diff options
| author | jochen@chromium.org <jochen@chromium.org@0039d316-1c4b-4281-b951-d872f2087c98> | 2010-01-20 14:59:44 +0000 |
|---|---|---|
| committer | jochen@chromium.org <jochen@chromium.org@0039d316-1c4b-4281-b951-d872f2087c98> | 2010-01-20 14:59:44 +0000 |
| commit | 5f9a7f97780db19175a8549d39b97f62fa6c9afb (patch) | |
| tree | 3fd95826f8b36779fe1394b36a0f0814ecc6eeb5 | |
| parent | 00f1cab12265fc810d882ae20e58bdef9437ca7f (diff) | |
| download | chromium_src-5f9a7f97780db19175a8549d39b97f62fa6c9afb.zip chromium_src-5f9a7f97780db19175a8549d39b97f62fa6c9afb.tar.gz chromium_src-5f9a7f97780db19175a8549d39b97f62fa6c9afb.tar.bz2 | |
Remove support for filtering by MIME-type.
Also merge kDontSendCookies and kDontStoreCookies to kNoCookies.
BUG=16932
TEST=unit_tests
Review URL: http://codereview.chromium.org/542056
git-svn-id: svn://svn.chromium.org/chrome/trunk/src@36628 0039d316-1c4b-4281-b951-d872f2087c98
18 files changed, 101 insertions, 354 deletions
diff --git a/chrome/app/generated_resources.grd b/chrome/app/generated_resources.grd index 0e851ba..f1ae5b0 100644 --- a/chrome/app/generated_resources.grd +++ b/chrome/app/generated_resources.grd @@ -6382,7 +6382,7 @@ Keep your key file in a safe place. You will need it to create new versions of y The following Privacy Blacklists prevented this content from showing: </message> <message name="IDS_BLACKLIST_BLOCKED_COOKIES" desc="Cookies was blacklisted."> - Cookies not sent + Cookies blocked </message> <message name="IDS_BLACKLIST_BLOCKED_REFERRER" desc="Referrer sending was blacklisted."> Referrer not sent diff --git a/chrome/browser/automation/url_request_automation_job.cc b/chrome/browser/automation/url_request_automation_job.cc index 576743e..ec01660 100644 --- a/chrome/browser/automation/url_request_automation_job.cc +++ b/chrome/browser/automation/url_request_automation_job.cc @@ -269,7 +269,7 @@ void URLRequestAutomationJob::OnRequestStarted(int tab, int id, void* iter = NULL; while (headers_->EnumerateHeader(&iter, name, &value)) { - if (request_->context()->InterceptCookie(request_, &value)) + if (request_->context()->InterceptResponseCookie(request_, value)) response_cookies.push_back(value); } diff --git a/chrome/browser/net/chrome_url_request_context.cc b/chrome/browser/net/chrome_url_request_context.cc index 3e0bc31..fda3916 100644 --- a/chrome/browser/net/chrome_url_request_context.cc +++ b/chrome/browser/net/chrome_url_request_context.cc @@ -676,38 +676,18 @@ const std::string& ChromeURLRequestContext::GetUserAgent( return webkit_glue::GetUserAgent(url); } -bool ChromeURLRequestContext::InterceptCookie(const URLRequest* request, - std::string* cookie) { - BlacklistRequestInfo* request_info = - BlacklistRequestInfo::FromURLRequest(request); - // Requests which don't go through ResourceDispatcherHost don't have privacy - // blacklist request data. - if (!request_info) - return true; - const Blacklist* blacklist = request_info->GetBlacklist(); - // TODO(phajdan.jr): remove the NULL check when blacklists are stable. - if (!blacklist) - return true; - scoped_ptr<Blacklist::Match> match(blacklist->FindMatch(request->url())); - if (!match.get()) - return true; - if (match->attributes() & Blacklist::kDontStoreCookies) { - NotificationService::current()->Notify( - NotificationType::BLACKLIST_NONVISUAL_RESOURCE_BLOCKED, - Source<const ChromeURLRequestContext>(this), - Details<const URLRequest>(request)); +bool ChromeURLRequestContext::InterceptRequestCookies( + const URLRequest* request, const std::string& cookies) const { + return InterceptCookie(request, cookies); +} - cookie->clear(); - return false; - } - if (match->attributes() & Blacklist::kDontPersistCookies) { - *cookie = Blacklist::StripCookieExpiry(*cookie); - } - return true; +bool ChromeURLRequestContext::InterceptResponseCookie( + const URLRequest* request, const std::string& cookie) const { + return InterceptCookie(request, cookie); } -bool ChromeURLRequestContext::AllowSendingCookies(const URLRequest* request) - const { +bool ChromeURLRequestContext::InterceptCookie( + const URLRequest* request, const std::string& cookie) const { BlacklistRequestInfo* request_info = BlacklistRequestInfo::FromURLRequest(request); // Requests which don't go through ResourceDispatcherHost don't have privacy @@ -719,16 +699,14 @@ bool ChromeURLRequestContext::AllowSendingCookies(const URLRequest* request) if (!blacklist) return true; scoped_ptr<Blacklist::Match> match(blacklist->FindMatch(request->url())); - if (!match.get()) - return true; - if (match->attributes() & Blacklist::kDontSendCookies) { + if (match.get() && (match->attributes() & Blacklist::kBlockCookies)) { NotificationService::current()->Notify( NotificationType::BLACKLIST_NONVISUAL_RESOURCE_BLOCKED, Source<const ChromeURLRequestContext>(this), Details<const URLRequest>(request)); - return false; } + return true; } diff --git a/chrome/browser/net/chrome_url_request_context.h b/chrome/browser/net/chrome_url_request_context.h index a1bc78c..b1384f6 100644 --- a/chrome/browser/net/chrome_url_request_context.h +++ b/chrome/browser/net/chrome_url_request_context.h @@ -185,9 +185,13 @@ class ChromeURLRequestContext : public URLRequestContext { virtual const std::string& GetUserAgent(const GURL& url) const; - virtual bool InterceptCookie(const URLRequest* request, std::string* cookie); + // Returns true if cookies can be added to request. + virtual bool InterceptRequestCookies(const URLRequest* request, + const std::string& cookie) const; - virtual bool AllowSendingCookies(const URLRequest* request) const; + // Returns true if response cookies should be stored. + virtual bool InterceptResponseCookie(const URLRequest* request, + const std::string& cookie) const; const HostZoomMap* host_zoom_map() const { return host_zoom_map_; } @@ -300,6 +304,12 @@ class ChromeURLRequestContext : public URLRequestContext { bool is_off_the_record_; private: + // Blacklist implementation of InterceptRequestCookie and + // InterceptResponseCookie. Returns true if cookies are allowed and false + // if the request matches a Blacklist rule and cookies should be blocked. + bool InterceptCookie(const URLRequest* request, + const std::string& cookie) const; + // Filter for url_request_tracker(), that prevents "chrome://" requests from // being tracked by "about:net-internals". static bool ShouldTrackRequest(const GURL& url); diff --git a/chrome/browser/privacy_blacklist/blacklist.cc b/chrome/browser/privacy_blacklist/blacklist.cc index e23293d..8279e31 100644 --- a/chrome/browser/privacy_blacklist/blacklist.cc +++ b/chrome/browser/privacy_blacklist/blacklist.cc @@ -24,37 +24,24 @@ const char* const cookie_headers[2] = { "cookie", "set-cookie" }; } // namespace const unsigned int Blacklist::kBlockAll = 1; -const unsigned int Blacklist::kDontSendCookies = 1 << 1; -const unsigned int Blacklist::kDontStoreCookies = 1 << 2; -const unsigned int Blacklist::kDontPersistCookies = 1 << 3; -const unsigned int Blacklist::kDontSendReferrer = 1 << 4; -const unsigned int Blacklist::kDontSendUserAgent = 1 << 5; -const unsigned int Blacklist::kBlockByType = 1 << 6; -const unsigned int Blacklist::kBlockUnsecure = 1 << 7; +const unsigned int Blacklist::kBlockCookies = 1 << 1; +const unsigned int Blacklist::kDontSendReferrer = 1 << 2; +const unsigned int Blacklist::kDontSendUserAgent = 1 << 3; +const unsigned int Blacklist::kBlockUnsecure = 1 << 4; const unsigned int Blacklist::kBlockRequest = kBlockAll | kBlockUnsecure; -const unsigned int Blacklist::kBlockResponse = kBlockByType; const unsigned int Blacklist::kModifySentHeaders = - kDontSendCookies | kDontSendUserAgent | kDontSendReferrer; -const unsigned int Blacklist::kModifyReceivedHeaders = - kDontPersistCookies | kDontStoreCookies; -const unsigned int Blacklist::kFilterByHeaders = - kModifyReceivedHeaders | kBlockByType; + kBlockCookies | kDontSendUserAgent | kDontSendReferrer; +const unsigned int Blacklist::kModifyReceivedHeaders = kBlockCookies; unsigned int Blacklist::String2Attribute(const std::string& s) { if (s == STRINGIZE(kBlockAll)) return kBlockAll; - else if (s == STRINGIZE(kDontSendCookies)) - return kDontSendCookies; - else if (s == STRINGIZE(kDontStoreCookies)) - return kDontStoreCookies; - else if (s == STRINGIZE(kDontPersistCookies)) - return kDontPersistCookies; + else if (s == STRINGIZE(kBlockCookies)) + return kBlockCookies; else if (s == STRINGIZE(kDontSendReferrer)) return kDontSendReferrer; else if (s == STRINGIZE(kDontSendUserAgent)) return kDontSendUserAgent; - else if (s == STRINGIZE(kBlockByType)) - return kBlockByType; else if (s == STRINGIZE(kBlockUnsecure)) return kBlockUnsecure; return 0; @@ -104,10 +91,6 @@ bool Blacklist::Matches(const std::string& pattern, const std::string& url) { return pattern[p] == '\0'; } -bool Blacklist::Entry::MatchesType(const std::string& type) const { - return std::find(types_.begin(), types_.end(), type) != types_.end(); -} - bool Blacklist::Entry::IsBlocked(const GURL& url) const { return (attributes_ & kBlockAll) || ((attributes_ & kBlockUnsecure) && !url.SchemeIsSecure()); @@ -124,38 +107,8 @@ void Blacklist::Entry::AddAttributes(unsigned int attributes) { attributes_ |= attributes; } -void Blacklist::Entry::AddType(const std::string& type) { - types_.push_back(type); -} - void Blacklist::Entry::Merge(const Entry& entry) { attributes_ |= entry.attributes_; - - std::copy(entry.types_.begin(), entry.types_.end(), - std::back_inserter(types_)); -} - -void Blacklist::Entry::SwapTypes(std::vector<std::string>* types) { - DCHECK(types); - types->swap(types_); -} - -bool Blacklist::Match::MatchType(const std::string& type) const { - // No match if any exception matches. - for (std::vector<const Entry*>::const_iterator i = exception_entries_.begin(); - i != exception_entries_.end(); ++i) { - if ((*i)->MatchesType(type)) - return false; - } - - // Otherwise, match if any blacklist entry matches. - for (std::vector<const Entry*>::const_iterator i = matching_entries_.begin(); - i != matching_entries_.end(); ++i) { - if ((*i)->MatchesType(type)) - return true; - } - - return false; } bool Blacklist::Match::IsBlocked(const GURL& url) const { @@ -226,22 +179,3 @@ std::string Blacklist::GetURLAsLookupString(const GURL& url) { std::string Blacklist::StripCookies(const std::string& header) { return net::HttpUtil::StripHeaders(header, cookie_headers, 2); } - -std::string Blacklist::StripCookieExpiry(const std::string& cookie) { - std::string::size_type delim = cookie.find(';'); - std::string::size_type start = cookie.find("expires=", delim + 1); - if (start != std::string::npos) { - std::string::size_type i = start; - // Make sure only whitespace precedes the expiry until a delimiter. - while (cookie[--i] != ';') - if (!IsAsciiWhitespace(cookie[i])) - return cookie; - - std::string session_cookie(cookie, 0, i); - std::string::size_type end = cookie.find(';', start + 1); - if (end != std::string::npos) - session_cookie.append(cookie.substr(end)); - return session_cookie; - } - return cookie; -} diff --git a/chrome/browser/privacy_blacklist/blacklist.h b/chrome/browser/privacy_blacklist/blacklist.h index 96112f6..7d688ac 100644 --- a/chrome/browser/privacy_blacklist/blacklist.h +++ b/chrome/browser/privacy_blacklist/blacklist.h @@ -34,12 +34,9 @@ class Blacklist { // Filter attributes (more to come): static const unsigned int kBlockAll; - static const unsigned int kDontSendCookies; - static const unsigned int kDontStoreCookies; - static const unsigned int kDontPersistCookies; + static const unsigned int kBlockCookies; static const unsigned int kDontSendReferrer; static const unsigned int kDontSendUserAgent; - static const unsigned int kBlockByType; static const unsigned int kBlockUnsecure; // Aggregate filter types: @@ -47,7 +44,6 @@ class Blacklist { static const unsigned int kBlockResponse; static const unsigned int kModifySentHeaders; static const unsigned int kModifyReceivedHeaders; - static const unsigned int kFilterByHeaders; // Converts a stringized filter attribute (see above) back to its integer // value. Returns 0 on error. @@ -90,21 +86,11 @@ class Blacklist { // Provider of this blacklist entry, used for assigning blame ;) const Provider* provider() const { return provider_; } - // Returns true if the given type matches one of the types for which - // the filter-attributes of this pattern apply. This needs only to be - // checked for content-type specific rules, as determined by calling - // attributes(). - bool MatchesType(const std::string&) const; - // Returns true of the given URL is blocked, assumes it matches the // pattern of this entry. bool IsBlocked(const GURL&) const; void AddAttributes(unsigned int attributes); - void AddType(const std::string& type); - - // Swap the contents of the internal types vector with the given vector. - void SwapTypes(std::vector<std::string>* types); private: friend class BlacklistIO; @@ -117,7 +103,6 @@ class Blacklist { // True if this entry is an exception to the blacklist. bool is_exception_; std::string pattern_; - std::vector<std::string> types_; // Points to the provider of this entry, the providers are all // owned by the blacklist. @@ -136,7 +121,6 @@ class Blacklist { unsigned int attributes() const { return (matching_attributes_ & (~exception_attributes_)); } - bool MatchType(const std::string&) const; bool IsBlocked(const GURL&) const; // Access to individual entries, mostly for display/logging purposes. @@ -194,9 +178,6 @@ class Blacklist { // Helper to remove cookies from a header. static std::string StripCookies(const std::string&); - // Helper to remove