diff options
author | mkwst <mkwst@chromium.org> | 2016-03-21 07:15:24 -0700 |
---|---|---|
committer | Commit bot <commit-bot@chromium.org> | 2016-03-21 14:16:53 +0000 |
commit | f71d0bde417518f99f977a0ecbf480b375cf49ca (patch) | |
tree | 3a5f5b5404ed5d9724d07c32570f7e637e45c731 /net/cookies/cookie_monster.cc | |
parent | 21138fcaeedd96af402c9715cfecf9a0a9eb9528 (diff) | |
download | chromium_src-f71d0bde417518f99f977a0ecbf480b375cf49ca.zip chromium_src-f71d0bde417518f99f977a0ecbf480b375cf49ca.tar.gz chromium_src-f71d0bde417518f99f977a0ecbf480b375cf49ca.tar.bz2 |
SameSite: Strict/Lax behavior.
This patch brings our "SameSite" implementation into line with
https://tools.ietf.org/html/draft-west-first-party-cookies-06 by teaching
CookieOptions about strict and lax request modes, and teaching URLRequestHttpJob
about the registrable-domain behaviors of both.
BUG=459154
CQ_INCLUDE_TRYBOTS=tryserver.chromium.linux:linux_site_isolation
Review URL: https://codereview.chromium.org/1783813002
Cr-Commit-Position: refs/heads/master@{#382277}
Diffstat (limited to 'net/cookies/cookie_monster.cc')
-rw-r--r-- | net/cookies/cookie_monster.cc | 9 |
1 files changed, 6 insertions, 3 deletions
diff --git a/net/cookies/cookie_monster.cc b/net/cookies/cookie_monster.cc index a4f99dc..aaecaf9 100644 --- a/net/cookies/cookie_monster.cc +++ b/net/cookies/cookie_monster.cc @@ -1044,7 +1044,8 @@ bool CookieMonster::SetCookieWithDetails(const GURL& url, CookieOptions options; options.set_include_httponly(); - options.set_include_same_site(); + options.set_same_site_cookie_mode( + CookieOptions::SameSiteCookieMode::INCLUDE_STRICT_AND_LAX); if (enforce_strict_secure) options.set_enforce_strict_secure(); return SetCanonicalCookie(std::move(cc), options); @@ -1198,7 +1199,8 @@ void CookieMonster::DeleteCookie(const GURL& url, CookieOptions options; options.set_include_httponly(); - options.set_include_same_site(); + options.set_same_site_cookie_mode( + CookieOptions::SameSiteCookieMode::INCLUDE_STRICT_AND_LAX); // Get the cookies for this host and its domain(s). std::vector<CanonicalCookie*> cookies; FindCookiesForHostAndDomain(url, options, &cookies); @@ -2327,7 +2329,8 @@ void CookieMonster::RunCookieChangedCallbacks(const CanonicalCookie& cookie, CookieOptions opts; opts.set_include_httponly(); - opts.set_include_same_site(); + opts.set_same_site_cookie_mode( + CookieOptions::SameSiteCookieMode::INCLUDE_STRICT_AND_LAX); // Note that the callbacks in hook_map_ are wrapped with RunAsync(), so they // are guaranteed to not take long - they just post a RunAsync task back to // the appropriate thread's message loop and return. |