diff options
| author | darin@chromium.org <darin@chromium.org@0039d316-1c4b-4281-b951-d872f2087c98> | 2010-01-30 08:24:12 +0000 |
|---|---|---|
| committer | darin@chromium.org <darin@chromium.org@0039d316-1c4b-4281-b951-d872f2087c98> | 2010-01-30 08:24:12 +0000 |
| commit | cb370a06391bd8cd1d3c52e4722645962366dd42 (patch) | |
| tree | 9ca36ba10363365401bd1a816962f4679fda8467 | |
| parent | dbefae2c2db09a90c2b9ee4d3ea1a40e580e532e (diff) | |
| download | chromium_src-cb370a06391bd8cd1d3c52e4722645962366dd42.zip chromium_src-cb370a06391bd8cd1d3c52e4722645962366dd42.tar.gz chromium_src-cb370a06391bd8cd1d3c52e4722645962366dd42.tar.bz2 | |
Changes to support new cookie policy.
Changes:
1- net::CookiePolicy becomes an interface.
2- Old implementaiton of CookiePolicy copied to StaticCookiePolicy.
3- ChromeULRRequestContext implements CookiePolicy.
4- HostContentSettingsMap gets a global "BlockThirdPartyCookies" pref.
R=pkasting
Review URL: http://codereview.chromium.org/556095
git-svn-id: svn://svn.chromium.org/chrome/trunk/src@37624 0039d316-1c4b-4281-b951-d872f2087c98
21 files changed, 333 insertions, 187 deletions
diff --git a/chrome/browser/automation/url_request_automation_job.cc b/chrome/browser/automation/url_request_automation_job.cc index a22d05a..70d1d52 100644 --- a/chrome/browser/automation/url_request_automation_job.cc +++ b/chrome/browser/automation/url_request_automation_job.cc @@ -1,4 +1,4 @@ -// Copyright (c) 2009 The Chromium Authors. All rights reserved. +// Copyright (c) 2010 The Chromium Authors. All rights reserved. // Use of this source code is governed by a BSD-style license that can be // found in the LICENSE file. @@ -13,6 +13,7 @@ #include "chrome/browser/renderer_host/resource_dispatcher_host_request_info.h" #include "chrome/test/automation/automation_messages.h" #include "net/base/cookie_monster.h" +#include "net/base/cookie_policy.h" #include "net/base/io_buffer.h" #include "net/base/net_errors.h" #include "net/http/http_util.h" @@ -312,7 +313,7 @@ void URLRequestAutomationJob::OnRequestStarted(int tab, int id, } if (response_cookies.size()) { - if (ctx && ctx->cookie_store() && + if (ctx && ctx->cookie_store() && ctx->cookie_policy() && ctx->cookie_policy()->CanSetCookie( url_for_cookies, request_->first_party_for_cookies())) { net::CookieOptions options; @@ -324,7 +325,8 @@ void URLRequestAutomationJob::OnRequestStarted(int tab, int id, } } - if (ctx && ctx->cookie_store() && !response.persistent_cookies.empty() && + if (ctx && ctx->cookie_store() && ctx->cookie_policy() && + !response.persistent_cookies.empty() && ctx->cookie_policy()->CanSetCookie( url_for_cookies, request_->first_party_for_cookies())) { StringTokenizer cookie_parser(response.persistent_cookies, ";"); diff --git a/chrome/browser/browser.cc b/chrome/browser/browser.cc index c9fe4d0..78d43ba 100644 --- a/chrome/browser/browser.cc +++ b/chrome/browser/browser.cc @@ -75,9 +75,9 @@ #include "grit/generated_resources.h" #include "grit/locale_settings.h" #include "net/base/cookie_monster.h" -#include "net/base/cookie_policy.h" #include "net/base/net_util.h" #include "net/base/registry_controlled_domain.h" +#include "net/base/static_cookie_policy.h" #include "net/url_request/url_request_context.h" #include "webkit/glue/window_open_disposition.h" @@ -1362,7 +1362,7 @@ void Browser::RegisterUserPrefs(PrefService* prefs) { ASCIIToWide(chrome::kChromeUINewTabURL)); prefs->RegisterBooleanPref(prefs::kHomePageIsNewTabPage, true); prefs->RegisterIntegerPref(prefs::kCookieBehavior, - net::CookiePolicy::ALLOW_ALL_COOKIES); + net::StaticCookiePolicy::ALLOW_ALL_COOKIES); prefs->RegisterBooleanPref(prefs::kShowHomeButton, false); #if defined(OS_MACOSX) // This really belongs in platform code, but there's no good place to diff --git a/chrome/browser/cocoa/preferences_window_controller.mm b/chrome/browser/cocoa/preferences_window_controller.mm index 19ad0f2..b3d435a 100644 --- a/chrome/browser/cocoa/preferences_window_controller.mm +++ b/chrome/browser/cocoa/preferences_window_controller.mm @@ -45,7 +45,6 @@ #include "grit/chromium_strings.h" #include "grit/generated_resources.h" #include "grit/locale_settings.h" -#include "net/base/cookie_policy.h" #import "third_party/GTM/AppKit/GTMUILocalizerAndLayoutTweaker.h" #import "third_party/GTM/AppKit/GTMNSAnimation+Duration.h" @@ -1471,17 +1470,7 @@ const int kDisabledIndex = 1; // Sets the backend pref for whether or not to accept cookies based on |index|. - (void)setCookieBehavior:(NSInteger)index { - net::CookiePolicy::Type policy = net::CookiePolicy::ALLOW_ALL_COOKIES; - if (net::CookiePolicy::ValidType(index)) - policy = net::CookiePolicy::FromInt(index); - const char* kUserMetrics[] = { - "Options_AllowAllCookies", - "Options_BlockThirdPartyCookies", - "Options_BlockAllCookies" - }; - DCHECK(policy >= 0 && (unsigned int)policy < arraysize(kUserMetrics)); - [self recordUserAction:kUserMetrics[policy]]; - cookieBehavior_.SetValue(policy); + // TODO(darin): Remove everything else related to this setter. } - (NSURL*)defaultDownloadLocation { diff --git a/chrome/browser/gtk/options/advanced_contents_gtk.cc b/chrome/browser/gtk/options/advanced_contents_gtk.cc index 2ceb997..4f558f1 100644 --- a/chrome/browser/gtk/options/advanced_contents_gtk.cc +++ b/chrome/browser/gtk/options/advanced_contents_gtk.cc @@ -36,7 +36,6 @@ #include "grit/chromium_strings.h" #include "grit/generated_resources.h" #include "grit/locale_settings.h" -#include "net/base/cookie_policy.h" namespace { @@ -532,7 +531,6 @@ class PrivacySection : public OptionsPageBase { BooleanPrefMember dns_prefetch_enabled_; BooleanPrefMember safe_browsing_; BooleanPrefMember enable_metrics_recording_; - IntegerPrefMember cookie_behavior_; // Flag to ignore gtk callbacks while we are loading prefs, to avoid // then turning around and saving them again. @@ -666,7 +664,6 @@ PrivacySection::PrivacySection(Profile* profile) safe_browsing_.Init(prefs::kSafeBrowsingEnabled, profile->GetPrefs(), this); enable_metrics_recording_.Init(prefs::kMetricsReportingEnabled, g_browser_process->local_state(), this); - cookie_behavior_.Init(prefs::kCookieBehavior, profile->GetPrefs(), this); NotifyPrefChanged(NULL); } @@ -768,23 +765,7 @@ void PrivacySection::OnLoggingChange(GtkWidget* widget, // static void PrivacySection::OnCookieBehaviorChanged(GtkComboBox* combo_box, PrivacySection* privacy_section) { - if (privacy_section->pref_changing_) - return; - net::CookiePolicy::Type cookie_policy = - net::CookiePolicy::FromInt(gtk_combo_box_get_active(combo_box)); - const char* kUserMetrics[] = { - "Options_AllowAllCookies", - "Options_BlockThirdPartyCookies", - "Options_BlockAllCookies" - }; - if (cookie_policy < 0 || - static_cast<size_t>(cookie_policy) >= arraysize(kUserMetrics)) { - NOTREACHED(); - return; - } - privacy_section->UserMetricsRecordAction( - kUserMetrics[cookie_policy], privacy_section->profile()->GetPrefs()); - privacy_section->cookie_behavior_.SetValue(cookie_policy); + // TODO(darin): Remove everything else related to this setter. } // static @@ -825,11 +806,6 @@ void PrivacySection::NotifyPrefChanged(const std::wstring* pref_name) { ResolveMetricsReportingEnabled(); } #endif - if (!pref_name || *pref_name == prefs::kCookieBehavior) { - gtk_combo_box_set_active( - GTK_COMBO_BOX(cookie_behavior_combobox_), - net::CookiePolicy::FromInt(cookie_behavior_.GetValue())); - } pref_changing_ = false; } diff --git a/chrome/browser/host_content_settings_map.cc b/chrome/browser/host_content_settings_map.cc index 602b35c..de3aca4 100644 --- a/chrome/browser/host_content_settings_map.cc +++ b/chrome/browser/host_content_settings_map.cc @@ -20,7 +20,8 @@ const wchar_t* HostContentSettingsMap::kTypeNames[] = { }; HostContentSettingsMap::HostContentSettingsMap(Profile* profile) - : profile_(profile) { + : profile_(profile), + block_third_party_cookies_(false) { DCHECK_EQ(arraysize(kTypeNames), static_cast<size_t>(CONTENT_SETTINGS_NUM_TYPES)); @@ -48,12 +49,16 @@ HostContentSettingsMap::HostContentSettingsMap(Profile* profile) host_content_settings_[WideToUTF8(wide_host)] = settings; } } + + // TODO(darin): init third-party cookie pref } // static void HostContentSettingsMap::RegisterUserPrefs(PrefService* prefs) { prefs->RegisterDictionaryPref(prefs::kDefaultContentSettings); prefs->RegisterDictionaryPref(prefs::kPerHostContentSettings); + + // TODO(darin): register third-party cookie pref } ContentSetting HostContentSettingsMap::GetDefaultContentSetting( @@ -68,14 +73,26 @@ ContentSetting HostContentSettingsMap::GetContentSetting( AutoLock auto_lock(lock_); HostContentSettings::const_iterator i(host_content_settings_.find(host)); return (i == host_content_settings_.end()) ? - CONTENT_SETTING_DEFAULT : i->second.settings[content_type]; + default_content_settings_.settings[content_type] : + i->second.settings[content_type]; } ContentSettings HostContentSettingsMap::GetContentSettings( const std::string& host) const { AutoLock auto_lock(lock_); HostContentSettings::const_iterator i(host_content_settings_.find(host)); - return (i == host_content_settings_.end()) ? ContentSettings() : i->second; + if (i == host_content_settings_.end()) + return default_content_settings_; + + ContentSettings output; + for (int i = 0; i < CONTENT_SETTINGS_NUM_TYPES; ++i) { + if (i->second.settings[i] == CONTENT_SETTING_DEFAULT) { + output.settings[i] = default_content_settings_.settings[i]; + } else { + output.settings[i] = i->second.settings[i]; + } + } + return output; } void HostContentSettingsMap::GetHostContentSettingsForOneType( @@ -163,6 +180,8 @@ void HostContentSettingsMap::ResetToDefaults() { profile_->GetPrefs()->ClearPref(prefs::kDefaultContentSettings); profile_->GetPrefs()->ClearPref(prefs::kPerHostContentSettings); + + // TODO(darin): clear third-party cookie pref } HostContentSettingsMap::~HostContentSettingsMap() { diff --git a/chrome/browser/host_content_settings_map.h b/chrome/browser/host_content_settings_map.h index 4150640..a4183d9 100644 --- a/chrome/browser/host_content_settings_map.h +++ b/chrome/browser/host_content_settings_map.h @@ -69,6 +69,9 @@ class HostContentSettingsMap ContentSettingsType content_type, ContentSetting setting); + // This setting trumps any host-specific settings. + bool BlockThirdPartyCookies() const { return block_third_party_cookies_; } + // Resets all settings levels. // // This should only be called on the UI thread. @@ -95,6 +98,9 @@ class HostContentSettingsMap ContentSettings default_content_settings_; HostContentSettings host_content_settings_; + // Misc global