cookie expiration from a header. - static std::string StripCookieExpiry(const std::string&); - private: // Converts a GURL into the string to match against. static std::string GetURLAsLookupString(const GURL& url); diff --git a/chrome/browser/privacy_blacklist/blacklist_io.cc b/chrome/browser/privacy_blacklist/blacklist_io.cc index 5567202..73fbf6c 100644 --- a/chrome/browser/privacy_blacklist/blacklist_io.cc +++ b/chrome/browser/privacy_blacklist/blacklist_io.cc @@ -164,9 +164,9 @@ bool BlacklistIO::ReadText(Blacklist* blacklist, } if (in_attribute) { - // The only attribute to support sub_tokens is kBlockByType, for now. - if (last_attribute == Blacklist::kBlockByType) - entry->AddType(tokenizer.token()); + // TODO(jochen): implement support for parsing arguments to attributes. + *error_string = "Unexpected argument to attribute."; + return false; } else { // Filter attribute. Unrecognized attributes are ignored. last_attribute = Blacklist::String2Attribute(tokenizer.token()); @@ -224,16 +224,13 @@ bool BlacklistIO::ReadBinary(Blacklist* blacklist, const FilePath& path) { std::string pattern; unsigned int attributes, provider; bool is_exception; - std::vector<std::string> types; for (size_t i = 0; i < num_entries; ++i) { - if (!input.ReadEntry(&pattern, &attributes, &types, &is_exception, - &provider)) + if (!input.ReadEntry(&pattern, &attributes, &is_exception, &provider)) return false; Blacklist::Entry* entry = new Blacklist::Entry(pattern, provider_map[provider], is_exception); entry->AddAttributes(attributes); - entry->SwapTypes(&types); entries.push_back(linked_ptr<Blacklist::Entry>(entry)); } @@ -282,7 +279,6 @@ bool BlacklistIO::WriteBinary(const Blacklist* blacklist, i != entries.end(); ++i) { if (!output.StoreEntry((*i)->pattern_, (*i)->attributes_, - (*i)->types_, (*i)->is_exception_, index[(*i)->provider_])) { return false; diff --git a/chrome/browser/privacy_blacklist/blacklist_io_unittest.cc b/chrome/browser/privacy_blacklist/blacklist_io_unittest.cc index 096966b..c76712d 100644 --- a/chrome/browser/privacy_blacklist/blacklist_io_unittest.cc +++ b/chrome/browser/privacy_blacklist/blacklist_io_unittest.cc @@ -28,17 +28,15 @@ TEST(BlacklistIOTest, Generic) { const Blacklist::EntryList entries(blacklist.entries_begin(), blacklist.entries_end()); - ASSERT_EQ(9U, entries.size()); - - EXPECT_EQ("@", entries[0]->pattern()); - EXPECT_EQ("@poor-security-site.com", entries[1]->pattern()); - EXPECT_EQ("@.ad-serving-place.com", entries[2]->pattern()); - EXPECT_EQ("www.site.com/anonymous/folder/@", entries[3]->pattern()); - EXPECT_EQ("www.site.com/bad/url", entries[4]->pattern()); - EXPECT_EQ("@/script?@", entries[5]->pattern()); - EXPECT_EQ("@?badparam@", entries[6]->pattern()); - EXPECT_EQ("www.site.com/bad/url/good", entries[7]->pattern()); - EXPECT_EQ("www.good.com", entries[8]->pattern()); + ASSERT_EQ(7U, entries.size()); + + EXPECT_EQ("@poor-security-site.com", entries[0]->pattern()); + EXPECT_EQ("@.ad-serving-place.com", entries[1]->pattern()); + EXPECT_EQ("www.site.com/anonymous/folder/@", entries[2]->pattern()); + EXPECT_EQ("www.site.com/bad/url", entries[3]->pattern()); + EXPECT_EQ("@/script?@", entries[4]->pattern()); + EXPECT_EQ("@?badparam@", entries[5]->pattern()); + EXPECT_EQ("www.site.com/bad/url/good", entries[6]->pattern()); const Blacklist::ProviderList providers(blacklist.providers_begin(), blacklist.providers_end()); diff --git a/chrome/browser/privacy_blacklist/blacklist_store.cc b/chrome/browser/privacy_blacklist/blacklist_store.cc index 87f5f1d..752ace8 100644 --- a/chrome/browser/privacy_blacklist/blacklist_store.cc +++ b/chrome/browser/privacy_blacklist/blacklist_store.cc @@ -13,7 +13,7 @@ namespace { -const char cookie[] = "GCPBL200"; +const char cookie[] = "GCPBL250"; const size_t kMaxBlockedTypes = 256; const size_t kMaxStringSize = 8192; @@ -54,20 +54,12 @@ bool BlacklistStoreOutput::ReserveEntries(uint32 num) { bool BlacklistStoreOutput::StoreEntry(const std::string& pattern, uint32 attributes, - const std::vector<std::string>& types, bool is_exception, uint32 provider) { - if (WriteString(pattern) && - WriteUInt(attributes) && - WriteUInt(is_exception ? 1 : 0) && - WriteUInt(types.size())) { - for (uint32 i = 0; i < types.size(); ++i) { - if (!WriteString(types[i])) - return false; - } - return WriteUInt(provider); - } - return false; + return (WriteString(pattern) && + WriteUInt(attributes) && + WriteUInt(is_exception ? 