| Index: net/cookies/canonical_cookie_unittest.cc
|
| diff --git a/net/cookies/canonical_cookie_unittest.cc b/net/cookies/canonical_cookie_unittest.cc
|
| index 46d730bead62a67573cd35d06d9502f762a06bae..78af2e07a76d1fcfa703bc7a75239ca162d46924 100644
|
| --- a/net/cookies/canonical_cookie_unittest.cc
|
| +++ b/net/cookies/canonical_cookie_unittest.cc
|
| @@ -39,23 +39,27 @@ TEST(CanonicalCookieTest, Constructor) {
|
|
|
| CanonicalCookie cookie(url, "A", "2", "www.example.com", "/test",
|
| current_time, base::Time(), current_time, false, false,
|
| - COOKIE_PRIORITY_DEFAULT);
|
| + false, COOKIE_PRIORITY_DEFAULT);
|
| EXPECT_EQ(url.GetOrigin().spec(), cookie.Source());
|
| EXPECT_EQ("A", cookie.Name());
|
| EXPECT_EQ("2", cookie.Value());
|
| EXPECT_EQ("www.example.com", cookie.Domain());
|
| EXPECT_EQ("/test", cookie.Path());
|
| EXPECT_FALSE(cookie.IsSecure());
|
| + EXPECT_FALSE(cookie.IsHttpOnly());
|
| + EXPECT_FALSE(cookie.IsFirstPartyOnly());
|
|
|
| CanonicalCookie cookie2(url, "A", "2", std::string(), std::string(),
|
| current_time, base::Time(), current_time, false,
|
| - false, COOKIE_PRIORITY_DEFAULT);
|
| + false, false, COOKIE_PRIORITY_DEFAULT);
|
| EXPECT_EQ(url.GetOrigin().spec(), cookie.Source());
|
| EXPECT_EQ("A", cookie2.Name());
|
| EXPECT_EQ("2", cookie2.Value());
|
| EXPECT_EQ("", cookie2.Domain());
|
| EXPECT_EQ("", cookie2.Path());
|
| EXPECT_FALSE(cookie2.IsSecure());
|
| + EXPECT_FALSE(cookie2.IsHttpOnly());
|
| + EXPECT_FALSE(cookie2.IsFirstPartyOnly());
|
| }
|
|
|
| TEST(CanonicalCookieTest, Create) {
|
| @@ -99,27 +103,39 @@ TEST(CanonicalCookieTest, Create) {
|
| httponly_options));
|
| EXPECT_TRUE(cookie->IsHttpOnly());
|
|
|
| + // Test creating http only cookies.
|
| + CookieOptions first_party_options;
|
| + first_party_options.set_first_party_url(url);
|
| + cookie.reset(CanonicalCookie::Create(url, "A=2; First-Party-Only",
|
| + creation_time, httponly_options));
|
| + EXPECT_TRUE(cookie.get());
|
| + EXPECT_TRUE(cookie->IsFirstPartyOnly());
|
| +
|
| // Test the creating cookies using specific parameter instead of a cookie
|
| // string.
|
| - cookie.reset(CanonicalCookie::Create(url, "A", "2", "www.example.com",
|
| - "/test", creation_time, base::Time(),
|
| - false, false, COOKIE_PRIORITY_DEFAULT));
|
| + cookie.reset(CanonicalCookie::Create(
|
| + url, "A", "2", "www.example.com", "/test", creation_time, base::Time(),
|
| + false, false, false, COOKIE_PRIORITY_DEFAULT));
|
| EXPECT_EQ(url.GetOrigin().spec(), cookie->Source());
|
| EXPECT_EQ("A", cookie->Name());
|
| EXPECT_EQ("2", cookie->Value());
|
| EXPECT_EQ(".www.example.com", cookie->Domain());
|
| EXPECT_EQ("/test", cookie->Path());
|
| EXPECT_FALSE(cookie->IsSecure());
|
| + EXPECT_FALSE(cookie->IsHttpOnly());
|
| + EXPECT_FALSE(cookie->IsFirstPartyOnly());
|
|
|
| - cookie.reset(CanonicalCookie::Create(url, "A", "2", ".www.example.com",
|
| - "/test", creation_time, base::Time(),
|
| - false, false, COOKIE_PRIORITY_DEFAULT));
|
| + cookie.reset(CanonicalCookie::Create(
|
| + url, "A", "2", ".www.example.com", "/test", creation_time, base::Time(),
|
| + false, false, false, COOKIE_PRIORITY_DEFAULT));
|
| EXPECT_EQ(url.GetOrigin().spec(), cookie->Source());
|
| EXPECT_EQ("A", cookie->Name());
|
| EXPECT_EQ("2", cookie->Value());
|
| EXPECT_EQ(".www.example.com", cookie->Domain());
|
| EXPECT_EQ("/test", cookie->Path());
|
| EXPECT_FALSE(cookie->IsSecure());
|
| + EXPECT_FALSE(cookie->IsHttpOnly());
|
| + EXPECT_FALSE(cookie->IsFirstPartyOnly());
|
| }
|
|
|
| TEST(CanonicalCookieTest, EmptyExpiry) {
|
| @@ -166,18 +182,19 @@ TEST(CanonicalCookieTest, IsEquivalent) {
|
| base::Time expiration_time = creation_time + base::TimeDelta::FromDays(2);
|
| bool secure(false);
|
| bool httponly(false);
|
| + bool firstparty(false);
|
|
|
| // Test that a cookie is equivalent to itself.
