diff options
| author | jochen@chromium.org <jochen@chromium.org@0039d316-1c4b-4281-b951-d872f2087c98> | 2011-05-26 14:26:09 +0000 |
|---|---|---|
| committer | jochen@chromium.org <jochen@chromium.org@0039d316-1c4b-4281-b951-d872f2087c98> | 2011-05-26 14:26:09 +0000 |
| commit | 5b52ad495b1afcfb6c71259cfa8e18dec60378aa (patch) | |
| tree | 64a43712584282e504f188711dbc5ab5b61cd1df /chrome/browser/content_settings | |
| parent | 4d7715c250719cf357e156425d9226740329d9ec (diff) | |
| download | chromium_src-5b52ad495b1afcfb6c71259cfa8e18dec60378aa.zip chromium_src-5b52ad495b1afcfb6c71259cfa8e18dec60378aa.tar.gz chromium_src-5b52ad495b1afcfb6c71259cfa8e18dec60378aa.tar.bz2 | |
Apply third party cookie blocking to all kinds of cookies
BUG=72586
TEST=HostContentSettingsMapTest.Cookies*
Review URL: http://codereview.chromium.org/7008025
git-svn-id: svn://svn.chromium.org/chrome/trunk/src@86820 0039d316-1c4b-4281-b951-d872f2087c98
Diffstat (limited to 'chrome/browser/content_settings')
3 files changed, 235 insertions, 18 deletions
diff --git a/chrome/browser/content_settings/host_content_settings_map.cc b/chrome/browser/content_settings/host_content_settings_map.cc index d58aff9..f253ae7 100644 --- a/chrome/browser/content_settings/host_content_settings_map.cc +++ b/chrome/browser/content_settings/host_content_settings_map.cc @@ -24,6 +24,7 @@ #include "content/common/notification_source.h" #include "content/common/notification_type.h" #include "googleurl/src/gurl.h" +#include "net/base/net_errors.h" #include "net/base/net_util.h" #include "net/base/static_cookie_policy.h" @@ -161,6 +162,14 @@ ContentSetting HostContentSettingsMap::GetContentSetting( const GURL& url, ContentSettingsType content_type, const std::string& resource_identifier) const { + DCHECK_NE(CONTENT_SETTINGS_TYPE_COOKIES, content_type); + return GetContentSettingInternal(url, content_type, resource_identifier); +} + +ContentSetting HostContentSettingsMap::GetContentSettingInternal( + const GURL& url, + ContentSettingsType content_type, + const std::string& resource_identifier) const { ContentSetting setting = GetNonDefaultContentSetting(url, content_type, resource_identifier); @@ -169,6 +178,33 @@ ContentSetting HostContentSettingsMap::GetContentSetting( return setting; } +ContentSetting HostContentSettingsMap::GetCookieContentSetting( + const GURL& url, + const GURL& first_party_url, + bool setting_cookie) const { + ContentSetting setting = CONTENT_SETTING_ALLOW; + if (BlockThirdPartyCookies()) { + bool strict = CommandLine::ForCurrentProcess()->HasSwitch( + switches::kBlockReadingThirdPartyCookies); + net::StaticCookiePolicy policy(strict ? + net::StaticCookiePolicy::BLOCK_ALL_THIRD_PARTY_COOKIES : + net::StaticCookiePolicy::BLOCK_SETTING_THIRD_PARTY_COOKIES); + int rv; + if (setting_cookie) + rv = policy.CanSetCookie(url, first_party_url); + else + rv = policy.CanGetCookies(url, first_party_url); + DCHECK_NE(net::ERR_IO_PENDING, rv); + if (rv != net::OK) + setting = CONTENT_SETTING_BLOCK; + } + + if (setting == CONTENT_SETTING_ALLOW) + setting = GetContentSettingInternal(url, CONTENT_SETTINGS_TYPE_COOKIES, ""); + + return setting; +} + ContentSetting HostContentSettingsMap::GetNonDefaultContentSetting( const GURL& url, ContentSettingsType content_type, diff --git a/chrome/browser/content_settings/host_content_settings_map.h b/chrome/browser/content_settings/host_content_settings_map.h index 09b3500..68f4cad 100644 --- a/chrome/browser/content_settings/host_content_settings_map.h +++ b/chrome/browser/content_settings/host_content_settings_map.h @@ -65,6 +65,16 @@ class HostContentSettingsMap ContentSettingsType content_type, const std::string& resource_identifier) const; + // Gets the content setting for cookies. This takes the third party cookie + // flag into account, and therefore needs to know whether we read or write a + // cookie. + // + // This may be called on any thread. + ContentSetting GetCookieContentSetting( + const GURL& url, + const GURL& first_party_url, + bool setting_cookie) const; + // Returns a single ContentSetting which applies to a given URL or // CONTENT_SETTING_DEFAULT, if no exception applies. Note that certain // internal schemes are whitelisted. For ContentSettingsTypes that require an @@ -169,6 +179,11 @@ class HostContentSettingsMap virtual ~HostContentSettingsMap(); + ContentSetting GetContentSettingInternal( + const GURL& url, + ContentSettingsType content_type, + const std::string& resource_identifier) const; + void UnregisterObservers(); // Various migration methods (old cookie, popup and per-host data gets diff --git a/chrome/browser/content_settings/host_content_settings_map_unittest.cc b/chrome/browser/content_settings/host_content_settings_map_unittest.cc index 8a3b0e7..60075e5 100644 --- a/chrome/browser/content_settings/host_content_settings_map_unittest.cc +++ b/chrome/browser/content_settings/host_content_settings_map_unittest.cc @@ -256,8 +256,8 @@ TEST_F(HostContentSettingsMapTest, ObserveDefaultPref) { host_content_settings_map->SetDefaultContentSetting( CONTENT_SETTINGS_TYPE_COOKIES, CONTENT_SETTING_BLOCK); EXPECT_EQ(CONTENT_SETTING_BLOCK, - host_content_settings_map->GetContentSetting( - host, CONTENT_SETTINGS_TYPE_COOKIES, "")); + host_content_settings_map->GetCookieContentSetting( + host, host, true)); // Make a copy of the pref's new value so we can reset it later. scoped_ptr<Value> new_value(prefs->FindPreference( @@ -266,14 +266,14 @@ TEST_F(HostContentSettingsMapTest, ObserveDefaultPref) { // Clearing the backing pref should also clear the internal cache. prefs->Set(prefs::kDefaultContentSettings, *default_value); EXPECT_EQ(CONTENT_SETTING_ALLOW, - host_content_settings_map->GetContentSetting( - host, CONTENT_SETTINGS_TYPE_COOKIES, "")); + host_content_settings_map->GetCookieContentSetting( + host, host, true)); // Reseting the pref to its previous value should update the cache. prefs->Set(prefs::kDefaultContentSettings, *new_value); EXPECT_EQ(CONTENT_SETTING_BLOCK, - host_content_settings_map->GetContentSetting( - host, CONTENT_SETTINGS_TYPE_COOKIES, "")); + host_content_settings_map->GetCookieContentSetting( + host, host, true)); } TEST_F(HostContentSettingsMapTest, ObserveExceptionPref) { @@ -294,8 +294,8 @@ TEST_F(HostContentSettingsMapTest, ObserveExceptionPref) { host_content_settings_map->SetContentSetting(pattern, CONTENT_SETTINGS_TYPE_COOKIES, "", CONTENT_SETTING_BLOCK); EXPECT_EQ(CONTENT_SETTING_BLOCK, - host_content_settings_map->GetContentSetting( - host, CONTENT_SETTINGS_TYPE_COOKIES, "")); + host_content_settings_map->GetCookieContentSetting( + host, host, true)); // Make a copy of the pref's new value so we can reset it later. scoped_ptr<Value> new_value(prefs->FindPreference( @@ -304,14 +304,14 @@ TEST_F(HostContentSettingsMapTest, ObserveExceptionPref) { // Clearing the backing pref should also clear the internal cache. prefs->Set(prefs::kContentSettingsPatterns, *default_value); EXPECT_EQ(CONTENT_SETTING_ALLOW, - host_content_settings_map->GetContentSetting( - host, CONTENT_SETTINGS_TYPE_COOKIES, "")); + host_content_settings_map->GetCookieContentSetting( + host, host, true)); // Reseting the pref to its previous value should update the cache. prefs->Set(prefs::kContentSettingsPatterns, *new_value); EXPECT_EQ(CONTENT_SETTING_BLOCK, - host_content_settings_map->GetContentSetting( - host, CONTENT_SETTINGS_TYPE_COOKIES, "")); + host_content_settings_map->GetCookieContentSetting( + host, host, true)); } TEST_F(HostContentSettingsMapTest, HostTrimEndingDotCheck) { @@ -338,18 +338,18 @@ TEST_F(HostContentSettingsMapTest, HostTrimEndingDotCheck) { host_ending_with_dot, CONTENT_SETTINGS_TYPE_IMAGES, "")); EXPECT_EQ(CONTENT_SETTING_ALLOW, - host_content_settings_map->GetContentSetting( - host_ending_with_dot, CONTENT_SETTINGS_TYPE_COOKIES, "")); + host_content_settings_map->GetCookieContentSetting( + host_ending_with_dot, host_ending_with_dot, true)); host_content_settings_map->SetContentSetting(pattern, CONTENT_SETTINGS_TYPE_COOKIES, "", CONTENT_SETTING_DEFAULT); EXPECT_EQ(CONTENT_SETTING_ALLOW, - host_content_settings_map->GetContentSetting( - host_ending_with_dot, CONTENT_SETTINGS_TYPE_COOKIES, "")); + host_content_settings_map->GetCookieContentSetting( + host_ending_with_dot, host_ending_with_dot, true)); host_content_settings_map->SetContentSetting(pattern, CONTENT_SETTINGS_TYPE_COOKIES, "", CONTENT_SETTING_BLOCK); EXPECT_EQ(CONTENT_SETTING_BLOCK, - host_content_settings_map->GetContentSetting( - host_ending_with_dot, CONTENT_SETTINGS_TYPE_COOKIES, "")); + host_content_settings_map->GetCookieContentSetting( + host_ending_with_dot, host_ending_with_dot, true)); EXPECT_EQ(CONTENT_SETTING_ALLOW, host_content_settings_map->GetContentSetting( @@ -901,4 +901,170 @@ TEST_F(HostContentSettingsMapTest, ResetToDefaultsWhenManaged) { EXPECT_FALSE(host_content_settings_map->BlockThirdPartyCookies()); } +// Tests for cookie content settings. +const GURL kBlockedSite = GURL("http://ads.thirdparty.com"); +const GURL kAllowedSite = GURL("http://good.allays.com"); +const GURL kFirstPartySite = GURL("http://cool.things.com"); + +TEST_F(HostContentSettingsMapTest, CookiesBlockSingle) { + TestingProfile profile; + HostContentSettingsMap* host_content_settings_map = + profile.GetHostContentSettingsMap(); + host_content_settings_map->AddExceptionForURL( + kBlockedSite, CONTENT_SETTINGS_TYPE_COOKIES, "", + CONTENT_SETTING_BLOCK); + EXPECT_EQ(CONTENT_SETTING_BLOCK, + host_content_settings_map->GetCookieContentSetting( + kBlockedSite, kBlockedSite, false)); +} + +TEST_F(HostContentSettingsMapTest, CookiesBlockThirdParty) { + TestingProfile profile; + HostContentSettingsMap* host_content_settings_map = + profile.GetHostContentSettingsMap(); + host_content_settings_map->SetBlockThirdPartyCookies(true); + EXPECT_EQ(CONTENT_SETTING_ALLOW, + host_content_settings_map->GetCookieContentSetting( + kBlockedSite, kFirstPartySite, false)); + EXPECT_EQ(CONTENT_SETTING_BLOCK, + host_content_settings_map->GetCookieContentSetting( + kBlockedSite, kFirstPartySite, true)); + + CommandLine* cmd = CommandLine::ForCurrentProcess(); + AutoReset<CommandLine> auto_reset(cmd, *cmd); + cmd->AppendSwitch(switches::kBlockReadingThirdPartyCookies); + + EXPECT_EQ(CONTENT_SETTING_BLOCK, + host_content_settings_map->GetCookieContentSetting( + kBlockedSite, kFirstPartySite, false)); + EXPECT_EQ(CONTENT_SETTING_BLOCK, + host_content_settings_map->GetCookieContentSetting( + kBlockedSite, kFirstPartySite, true)); +} + +TEST_F(HostContentSettingsMapTest, CookiesAllowThirdParty) { + TestingProfile profile; + HostContentSettingsMap* host_content_settings_map = + profile.GetHostContentSettingsMap(); + EXPECT_EQ(CONTENT_SETTING_ALLOW, + host_content_settings_map->GetCookieContentSetting( + kBlockedSite, kFirstPartySite, false)); + EXPECT_EQ(CONTENT_SETTING_ALLOW, + host_content_settings_map->GetCookieContentSetting( + kBlockedSite, kFirstPartySite, true)); +} + +TEST_F(HostContentSettingsMapTest, CookiesExplicitBlockSingleThirdParty) { + TestingProfile profile; + HostContentSettingsMap* host_content_settings_map = + profile.GetHostContentSettingsMap(); + host_content_settings_map->AddExceptionForURL( + kBlockedSite, CONTENT_SETTINGS_TYPE_COOKIES, "", + CONTENT_SETTING_BLOCK); + EXPECT_EQ(CONTENT_SETTING_BLOCK, + host_content_settings_map->GetCookieContentSetting( + kBlockedSite, kFirstPartySite, false)); + EXPECT_EQ(CONTENT_SETTING_BLOCK, + host_content_settings_map->GetCookieContentSetting( + kBlockedSite, kFirstPartySite, true)); + EXPECT_EQ(CONTENT_SETTING_ALLOW, + host_content_settings_map->GetCookieContentSetting( + kAllowedSite, kFirstPartySite, true)); +} + +TEST_F(HostContentSettingsMapTest, CookiesExplicitSessionOnly) { + TestingProfile