Treat exact domain match cookies on public suffixes as host cookies.

Historically, we've rejected any cookie with a `domain` attribute for
hosts that we treat as public suffixes. This patch loosens that stance
by treating cookies whose domain attribute exactly matches the host as
host cookies.

This matches the language in step 5 of section 5.3 of RFC 6265
(https://tools.ietf.org/html/rfc6265#section-5.3), and
matches both Firefox and IE's behavior.

BUG=56211,551906
R=jochen@chromium.org,mmenke@chromium.org

Review URL: https://codereview.chromium.org/1414603010

Cr-Commit-Position: refs/heads/master@{#358523}

3 files changed, 53 insertions, 4 deletions

diff --git a/net/cookies/canonical_cookie.cc b/net/cookies/canonical_cookie.cc
index a37944b..f57f642 100644
--- a/net/cookies/canonical_cookie.cc
+++ b/net/cookies/canonical_cookie.cc
@@ -235,6 +235,7 @@ CanonicalCookie* CanonicalCookie::Create(const GURL& url,
 
   std::string cookie_domain;
   if (!GetCookieDomain(url, parsed_cookie, &cookie_domain)) {
+    VLOG(kVlogSetCookies) << "Create() failed to get a cookie domain";
     return NULL;
   }
 
diff --git a/net/cookies/cookie_store_unittest.h b/net/cookies/cookie_store_unittest.h
index f62f7ac..f4f4739 100644
--- a/net/cookies/cookie_store_unittest.h
+++ b/net/cookies/cookie_store_unittest.h
@@ -515,7 +515,26 @@ TYPED_TEST_P(CookieStoreTest, TestNonDottedAndTLD) {
     // Allow setting on "com", (but only as a host cookie).
     EXPECT_TRUE(this->SetCookie(cs.get(), url, "a=1"));
     EXPECT_FALSE(this->SetCookie(cs.get(), url, "b=2; domain=.com"));
-    EXPECT_FALSE(this->SetCookie(cs.get(), url, "c=3; domain=com"));
+
+    this->MatchCookieLines("a=1", this->GetCookies(cs.get(), url));
+    // Make sure it doesn't show up for a normal .com, it should be a host
+    // not a domain cookie.
+    this->MatchCookieLines(
+        std::string(),
+        this->GetCookies(cs.get(), GURL("http://hopefully-no-cookies.com/")));
+    if (TypeParam::supports_non_dotted_domains) {
+      this->MatchCookieLines(std::string(),
+                             this->GetCookies(cs.get(), GURL("http://.com/")));
+    }
+  }
+
+  {
+    // Exact matches between the domain attribute and the host are treated as
+    // host cookies, not domain cookies.
+    scoped_refptr<CookieStore> cs(this->GetCookieStore());
+    GURL url("http://com/");
+    EXPECT_TRUE(this->SetCookie(cs.get(), url, "a=1; domain=com"));
+
     this->MatchCookieLines("a=1", this->GetCookies(cs.get(), url));
     // Make sure it doesn't show up for a normal .com, it should be a host
     // not a domain cookie.
@@ -575,9 +594,27 @@ TYPED_TEST_P(CookieStoreTest, TestNonDottedAndTLD) {
     GURL url("http://b");
     EXPECT_TRUE(this->SetCookie(cs.get(), url, "a=1"));
     EXPECT_FALSE(this->SetCookie(cs.get(), url, "b=2; domain=.b"));
-    EXPECT_FALSE(this->SetCookie(cs.get(), url, "c=3; domain=b"));
     this->MatchCookieLines("a=1", this->GetCookies(cs.get(), url));
   }
+
+  {
+    // Exact matches between the domain attribute and an intranet host are
+    // treated as host cookies, not domain cookies.
+    scoped_refptr<CookieStore> cs(this->GetCookieStore());
+    GURL url("http://b/");
+    EXPECT_TRUE(this->SetCookie(cs.get(), url, "a=1; domain=b"));
+
+    this->MatchCookieLines("a=1", this->GetCookies(cs.get(), url));
+    // Make sure it doesn't show up for an intranet subdomain, it should be a
+    // host not a domain cookie.
+    this->MatchCookieLines(
+        std::string(),
+        this->GetCookies(cs.get(), GURL("http://hopefully-no-cookies.b/")));
+    if (TypeParam::supports_non_dotted_domains) {
+      this->MatchCookieLines(std::string(),
+                             this->GetCookies(cs.get(), GURL("http://.b/")));
+    }
+  }
 }
 
 // Test reading/writing cookies when the domain ends with a period,
diff --git a/net/cookies/cookie_util.cc b/net/cookies/cookie_util.cc
index b9c7e8d..4071e6f 100644
--- a/net/cookies/cookie_util.cc
+++ b/net/cookies/cookie_util.cc
@@ -63,8 +63,19 @@ bool GetCookieDomainWithString(const GURL& url,
   const std::string url_scheme(url.scheme());
   const std::string url_domain_and_registry(
       GetEffectiveDomain(url_scheme, url_host));
-  if (url_domain_and_registry.empty())
-    return false;  // IP addresses/intranet hosts can't set domain cookies.
+  if (url_domain_and_registry.empty()) {
+    // We match IE/Firefox by treating an exact match between the domain
+    // attribute and the request host to be treated as a host cookie.
+    if (url_host == domain_string) {
+      *result = url_host;
+      DCHECK(DomainIsHostOnly(*result));
+      return true;
+    }
+
+    // Otherwise, IP addresses/intranet hosts/public suffixes can't set
+    // domain cookies.
+    return false;
+  }
   const std::string cookie_domain_and_registry(
       GetEffectiveDomain(url_scheme, cookie_domain));
   if (url_domain_and_registry != cookie_domain_and_registry)