|
| scoped_ptr<CanonicalCookie> cookie(new CanonicalCookie(
|
| url, cookie_name, cookie_value, cookie_domain, cookie_path, creation_time,
|
| - expiration_time, last_access_time, secure, httponly,
|
| + expiration_time, last_access_time, secure, httponly, firstparty,
|
| COOKIE_PRIORITY_MEDIUM));
|
| EXPECT_TRUE(cookie->IsEquivalent(*cookie));
|
|
|
| // Test that two identical cookies are equivalent.
|
| scoped_ptr<CanonicalCookie> other_cookie(new CanonicalCookie(
|
| url, cookie_name, cookie_value, cookie_domain, cookie_path, creation_time,
|
| - expiration_time, last_access_time, secure, httponly,
|
| + expiration_time, last_access_time, secure, httponly, firstparty,
|
| COOKIE_PRIORITY_MEDIUM));
|
| EXPECT_TRUE(cookie->IsEquivalent(*other_cookie));
|
|
|
| @@ -186,34 +203,47 @@ TEST(CanonicalCookieTest, IsEquivalent) {
|
| other_cookie.reset(
|
| new CanonicalCookie(url, cookie_name, "2", cookie_domain, cookie_path,
|
| creation_time, expiration_time, last_access_time,
|
| - secure, httponly, COOKIE_PRIORITY_HIGH));
|
| + secure, httponly, firstparty, COOKIE_PRIORITY_HIGH));
|
| EXPECT_TRUE(cookie->IsEquivalent(*other_cookie));
|
|
|
| base::Time other_creation_time =
|
| creation_time + base::TimeDelta::FromMinutes(2);
|
| other_cookie.reset(new CanonicalCookie(
|
| url, cookie_name, "2", cookie_domain, cookie_path, other_creation_time,
|
| - expiration_time, last_access_time, secure, httponly,
|
| + expiration_time, last_access_time, secure, httponly, firstparty,
|
| COOKIE_PRIORITY_MEDIUM));
|
| EXPECT_TRUE(cookie->IsEquivalent(*other_cookie));
|
|
|
| other_cookie.reset(new CanonicalCookie(
|
| url, cookie_name, cookie_name, cookie_domain, cookie_path, creation_time,
|
| - expiration_time, last_access_time, true, httponly, COOKIE_PRIORITY_LOW));
|
| + expiration_time, last_access_time, true, httponly, firstparty,
|
| + COOKIE_PRIORITY_LOW));
|
| + EXPECT_TRUE(cookie->IsEquivalent(*other_cookie));
|
| +
|
| + other_cookie.reset(new CanonicalCookie(
|
| + url, cookie_name, cookie_name, cookie_domain, cookie_path, creation_time,
|
| + expiration_time, last_access_time, secure, true, firstparty,
|
| + COOKIE_PRIORITY_LOW));
|
| + EXPECT_TRUE(cookie->IsEquivalent(*other_cookie));
|
| +
|
| + other_cookie.reset(new CanonicalCookie(
|
| + url, cookie_name, cookie_name, cookie_domain, cookie_path, creation_time,
|
| + expiration_time, last_access_time, secure, httponly, true,
|
| + COOKIE_PRIORITY_LOW));
|
| EXPECT_TRUE(cookie->IsEquivalent(*other_cookie));
|
|
|
| // Tests that use different variations of attribute values that
|
| // DO affect cookie equivalence.