settings. + bool block_third_party_cookies_; + // Used around accesses to the settings objects to guarantee thread safety. mutable Lock lock_; diff --git a/chrome/browser/net/chrome_url_request_context.cc b/chrome/browser/net/chrome_url_request_context.cc index 7963742..dee0d62 100644 --- a/chrome/browser/net/chrome_url_request_context.cc +++ b/chrome/browser/net/chrome_url_request_context.cc @@ -22,6 +22,7 @@ #include "chrome/common/notification_service.h" #include "chrome/common/pref_names.h" #include "chrome/common/url_constants.h" +#include "net/base/static_cookie_policy.h" #include "net/ftp/ftp_network_layer.h" #include "net/http/http_cache.h" #include "net/http/http_network_layer.h" @@ -544,15 +545,6 @@ void ChromeURLRequestContextGetter::Observe( this, &ChromeURLRequestContextGetter::OnAcceptLanguageChange, accept_language)); - } else if (*pref_name_in == prefs::kCookieBehavior) { - net::CookiePolicy::Type policy_type = net::CookiePolicy::FromInt( - prefs_->GetInteger(prefs::kCookieBehavior)); - ChromeThread::PostTask( - ChromeThread::IO, FROM_HERE, - NewRunnableMethod( - this, - &ChromeURLRequestContextGetter::OnCookiePolicyChange, - policy_type)); } else if (*pref_name_in == prefs::kDefaultCharset) { std::string default_charset = WideToASCII(prefs->GetString(prefs::kDefaultCharset)); @@ -596,11 +588,6 @@ void ChromeURLRequestContextGetter::OnAcceptLanguageChange( GetIOContext()->OnAcceptLanguageChange(accept_language); } -void ChromeURLRequestContextGetter::OnCookiePolicyChange( - net::CookiePolicy::Type type) { - GetIOContext()->OnCookiePolicyChange(type); -} - void ChromeURLRequestContextGetter::OnDefaultCharsetChange( const std::string& default_charset) { GetIOContext()->OnDefaultCharsetChange(default_charset); @@ -620,12 +607,16 @@ void ChromeURLRequestContextGetter::GetCookieStoreAsyncHelper( ChromeURLRequestContext::ChromeURLRequestContext() { CheckCurrentlyOnIOThread(); + + cookie_policy_ = this; // We implement CookiePolicy + url_request_tracker()->SetGraveyardFilter( &ChromeURLRequestContext::ShouldTrackRequest); } ChromeURLRequestContext::~ChromeURLRequestContext() { CheckCurrentlyOnIOThread(); + if (appcache_service_.get() && appcache_service_->request_context() == this) appcache_service_->set_request_context(NULL); @@ -650,6 +641,8 @@ ChromeURLRequestContext::~ChromeURLRequestContext() { delete ftp_transaction_factory_; delete http_transaction_factory_; + + cookie_policy_ = NULL; } FilePath ChromeURLRequestContext::GetPathForExtension(const std::string& id) { @@ -758,10 +751,55 @@ void ChromeURLRequestContext::OnUnloadedExtension(const std::string& id) { extension_info_.erase(iter); } +bool ChromeURLRequestContext::AreCookiesEnabled() const { + ContentSetting setting = + host_content_settings_map_->GetDefaultContentSetting( + CONTENT_SETTINGS_TYPE_COOKIES); + return setting != CONTENT_SETTING_BLOCK; +} + +bool ChromeURLRequestContext::CanGetCookies(const GURL& url, + const GURL& first_party) { + if (host_content_settings_map_->BlockThirdPartyCookies()) { + net::StaticCookiePolicy policy( + net::StaticCookiePolicy::BLOCK_THIRD_PARTY_COOKIES); + if (!policy.CanGetCookies(url, first_party)) + return false; + } + + ContentSetting setting = host_content_settings_map_->GetContentSetting( + url.host(), CONTENT_SETTINGS_TYPE_COOKIES); + if (setting == CONTENT_SETTING_BLOCK) + return false; + + // TODO(darin): Implement CONTENT_SETTING_ASK + return true; +} + +bool ChromeURLRequestContext::CanSetCookie(const GURL& url, + const GURL& first_party) { + if (host_content_settings_map_->BlockThirdPartyCookies()) { + net::StaticCookiePolicy policy( + net::StaticCookiePolicy::BLOCK_THIRD_PARTY_COOKIES); + if (!policy.CanSetCookie(url, first_party)) + return false; + } + + ContentSetting setting = host_content_settings_map_->GetContentSetting( + url.host(), CONTENT_SETTINGS_TYPE_COOKIES); + if (setting == CONTENT_SETTING_BLOCK) + return false; + + // TODO(darin): Implement CONTENT_SETTING_ASK + return true; +} + ChromeURLRequestContext::ChromeURLRequestContext( ChromeURLRequestContext* other) { CheckCurrentlyOnIOThread(); + cookie_policy_ = this; // We implement CookiePolicy + // Set URLRequestContext members host_resolver_ = other->host_resolver_; proxy_service_ = other->proxy_service_; @@ -769,7 +807,6 @@ ChromeURLRequestContext::ChromeURLRequestContext( http_transaction_factory_ = other->http_transaction_factory_; ftp_transaction_factory_ = other->ftp_transaction_factory_; cookie_store_ = other->cookie_store_; - cookie_policy_.set_type(other->cookie_policy_.type()); transport_security_state_ = other->transport_security_state_; accept_language_ = other->accept_language_; accept_charset_ = other->accept_charset_; @@ -793,12 +830,6 @@ void ChromeURLRequestContext::OnAcceptLanguageChange( net::HttpUtil::GenerateAcceptLanguageHeader(accept_language); } -void ChromeURLRequestContext::OnCookiePolicyChange( - net::CookiePolicy::Type type) { - CheckCurrentlyOnIOThread(); - cookie_policy_.set_type(type); -} - void ChromeURLRequestContext::OnDefaultCharsetChange( const std::string& default_charset) { CheckCurrentlyOnIOThread(); @@ -850,9 +881,6 @@ ChromeURLRequestContextFactory::ChromeURLRequestContextFactory(Profile* profile) // net_util::GetSuggestedFilename is unlikely to be