1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
|
// Copyright 2013 The Chromium Authors. All rights reserved.
// Use of this source code is governed by a BSD-style license that can be
// found in the LICENSE file.
#ifndef NET_COOKIES_COOKIE_CONSTANTS_H_
#define NET_COOKIES_COOKIE_CONSTANTS_H_
#include <string>
#include "base/time/time.h"
#include "net/base/net_export.h"
namespace net {
// The time threshold for considering a cookie "short-lived" for the purposes of
// allowing unsafe methods for unspecified-SameSite cookies defaulted into Lax.
NET_EXPORT extern const base::TimeDelta kLaxAllowUnsafeMaxAge;
// The short version of the above time threshold, to be used for tests.
NET_EXPORT extern const base::TimeDelta kShortLaxAllowUnsafeMaxAge;
enum CookiePriority {
COOKIE_PRIORITY_LOW = 0,
COOKIE_PRIORITY_MEDIUM = 1,
COOKIE_PRIORITY_HIGH = 2,
COOKIE_PRIORITY_DEFAULT = COOKIE_PRIORITY_MEDIUM
};
// See https://tools.ietf.org/html/draft-ietf-httpbis-cookie-same-site-00
// and https://tools.ietf.org/html/draft-ietf-httpbis-rfc6265bis for
// information about same site cookie restrictions.
// These values are allowed for the SameSite field of a cookie. They mostly
// correspond to CookieEffectiveSameSite values.
// Note: Don't renumber, as these values are persisted to a database.
enum class CookieSameSite {
UNSPECIFIED = -1,
NO_RESTRICTION = 0,
LAX_MODE = 1,
STRICT_MODE = 2,
// Reserved 3 (was EXTENDED_MODE), next number is 4.
};
// These are the enforcement modes that may be applied to a cookie when deciding
// inclusion/exclusion. They mostly correspond to CookieSameSite values.
// Keep in sync with enums.xml.
enum class CookieEffectiveSameSite {
NO_RESTRICTION = 0,
LAX_MODE = 1,
STRICT_MODE = 2,
LAX_MODE_ALLOW_UNSAFE = 3,
// Keep last, used for histograms.
COUNT
};
// Used for histograms only. Do not renumber. Keep in sync with enums.xml.
enum class CookieSameSiteString {
// No SameSite attribute is present.
kUnspecified = 0,
// The SameSite attribute is present but has no value.
kEmptyString = 1,
// The SameSite attribute has an unrecognized value.
kUnrecognized = 2,
// The SameSite attribute has a recognized value.
kLax = 3,
kStrict = 4,
kNone = 5,
kExtended = 6, // Deprecated, kept for metrics only.
// Keep last, update if adding new value.
kMaxValue = kExtended
};
// What rules to apply when determining whether access to a particular cookie is
// allowed.
enum class CookieAccessSemantics {
// Has not been checked yet or there is no way to check.
UNKNOWN = -1,
// Has been checked and the cookie should *not* be subject to legacy access
// rules.
NONLEGACY = 0,
// Has been checked and the cookie should be subject to legacy access rules.
LEGACY,
};
// What scheme was used in the setting of a cookie.
// Do not renumber.
enum class CookieSourceScheme {
kUnset = 0,
kNonSecure = 1,
kSecure = 2,
kMaxValue = kSecure // Keep as the last value.
};
// Returns the Set-Cookie header priority token corresponding to |priority|.
NET_EXPORT std::string CookiePriorityToString(CookiePriority priority);
// Converts the Set-Cookie header priority token |priority| to a CookiePriority.
// Defaults to COOKIE_PRIORITY_DEFAULT for empty or unrecognized strings.
NET_EXPORT CookiePriority StringToCookiePriority(const std::string& priority);
// Returns a string corresponding to the value of the |same_site| token.
// Intended only for debugging/logging.
NET_EXPORT std::string CookieSameSiteToString(CookieSameSite same_site);
// Converts the Set-Cookie header SameSite token |same_site| to a
// CookieSameSite. Defaults to CookieSameSite::UNSPECIFIED for empty or
// unrecognized strings. Returns an appropriate value of CookieSameSiteString in
// |samesite_string| to indicate what type of string was parsed as the SameSite
// attribute value, if a pointer is provided.
NET_EXPORT CookieSameSite
StringToCookieSameSite(const std::string& same_site,
CookieSameSiteString* samesite_string = nullptr);
NET_EXPORT void RecordCookieSameSiteAttributeValueHistogram(
CookieSameSiteString value);
} // namespace net
#endif // NET_COOKIES_COOKIE_CONSTANTS_H_
|
