GCM unregistration requests should not send or set cookies

BUG=504123
TEST=tests updated

Review URL: https://codereview.chromium.org/1208483008

Cr-Commit-Position: refs/heads/master@{#336439}

3 files changed, 14 insertions, 0 deletions

diff --git a/google_apis/gcm/engine/registration_request_unittest.cc b/google_apis/gcm/engine/registration_request_unittest.cc
index 39764db..11abb02 100644
--- a/google_apis/gcm/engine/registration_request_unittest.cc
+++ b/google_apis/gcm/engine/registration_request_unittest.cc
@@ -11,6 +11,7 @@
 #include "google_apis/gcm/engine/gcm_registration_request_handler.h"
 #include "google_apis/gcm/engine/instance_id_get_token_request_handler.h"
 #include "google_apis/gcm/monitoring/fake_gcm_stats_recorder.h"
+#include "net/base/load_flags.h"
 #include "net/url_request/test_url_fetcher_factory.h"
 #include "net/url_request/url_request_status.h"
 #include "net/url_request/url_request_test_util.h"
@@ -507,6 +508,11 @@ TEST_F(InstanceIDGetTokenRequestTest, RequestDataAndURL) {
 
   EXPECT_EQ(GURL(kRegistrationURL), fetcher->GetOriginalURL());
 
+  // Verify that the no-cookie flag is set.
+  int flags = fetcher->GetLoadFlags();
+  EXPECT_TRUE(flags & net::LOAD_DO_NOT_SEND_COOKIES);
+  EXPECT_TRUE(flags & net::LOAD_DO_NOT_SAVE_COOKIES);
+
   // Verify that authorization header was put together properly.
   net::HttpRequestHeaders headers;
   fetcher->GetExtraRequestHeaders(&headers);
diff --git a/google_apis/gcm/engine/unregistration_request.cc b/google_apis/gcm/engine/unregistration_request.cc
index 90bda2f..f128c1a 100644
--- a/google_apis/gcm/engine/unregistration_request.cc
+++ b/google_apis/gcm/engine/unregistration_request.cc
@@ -12,6 +12,7 @@
 #include "google_apis/gcm/base/gcm_util.h"
 #include "google_apis/gcm/monitoring/gcm_stats_recorder.h"
 #include "net/base/escape.h"
+#include "net/base/load_flags.h"
 #include "net/http/http_request_headers.h"
 #include "net/http/http_status_code.h"
 #include "net/url_request/url_fetcher.h"
@@ -80,6 +81,8 @@ void UnregistrationRequest::Start() {
   url_fetcher_ =
       net::URLFetcher::Create(registration_url_, net::URLFetcher::POST, this);
   url_fetcher_->SetRequestContext(request_context_getter_.get());
+  url_fetcher_->SetLoadFlags(net::LOAD_DO_NOT_SEND_COOKIES |
+                             net::LOAD_DO_NOT_SAVE_COOKIES);
 
   std::string extra_headers;
   BuildRequestHeaders(&extra_headers);
diff --git a/google_apis/gcm/engine/unregistration_request_unittest.cc b/google_apis/gcm/engine/unregistration_request_unittest.cc
index 757f46d..eb555e5 100644
--- a/google_apis/gcm/engine/unregistration_request_unittest.cc
+++ b/google_apis/gcm/engine/unregistration_request_unittest.cc
@@ -11,6 +11,7 @@
 #include "google_apis/gcm/engine/gcm_unregistration_request_handler.h"
 #include "google_apis/gcm/engine/instance_id_delete_token_request_handler.h"
 #include "google_apis/gcm/monitoring/fake_gcm_stats_recorder.h"
+#include "net/base/load_flags.h"
 #include "net/url_request/test_url_fetcher_factory.h"
 #include "net/url_request/url_request_test_util.h"
 #include "testing/gtest/include/gtest/gtest.h"
@@ -161,6 +162,10 @@ TEST_F(GCMUnregistrationRequestTest, RequestDataPassedToFetcher) {
 
   EXPECT_EQ(GURL(kRegistrationURL), fetcher->GetOriginalURL());
 
+  int flags = fetcher->GetLoadFlags();
+  EXPECT_TRUE(flags & net::LOAD_DO_NOT_SEND_COOKIES);
+  EXPECT_TRUE(flags & net::LOAD_DO_NOT_SAVE_COOKIES);
+
   // Verify that authorization header was put together properly.
   net::HttpRequestHeaders headers;
   fetcher->GetExtraRequestHeaders(&headers);