taken. referrer_charset_ = default_charset; - cookie_policy_type_ = net::CookiePolicy::FromInt( - prefs->GetInteger(prefs::kCookieBehavior)); - host_content_settings_map_ = profile->GetHostContentSettingsMap(); host_zoom_map_ = profile->GetHostZoomMap(); @@ -898,7 +926,6 @@ void ChromeURLRequestContextFactory::ApplyProfileParametersToContext( context->set_accept_language(accept_language_); context->set_accept_charset(accept_charset_); context->set_referrer_charset(referrer_charset_); - context->set_cookie_policy_type(cookie_policy_type_); context->set_extension_info(extension_info_); context->set_user_script_dir_path(user_script_dir_path_); context->set_host_content_settings_map(host_content_settings_map_); diff --git a/chrome/browser/net/chrome_url_request_context.h b/chrome/browser/net/chrome_url_request_context.h index 700609a..b6d7e46 100644 --- a/chrome/browser/net/chrome_url_request_context.h +++ b/chrome/browser/net/chrome_url_request_context.h @@ -7,6 +7,7 @@ #include "base/file_path.h" #include "base/linked_ptr.h" +#include "net/base/cookie_policy.h" #include "chrome/browser/host_content_settings_map.h" #include "chrome/browser/host_zoom_map.h" #include "chrome/browser/privacy_blacklist/blacklist.h" @@ -33,7 +34,8 @@ class IOThread; // // All methods of this class must be called from the IO thread, // including the constructor and destructor. -class ChromeURLRequestContext : public URLRequestContext { +class ChromeURLRequestContext : public URLRequestContext, + public net::CookiePolicy { public: // Maintains some extension-related state we need on the IO thread. // TODO(aa): It would be cool if the Extension objects in ExtensionsService @@ -111,13 +113,18 @@ class ChromeURLRequestContext : public URLRequestContext { // Callback for when new extensions are loaded. Takes ownership of // |extension_info|. - void OnNewExtensions( - const std::string& id, - ChromeURLRequestContext::ExtensionInfo* extension_info); + void OnNewExtensions(const std::string& id, ExtensionInfo* extension_info); // Callback for when an extension is unloaded. void OnUnloadedExtension(const std::string& id); + // False only if cookies are globally blocked without exception. + bool AreCookiesEnabled() const; + + // CookiePolicy methods: + virtual bool CanGetCookies(const GURL& url, const GURL& first_party); + virtual bool CanSetCookie(const GURL& url, const GURL& first_party); + protected: // Copies the dependencies from |other| into |this|. If you use this // constructor, then you should hold a reference to |other|, as we @@ -137,9 +144,6 @@ class ChromeURLRequestContext : public URLRequestContext { void set_referrer_charset(const std::string& referrer_charset) { referrer_charset_ = referrer_charset; } - void set_cookie_policy_type(net::CookiePolicy::Type type) { - cookie_policy_.set_type(type); - } void set_extension_info( const ChromeURLRequestContext::ExtensionInfoMap& info) { extension_info_ = info; @@ -192,9 +196,6 @@ class ChromeURLRequestContext : public URLRequestContext { // Callback for when the accept language changes. void OnAcceptLanguageChange(const std::string& accept_language); - // Callback for when the cookie policy changes. - void OnCookiePolicyChange(net::CookiePolicy::Type type); - // Callback for when the default charset changes. void OnDefaultCharsetChange(const std::string& default_charset); @@ -316,7 +317,6 @@ class ChromeURLRequestContextGetter : public URLRequestContextGetter, // These methods simply forward to the corresponding method on // ChromeURLRequestContext. void OnAcceptLanguageChange(const std::string& accept_language); - void OnCookiePolicyChange(net::CookiePolicy::Type type); void OnDefaultCharsetChange(const std::string& default_charset); // Saves the cookie store to |result| and signals |completion|. @@ -370,7 +370,6 @@ class ChromeURLRequestContextFactory { std::string accept_language_; std::string accept_charset_; std::string referrer_charset_; - net::CookiePolicy::Type cookie_policy_type_; ChromeURLRequestContext::ExtensionInfoMap extension_info_; // TODO(aa): I think this can go away now as we no longer support standalone // user scripts. diff --git a/chrome/browser/net/cookie_policy_browsertest.cc b/chrome/browser/net/cookie_policy_browsertest.cc index 7dbecf9..e4683ff 100644 --- a/chrome/browser/net/cookie_policy_browsertest.cc +++ b/chrome/browser/net/cookie_policy_browsertest.cc @@ -19,6 +19,9 @@ class CookiePolicyBrowserTest : public InProcessBrowserTest { DISALLOW_COPY_AND_ASSIGN(CookiePolicyBrowserTest); }; +// TODO(darin): Re-enable these tests once the new third-party cookie blocking +// preference is hooked up. +#if 0 // Visits a page that sets a first-party cookie. IN_PROC_BROWSER_TEST_F(CookiePolicyBrowserTest, AllowFirstPartyCookies) { HTTPTestServer* server = StartHTTPServer(); @@ -86,3 +89,4 @@ IN_PROC_BROWSER_TEST_F(CookiePolicyBrowserTest, cookie = cookie_store->GetCookies(redirected_url); EXPECT_EQ("cookie2", cookie); } +#endif diff --git a/chrome/browser/renderer_host/resource_message_filter.cc b/chrome/browser/renderer_host/resource_message_filter.cc index 51d4aae..d70f810 100644 --- a/chrome/browser/renderer_host/resource_message_filter.cc +++ b/chrome/browser/renderer_host/resource_message_filter.cc @@ -1,4 +1,4 @@ -// Copyright (c) 