diff options
author | Allan Sandfeld Jensen <allan.jensen@qt.io> | 2018-12-10 16:19:40 +0100 |
---|---|---|
committer | Allan Sandfeld Jensen <allan.jensen@qt.io> | 2018-12-10 16:01:50 +0000 |
commit | 51f6c2793adab2d864b3d2b360000ef8db1d3e92 (patch) | |
tree | 835b3b4446b012c75e80177cef9fbe6972cc7dbe /chromium/net/cookies | |
parent | 6036726eb981b6c4b42047513b9d3f4ac865daac (diff) | |
download | qtwebengine-chromium-51f6c2793adab2d864b3d2b360000ef8db1d3e92.tar.gz |
BASELINE: Update Chromium to 71.0.3578.93
Change-Id: I6a32086c33670e1b033f8b10e6bf1fd4da1d105d
Reviewed-by: Alexandru Croitor <alexandru.croitor@qt.io>
Diffstat (limited to 'chromium/net/cookies')
-rw-r--r-- | chromium/net/cookies/canonical_cookie.h | 7 | ||||
-rw-r--r-- | chromium/net/cookies/cookie_monster.cc | 102 | ||||
-rw-r--r-- | chromium/net/cookies/cookie_monster_change_dispatcher.cc | 8 | ||||
-rw-r--r-- | chromium/net/cookies/cookie_monster_netlog_params.cc | 19 | ||||
-rw-r--r-- | chromium/net/cookies/cookie_monster_netlog_params.h | 10 | ||||
-rw-r--r-- | chromium/net/cookies/cookie_monster_store_test.cc | 2 | ||||
-rw-r--r-- | chromium/net/cookies/cookie_monster_unittest.cc | 46 | ||||
-rw-r--r-- | chromium/net/cookies/cookie_util.cc | 3 | ||||
-rw-r--r-- | chromium/net/cookies/parsed_cookie.cc | 2 |
9 files changed, 142 insertions, 57 deletions
diff --git a/chromium/net/cookies/canonical_cookie.h b/chromium/net/cookies/canonical_cookie.h index e5d05ff58e9..2352135b471 100644 --- a/chromium/net/cookies/canonical_cookie.h +++ b/chromium/net/cookies/canonical_cookie.h @@ -7,6 +7,7 @@ #include <memory> #include <string> +#include <tuple> #include <vector> #include "base/gtest_prod_util.h" @@ -107,6 +108,12 @@ class NET_EXPORT CanonicalCookie { && path_ == ecc.Path()); } + // Returns a key such that two cookies with the same UniqueKey() are + // guaranteed to be equivalent in the sense of IsEquivalent(). + std::tuple<std::string, std::string, std::string> UniqueKey() const { + return std::make_tuple(name_, domain_, path_); + } + // Checks a looser set of equivalency rules than 'IsEquivalent()' in order // to support the stricter 'Secure' behaviors specified in // https://tools.ietf.org/html/draft-ietf-httpbis-cookie-alone#section-3 diff --git a/chromium/net/cookies/cookie_monster.cc b/chromium/net/cookies/cookie_monster.cc index 40f30163370..069df69cf6f 100644 --- a/chromium/net/cookies/cookie_monster.cc +++ b/chromium/net/cookies/cookie_monster.cc @@ -617,9 +617,8 @@ CookieMonster::~CookieMonster() { // TODO(mmenke): Does it really make sense to run // CookieChanged callbacks when the CookieStore is destroyed? - for (CookieMap::iterator cookie_it = cookies_.begin(); - cookie_it != cookies_.end();) { - CookieMap::iterator current_cookie_it = cookie_it; + for (auto cookie_it = cookies_.begin(); cookie_it != cookies_.end();) { + auto current_cookie_it = cookie_it; ++cookie_it; InternalDeleteCookie(current_cookie_it, false /* sync_to_store */, DELETE_COOKIE_DONT_RECORD); @@ -681,8 +680,8 @@ void CookieMonster::DeleteAllCreatedInTimeRange(const TimeRange& creation_range, DCHECK(thread_checker_.CalledOnValidThread()); uint32_t num_deleted = 0; - for (CookieMap::iterator it = cookies_.begin(); it != cookies_.end();) { - CookieMap::iterator curit = it; + for (auto it = cookies_.begin(); it != cookies_.end();) { + auto curit = it; CanonicalCookie* cc = curit->second.get(); ++it; @@ -702,8 +701,8 @@ void