL(secure_url, options));
385 options.set_first_party_url(third_party_url);
386 EXPECT_FALSE(cookie->IncludeForRequestURL(secure_url, options));
387
388 // "First-Party-Only" doesn't override the 'secure' flag.
389 cookie.reset(CanonicalCookie::Create(
390 secure_url, "A=2; Secure; First-Party-Only", creation_time, options));
391 options.set_first_party_url(secure_url);
392 EXPECT_TRUE(cookie->IncludeForRequestURL(secure_url, options));
393 EXPECT_FALSE(cookie->IncludeForRequestURL(insecure_url, options));
394 options.set_first_party_url(insecure_url);
395 EXPECT_FALSE(cookie->IncludeForRequestURL(secure_url, options));
396 EXPECT_FALSE(cookie->IncludeForRequestURL(insecure_url, options));
397
398 // "First-Party-Only" doesn't override the 'path' flag.
399 cookie.reset(CanonicalCookie::Create(secure_url_with_path,
400 "A=2; First-Party-Only; path=/foo/bar",
401 creation_time, options));
402 options.set_first_party_url(secure_url_with_path);
403 EXPECT_TRUE(cookie->IncludeForRequestURL(secure_url_with_path, options));
404 EXPECT_FALSE(cookie->IncludeForRequestURL(secure_url, options));
405 options.set_first_party_url(secure_url);
406 EXPECT_TRUE(cookie->IncludeForRequestURL(secure_url_with_path, options));
407 EXPECT_FALSE(cookie->IncludeForRequestURL(secure_url, options));
408 }
409
332 } // namespace net 410 } // namespace net
OLDNEW
« no previous file with comments | « net/cookies/canonical_cookie.cc ('k') | net/cookies/cookie_monster.h » ('j') | no next file with comments »

Powered by Google App Engine
This is Rietveld 408576698