Add full_party_context into CookieOptions.

Add full_party_context into CookieOptions, which is a set of net::SchemefulSite and will be copied over from IsolationInfo via URLRequestHttpJob. Bug: 1136102 Change-Id: Ie8f221ff375b00351fe4d6b73ba842086a942d37 Reviewed-on: https://chromium-review.googlesource.com/c/chromium/src/+/2505582Reviewed-by: Lily Chen <chlily@chromium.org> Reviewed-by: Daniel Cheng <dcheng@chromium.org> Reviewed-by: Matt Menke <mmenke@chromium.org> Commit-Queue: Shuran Huang <shuuran@chromium.org> Cr-Commit-Position: refs/heads/master@{#826272}

Add full_party_context into CookieOptions.
Add full_party_context into CookieOptions, which is a set of net::SchemefulSite and will be copied over from IsolationInfo via URLRequestHttpJob. Bug: 1136102 Change-Id: Ie8f221ff375b00351fe4d6b73ba842086a942d37 Reviewed-on: https://chromium-review.googlesource.com/c/chromium/src/+/2505582Reviewed-by: Lily Chen <chlily@chromium.org> Reviewed-by: Daniel Cheng <dcheng@chromium.org> Reviewed-by: Matt Menke <mmenke@chromium.org> Commit-Queue: Shuran Huang <shuuran@chromium.org> Cr-Commit-Position: refs/heads/master@{#826272}
57f97b28 · Shuran Huang · Commit Bot · 9f1f567a · 57f97b28 · 57f97b28
Commit 57f97b28 authored Nov 11, 2020 by Shuran Huang Committed by Commit Bot Nov 11, 2020
9 changed files
--- a/net/cookies/cookie_options.cc
+++ b/net/cookies/cookie_options.cc
@@ -51,12 +51,20 @@ CookieOptions::CookieOptions()
      update_access_time_(true),
      return_excluded_cookies_(false) {}
+CookieOptions::CookieOptions(const CookieOptions& other) = default;
+CookieOptions::CookieOptions(CookieOptions&& other) = default;
+CookieOptions::~CookieOptions() = default;
+CookieOptions& CookieOptions::operator=(const CookieOptions&) = default;
+CookieOptions& CookieOptions::operator=(CookieOptions&&) = default;
 // static
 CookieOptions CookieOptions::MakeAllInclusive() {
  CookieOptions options;
  options.set_include_httponly();
  options.set_same_site_cookie_context(SameSiteCookieContext::MakeInclusive());
  options.set_do_not_update_access_time();
+  options.set_full_party_context(std::set<net::SchemefulSite>());
  return options;
 }

--- a/net/cookies/cookie_options.h
+++ b/net/cookies/cookie_options.h
@@ -7,8 +7,12 @@
 #ifndef NET_COOKIES_COOKIE_OPTIONS_H_
 #define NET_COOKIES_COOKIE_OPTIONS_H_
+#include <set>
+#include "base/optional.h"
 #include "base/time/time.h"
 #include "net/base/net_export.h"
+#include "net/base/schemeful_site.h"
 #include "net/cookies/cookie_constants.h"
 #include "url/gurl.h"
@@ -88,13 +92,21 @@ class NET_EXPORT CookieOptions {
  // * Excludes SameSite cookies
  // * Updates last-accessed time.
  // * Does not report excluded cookies in APIs that can do so.
+  // * Excludes SameParty cookies.
  //
  // These settings can be altered by calling:
  //
  // * |set_{include,exclude}_httponly()|
  // * |set_same_site_cookie_context()|
  // * |set_do_not_update_access_time()|
+  // * |set_full_party_context()|
  CookieOptions();
+  CookieOptions(const CookieOptions& other);
+  CookieOptions(CookieOptions&& other);
+  ~CookieOptions();
+  CookieOptions& operator=(const CookieOptions&);
+  CookieOptions& operator=(CookieOptions&&);
  void set_exclude_httponly() { exclude_httponly_ = true; }
  void set_include_httponly() { exclude_httponly_ = false; }
@@ -118,6 +130,15 @@ class NET_EXPORT CookieOptions {
  void unset_return_excluded_cookies() { return_excluded_cookies_ = false; }
  bool return_excluded_cookies() const { return return_excluded_cookies_; }
+  void set_full_party_context(
+      const base::Optional<std::set<net::SchemefulSite>>& full_party_context) {
+    full_party_context_ = full_party_context;
+  }
+  const base::Optional<std::set<net::SchemefulSite>>& full_party_context()
+      const {
+    return full_party_context_;
+  }
  // Convenience method for where you need a CookieOptions that will
  // work for getting/setting all types of cookies, including HttpOnly and
  // SameSite cookies. Also specifies not to update the access time, because
@@ -130,7 +151,8 @@ class NET_EXPORT CookieOptions {
  bool exclude_httponly_;
  SameSiteCookieContext same_site_cookie_context_;
  bool update_access_time_;
-  bool return_excluded_cookies_;
+  bool return_excluded_cookies_ = false;
+  base::Optional<std::set<net::SchemefulSite>> full_party_context_;
 };
 }  // namespace net