2009 The Chromium Authors. All rights reserved. +// Copyright (c) 2010 The Chromium Authors. All rights reserved. // Use of this source code is governed by a BSD-style license that can be // found in the LICENSE file. @@ -545,9 +545,7 @@ void ResourceMessageFilter::OnGetCookiesEnabled( const GURL& url, const GURL& first_party_for_cookies, bool* enabled) { - URLRequestContext* context = GetRequestContextForURL(url); - *enabled = - context->cookie_policy()->type() != net::CookiePolicy::BLOCK_ALL_COOKIES; + *enabled = GetRequestContextForURL(url)->AreCookiesEnabled(); } #if defined(OS_WIN) // This hack is Windows-specific. diff --git a/chrome/browser/views/options/advanced_contents_view.cc b/chrome/browser/views/options/advanced_contents_view.cc index dc3fde4..54f0ff0 100644 --- a/chrome/browser/views/options/advanced_contents_view.cc +++ b/chrome/browser/views/options/advanced_contents_view.cc @@ -44,7 +44,6 @@ #include "grit/generated_resources.h" #include "grit/locale_settings.h" #include "net/base/ssl_config_service_win.h" -#include "net/base/cookie_policy.h" #include "skia/ext/skia_utils_win.h" #include "third_party/skia/include/core/SkBitmap.h" #include "views/background.h" @@ -441,44 +440,6 @@ void AdvancedSection::InitControlLayout() { //////////////////////////////////////////////////////////////////////////////// // PrivacySection -class CookieBehaviorComboModel : public ComboboxModel { - public: - CookieBehaviorComboModel() {} - - // Return the number of items in the combo box. - virtual int GetItemCount() { - return 3; - } - - virtual std::wstring GetItemAt(int index) { - const int kStringIDs[] = { - IDS_OPTIONS_COOKIES_ACCEPT_ALL_COOKIES, - IDS_OPTIONS_COOKIES_RESTRICT_THIRD_PARTY_COOKIES, - IDS_OPTIONS_COOKIES_BLOCK_ALL_COOKIES - }; - if (index >= 0 && index < arraysize(kStringIDs)) - return l10n_util::GetString(kStringIDs[index]); - - NOTREACHED(); - return L""; - } - - static int CookiePolicyToIndex(net::CookiePolicy::Type policy) { - return policy; - } - - static net::CookiePolicy::Type IndexToCookiePolicy(int index) { - if (net::CookiePolicy::ValidType(index)) - return net::CookiePolicy::FromInt(index); - - NOTREACHED(); - return net::CookiePolicy::ALLOW_ALL_COOKIES; - } - - private: - DISALLOW_COPY_AND_ASSIGN(CookieBehaviorComboModel); -}; - class PrivacySection : public AdvancedSection, public views::ButtonListener, public views::LinkController { @@ -512,9 +473,6 @@ class PrivacySection : public AdvancedSection, views::Checkbox* reporting_enabled_checkbox_; views::Link* learn_more_link_; - // Dummy for now. Used to populate cookies models. - scoped_ptr<CookieBehaviorComboModel> allow_cookies_model_; - // Preferences for this section: BooleanPrefMember alternate_error_pages_; BooleanPrefMember use_suggest_; diff --git a/net/base/cookie_policy.h b/net/base/cookie_policy.h index 8efe998..91bbfb9 100644 --- a/net/base/cookie_policy.h +++ b/net/base/cookie_policy.h @@ -1,55 +1,26 @@ -// Copyright (c) 2006-2008 The Chromium Authors. All rights reserved. +// Copyright (c) 2010 The Chromium Authors. All rights reserved. // Use of this source code is governed by a BSD-style license that can be // found in the LICENSE file. #ifndef NET_BASE_COOKIE_POLICY_H_ #define NET_BASE_COOKIE_POLICY_H_ -#include "base/basictypes.h" - class GURL; namespace net { -// The CookiePolicy class implements third-party cookie blocking. class CookiePolicy { public: - // Consult the user's third-party cookie blocking preferences to determine - // whether the URL's cookies can be read. - bool CanGetCookies(const GURL& url, const GURL& first_party_for_cookies); - - // Consult the user's third-party cookie blocking preferences to determine - // whether the URL's cookies can be set. - bool CanSetCookie(const GURL& url, const GURL& first_party_for_cookies); - - enum Type { - ALLOW_ALL_COOKIES = 0, // Do not perform any cookie blocking. - BLOCK_THIRD_PARTY_COOKIES, // Prevent third-party cookies from being set. - BLOCK_ALL_COOKIES // Disable cookies. - }; - - static bool ValidType(int32 type) { - return type >= ALLOW_ALL_COOKIES && type <= BLOCK_ALL_COOKIES; - } - - static Type FromInt(int32 type) { - return static_cast<Type>(type); - } - - // Sets the current policy to enforce. This should be called when the user's - // preferences change. - void set_type(Type type) { type_ = type; } - - Type type() const { - return type_; - } - - CookiePolicy(); + // Determine if the URL's cookies may be read. + virtual bool CanGetCookies(const GURL& url, + const GURL& first_party_for_cookies) = 0; - private: - Type type_; + // Determine if the URL's cookies may be written. + virtual bool CanSetCookie(const GURL& url, + const GURL& first_party_for_cookies) = 0; - DISALLOW_COPY_AND_ASSIGN(CookiePolicy); + protected: + virtual ~CookiePolicy() {} }; } // namespace net diff --git a/net/base/static_cookie_policy.cc b/net/base/static_cookie_policy.cc new file mode 100644 index 0000000..25d58bc --- /dev/null +++ b/net/base/static_cookie_policy.cc @@ -0,0 +1,46 @@ +// Copyright (c) 2010 The Chromium Authors. All rights reserved. +// Use of this source code is governed by a BSD-style license that can be +// found in the LICENSE file. + +#include "net/base/static_cookie_policy.h" + +#include "base/logging.h" +#include "googleurl/src/gurl.h" +#include "net/base/registry_controlled_domain.h" + +namespace net { + +bool StaticCookiePolicy::CanGetCookies(const GURL& url, + const GURL& first_party_for_cookies) { + switch (type_) { + case StaticCookiePolicy::ALLOW_ALL_COOKIES: + return true; + case StaticCookiePolicy::BLOCK_THIRD_PARTY_COOKIES: + return true; + case StaticCookiePolicy::BLOCK_ALL_COOKIES: + return false; + default: + NOTREACHED(); + return false; + } +} + +bool StaticCookiePolicy::CanSetCookie(const GURL& url, + const GURL& first_party_for_cookies) { + switch (type_) { + case StaticCookiePolicy::ALLOW_ALL_COOKIES: + return true; + case StaticCookiePolicy::BLOCK_THIRD_PARTY_COOKIES: + if (first_party_for_cookies.is_empty()) + return true; // Empty first-party URL indicates a first-party request. + return net::RegistryControlledDomainService::SameDomainOrHost( + url, first_party_for_cookies); + case StaticCookiePolicy::BLOCK_ALL_COOKIES: + return false; + default: + NOTREACHED(); + return false; + } +} + +} // namespace net diff --git a/net/base/static_cookie_policy.h b/net/base/static_cookie_policy.h new file mode 100644 index 0000000..a16fd0c --- /dev/null +++ b/net/base/static_cookie_policy.h @@ -0,0 +1,57 @@ +// Copyright (c) 2010 The Chromium Authors. All rights reserved. +// Use of this source code is governed by a BSD-style license that can be +// found in the LICENSE file. + +#ifndef NET_BASE_STATIC_COOKIE_POLICY_H_ +#define NET_BASE_STATIC_COOKIE_POLICY_H_ + +#include "base/basictypes.h" +#include "net/base/cookie_policy.h" + +class GURL; + +namespace net { + +// The StaticCookiePolicy class implements a static cookie policy that supports +// three modes: allow all, deny all, or block third-party cookies. +class StaticCookiePolicy : public CookiePolicy { + public: + // Consult the user's third-party cookie blocking preferences to determine + // whether the URL's cookies can be read. + bool CanGetCookies(const GURL& url, const GURL& first_party_for_cookies); + + // Consult the user's third-party cookie blocking preferences to determine + // whether the URL's cookies can be set. + bool CanSetCookie(const GURL& url, const GURL& first_party_for_cookies); + + enum Type { + ALLOW_ALL_COOKIES = 0, // Do not perform any cookie blocking. + BLOCK_THIRD_PARTY_COOKIES, // Prevent third-party cookies from being set. + BLOCK_ALL_COOKIES // Disable cookies. + }; + + // Sets the current policy to enforce. This should be called when the user's + // preferences change. + void set_type(Type type) { type_ = type; } + + Type type() const { + return type_; + } + + StaticCookiePolicy() + : type_(StaticCookiePolicy::ALLOW_ALL_COOKIES) { + } + + explicit StaticCookiePolicy(Type type) + : type_(type) { + } + + private: + Type type_; + + DISALLOW_COPY_AND_ASSIGN(StaticCookiePolicy); +}; + +} // namespace net + +#endif // NET_BASE_STATIC_COOKIE_POLICY_H_ diff --git a/net/base/static_cookie_policy_unittest.cc b/net/base/static_cookie_policy_unittest.cc new file mode 100644 index 0000000..35af0fc --- /dev/null +++ b/net/base/static_cookie_policy_unittest.cc @@ -0,0 +1,87 @@ +// Copyright (c) 2010 The Chromium Authors. All rights reserved. +// Use of this source code is governed by a BSD-style license that can be +// found in the LICENSE file. + +#include "net/base/static_cookie_policy.h" +#include "testing/gtest/include/gtest/gtest.h" +#include "googleurl/src/gurl.h" + +class StaticCookiePolicyTest : public testing::Test { + public: + StaticCookiePolicyTest() + : url_google_("http://www.google.izzle"), + url_google_secure_("https://www.google.izzle"), + url_google_mail_("http://mail.google.izzle"), + url_google_analytics_("http://www.googleanalytics.izzle") { } + protected: + GURL url_google_; + GURL url_google_secure_; + GURL url_google_mail_; + GURL url_google_analytics_; +}; + +TEST_F(StaticCookiePolicyTest, DefaultPolicyTest) { + net::StaticCookiePolicy cp; + EXPECT_TRUE(cp.CanGetCookies(url_google_, url_google_)); + EXPECT_TRUE(cp.CanGetCookies(url_google_, url_google_secure_)); + EXPECT_TRUE(cp.CanGetCookies(url_google_, url_google_mail_)); + EXPECT_TRUE(cp.CanGetCookies(url_google_, url_google_analytics_)); + EXPECT_TRUE(cp.CanGetCookies(url_google_, GURL())); + + EXPECT_TRUE(cp.CanSetCookie(url_google_, url_google_)); + EXPECT_TRUE(cp.CanSetCookie(url_google_, url_google_secure_)); + EXPECT_TRUE(cp.CanSetCookie(url_google_, url_google_mail_)); + EXPECT_TRUE(cp.CanSetCookie(url_google_, url_google_analytics_)); + EXPECT_TRUE(cp.CanSetCookie(url_google_, GURL())); +} + +TEST_F(StaticCookiePolicyTest, AllowAllCookiesTest) { + net::StaticCookiePolicy cp; + cp.set_type(net::StaticCookiePolicy::ALLOW_ALL_COOKIES); + + EXPECT_TRUE(cp.CanGetCookies(url_google_, url_google_)); + EXPECT_TRUE(cp.CanGetCookies(url_google_, url_google_secure_)); + EXPECT_TRUE(cp.CanGetCookies(url_google_, url_google_mail_)); + EXPECT_TRUE(cp.CanGetCookies(url_google_, url_google_analytics_)); + EXPECT_TRUE(cp.CanGetCookies(url_google_, GURL())); + + EXPECT_TRUE(cp.CanSetCookie(url_google_, url_google_)); + EXPECT_TRUE(cp.CanSetCookie(url_google_, url_google_secure_)); + EXPECT_TRUE(cp.CanSetCookie(url_google_, url_google_mail_)); + EXPECT_TRUE(cp.CanSetCookie(url_google_, url_google_analytics_)); + EXPECT_TRUE(cp.CanSetCookie(url_google_, GURL())); +} + +TEST_F(StaticCookiePolicyTest, BlockThirdPartyCookiesTest) { + net::StaticCookiePolicy