CookieMonster::DeleteAllCreatedInTimeRange(const TimeRange& creation_range, void CookieMonster::DeleteAllMatchingInfo(CookieDeletionInfo delete_info, DeleteCallback callback) { uint32_t num_deleted = 0; - for (CookieMap::iterator it = cookies_.begin(); it != cookies_.end();) { - CookieMap::iterator curit = it; + for (auto it = cookies_.begin(); it != cookies_.end();) { + auto curit = it; CanonicalCookie* cc = curit->second.get(); ++it; @@ -778,8 +777,8 @@ void CookieMonster::DeleteCookie(const GURL& url, matching_cookies.insert(cookie); } - for (CookieMap::iterator it = cookies_.begin(); it != cookies_.end();) { - CookieMap::iterator curit = it; + for (auto it = cookies_.begin(); it != cookies_.end();) { + auto curit = it; ++it; if (matching_cookies.find(curit->second.get()) != matching_cookies.end()) { InternalDeleteCookie(curit, true, DELETE_COOKIE_EXPLICIT); @@ -824,8 +823,8 @@ void CookieMonster::DeleteSessionCookies(DeleteCallback callback) { DCHECK(thread_checker_.CalledOnValidThread()); uint32_t num_deleted = 0; - for (CookieMap::iterator it = cookies_.begin(); it != cookies_.end();) { - CookieMap::iterator curit = it; + for (auto it = cookies_.begin(); it != cookies_.end();) { + auto curit = it; CanonicalCookie* cc = curit->second.get(); ++it; @@ -917,8 +916,8 @@ void CookieMonster::StoreLoadedCookies( for (auto& cookie : cookies) { CanonicalCookie* cookie_ptr = cookie.get(); - CookieMap::iterator inserted = InternalInsertCookie( - GetKey(cookie_ptr->Domain()), std::move(cookie), false); + auto inserted = InternalInsertCookie(GetKey(cookie_ptr->Domain()), + std::move(cookie), false); const Time cookie_access_time(cookie_ptr->LastAccessDate()); if (earliest_access_time_.is_null() || cookie_access_time < earliest_access_time_) { @@ -933,9 +932,9 @@ void CookieMonster::StoreLoadedCookies( // Any cookies that contain control characters that we have loaded from the // persistent store should be deleted. See http://crbug.com/238041. - for (CookieItVector::iterator it = cookies_with_control_chars.begin(); + for (auto it = cookies_with_control_chars.begin(); it != cookies_with_control_chars.end();) { - CookieItVector::iterator curit = it; + auto curit = it; ++it; InternalDeleteCookie(*curit, true, DELETE_COOKIE_CONTROL_CHAR); @@ -984,11 +983,11 @@ void CookieMonster::EnsureCookiesMapIsValid() { DCHECK(thread_checker_.CalledOnValidThread()); // Iterate through all the of the cookies, grouped by host. - CookieMap::iterator prev_range_end = cookies_.begin(); + auto prev_range_end = cookies_.begin(); while (prev_range_end != cookies_.end()) { - CookieMap::iterator cur_range_begin = prev_range_end; + auto cur_range_begin = prev_range_end; const std::string key = cur_range_begin->first; // Keep a copy. - CookieMap::iterator cur_range_end = cookies_.upper_bound(key); + auto cur_range_end = cookies_.upper_bound(key); prev_range_end = cur_range_end; // Ensure no equivalent cookies for this host. @@ -1013,7 +1012,7 @@ void CookieMonster::TrimDuplicateCookiesForKey(const std::string& key, // Iterate through all of the cookies in our range, and insert them into // the equivalence map. - for (CookieMap::iterator it = begin; it != end; ++it) { + for (auto it = begin; it != end; ++it) { DCHECK_EQ(key, it->first); CanonicalCookie* cookie = it->second.get(); @@ -1038,8 +1037,8 @@ void CookieMonster::TrimDuplicateCookiesForKey(const std::string& key, // Otherwise, delete all the