--- a/net/url_request/url_request_http_job.cc
+++ b/net/url_request/url_request_http_job.cc
@@ -204,6 +204,15 @@ void MarkSameSiteCompatPairs(
  }
 }
+net::CookieOptions CreateCookieOptions(
+    net::CookieOptions::SameSiteCookieContext cookie_context) {
+  net::CookieOptions options;
+  options.set_return_excluded_cookies();
+  options.set_include_httponly();
+  options.set_same_site_cookie_context(cookie_context);
+  return options;
+}
 }  // namespace
 namespace net {
@@ -566,9 +575,6 @@ void URLRequestHttpJob::AddCookieHeaderAndStart() {
  // is being overridden by NetworkDelegate and will eventually block them, as
  // blocked cookies still need to be logged in that case.
  if (cookie_store && request_->allow_credentials()) {
-    CookieOptions options;
-    options.set_return_excluded_cookies();
-    options.set_include_httponly();
    bool force_ignore_site_for_cookies =
        request_->force_ignore_site_for_cookies();
    if (cookie_store->cookie_access_delegate() &&
@@ -577,10 +583,13 @@ void URLRequestHttpJob::AddCookieHeaderAndStart() {
                                               request_->site_for_cookies())) {
      force_ignore_site_for_cookies = true;
    }
-    options.set_same_site_cookie_context(
+    CookieOptions::SameSiteCookieContext same_site_context =
        net::cookie_util::ComputeSameSiteContextForRequest(
            request_->method(), request_->url(), request_->site_for_cookies(),
-            request_->initiator(), force_ignore_site_for_cookies));
+            request_->initiator(), force_ignore_site_for_cookies);
+    CookieOptions options = CreateCookieOptions(same_site_context);
    cookie_store->GetCookieListWithOptionsAsync(
        request_->url(), options,
        base::BindOnce(&URLRequestHttpJob::SetCookieHeaderAndStart,
@@ -711,8 +720,6 @@ void URLRequestHttpJob::SaveCookiesAndNotifyHeadersComplete(int result) {
  if (GetResponseHeaders()->GetDateValue(&response_date))
    server_time = base::make_optional(response_date);
-  CookieOptions options;
-  options.set_include_httponly();
  bool force_ignore_site_for_cookies =
      request_->force_ignore_site_for_cookies();
  if (cookie_store->cookie_access_delegate() &&
@@ -720,12 +727,12 @@ void URLRequestHttpJob::SaveCookiesAndNotifyHeadersComplete(int result) {
          request_->url(), request_->site_for_cookies())) {
    force_ignore_site_for_cookies = true;
  }
-  options.set_same_site_cookie_context(
+  CookieOptions::SameSiteCookieContext same_site_context =
      net::cookie_util::ComputeSameSiteContextForResponse(
          request_->url(), request_->site_for_cookies(), request_->initiator(),
-          force_ignore_site_for_cookies));
+          force_ignore_site_for_cookies);
-  options.set_return_excluded_cookies();
+  CookieOptions options = CreateCookieOptions(same_site_context);
  // Set all cookies, without waiting for them to be set. Any subsequent read
  // will see the combined result of all cookie operation.

