diff options
Diffstat (limited to 'chromium/net/cookies/cookie_util.cc')
| -rw-r--r-- | chromium/net/cookies/cookie_util.cc | 59 |
1 files changed, 54 insertions, 5 deletions
diff --git a/chromium/net/cookies/cookie_util.cc b/chromium/net/cookies/cookie_util.cc index 7f3afe4e178..99859d89606 100644 --- a/chromium/net/cookies/cookie_util.cc +++ b/chromium/net/cookies/cookie_util.cc @@ -11,6 +11,7 @@ #include "base/callback.h" #include "base/check.h" #include "base/feature_list.h" +#include "base/metrics/histogram_macros.h" #include "base/notreached.h" #include "base/stl_util.h" #include "base/strings/string_piece.h" @@ -121,6 +122,10 @@ CookieOptions::SameSiteCookieContext ComputeSameSiteContextForSet( } // namespace +void FireStorageAccessHistogram(StorageAccessResult result) { + UMA_HISTOGRAM_ENUMERATION("API.StorageAccess.AllowedRequests", result); +} + bool DomainIsHostOnly(const std::string& domain_string) { return (domain_string.empty() || domain_string[0] != '.'); } @@ -551,6 +556,48 @@ CookieOptions::SameSiteCookieContext ComputeSameSiteContextForSubresource( return CookieOptions::SameSiteCookieContext::MakeInclusive(); } +bool IsSameSiteCompatPair(const CanonicalCookie& c1, + const CanonicalCookie& c2, + const CookieOptions& options) { + if (options.exclude_httponly() && (c1.IsHttpOnly() || c2.IsHttpOnly())) + return false; + + if (c1.IsEquivalent(c2)) + return false; + + // One of them is SameSite=None and Secure; the other one has unspecified + // SameSite. + bool same_site_attributes_ok = + c1.SameSite() == CookieSameSite::NO_RESTRICTION && c1.IsSecure() && + c2.SameSite() == CookieSameSite::UNSPECIFIED; + same_site_attributes_ok = + same_site_attributes_ok || + (c2.SameSite() == CookieSameSite::NO_RESTRICTION && c2.IsSecure() && + c1.SameSite() == CookieSameSite::UNSPECIFIED); + if (!same_site_attributes_ok) + return false; + + if (c1.Domain() != c2.Domain() || c1.Path() != c2.Path() || + c1.Value() != c2.Value()) { + return false; + } + + DCHECK(c1.Name() != c2.Name()); + std::string shorter, longer; + std::tie(shorter, longer) = (c1.Name().length() < c2.Name().length()) + ? std::tie(c1.Name(), c2.Name()) + : std::tie(c2.Name(), c1.Name()); + // One of them has a name that is a prefix or suffix of the other and has + // length at least 3 characters. + if (shorter.length() < kMinCompatPairNameLength) + return false; + if (base::StartsWith(longer, shorter, base::CompareCase::SENSITIVE) || + base::EndsWith(longer, shorter, base::CompareCase::SENSITIVE)) { + return true; + } + return false; +} + bool IsSameSiteByDefaultCookiesEnabled() { return base::FeatureList::IsEnabled(features::kSameSiteByDefaultCookies); } @@ -610,21 +657,23 @@ bool DoesCreationTimeGrantLegacySemantics(base::Time creation_date) { return (base::Time::Now() - creation_date) < recency_threshold; } -base::OnceCallback<void(net::CanonicalCookie::CookieInclusionStatus)> +base::OnceCallback<void(CookieInclusionStatus)> AdaptCookieInclusionStatusToBool(base::OnceCallback<void(bool)> callback) { return base::BindOnce( [](base::OnceCallback<void(bool)> inner_callback, - const net::CanonicalCookie::CookieInclusionStatus status) { + const CookieInclusionStatus status) { bool success = status.IsInclude(); std::move(inner_callback).Run(success); }, std::move(callback)); } -CookieList StripStatuses(const CookieStatusList& cookie_status_list) { +CookieList StripAccessResults( + const CookieAccessResultList& cookie_access_results_list) { CookieList cookies; - for (const CookieWithStatus& cookie_with_status : cookie_status_list) { - cookies.push_back(cookie_with_status.cookie); + for (const CookieWithAccessResult& cookie_with_access_result : + cookie_access_results_list) { + cookies.push_back(cookie_with_access_result.cookie); } return cookies; } |