|
| - other_cookie.reset(
|
| - new CanonicalCookie(url, "B", cookie_value, cookie_domain, cookie_path,
|
| - creation_time, expiration_time, last_access_time,
|
| - secure, httponly, COOKIE_PRIORITY_MEDIUM));
|
| + other_cookie.reset(new CanonicalCookie(
|
| + url, "B", cookie_value, cookie_domain, cookie_path, creation_time,
|
| + expiration_time, last_access_time, secure, httponly, firstparty,
|
| + COOKIE_PRIORITY_MEDIUM));
|
| EXPECT_FALSE(cookie->IsEquivalent(*other_cookie));
|
|
|
| other_cookie.reset(new CanonicalCookie(
|
| url, cookie_name, cookie_value, "www.example.com", cookie_path,
|
| creation_time, expiration_time, last_access_time, secure, httponly,
|
| - COOKIE_PRIORITY_MEDIUM));
|
| + firstparty, COOKIE_PRIORITY_MEDIUM));
|
| EXPECT_TRUE(cookie->IsDomainCookie());
|
| EXPECT_FALSE(other_cookie->IsDomainCookie());
|
| EXPECT_FALSE(cookie->IsEquivalent(*other_cookie));
|
| @@ -221,12 +251,12 @@ TEST(CanonicalCookieTest, IsEquivalent) {
|
| other_cookie.reset(new CanonicalCookie(
|
| url, cookie_name, cookie_value, ".example.com", cookie_path,
|
| creation_time, expiration_time, last_access_time, secure, httponly,
|
| - COOKIE_PRIORITY_MEDIUM));
|
| + firstparty, COOKIE_PRIORITY_MEDIUM));
|
| EXPECT_FALSE(cookie->IsEquivalent(*other_cookie));
|
|
|
| other_cookie.reset(new CanonicalCookie(
|
| url, cookie_name, cookie_value, cookie_domain, "/test/0", creation_time,
|
| - expiration_time, last_access_time, secure, httponly,
|
| + expiration_time, last_access_time, secure, httponly, firstparty,
|
| COOKIE_PRIORITY_MEDIUM));
|
| EXPECT_FALSE(cookie->IsEquivalent(*other_cookie));
|
| }
|
| @@ -329,4 +359,52 @@ TEST(CanonicalCookieTest, IncludeForRequestURL) {
|
| EXPECT_FALSE(cookie->IncludeForRequestURL(url, options));
|
| }
|
|
|
| +TEST(CanonicalCookieTest, IncludeFirstPartyForFirstPartyURL) {
|
| + GURL insecure_url("http://example.test");
|
| + GURL secure_url("https://example.test");
|
| + GURL secure_url_with_path("https://example.test/foo/bar/index.html");
|
| + GURL third_party_url("https://not-example.test");
|
| + base::Time creation_time = base::Time::Now();
|
| + CookieOptions options;
|
| + scoped_ptr<CanonicalCookie> cookie;
|
| +
|
| + // First-party-only cookies are not inlcuded if a top-level URL is unset.
|
| + cookie.reset(CanonicalCookie::Create(secure_url, "A=2; First-Party-Only",
|
| + creation_time, options));
|
| + EXPECT_TRUE(cookie->IsFirstPartyOnly());
|
| + options.set_first_party_url(GURL());
|
| + EXPECT_FALSE(cookie->IncludeForRequestURL(secure_url, options));
|
| +
|
| + // First-party-only cookies are included only if the cookie's origin matches
|
| + // the
|
| + // first-party origin.
|
| + options.set_first_party_url(secure_url);
|
| + EXPECT_TRUE(cookie->IncludeForRequestURL(secure_url, options));
|
| + options.set_first_party_url(insecure_url);
|
| + EXPECT_FALSE(cookie->IncludeForRequestURL(secure_url, options));
|
| + options.set_first_party_url(third_party_url);
|
| + EXPECT_FALSE(cookie->IncludeForRequestURL(secure_url, options));
|
| +
|
| + // "First-Party-Only" doesn't override the 'secure' flag.
|
| + cookie.reset(CanonicalCookie::Create(
|
| + secure_url, "A=2; Secure; First-Party-Only", creation_time, options));
|
| + options.set_first_party_url(secure_url);
|
| + EXPECT_TRUE(cookie->IncludeForRequestURL(secure_url, options));
|
| + EXPECT_FALSE(cookie->IncludeForRequestURL(insecure_url, options));
|
| + options.set_first_party_url(insecure_url);
|
| + EXPECT_FALSE(cookie->IncludeForRequestURL(secure_url, options));
|
| + EXPECT_FALSE(cookie->IncludeForRequestURL(insecure_url, options));
|
| +
|
| + // "First-Party-Only" doesn't override the 'path' flag.
|
| + cookie.reset(CanonicalCookie::Create(secure_url_with_path,
|
| + "A=2; First-Party-Only; path=/foo/bar",
|
| + creation_time, options));
|
| + options.set_first_party_url(secure_url_with_path);
|
| + EXPECT_TRUE(cookie->IncludeForRequestURL(secure_url_with_path, options));
|
| + EXPECT_FALSE(cookie->IncludeForRequestURL(secure_url, options));
|
| + options.set_first_party_url(secure_url);
|
| + EXPECT_TRUE(cookie->IncludeForRequestURL(secure_url_with_path, options));
|
| + EXPECT_FALSE(cookie->IncludeForRequestURL(secure_url, options));
|
| +}
|
| +
|
| } // namespace net
|
|
|
Chromium Code Reviews
Issue 876973003:
Implement the "first-party-only" cookie flag. (Closed)
Base URL: https://chromium.googlesource.com/chromium/src.git@master