1 : 0) && + WriteUInt(provider)); } uint32 BlacklistStoreInput::ReadUInt() { @@ -118,7 +110,6 @@ uint32 BlacklistStoreInput::ReadNumEntries() { bool BlacklistStoreInput::ReadEntry(std::string* pattern, uint32* attributes, - std::vector<std::string>* types, bool* is_exception, uint32* provider) { *pattern = ReadString(); @@ -134,16 +125,6 @@ bool BlacklistStoreInput::ReadEntry(std::string* pattern, return false; *is_exception = (exception == 1); - if (uint32 n = ReadUInt()) { - if (n >= kMaxBlockedTypes) - return false; - while (n--) { - std::string type = ReadString(); - if (type.empty()) - return false; - types->push_back(type); - } - } *provider = ReadUInt(); return *provider != std::numeric_limits<uint32>::max(); } diff --git a/chrome/browser/privacy_blacklist/blacklist_store.h b/chrome/browser/privacy_blacklist/blacklist_store.h index 63f7c12..91f5711 100644 --- a/chrome/browser/privacy_blacklist/blacklist_store.h +++ b/chrome/browser/privacy_blacklist/blacklist_store.h @@ -43,7 +43,6 @@ class BlacklistStoreOutput { // Stores an entry. Returns true if successful. bool StoreEntry(const std::string& pattern, uint32 attributes, - const std::vector<std::string>& types, bool is_exception, uint32 provider); @@ -87,7 +86,6 @@ class BlacklistStoreInput { // Reads an entry. bool ReadEntry(std::string* pattern, uint32* attributes, - std::vector<std::string>* types, bool* is_exception, uint32* provider); diff --git a/chrome/browser/privacy_blacklist/blacklist_ui.cc b/chrome/browser/privacy_blacklist/blacklist_ui.cc index 354e2d4..704d17c 100644 --- a/chrome/browser/privacy_blacklist/blacklist_ui.cc +++ b/chrome/browser/privacy_blacklist/blacklist_ui.cc @@ -26,11 +26,8 @@ class DisplayBlockedContentNoticeTask : public Task { : url_(url), child_id_(info->child_id()), route_id_(info->route_id()) { - if (match->attributes() & Blacklist::kDontStoreCookies) { - // No cookies stored. - details_ = l10n_util::GetStringUTF16(IDS_BLACKLIST_BLOCKED_COOKIES); - } else if (match->attributes() & Blacklist::kDontSendCookies) { - // No cookies sent. + if (match->attributes() & Blacklist::kBlockCookies) { + // No cookies sent or stored. details_ = l10n_util::GetStringUTF16(IDS_BLACKLIST_BLOCKED_COOKIES); } else if (match->attributes() & Blacklist::kDontSendReferrer) { // No referrer sent. diff --git a/chrome/browser/privacy_blacklist/blacklist_unittest.cc b/chrome/browser/privacy_blacklist/blacklist_unittest.cc index 1202629..d6ccac63 100644 --- a/chrome/browser/privacy_blacklist/blacklist_unittest.cc +++ b/chrome/browser/privacy_blacklist/blacklist_unittest.cc @@ -24,72 +24,43 @@ TEST(BlacklistTest, Generic) { Blacklist::EntryList entries(blacklist.entries_begin(), blacklist.entries_end()); - ASSERT_EQ(9U, entries.size()); + ASSERT_EQ(7U, entries.size()); - EXPECT_EQ(Blacklist::kBlockByType|Blacklist::kDontPersistCookies, - entries[0]->attributes()); - EXPECT_TRUE(entries[0]->MatchesType("application/x-shockwave-flash")); - EXPECT_FALSE(entries[0]->MatchesType("image/jpeg")); + // All entries include global attributes. + // NOTE: Silly bitwise-or with zero to workaround a Mac compiler bug. + EXPECT_EQ(Blacklist::kBlockUnsecure|0, entries[0]->attributes()); EXPECT_FALSE(entries[0]->is_exception()); - EXPECT_EQ("@", entries[0]->pattern()); + EXPECT_EQ("@poor-security-site.com", entries[0]->pattern()); - // All entries include global attributes. // NOTE: Silly bitwise-or with zero to workaround a Mac compiler bug. - EXPECT_EQ(Blacklist::kBlockUnsecure|0, entries[1]->attributes()); - EXPECT_FALSE(entries[1]->MatchesType("application/x-shockwave-flash")); - EXPECT_FALSE(entries[1]->MatchesType("image/jpeg")); + EXPECT_EQ(Blacklist::kBlockCookies|0, entries[1]->attributes()); EXPECT_FALSE(entries[1]->is_exception()); - EXPECT_EQ("@poor-security-site.com", entries[1]->pattern()); + EXPECT_EQ("@.ad-serving-place.com", entries[1]->pattern()); - EXPECT_EQ(Blacklist::kDontSendCookies|Blacklist::kDontStoreCookies, + EXPECT_EQ(Blacklist::kDontSendUserAgent|Blacklist::kDontSendReferrer, entries[2]->attributes()); - EXPECT_FALSE(entries[2]->MatchesType("application/x-shockwave-flash")); - EXPECT_FALSE(entries[2]->MatchesType("image/jpeg")); EXPECT_FALSE(entries[2]->is_exception()); - EXPECT_EQ("@.ad-serving-place.com", entries[2]->pattern()); + EXPECT_EQ("www.site.com/anonymous/folder/@", entries[2]->pattern()); - EXPECT_EQ(Blacklist::kDontSendUserAgent|Blacklist::kDontSendReferrer, - entries[3]->attributes()); - EXPECT_FALSE(entries[3]->MatchesType("application/x-shockwave-flash")); - EXPECT_FALSE(entries[3]->MatchesType("image/jpeg")); + // NOTE: Silly bitwise-or with zero to workaround a Mac compiler bug. + EXPECT_EQ(Blacklist::kBlockAll|0, entries[3]->attributes()); EXPECT_FALSE(entries[3]->is_exception()); - EXPECT_EQ("www.site.com/anonymous/folder/@", entries[3]->pattern()); + EXPECT_EQ("www.site.com/bad/url", entries[3]->pattern()); // NOTE: Silly bitwise-or with zero to workaround a Mac compiler bug. EXPECT_EQ(Blacklist::kBlockAll|0, entries[4]->attributes()); - EXPECT_FALSE(entries[4]->MatchesType("application/x-shockwave-flash")); - EXPECT_FALSE(entries[4]->MatchesType("image/jpeg")); EXPECT_FALSE(entries[4]->is_exception()); - EXPECT_EQ("www.site.com/bad/url", entries[4]->pattern()); + EXPECT_EQ("@/script?