duplicate cookies, both from our in-memory store // and from the backing store. - for (EquivalenceMap::iterator it = equivalent_cookies.begin(); - it != equivalent_cookies.end(); ++it) { + for (auto it = equivalent_cookies.begin(); it != equivalent_cookies.end(); + ++it) { const CookieSignature& signature = it->first; CookieSet& dupes = it->second; @@ -1061,8 +1060,7 @@ void CookieMonster::TrimDuplicateCookiesForKey(const std::string& key, // Remove all the cookies identified by |dupes|. It is valid to delete our // list of iterators one at a time, since |cookies_| is a multimap (they // don't invalidate existing iterators following deletion). - for (CookieSet::iterator dupes_it = dupes.begin(); dupes_it != dupes.end(); - ++dupes_it) { + for (auto dupes_it = dupes.begin(); dupes_it != dupes.end(); ++dupes_it) { InternalDeleteCookie(*dupes_it, true, DELETE_COOKIE_DUPLICATE_IN_BACKING_STORE); } @@ -1097,7 +1095,7 @@ void CookieMonster::FindCookiesForKey(const std::string& key, for (CookieMapItPair its = cookies_.equal_range(key); its.first != its.second;) { - CookieMap::iterator curit = its.first; + auto curit = its.first; CanonicalCookie* cc = curit->second.get(); ++its.first; @@ -1137,9 +1135,11 @@ bool CookieMonster::DeleteAnyEquivalentCookie( histogram_cookie_delete_equivalent_->Add(COOKIE_DELETE_EQUIVALENT_ATTEMPT); + CookieMap::iterator cookie_it_to_possibly_delete = cookies_.end(); + CanonicalCookie* cc_skipped_secure = nullptr; for (CookieMapItPair its = cookies_.equal_range(key); its.first != its.second;) { - CookieMap::iterator curit = its.first; + auto curit = its.first; CanonicalCookie* cc = curit->second.get(); ++its.first; @@ -1152,6 +1152,7 @@ bool CookieMonster::DeleteAnyEquivalentCookie( if (cc->IsSecure() && !source_secure && ecc.IsEquivalentForSecureCookieMatching(*cc)) { skipped_secure_cookie = true; + cc_skipped_secure = cc; histogram_cookie_delete_equivalent_->Add( COOKIE_DELETE_EQUIVALENT_SKIPPING_SECURE); net_log_.AddEvent( @@ -1176,6 +1177,7 @@ bool CookieMonster::DeleteAnyEquivalentCookie( // and be considered equivalent. CHECK(!found_equivalent_cookie) << "Duplicate equivalent cookies found, cookie store is corrupted."; + DCHECK(cookie_it_to_possibly_delete == cookies_.end()); if (skip_httponly && cc->IsHttpOnly()) { skipped_httponly = true; net_log_.AddEvent( @@ -1183,20 +1185,38 @@ bool CookieMonster::DeleteAnyEquivalentCookie( base::BindRepeating(&NetLogCookieMonsterCookieRejectedHttponly, cc, &ecc)); } else { - histogram_cookie_delete_equivalent_->Add( - COOKIE_DELETE_EQUIVALENT_FOUND); - if (cc->Value() == ecc.Value()) { - *creation_date_to_inherit = cc->CreationDate(); - histogram_cookie_delete_equivalent_->Add( - COOKIE_DELETE_EQUIVALENT_FOUND_WITH_SAME_VALUE); - } - InternalDeleteCookie(curit, true, already_expired - ? DELETE_COOKIE_EXPIRED_OVERWRITE - : DELETE_COOKIE_OVERWRITE); + cookie_it_to_possibly_delete = curit; } found_equivalent_cookie = true; } } + + if (cookie_it_to_possibly_delete != cookies_.end()) { + CanonicalCookie* cc_to_possibly_delete = + cookie_it_to_possibly_delete->second.get(); + // If a secure cookie was encountered (and left alone), don't actually + // modify any of the pre-existing cookies. Only delete if no secure cookies + // were skipped. + if (!skipped_secure_cookie) { + histogram_cookie_delete_equivalent_->Add(COOKIE_DELETE_EQUIVALENT_FOUND); + if (cc_to_possibly_delete->Value() == ecc.Value()) { + *creation_date_to_inherit = cc_to_possibly_delete->CreationDate(); + histogram_cookie_delete_equivalent_->Add( + COOKIE_DELETE_EQUIVALENT_FOUND_WITH_SAME_VALUE); + } + InternalDeleteCookie(cookie_it_to_possibly_delete, true, + already_expired ? DELETE_COOKIE_EXPIRED_OVERWRITE + : DELETE_COOKIE_OVERWRITE); + } else { + // If any secure cookie was skipped, preserve the pre-existing cookie. + DCHECK(cc_skipped_secure); + net_log_.AddEvent( + NetLogEventType::COOKIE_STORE_COOKIE_PRESERVED_SKIPPED_SECURE, + base::BindRepeating(&NetLogCookieMonsterCookiePreservedSkippedSecure, + cc_skipped_secure, cc_to_possibly_delete, &ecc)); + } + } + return skipped_httponly || skipped_secure_cookie; } @@ -1214,8 +1234,7 @@ CookieMonster::CookieMap::iterator CookieMonster::InternalInsertCookie( sync_to_store) { store_->AddCookie(*cc_ptr); } - CookieMap::iterator inserted = - cookies_.insert(CookieMap::value_type(key, std::move(cc))); + auto inserted = cookies_.insert(CookieMap::value_type(key, std::move(cc))); // See InitializeHistograms() for details. int32_t type_sample = cc_ptr->SameSite() != CookieSameSite::NO_RESTRICTION @@ -1624,7 +1643,7 @@ size_t CookieMonster::GarbageCollectExpired(const Time& current, int num_deleted = 0; for (CookieMap::iterator it = itpair.first, end = itpair.second; it != end;) { - CookieMap::iterator curit = it; + auto curit = it; ++it; if (curit->second->IsExpired(current)) { @@ -1645,7 +1664,7 @@ size_t CookieMonster::GarbageCollectDeleteRange( CookieItVector::iterator it_end) { DCHECK(thread_checker_.CalledOnValidThread()); - for (CookieItVector::iterator it = it_begin; it != it_end; it++) { + for (auto it = it_begin; it != it_end; it++) { InternalDeleteCookie((*it), true, cause); } return it_end - it_begin; @@ -1667,7 +1686,7 @@ size_t CookieMonster::GarbageCollectLeastRecentlyAccessed( cookie_its.begin(), cookie_its.end(), cookie_its.size() < purge_goal ? purge_goal + 1 : purge_goal); // Find boundary to cookies older than safe_date. - CookieItVector::iterator global_purge_it = LowerBoundAccessDate( + auto global_purge_it = LowerBoundAccessDate( cookie_its.begin(), cookie_its.begin() + purge_goal, safe_date); // Only delete the old cookies and delete non-secure ones first. size_t num_deleted = @@ -1862,8 +1881,7 @@ void CookieMonster::DoCookieCallbackForHostOrDomain( // Checks if the domain key has been loaded. std::string key = GetKey(host_or_domain); if (keys_loaded_.find(key) == keys_loaded_.end()) { - std::map<std::string, base::circular_deque<base::OnceClosure>>::iterator - it = tasks_pending_for_key_.find(key); + auto it = tasks_pending_for_key_.find(key); if (it == tasks_pending_for_key_.end()) { store_->LoadCookiesForKey( key, base::Bind(&CookieMonster::OnKeyLoaded, diff --git a/chromium/net/cookies/cookie_monster_change_dispatcher.cc b/chromium/net/cookies/cookie_monster_change_dispatcher.cc index 2eadab6ca65..a53b1edcaa4 100644 --- a/chromium/net/cookies/cookie_monster_change_dispatcher.cc +++ b/chromium/net/cookies/cookie_monster_change_dispatcher.cc @@ -168,7 +168,7 @@ void CookieMonsterChangeDispatcher::DispatchChangeToDomainKey( const std::string& domain_key) { DCHECK_CALLED_ON_VALID_THREAD(thread_checker_); - CookieDomainMap::iterator it = cookie_domain_map_.find(domain_key); + auto it = cookie_domain_map_.find(domain_key); if (it == cookie_domain_map_.end()) return; @@ -184,7 +184,7 @@ void CookieMonsterChangeDispatcher::DispatchChangeToNameKey( const