--- a/services/network/public/cpp/BUILD.gn
+++ b/services/network/public/cpp/BUILD.gn
@@ -204,6 +204,21 @@ component("cross_origin_embedder_policy") {
  defines = [ "IS_NETWORK_CPP_BASE_IMPL" ]
 }
+# This component is separate from cpp_base as it is a dependency of
+# //services/network/public/mojom:cookies_mojom.
+component("schemeful_site_mojom_support") {
+  sources = [
+    "schemeful_site_mojom_traits.cc",
+    "schemeful_site_mojom_traits.h",
+  ]
+  deps = [
+    "//net",
+    "//services/network/public/mojom:mojom_schemeful_site_shared",
+    "//url/mojom:url_mojom_origin",
+  ]
+  defines = [ "IS_NETWORK_CPP_BASE_IMPL" ]
+}
 component("cpp_base") {
  output_name = "network_cpp_base"
@@ -251,8 +266,6 @@ component("cpp_base") {
    "resource_request.h",
    "resource_request_body.cc",
    "resource_request_body.h",
-    "schemeful_site_mojom_traits.cc",
-    "schemeful_site_mojom_traits.h",
    "trust_token_parameterization.h",
    "url_loader_completion_status.cc",
    "url_loader_completion_status.h",
@@ -267,6 +280,7 @@ component("cpp_base") {
    ":crash_keys",
    ":cross_origin_embedder_policy",
    ":ip_address_mojom_support",
+    ":schemeful_site_mojom_support",
    "//services/network/public/mojom:url_loader_base",
    "//third_party/webrtc_overrides:webrtc_component",
    "//url/ipc:url_ipc",

--- a/services/network/public/cpp/cookie_manager_mojom_traits.cc
+++ b/services/network/public/cpp/cookie_manager_mojom_traits.cc
@@ -343,6 +343,18 @@ bool StructTraits<network::mojom::CookieOptionsDataView, net::CookieOptions>::
  else
    cookie_options->unset_return_excluded_cookies();
+  base::Optional<std::vector<net::SchemefulSite>> mojo_full_party_context;
+  if (!mojo_options.ReadFullPartyContext(&mojo_full_party_context))
+    return false;
+  base::Optional<std::set<net::SchemefulSite>> full_party_context;
+  if (mojo_full_party_context.has_value()) {
+    full_party_context.emplace(mojo_full_party_context->begin(),
+                               mojo_full_party_context->end());
+    if (mojo_full_party_context->size() != full_party_context->size())
+      return false;
+  }
+  cookie_options->set_full_party_context(full_party_context);
  return true;
 }

--- a/services/network/public/cpp/cookie_manager_mojom_traits.h
+++ b/services/network/public/cpp/cookie_manager_mojom_traits.h
@@ -13,8 +13,13 @@
 #include "net/cookies/cookie_constants.h"
 #include "net/cookies/cookie_inclusion_status.h"
 #include "net/cookies/cookie_options.h"
+#include "services/network/public/cpp/schemeful_site_mojom_traits.h"
 #include "services/network/public/mojom/cookie_manager.mojom.h"
+namespace net {
+class SchemefulSite;
+}  // namespace net
 namespace mojo {
 template <>
@@ -110,6 +115,11 @@ struct StructTraits<network::mojom::CookieOptionsDataView, net::CookieOptions> {
    return o.return_excluded_cookies();
  }
+  static const base::Optional<std::set<net::SchemefulSite>>& full_party_context(
+      const net::CookieOptions& o) {
+    return o.full_party_context();
+  }
  static bool Read(network::mojom::CookieOptionsDataView mojo_options,
                   net::CookieOptions* cookie_options);
 };