@", entries[4]->pattern()); // NOTE: Silly bitwise-or with zero to workaround a Mac compiler bug. EXPECT_EQ(Blacklist::kBlockAll|0, entries[5]->attributes()); - EXPECT_FALSE(entries[5]->MatchesType("application/x-shockwave-flash")); - EXPECT_FALSE(entries[5]->MatchesType("image/jpeg")); EXPECT_FALSE(entries[5]->is_exception()); - EXPECT_EQ("@/script?@", entries[5]->pattern()); + EXPECT_EQ("@?badparam@", entries[5]->pattern()); // NOTE: Silly bitwise-or with zero to workaround a Mac compiler bug. EXPECT_EQ(Blacklist::kBlockAll|0, entries[6]->attributes()); - EXPECT_FALSE(entries[6]->MatchesType("application/x-shockwave-flash")); - EXPECT_FALSE(entries[6]->MatchesType("image/jpeg")); - EXPECT_FALSE(entries[6]->is_exception()); - EXPECT_EQ("@?badparam@", entries[6]->pattern()); - - // NOTE: Silly bitwise-or with zero to workaround a Mac compiler bug. - EXPECT_EQ(Blacklist::kBlockAll|0, entries[7]->attributes()); - EXPECT_FALSE(entries[7]->MatchesType("application/x-shockwave-flash")); - EXPECT_FALSE(entries[7]->MatchesType("image/jpeg")); - EXPECT_TRUE(entries[7]->is_exception()); - EXPECT_EQ("www.site.com/bad/url/good", entries[7]->pattern()); - - // NOTE: Silly bitwise-or with zero to workaround a Mac compiler bug. - EXPECT_EQ(Blacklist::kBlockByType|Blacklist::kDontPersistCookies, - entries[8]->attributes()); - EXPECT_TRUE(entries[8]->MatchesType("application/x-shockwave-flash")); - EXPECT_FALSE(entries[8]->MatchesType("image/jpeg")); - EXPECT_TRUE(entries[8]->is_exception()); - EXPECT_EQ("www.good.com", entries[8]->pattern()); + EXPECT_TRUE(entries[6]->is_exception()); + EXPECT_EQ("www.site.com/bad/url/good", entries[6]->pattern()); Blacklist::ProviderList providers(blacklist.providers_begin(), blacklist.providers_end()); @@ -104,93 +75,59 @@ TEST(BlacklistTest, Generic) { EXPECT_FALSE(blacklist.FindMatch(GURL("about:blank"))); // Expected rule matches. - Blacklist::Match* match; - match = blacklist.FindMatch(GURL("http://www.google.com")); + Blacklist::Match* match = blacklist.FindMatch(GURL("http://www.site.com/bad/url")); EXPECT_TRUE(match); if (match) { - EXPECT_EQ(Blacklist::kBlockByType|Blacklist::kDontPersistCookies, - match->attributes()); + EXPECT_EQ(Blacklist::kBlockAll|0, match->attributes()); EXPECT_EQ(1U, match->entries().size()); - EXPECT_TRUE(match->MatchType("application/x-shockwave-flash")); - delete match; - } - - match = blacklist.FindMatch(GURL("http://www.site.com/bad/url")); - EXPECT_TRUE(match); - if (match) { - EXPECT_EQ(Blacklist::kBlockAll| - Blacklist::kBlockByType|Blacklist::kDontPersistCookies, - match->attributes()); - EXPECT_EQ(2U, match->entries().size()); delete match; } match = blacklist.FindMatch(GURL("http://www.site.com/anonymous")); - EXPECT_TRUE(match); - if (match) { - EXPECT_EQ(Blacklist::kBlockByType|Blacklist::kDontPersistCookies, - match->attributes()); - EXPECT_EQ(1U, match->entries().size()); + EXPECT_FALSE(match); + if (match) delete match; - } match = blacklist.FindMatch(GURL("http://www.site.com/anonymous/folder")); - EXPECT_TRUE(match); - if (match) { - EXPECT_EQ(Blacklist::kBlockByType|Blacklist::kDontPersistCookies, - match->attributes()); - EXPECT_EQ(1U, match->entries().size()); + EXPECT_FALSE(match); + if (match) delete match; - } match = blacklist.FindMatch( GURL("http://www.site.com/anonymous/folder/subfolder")); EXPECT_TRUE(match); if (match) { - EXPECT_EQ(Blacklist::kDontSendUserAgent|Blacklist::kDontSendReferrer| - Blacklist::kBlockByType|Blacklist::kDontPersistCookies, + EXPECT_EQ(Blacklist::kDontSendUserAgent|Blacklist::kDontSendReferrer, match->attributes()); - EXPECT_EQ(2U, match->entries().size()); + EXPECT_EQ(1U, match->entries().size()); delete match; } // No matches for URLs without query string match = blacklist.FindMatch(GURL("http://badparam.com/")); - EXPECT_TRUE(match); - if (match) { - EXPECT_EQ(1U, match->entries().size()); - EXPECT_EQ(Blacklist::kBlockByType|Blacklist::kDontPersistCookies, - match->attributes()); + EXPECT_FALSE(match); + if (match) delete match; - } match = blacklist.FindMatch(GURL("http://script.bad.org/")); - EXPECT_TRUE(match); - if (match) { - EXPECT_EQ(1U, match->entries().size()); - EXPECT_EQ(Blacklist::kBlockByType|Blacklist::kDontPersistCookies, - match->attributes()); + EXPECT_FALSE(match); + if (match) delete match; - } // Expected rule matches. match = blacklist.FindMatch(GURL("http://host.com/script?q=x")); EXPECT_TRUE(match); if (match) { - EXPECT_EQ(2U, match->entries().size()); - EXPECT_EQ(Blacklist::kBlockByType|Blacklist::kDontPersistCookies| - Blacklist::kBlockAll, - match->attributes()); + EXPECT_EQ(Blacklist::kBlockAll, match->attributes()); + EXPECT_EQ(1U, match->entries().size()); delete match; } match = blacklist.FindMatch(GURL("http://host.com/img?badparam=x")); EXPECT_TRUE(match); if (match) { - EXPECT_EQ(2U, match->entries().size()); - EXPECT_EQ(Blacklist::kBlockByType|Blacklist::kDontPersistCookies| - Blacklist::kBlockAll, - match->attributes()); + EXPECT_EQ(Blacklist::kBlockAll, match->attributes()); + EXPECT_EQ(1U, match->entries().size()); delete match; } @@ -198,51 +135,11 @@ TEST(BlacklistTest, Generic) { match = blacklist.FindMatch(GURL("http://www.site.com/bad/url/good")); EXPECT_TRUE(match); if (match) { - EXPECT_EQ(2U, match->entries().size()); - EXPECT_EQ(Blacklist::kBlockByType|Blacklist::kDontPersistCookies, - match->attributes()); - delete match; - } - - match = blacklist.FindMatch(GURL("http://www.good.com")); - EXPECT_TRUE(match); - if (match) { - EXPECT_EQ(1U, match->entries().size()); EXPECT_EQ(0U, match->attributes()); - EXPECT_FALSE(match->MatchType("application/x-shockwave-flash")); + EXPECT_EQ(1U, match->entries().size()); delete match; } - // StripCookieExpiry Tests - std::string cookie1( - "PREF=ID=14a549990453e42a:TM=1245183232:LM=1245183232:S=Occ7khRVIEE36Ao5;" - " expires=Thu, 16-Jun-2011 20:13:52 GMT; path=/; domain=.google.com"); - std::string cookie2( - "PREF=ID=14a549990453e42a:TM=1245183232:LM=1245183232:S=Occ7khRVIEE36Ao5;" - " path=/; domain=.google.com"); - std::string cookie3( - "PREF=ID=14a549990453e42a:TM=1245183232:LM=1245183232:S=Occ7khRVIEE36Ao5;" - " expires=Thu, 17-Jun-2011 02:13:52 GMT; path=/; domain=.google.com"); - std::string cookie4("E=MC^2; path=relative; expires=never;"); - std::string cookie5("E=MC^2; path=relative;"); - - // No expiry, should be equal to itself after stripping. - EXPECT_EQ(cookie2, Blacklist::StripCookieExpiry(cookie2)); - EXPECT_EQ(cookie5, Blacklist::StripCookieExpiry(cookie5)); - - // Expiry, should be equal to non-expiry version after stripping. - EXPECT_EQ(cookie2, Blacklist::StripCookieExpiry(cookie1)); - EXPECT_EQ(cookie5, Blacklist::StripCookieExpiry(cookie4)); - - // Same cookie other than expiry should be same after stripping. - EXPECT_EQ(Blacklist::StripCookieExpiry(cookie2), - Blacklist::StripCookieExpiry(cookie3)); - - // Edge cases. - std::string invalid("#$%^&*()_+"); - EXPECT_EQ(invalid, Blacklist::StripCookieExpiry(invalid)); - EXPECT_EQ(std::string(), Blacklist::StripCookieExpiry(std::string())); - // StripCookies Test. Note that "\r\n" line terminators are used // because the underlying net util uniformizes those when stripping // headers. diff --git a/chrome/browser/renderer_host/resource_dispatcher_host.cc b/chrome/browser/renderer_host/resource_dispatcher_host.cc index f70089b..65182c2 100644 --- a/chrome/browser/renderer_host/resource_dispatcher_host.cc +++ b/chrome/browser/renderer_host/resource_dispatcher_host.cc @@ -1090,17 +1090,6 @@ bool ResourceDispatcherHost::CompleteResponseStarted(URLRequest* request) { scoped_refptr<ResourceResponse> response = new ResourceResponse; PopulateResourceResponse(request, info->filter_policy(), response); - BlacklistRequestInfo* request_info = - BlacklistRequestInfo::FromURLRequest(request); - if (request_info) { - const Blacklist* blacklist = request_info->GetBlacklist(); - scoped_ptr<Blacklist::Match> match(blacklist->FindMatch(request->url())); - if (match.get() && match->attributes() & Blacklist::kBlockByType) { - if (match->MatchType(response->response_head.mime_type)) - return false; // TODO(idanan): Generate a replacement response. - } - } - if (request->ssl_info().cert) { int cert_id = CertStore::GetSharedInstance()->StoreCert(request->ssl_info().cert, diff --git a/chrome/browser/renderer_host/resource_message_filter.cc b/chrome/browser/renderer_host/resource_message_filter.cc index b977944..12959dc 100644 --- a/chrome/browser/renderer_host/resource_message_filter.cc +++ b/chrome/browser/renderer_host/resource_message_filter.cc @@ -484,15 +484,8 @@ void ResourceMessageFilter::OnSetCookie(const GURL& url, return; scoped_ptr<Blacklist::Match> match( GetPrivacyBlacklistMatchForURL(url, context)); - if (match.get()) { - if (match->attributes() & Blacklist::kDontPersistCookies) { - context->cookie_store()->SetCookie(url, - Blacklist::StripCookieExpiry(cookie)); - } else if (!