std::string& name_key) { DCHECK_CALLED_ON_VALID_THREAD(thread_checker_); - CookieNameMap::iterator it = cookie_name_map.find(name_key); + auto it = cookie_name_map.find(name_key); if (it == cookie_name_map.end()) return; @@ -212,12 +212,12 @@ void CookieMonsterChangeDispatcher::UnlinkSubscription( Subscription* subscription) { DCHECK_CALLED_ON_VALID_THREAD(thread_checker_); - CookieDomainMap::iterator cookie_domain_map_iterator = + auto cookie_domain_map_iterator = cookie_domain_map_.find(subscription->domain_key()); DCHECK(cookie_domain_map_iterator != cookie_domain_map_.end()); CookieNameMap& cookie_name_map = cookie_domain_map_iterator->second; - CookieNameMap::iterator cookie_name_map_iterator = + auto cookie_name_map_iterator = cookie_name_map.find(subscription->name_key()); DCHECK(cookie_name_map_iterator != cookie_name_map.end()); diff --git a/chromium/net/cookies/cookie_monster_netlog_params.cc b/chromium/net/cookies/cookie_monster_netlog_params.cc index e4f358c2fdf..b4b17d286f7 100644 --- a/chromium/net/cookies/cookie_monster_netlog_params.cc +++ b/chromium/net/cookies/cookie_monster_netlog_params.cc @@ -97,4 +97,23 @@ std::unique_ptr<base::Value> NetLogCookieMonsterCookieRejectedHttponly( return dict; } +std::unique_ptr<base::Value> NetLogCookieMonsterCookiePreservedSkippedSecure( + const CanonicalCookie* skipped_secure, + const CanonicalCookie* preserved, + const CanonicalCookie* new_cookie, + NetLogCaptureMode capture_mode) { + if (!capture_mode.include_cookies_and_credentials()) + return nullptr; + std::unique_ptr<base::Value> dict = + std::make_unique<base::Value>(base::Value::Type::DICTIONARY); + dict->SetKey("name", base::Value(preserved->Name())); + dict->SetKey("domain", base::Value(preserved->Domain())); + dict->SetKey("path", base::Value(preserved->Path())); + dict->SetKey("securecookiedomain", base::Value(skipped_secure->Domain())); + dict->SetKey("securecookiepath", base::Value(skipped_secure->Path())); + dict->SetKey("preservedvalue", base::Value(preserved->Value())); + dict->SetKey("discardedvalue", base::Value(new_cookie->Value())); + return dict; +} + } // namespace net diff --git a/chromium/net/cookies/cookie_monster_netlog_params.h b/chromium/net/cookies/cookie_monster_netlog_params.h index fa8b0571f16..8a5dc1fc2e1 100644 --- a/chromium/net/cookies/cookie_monster_netlog_params.h +++ b/chromium/net/cookies/cookie_monster_netlog_params.h @@ -50,6 +50,16 @@ std::unique_ptr<base::Value> NetLogCookieMonsterCookieRejectedHttponly( const CanonicalCookie* new_cookie, NetLogCaptureMode capture_mode); +// Returns a Value containing NetLog parameters for when, upon an attempted +// cookie addition which is rejected due to a conflict with a secure cookie, a +// pre-existing cookie would have been deleted but is instead preserved because +// the addition failed. +std::unique_ptr<base::Value> NetLogCookieMonsterCookiePreservedSkippedSecure( + const CanonicalCookie* skipped_secure, + const CanonicalCookie* preserved, + const CanonicalCookie* new_cookie, + NetLogCaptureMode capture_mode); + } // namespace net #endif // NET_COOKIES_COOKIE_MONSTER_NETLOG_PARAMS_H_ diff --git a/chromium/net/cookies/cookie_monster_store_test.cc b/chromium/net/cookies/cookie_monster_store_test.cc index 4c7d7c404bc..652a97681e6 100644 --- a/chromium/net/cookies/cookie_monster_store_test.cc +++ b/chromium/net/cookies/cookie_monster_store_test.cc @@ -179,7 +179,7 @@ void MockSimplePersistentCookieStore::UpdateCookieAccessTime( void MockSimplePersistentCookieStore::DeleteCookie( const CanonicalCookie& cookie) { int64_t creation_time = cookie.CreationDate().ToInternalValue(); - CanonicalCookieMap::iterator it = cookies_.find(creation_time); + auto it = cookies_.find(creation_time); ASSERT_TRUE(it != cookies_.end()); cookies_.erase(it); } diff --git a/chromium/net/cookies/cookie_monster_unittest.cc b/chromium/net/cookies/cookie_monster_unittest.cc index ecedc2285a1..7d12f2e1a63 100644 --- a/chromium/net/cookies/cookie_monster_unittest.cc +++ b/chromium/net/cookies/cookie_monster_unittest.cc @@ -348,7 +348,7 @@ class CookieMonsterTestBase : public CookieStoreTest<T> { const std::string& domain, const std::string& name) { CookieList cookies = this->GetAllCookies(cm); - for (CookieList::iterator it = cookies.begin(); it != cookies.end(); ++it) + for (auto it = cookies.begin(); it != cookies.end(); ++it) if (it->Domain() == domain && it->Name() == name) return this->DeleteCanonicalCookie(cm, *it); return false; @@ -838,7 +838,7 @@ class CookieMonsterTestBase : public CookieStoreTest<T> { } bool IsCookieInList(const CanonicalCookie& cookie, const CookieList& list) { - for (CookieList::const_iterator it = list.begin(); it != list.end(); ++it) { + for (auto it = list.begin(); it != list.end(); ++it) { if (it->Name() == cookie.Name() && it->Value() == cookie.Value() && it->Domain() == cookie.Domain() && it->Path() == cookie.Path() && it->CreationDate() == cookie.CreationDate() && @@ -1507,7 +1507,7 @@ TEST_F(CookieMonsterTest, TestLastAccess) { // Getting all cookies for a URL doesn't update the accessed time either. CookieList cookies = GetAllCookiesForURL(cm.get(), http_www_foo_.url()); - CookieList::iterator it = cookies.begin(); + auto it = cookies.begin(); ASSERT_TRUE(it != cookies.end()); EXPECT_EQ(http_www_foo_.host(), it->Domain()); EXPECT_EQ("A", it->Name()); @@ -1581,7 +1581,7 @@ TEST_F(CookieMonsterTest, GetAllCookiesForURL) { // Check cookies for url. CookieList cookies = GetAllCookiesForURL(cm.get(), http_www_foo_.url()); - CookieList::iterator it = cookies.begin(); + auto it = cookies.begin(); ASSERT_TRUE(it != cookies.end()); EXPECT_EQ(http_www_foo_.host(), it->Domain()); @@ -1639,7 +1639,7 @@ TEST_F(CookieMonsterTest, GetAllCookiesForURLPathMatching) { SetCookieWithOptions(cm.get(), http_www_foo_.url(), "E=F;", options)); CookieList cookies = GetAllCookiesForURL(cm.get(), www_foo_foo_.url()); - CookieList::iterator it = cookies.begin(); + auto it = cookies.begin(); ASSERT_TRUE(it != cookies.end()); EXPECT_EQ("A", it->Name()); @@ -1737,7 +1737,7 @@ TEST_F(CookieMonsterTest, DeleteCookieByName) { CookieList cookies = GetAllCookies(cm.get()); size_t expected_size = 4; EXPECT_EQ(expected_size, cookies.size()); - for (CookieList::iterator it = cookies.begin(); it != cookies.end(); ++it) { + for (auto it = cookies.begin(); it != cookies.end(); ++it) { EXPECT_NE("A1", it->Value()); EXPECT_NE("A2", it->Value()); } @@ -2498,7 +2498,7 @@ TEST_F(CookieMonsterTest, SetAllCookies) { CookieList cookies = GetAllCookies(cm.get()); size_t expected_size = 3; // "A", "W" and "Y". "U" is gone. EXPECT_EQ(expected_size, cookies.size()); - CookieList::iterator it = cookies.begin(); + auto it = cookies.begin(); ASSERT_TRUE(it != cookies.end()); EXPECT_EQ("W", it->Name()); @@ -2889,6 +2889,8 @@ TEST_F(CookieMonsterTest, SetSecureCookies) { GURL