If the URLRequestContext has no CookiePolicy, then we should

allow cookies instead of denying them.

I broke this yesterday when I made the CookiePolicy be an optional
element of the URLRequestContext.  See r37624.

R=pkasting
BUG=none
TEST=none

Review URL: http://codereview.chromium.org/557073

git-svn-id: svn://svn.chromium.org/chrome/trunk/src@37649 0039d316-1c4b-4281-b951-d872f2087c98

3 files changed, 11 insertions, 12 deletions

diff --git a/net/url_request/url_request_context.h b/net/url_request/url_request_context.h
index d27ab01..d72f84d 100644
--- a/net/url_request/url_request_context.h
+++ b/net/url_request/url_request_context.h
@@ -63,10 +63,12 @@ class URLRequestContext :
     return ftp_transaction_factory_;
   }
 
-  // Gets the cookie store for this context (may be null).
+  // Gets the cookie store for this context (may be null, in which case
+  // cookies are not stored).
   net::CookieStore* cookie_store() { return cookie_store_.get(); }
 
-  // Gets the cookie policy for this context (may be null).
+  // Gets the cookie policy for this context (may be null, in which case
+  // cookies are allowed).
   net::CookiePolicy* cookie_policy() { return cookie_policy_; }
 
   net::TransportSecurityState* transport_security_state() {
diff --git a/net/url_request/url_request_http_job.cc b/net/url_request/url_request_http_job.cc
index 7ec4ccf..4b08c64 100644
--- a/net/url_request/url_request_http_job.cc
+++ b/net/url_request/url_request_http_job.cc
@@ -512,9 +512,9 @@ void URLRequestHttpJob::NotifyHeadersComplete() {
   // Get the Set-Cookie values, and send them to our cookie database.
   if (!(request_info_.load_flags & net::LOAD_DO_NOT_SAVE_COOKIES)) {
     URLRequestContext* ctx = request_->context();
-    if (ctx && ctx->cookie_store() && ctx->cookie_policy() &&
+    if (ctx && ctx->cookie_store() && (!ctx->cookie_policy() ||
         ctx->cookie_policy()->CanSetCookie(
-            request_->url(), request_->first_party_for_cookies())) {
+            request_->url(), request_->first_party_for_cookies()))) {
       FetchResponseCookies();
       net::CookieOptions options;
       options.set_include_httponly();
@@ -668,9 +668,9 @@ std::string URLRequestHttpJob::AssembleRequestCookies() {
   URLRequestContext* context = request_->context();
   if (context) {
     // Add in the cookie header.  TODO might we need more than one header?
-    if (context->cookie_store() && context->cookie_policy() &&
+    if (context->cookie_store() && (!context->cookie_policy() ||
         context->cookie_policy()->CanGetCookies(
-            request_->url(), request_->first_party_for_cookies())) {
+            request_->url(), request_->first_party_for_cookies()))) {
       net::CookieOptions options;
       options.set_include_httponly();
       std::string cookies = request_->context()->cookie_store()->
diff --git a/net/url_request/url_request_unittest.cc b/net/url_request/url_request_unittest.cc
index 6b4db7e..48cfd35 100644
--- a/net/url_request/url_request_unittest.cc
+++ b/net/url_request/url_request_unittest.cc
@@ -1173,8 +1173,7 @@ TEST_F(URLRequestTestHTTP, BasicAuth) {
 
 // Check that Set-Cookie headers in 401 responses are respected.
 // http://crbug.com/6450
-// TODO(darin): Fix Me
-TEST_F(URLRequestTestHTTP, DISABLED_BasicAuthWithCookies) {
+TEST_F(URLRequestTestHTTP, BasicAuthWithCookies) {
   ASSERT_TRUE(NULL != server_.get());
 
   GURL url_requiring_auth =
@@ -1228,8 +1227,7 @@ TEST_F(URLRequestTestHTTP, DISABLED_BasicAuthWithCookies) {
   }
 }
 
-// TODO(darin): Fix Me.
-TEST_F(URLRequestTest, DISABLED_DoNotSendCookies) {
+TEST_F(URLRequestTest, DoNotSendCookies) {
   scoped_refptr<HTTPTestServer> server =
       HTTPTestServer::CreateServer(L"", NULL);
   ASSERT_TRUE(NULL != server.get());
@@ -1270,8 +1268,7 @@ TEST_F(URLRequestTest, DISABLED_DoNotSendCookies) {
   }
 }
 
-// TODO(darin): fix me.
-TEST_F(URLRequestTest, DISABLED_DoNotSaveCookies) {
+TEST_F(URLRequestTest, DoNotSaveCookies) {
   scoped_refptr<HTTPTestServer> server =
       HTTPTestServer::CreateServer(L"", NULL);
   ASSERT_TRUE(NULL != server.get());