(match->attributes() & Blacklist::kDontStoreCookies)) { - context->cookie_store()->SetCookie(url, cookie); - } + if (match.get() && (match->attributes() & Blacklist::kBlockCookies)) return; - } context->cookie_store()->SetCookie(url, cookie); } diff --git a/chrome/test/data/blacklist_small.pbl b/chrome/test/data/blacklist_small.pbl index 5d25b7b..61f2665 100644 --- a/chrome/test/data/blacklist_small.pbl +++ b/chrome/test/data/blacklist_small.pbl @@ -3,14 +3,11 @@ |URL: http://www.google.com Text here is ignored |Icon: Unsupported feature !!!!! -# Default match attributes (matches everything) -@ => kBlockByType(application/x-shockwave-flash), kDontPersistCookies - # Affect an entire site @poor-security-site.com => kBlockUnsecure # Affect subdomains of an entire site -@.ad-serving-place.com => kDontSendCookies, kDontStoreCookies +@.ad-serving-place.com => kBlockCookies # Affect site files under a subfolder www.site.com/anonymous/folder/@ => kDontSendUserAgent, kDontSendReferrer @@ -26,6 +23,3 @@ www.site.com/bad/url => kBlockAll # Whitelist a specific URL -www.site.com/bad/url/good => kBlockAll - -# Whitelist attributes --www.good.com => kBlockByType(application/x-shockwave-flash), kDontPersistCookies diff --git a/chrome/test/data/blacklist_small.pbr b/chrome/test/data/blacklist_small.pbr Binary files differindex b4fb030..114d0ba 100644 --- a/chrome/test/data/blacklist_small.pbr +++ b/chrome/test/data/blacklist_small.pbr diff --git a/net/url_request/url_request_context.h b/net/url_request/url_request_context.h index 5eac06e..b0204ce 100644 --- a/net/url_request/url_request_context.h +++ b/net/url_request/url_request_context.h @@ -105,16 +105,17 @@ class URLRequestContext : referrer_charset_ = charset; } - // Called for each cookie returning for the given request. A pointer to - // the cookie is passed so that it can be modified. Returns true if the - // cookie was not dropped (it could still be modified though). - virtual bool InterceptCookie(const URLRequest* request, std::string* cookie) { + // Called before adding cookies to requests. Returns true if cookie can + // be added to the request. The cookie might still be modified though. + virtual bool InterceptRequestCookies(const URLRequest* request, + const std::string& cookies) const { return true; } - // Called before adding cookies to sent requests. Allows overriding - // requests to block sending of cookies. - virtual bool AllowSendingCookies(const URLRequest* request) const { + // Called before adding cookies from respones to the cookie monster. Returns + // true if the cookie can be added. The cookie might still be modified though. + virtual bool InterceptResponseCookie(const URLRequest* request, + const std::string& cookie) const { return true; } diff --git a/net/url_request/url_request_http_job.cc b/net/url_request/url_request_http_job.cc index 93f6b5b..4b665be 100644 --- a/net/url_request/url_request_http_job.cc +++ b/net/url_request/url_request_http_job.cc @@ -647,8 +647,7 @@ void URLRequestHttpJob::AddExtraHeaders() { URLRequestContext* context = request_->context(); if (context) { - if (context->AllowSendingCookies(request_)) - request_info_.extra_headers += AssembleRequestCookies(); + request_info_.extra_headers += AssembleRequestCookies(); // Only add default Accept-Language and Accept-Charset if the request // didn't have them specified. @@ -675,7 +674,8 @@ std::string URLRequestHttpJob::AssembleRequestCookies() { options.set_include_httponly(); std::string cookies = request_->context()->cookie_store()-> GetCookiesWithOptions(request_->url(), options); - if (!cookies.empty()) + if (context->InterceptRequestCookies(request_, cookies) && + !cookies.empty()) return "Cookie: " + cookies + "\r\n"; } } @@ -691,7 +691,7 @@ void URLRequestHttpJob::FetchResponseCookies() { void* iter = NULL; while (response_info_->headers->EnumerateHeader(&iter, name, &value)) - if (request_->context()->InterceptCookie(request_, &value)) + if (request_->context()->InterceptResponseCookie(request_, value)) response_cookies_.push_back(value); } |