http_url("http://www.foo.com"); GURL http_superdomain_url("http://foo.com"); GURL https_url("https://www.foo.com"); + GURL https_foo_url("https://www.foo.com/foo"); + GURL http_foo_url("http://www.foo.com/foo"); // A non-secure cookie can be created from either a URL with a secure or // insecure scheme. @@ -2932,6 +2934,36 @@ TEST_F(CookieMonsterTest, SetSecureCookies) { EXPECT_FALSE(SetCookie(cm.get(), http_url, "WITH_PATH=C; path=/my/path")); EXPECT_FALSE(SetCookie(cm.get(), http_url, "WITH_PATH=C; path=/my/path/sub")); + DeleteAll(cm.get()); + + // If a secure cookie is set on top of an existing insecure cookie but with a + // different path, both are retained. + EXPECT_TRUE(SetCookie(cm.get(), http_url, "A=B; path=/foo")); + EXPECT_TRUE(SetCookie(cm.get(), https_url, "A=C; Secure; path=/")); + + // Querying from an insecure url gets only the insecure cookie, but querying + // from a secure url returns both. + EXPECT_EQ("A=B", GetCookies(cm.get(), http_foo_url)); + EXPECT_THAT(GetCookies(cm.get(), https_foo_url), testing::HasSubstr("A=B")); + EXPECT_THAT(GetCookies(cm.get(), https_foo_url), testing::HasSubstr("A=C")); + + // Attempting to set an insecure cookie (from an insecure scheme) that domain- + // matches and path-matches the secure cookie fails i.e. the secure cookie is + // left alone... + EXPECT_FALSE(SetCookie(cm.get(), http_url, "A=D; path=/foo")); + EXPECT_FALSE(SetCookie(cm.get(), http_url, "A=D; path=/")); + EXPECT_THAT(GetCookies(cm.get(), https_foo_url), testing::HasSubstr("A=C")); + + // ...but the original insecure cookie is still retained. + EXPECT_THAT(GetCookies(cm.get(), https_foo_url), testing::HasSubstr("A=B")); + EXPECT_THAT(GetCookies(cm.get(), https_foo_url), + testing::Not(testing::HasSubstr("A=D"))); + + // Deleting the secure cookie leaves only the original insecure cookie. + EXPECT_TRUE(SetCookie(cm.get(), https_url, + "A=C; path=/; Expires=Thu, 01-Jan-1970 00:00:01 GMT")); + EXPECT_EQ("A=B", GetCookies(cm.get(), https_foo_url)); + // If a non-secure cookie is created from a URL with an insecure scheme, and // a secure cookie with the same name already exists, if the domain strings // domain-match, do not update the cookie. diff --git a/chromium/net/cookies/cookie_util.cc b/chromium/net/cookies/cookie_util.cc index 7fe5300270e..f2888789978 100644 --- a/chromium/net/cookies/cookie_util.cc +++ b/chromium/net/cookies/cookie_util.cc @@ -349,8 +349,7 @@ void ParseRequestCookieLine(const std::string& header_value, std::string SerializeRequestCookieLine( const ParsedRequestCookies& parsed_cookies) { std::string buffer; - for (ParsedRequestCookies::const_iterator i = parsed_cookies.begin(); - i != parsed_cookies.end(); ++i) { + for (auto i = parsed_cookies.begin(); i != parsed_cookies.end(); ++i) { if (!buffer.empty()) buffer.append("; "); buffer.append(i->first.begin(), i->first.end()); diff --git a/chromium/net/cookies/parsed_cookie.cc b/chromium/net/cookies/parsed_cookie.cc index 701d173d2e9..9cc4c828dc4 100644 --- a/chromium/net/cookies/parsed_cookie.cc +++ b/chromium/net/cookies/parsed_cookie.cc @@ -217,7 +217,7 @@ bool ParsedCookie::SetPriority(const std::string& priority) { std::string ParsedCookie::ToCookieLine() const { std::string out; - for (PairList::const_iterator it = pairs_.begin(); it != pairs_.end(); ++it) { + for (auto it = pairs_.begin(); it != pairs_.end(); ++it) { if (!out.empty()) out.append("; "); out.append(it->first); |