cp; + cp.set_type(net::StaticCookiePolicy::BLOCK_THIRD_PARTY_COOKIES); + + EXPECT_TRUE(cp.CanGetCookies(url_google_, url_google_)); + EXPECT_TRUE(cp.CanGetCookies(url_google_, url_google_secure_)); + EXPECT_TRUE(cp.CanGetCookies(url_google_, url_google_mail_)); + EXPECT_TRUE(cp.CanGetCookies(url_google_, url_google_analytics_)); + EXPECT_TRUE(cp.CanGetCookies(url_google_, GURL())); + + EXPECT_TRUE(cp.CanSetCookie(url_google_, url_google_)); + EXPECT_TRUE(cp.CanSetCookie(url_google_, url_google_secure_)); + EXPECT_TRUE(cp.CanSetCookie(url_google_, url_google_mail_)); + EXPECT_FALSE(cp.CanSetCookie(url_google_, url_google_analytics_)); + EXPECT_TRUE(cp.CanSetCookie(url_google_, GURL())); +} + +TEST_F(StaticCookiePolicyTest, BlockAllCookiesTest) { + net::StaticCookiePolicy cp; + cp.set_type(net::StaticCookiePolicy::BLOCK_ALL_COOKIES); + + EXPECT_FALSE(cp.CanGetCookies(url_google_, url_google_)); + EXPECT_FALSE(cp.CanGetCookies(url_google_, url_google_secure_)); + EXPECT_FALSE(cp.CanGetCookies(url_google_, url_google_mail_)); + EXPECT_FALSE(cp.CanGetCookies(url_google_, url_google_analytics_)); + EXPECT_FALSE(cp.CanGetCookies(url_google_, GURL())); + + EXPECT_FALSE(cp.CanSetCookie(url_google_, url_google_)); + EXPECT_FALSE(cp.CanSetCookie(url_google_, url_google_secure_)); + EXPECT_FALSE(cp.CanSetCookie(url_google_, url_google_mail_)); + EXPECT_FALSE(cp.CanSetCookie(url_google_, url_google_analytics_)); + EXPECT_FALSE(cp.CanSetCookie(url_google_, GURL())); +} diff --git a/net/net.gyp b/net/net.gyp index d796f5f..d020e57 100755 --- a/net/net.gyp +++ b/net/net.gyp @@ -1,4 +1,4 @@ -# Copyright (c) 2009 The Chromium Authors. All rights reserved. +# Copyright (c) 2010 The Chromium Authors. All rights reserved. # Use of this source code is governed by a BSD-style license that can be # found in the LICENSE file. @@ -41,7 +41,6 @@ 'base/cookie_monster.cc', 'base/cookie_monster.h', 'base/cookie_options.h', - 'base/cookie_policy.cc', 'base/cookie_policy.h', 'base/cookie_store.h', 'base/data_url.cc', @@ -141,6 +140,8 @@ 'base/ssl_config_service_win.cc', 'base/ssl_config_service_win.h', 'base/ssl_info.h', + 'base/static_cookie_policy.cc', + 'base/static_cookie_policy.h', 'base/transport_security_state.cc', 'base/transport_security_state.h', 'base/sys_addrinfo.h', @@ -572,7 +573,6 @@ 'sources': [ 'base/address_list_unittest.cc', 'base/cookie_monster_unittest.cc', - 'base/cookie_policy_unittest.cc', 'base/data_url_unittest.cc', 'base/directory_lister_unittest.cc', 'base/dns_util_unittest.cc', @@ -599,6 +599,7 @@ 'base/ssl_client_auth_cache_unittest.cc', 'base/ssl_config_service_mac_unittest.cc', 'base/ssl_config_service_win_unittest.cc', + 'base/static_cookie_policy_unittest.cc', 'base/transport_security_state_unittest.cc', 'base/telnet_server_unittest.cc', 'base/test_certificate_data.h', diff --git a/net/url_request/url_request_context.h b/net/url_request/url_request_context.h index b0204ce..d27ab01 100644 --- a/net/url_request/url_request_context.h +++ b/net/url_request/url_request_context.h @@ -1,4 +1,4 @@ -// Copyright (c) 2006-2008 The Chromium Authors. All rights reserved. +// Copyright (c) 2010 The Chromium Authors. All rights reserved. // Use of this source code is governed by a BSD-style license that can be // found in the LICENSE file. @@ -12,7 +12,6 @@ #include "base/ref_counted.h" #include "base/string_util.h" -#include "net/base/cookie_policy.h" #include "net/base/cookie_store.h" #include "net/base/host_resolver.h" #include "net/base/ssl_config_service.h" @@ -22,6 +21,7 @@ #include "net/url_request/request_tracker.h" namespace net { +class CookiePolicy; class FtpTransactionFactory; class HttpTransactionFactory; class SocketStream; @@ -35,7 +35,7 @@ class URLRequestContext : URLRequestContext() : http_transaction_factory_(NULL), ftp_transaction_factory_(NULL), - cookie_store_(NULL), + cookie_policy_(NULL), transport_security_state_(NULL) { } @@ -63,11 +63,11 @@ class URLRequestContext : return ftp_transaction_factory_; } - // Gets the cookie store for this context. + // Gets the cookie store for this context (may be null). net::CookieStore* cookie_store() { return cookie_store_.get(); } - // Gets the cookie policy for this context. - net::CookiePolicy* cookie_policy() { return &cookie_policy_; } + // Gets the cookie policy for this context (may be null). + net::CookiePolicy* cookie_policy() { return cookie_policy_; } net::TransportSecurityState* transport_security_state() { return transport_security_state_; } @@ -132,7 +132,7 @@ class URLRequestContext : net::HttpTransactionFactory* http_transaction_factory_; net::FtpTransactionFactory* ftp_transaction_factory_; scoped_refptr<net::CookieStore> cookie_store_; - net::CookiePolicy cookie_policy_; + net::CookiePolicy* cookie_policy_; scoped_refptr<net::TransportSecurityState> transport_security_state_; net::FtpAuthCache ftp_auth_cache_; std::string accept_language_; diff --git a/net/url_request/url_request_http_job.cc b/net/url_request/url_request_http_job.cc index 4b665be..7ec4ccf 100644 --- a/net/url_request/url_request_http_job.cc +++ b/net/url_request/url_request_http_job.cc @@ -1,4 +1,4 @@ -// Copyright (c) 2006-2009 The Chromium Authors. All rights reserved. +// Copyright (c) 2010 The Chromium Authors. All rights reserved. // Use of this source code is governed by a BSD-style license that can be // found in the LICENSE file. @@ -13,6 +13,7 @@ #include "base/rand_util.h" #include "base/string_util.h" #include "net/base/cert_status_flags.h" +#include "net/base/cookie_policy.h" #include "net/base/filter.h" #include "net/base/https_prober.h" #include "net/base/transport_security_state.h" @@ -511,7 +512,7 @@ void URLRequestHttpJob::NotifyHeadersComplete() { // Get the Set-Cookie values, and send them to our cookie database. if (!