1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
|
// Copyright (c) 2012 The Chromium Authors. All rights reserved.
// Use of this source code is governed by a BSD-style license that can be
// found in the LICENSE file.
#ifndef ANDROID_WEBVIEW_BROWSER_AW_COOKIE_ACCESS_POLICY_H_
#define ANDROID_WEBVIEW_BROWSER_AW_COOKIE_ACCESS_POLICY_H_
#include "base/basictypes.h"
#include "base/lazy_instance.h"
#include "base/synchronization/lock.h"
#include "net/base/static_cookie_policy.h"
#include "net/cookies/canonical_cookie.h"
#include "net/url_request/url_request.h"
namespace content {
class ResourceContext;
}
namespace net {
class CookieOptions;
}
class GURL;
namespace android_webview {
// Manages the cookie access (both setting and getting) policy for WebView.
// Currently we don't distinguish between sources (i.e. network vs. JavaScript)
// or between reading vs. writing cookies.
class AwCookieAccessPolicy {
public:
static AwCookieAccessPolicy* GetInstance();
// Can we read/write any cookies?
bool GetShouldAcceptCookies();
void SetShouldAcceptCookies(bool allow);
// Can we read/write third party cookies?
bool GetShouldAcceptThirdPartyCookies(int render_process_id,
int render_frame_id);
bool GetShouldAcceptThirdPartyCookies(const net::URLRequest& request);
// These are the functions called when operating over cookies from the
// network. See NetworkDelegate for further descriptions.
bool OnCanGetCookies(const net::URLRequest& request,
const net::CookieList& cookie_list);
bool OnCanSetCookie(const net::URLRequest& request,
const std::string& cookie_line,
net::CookieOptions* options);
// These are the functions called when operating over cookies from the
// renderer. See ContentBrowserClient for further descriptions.
bool AllowGetCookie(const GURL& url,
const GURL& first_party,
const net::CookieList& cookie_list,
content::ResourceContext* context,
int render_process_id,
int render_frame_id);
bool AllowSetCookie(const GURL& url,
const GURL& first_party,
const std::string& cookie_line,
content::ResourceContext* context,
int render_process_id,
int render_frame_id,
net::CookieOptions* options);
private:
friend struct base::DefaultLazyInstanceTraits<AwCookieAccessPolicy>;
AwCookieAccessPolicy();
~AwCookieAccessPolicy();
bool accept_cookies_;
base::Lock lock_;
DISALLOW_COPY_AND_ASSIGN(AwCookieAccessPolicy);
};
class AwStaticCookiePolicy {
public:
AwStaticCookiePolicy(bool allow_global_access,
bool allow_third_party_access);
bool accept_cookies() const {
return accept_cookies_;
}
bool accept_third_party_cookies() const {
return accept_third_party_cookies_;
}
bool AllowGet(const GURL& url, const GURL& first_party) const;
bool AllowSet(const GURL& url, const GURL& first_party) const;
private:
const bool accept_cookies_;
const bool accept_third_party_cookies_;
// We have two bits of state but only three different cases:
// If !ShouldAcceptCookies
// then reject all cookies.
// If ShouldAcceptCookies and !ShouldAcceptThirdPartyCookies
// then reject third party.
// If ShouldAcceptCookies and ShouldAcceptThirdPartyCookies
// then allow all cookies.
net::StaticCookiePolicy::Type GetPolicy(const GURL& url) const;
DISALLOW_COPY_AND_ASSIGN(AwStaticCookiePolicy);
};
} // namespace android_webview
#endif // ANDROID_WEBVIEW_BROWSER_AW_COOKIE_ACCESS_POLICY_H_
|