profile; + HostContentSettingsMap* host_content_settings_map = + profile.GetHostContentSettingsMap(); + host_content_settings_map->AddExceptionForURL( + kBlockedSite, CONTENT_SETTINGS_TYPE_COOKIES, "", + CONTENT_SETTING_SESSION_ONLY); + EXPECT_EQ(CONTENT_SETTING_SESSION_ONLY, + host_content_settings_map->GetCookieContentSetting( + kBlockedSite, kFirstPartySite, false)); + EXPECT_EQ(CONTENT_SETTING_SESSION_ONLY, + host_content_settings_map->GetCookieContentSetting( + kBlockedSite, kFirstPartySite, true)); + + host_content_settings_map->SetBlockThirdPartyCookies(true); + EXPECT_EQ(CONTENT_SETTING_SESSION_ONLY, + host_content_settings_map->GetCookieContentSetting( + kBlockedSite, kFirstPartySite, false)); + EXPECT_EQ(CONTENT_SETTING_BLOCK, + host_content_settings_map->GetCookieContentSetting( + kBlockedSite, kFirstPartySite, true)); +} + +TEST_F(HostContentSettingsMapTest, CookiesThirdPartyAlwaysBlocked) { + TestingProfile profile; + HostContentSettingsMap* host_content_settings_map = + profile.GetHostContentSettingsMap(); + host_content_settings_map->AddExceptionForURL( + kAllowedSite, CONTENT_SETTINGS_TYPE_COOKIES, "", + CONTENT_SETTING_ALLOW); + host_content_settings_map->SetBlockThirdPartyCookies(true); + EXPECT_EQ(CONTENT_SETTING_ALLOW, + host_content_settings_map->GetCookieContentSetting( + kAllowedSite, kFirstPartySite, false)); + EXPECT_EQ(CONTENT_SETTING_BLOCK, + host_content_settings_map->GetCookieContentSetting( + kAllowedSite, kFirstPartySite, true)); + + CommandLine* cmd = CommandLine::ForCurrentProcess(); + AutoReset<CommandLine> auto_reset(cmd, *cmd); + cmd->AppendSwitch(switches::kBlockReadingThirdPartyCookies); + + EXPECT_EQ(CONTENT_SETTING_BLOCK, + host_content_settings_map->GetCookieContentSetting( + kAllowedSite, kFirstPartySite, false)); +} + +TEST_F(HostContentSettingsMapTest, CookiesBlockEverything) { + TestingProfile profile; + HostContentSettingsMap* host_content_settings_map = + profile.GetHostContentSettingsMap(); + host_content_settings_map->SetDefaultContentSetting( + CONTENT_SETTINGS_TYPE_COOKIES, CONTENT_SETTING_BLOCK); + + EXPECT_EQ(CONTENT_SETTING_BLOCK, + host_content_settings_map->GetCookieContentSetting( + kFirstPartySite, kFirstPartySite, false)); + EXPECT_EQ(CONTENT_SETTING_BLOCK, + host_content_settings_map->GetCookieContentSetting( + kFirstPartySite, kFirstPartySite, true)); + EXPECT_EQ(CONTENT_SETTING_BLOCK, + host_content_settings_map->GetCookieContentSetting( + kAllowedSite, kFirstPartySite, true)); +} + +TEST_F(HostContentSettingsMapTest, CookiesBlockEverythingExceptAllowed) { + TestingProfile profile; + HostContentSettingsMap* host_content_settings_map = + profile.GetHostContentSettingsMap(); + host_content_settings_map->SetDefaultContentSetting( + CONTENT_SETTINGS_TYPE_COOKIES, CONTENT_SETTING_BLOCK); + host_content_settings_map->AddExceptionForURL( + kAllowedSite, CONTENT_SETTINGS_TYPE_COOKIES, "", + CONTENT_SETTING_ALLOW); + + EXPECT_EQ(CONTENT_SETTING_BLOCK, + host_content_settings_map->GetCookieContentSetting( + kFirstPartySite, kFirstPartySite, false)); + EXPECT_EQ(CONTENT_SETTING_BLOCK, + host_content_settings_map->GetCookieContentSetting( + kFirstPartySite, kFirstPartySite, true)); + EXPECT_EQ(CONTENT_SETTING_ALLOW, + host_content_settings_map->GetCookieContentSetting( + kAllowedSite, kFirstPartySite, false)); + EXPECT_EQ(CONTENT_SETTING_ALLOW, + host_content_settings_map->GetCookieContentSetting( + kAllowedSite, kFirstPartySite, true)); + EXPECT_EQ(CONTENT_SETTING_ALLOW, + host_content_settings_map->GetCookieContentSetting( + kAllowedSite, kAllowedSite, false)); + EXPECT_EQ(CONTENT_SETTING_ALLOW, + host_content_settings_map->GetCookieContentSetting( + kAllowedSite, kAllowedSite, true)); +} + } // namespace |