(request_info_.load_flags & net::LOAD_DO_NOT_SAVE_COOKIES)) { URLRequestContext* ctx = request_->context(); - if (ctx && ctx->cookie_store() && + if (ctx && ctx->cookie_store() && ctx->cookie_policy() && ctx->cookie_policy()->CanSetCookie( request_->url(), request_->first_party_for_cookies())) { FetchResponseCookies(); @@ -667,7 +668,7 @@ std::string URLRequestHttpJob::AssembleRequestCookies() { URLRequestContext* context = request_->context(); if (context) { // Add in the cookie header. TODO might we need more than one header? - if (context->cookie_store() && + if (context->cookie_store() && context->cookie_policy() && context->cookie_policy()->CanGetCookies( request_->url(), request_->first_party_for_cookies())) { net::CookieOptions options; diff --git a/webkit/tools/test_shell/simple_resource_loader_bridge.cc b/webkit/tools/test_shell/simple_resource_loader_bridge.cc index 2c0c124b..7aac167 100644 --- a/webkit/tools/test_shell/simple_resource_loader_bridge.cc +++ b/webkit/tools/test_shell/simple_resource_loader_bridge.cc @@ -38,11 +38,11 @@ #include "base/timer.h" #include "base/thread.h" #include "base/waitable_event.h" -#include "net/base/cookie_policy.h" #include "net/base/io_buffer.h" #include "net/base/load_flags.h" #include "net/base/net_errors.h" #include "net/base/net_util.h" +#include "net/base/static_cookie_policy.h" #include "net/base/upload_data.h" #include "net/http/http_response_headers.h" #include "net/proxy/proxy_service.h" @@ -54,7 +54,7 @@ #include "webkit/tools/test_shell/test_shell_request_context.h" using webkit_glue::ResourceLoaderBridge; -using net::CookiePolicy; +using net::StaticCookiePolicy; using net::HttpResponseHeaders; namespace { @@ -654,7 +654,7 @@ bool FindProxyForUrl(const GURL& url, std::string* proxy_list) { //----------------------------------------------------------------------------- // static -void SimpleResourceLoaderBridge::Init(URLRequestContext* context) { +void SimpleResourceLoaderBridge::Init(TestShellRequestContext* context) { // Make sure to stop any existing IO thread since it may be using the // current request context. Shutdown(); @@ -728,7 +728,9 @@ bool SimpleResourceLoaderBridge::EnsureIOThread() { // static void SimpleResourceLoaderBridge::SetAcceptAllCookies(bool accept_all_cookies) { - CookiePolicy::Type policy_type = accept_all_cookies ? - CookiePolicy::ALLOW_ALL_COOKIES : CookiePolicy::BLOCK_THIRD_PARTY_COOKIES; - request_context->cookie_policy()->set_type(policy_type); + StaticCookiePolicy::Type policy_type = accept_all_cookies ? + StaticCookiePolicy::ALLOW_ALL_COOKIES : + StaticCookiePolicy::BLOCK_THIRD_PARTY_COOKIES; + static_cast<StaticCookiePolicy*>(request_context->cookie_policy())-> + set_type(policy_type); } diff --git a/webkit/tools/test_shell/simple_resource_loader_bridge.h b/webkit/tools/test_shell/simple_resource_loader_bridge.h index 7c5979b..6d1d822 100644 --- a/webkit/tools/test_shell/simple_resource_loader_bridge.h +++ b/webkit/tools/test_shell/simple_resource_loader_bridge.h @@ -8,7 +8,7 @@ #include <string> class GURL; -class URLRequestContext; +class TestShellRequestContext; class SimpleResourceLoaderBridge { public: @@ -22,7 +22,7 @@ class SimpleResourceLoaderBridge { // NOTE: If this function is not called, then a default request context will // be initialized lazily. // - static void Init(URLRequestContext* context); + static void Init(TestShellRequestContext* context); // Call this function to shutdown the simple resource loader bridge. static void Shutdown(); diff --git a/webkit/tools/test_shell/test_shell_request_context.cc b/webkit/tools/test_shell/test_shell_request_context.cc index 0357e21..6ef9378 100644 --- a/webkit/tools/test_shell/test_shell_request_context.cc +++ b/webkit/tools/test_shell/test_shell_request_context.cc @@ -10,6 +10,7 @@ #include "net/base/cookie_monster.h" #include "net/base/host_resolver.h" #include "net/base/ssl_config_service.h" +#include "net/base/static_cookie_policy.h" #include "net/ftp/ftp_network_layer.h" #include "net/proxy/proxy_config_service.h" #include "net/proxy/proxy_config_service_fixed.h" @@ -32,6 +33,7 @@ void TestShellRequestContext::Init( net::HttpCache::Mode cache_mode, bool no_proxy) { cookie_store_ = new net::CookieMonster(); + cookie_policy_ = new net::StaticCookiePolicy(); // hard-code A-L and A-C for test shells accept_language_ = "en-us,en"; @@ -75,6 +77,7 @@ void TestShellRequestContext::Init( TestShellRequestContext::~TestShellRequestContext() { delete ftp_transaction_factory_; delete http_transaction_factory_; + delete static_cast<net::StaticCookiePolicy*>(cookie_policy_); } const std::string& TestShellRequestContext::GetUserAgent( |