--- a/services/network/public/cpp/cookie_manager_mojom_traits_unittest.cc
+++ b/services/network/public/cpp/cookie_manager_mojom_traits_unittest.cc
@@ -4,11 +4,13 @@
 #include "services/network/public/cpp/cookie_manager_mojom_traits.h"
+#include <set>
 #include <vector>
 #include "base/test/gtest_util.h"
 #include "mojo/public/cpp/base/time_mojom_traits.h"
 #include "mojo/public/cpp/test_support/test_utils.h"
+#include "net/base/schemeful_site.h"
 #include "services/network/public/cpp/cookie_manager_mojom_traits.h"
 #include "services/network/public/mojom/cookie_manager.mojom.h"
 #include "testing/gtest/include/gtest/gtest.h"
@@ -271,6 +273,7 @@ TEST(CookieManagerTraitsTest, Roundtrips_CookieOptions) {
  {
    net::CookieOptions least_trusted, copy;
    EXPECT_FALSE(least_trusted.return_excluded_cookies());
    least_trusted.set_return_excluded_cookies();  // differ from default.
    EXPECT_TRUE(mojo::test::SerializeAndDeserialize<mojom::CookieOptions>(
@@ -285,9 +288,12 @@ TEST(CookieManagerTraitsTest, Roundtrips_CookieOptions) {
  {
    net::CookieOptions very_trusted, copy;
+    auto kPartyContext = std::set<net::SchemefulSite>{
+        net::SchemefulSite(url::Origin::Create(GURL("https://a.test")))};
    very_trusted.set_include_httponly();
    very_trusted.set_same_site_cookie_context(
        net::CookieOptions::SameSiteCookieContext::MakeInclusive());
+    very_trusted.set_full_party_context(kPartyContext);
    EXPECT_TRUE(mojo::test::SerializeAndDeserialize<mojom::CookieOptions>(
        &very_trusted, &copy));
@@ -295,6 +301,38 @@ TEST(CookieManagerTraitsTest, Roundtrips_CookieOptions) {
    EXPECT_EQ(net::CookieOptions::SameSiteCookieContext::MakeInclusive(),
              copy.same_site_cookie_context());
    EXPECT_FALSE(copy.return_excluded_cookies());
+    EXPECT_EQ(kPartyContext, copy.full_party_context());
+  }
+}
+TEST(CookieManagerTraitsTest, Roundtrips_FullPartyContext) {
+  {
+    std::vector<std::set<net::SchemefulSite>> kTestCases = {
+        std::set<net::SchemefulSite>(),
+        std::set<net::SchemefulSite>{net::SchemefulSite()},
+        std::set<net::SchemefulSite>{
+            net::SchemefulSite(url::Origin::Create(GURL("https://a.test")))},
+        std::set<net::SchemefulSite>{
+            net::SchemefulSite(url::Origin::Create(GURL("http://a.test"))),
+            net::SchemefulSite(url::Origin::Create(GURL("http://b.test")))},
+    };
+    for (const std::set<net::SchemefulSite>& fpc : kTestCases) {
+      net::CookieOptions options, copy;
+      options.set_full_party_context(fpc);
+      EXPECT_TRUE(mojo::test::SerializeAndDeserialize<mojom::CookieOptions>(
+          &options, &copy));
+      EXPECT_EQ(fpc, copy.full_party_context());
+    }
+  }
+  {
+    base::Optional<std::set<net::SchemefulSite>> kFullPartyContext =
+        base::nullopt;
+    net::CookieOptions options, copy;
+    options.set_full_party_context(kFullPartyContext);
+    EXPECT_TRUE(mojo::test::SerializeAndDeserialize<mojom::CookieOptions>(
+        &options, &copy));
+    EXPECT_EQ(kFullPartyContext, copy.full_party_context());
  }
 }

--- a/services/network/public/mojom/BUILD.gn
+++ b/services/network/public/mojom/BUILD.gn
@@ -219,6 +219,34 @@ mojom("url_loader_base") {
  blink_cpp_typemaps = shared_typemaps
 }
+# Make this a separate target to avoid a circular dependency.
+mojom("mojom_schemeful_site") {
+  generate_java = true
+  sources = [ "schemeful_site.mojom" ]
+  public_deps = [ "//url/mojom:url_mojom_origin" ]
+  if (!is_ios) {
+    export_class_attribute_blink = "BLINK_PLATFORM_EXPORT"
+    export_define_blink = "BLINK_PLATFORM_IMPLEMENTATION=1"
+    export_header_blink = "third_party/blink/public/platform/web_common.h"
+  }
+  cpp_typemaps = [
+    {
+      types = [
+        {
+          mojom = "network.mojom.SchemefulSite"
+          cpp = "::net::SchemefulSite"
+        },
+      ]
+      traits_headers =
+          [ "//services/network/public/cpp/schemeful_site_mojom_traits.h" ]
+      traits_public_deps = [ "//net" ]
+    },
+  ]
+}
 # This target is split from "mojom" target as the lazy serialization may
 # cause problems. See https://crbug.com/822732.
 mojom("websocket_mojom") {
@@ -313,6 +341,7 @@ mojom("cookies_mojom") {
  ]
  public_deps = [
+    ":mojom_schemeful_site",
    "//components/content_settings/core/common:mojo_bindings",
    "//mojo/public/mojom/base",
    "//url/mojom:url_mojom_gurl",
@@ -471,7 +500,6 @@ mojom("mojom") {
    "proxy_resolving_socket.mojom",
    "quic_transport.mojom",
    "referrer_policy.mojom",
-    "schemeful_site.mojom",
    "source_location.mojom",
    "ssl_config.mojom",
    "supports_loading_mode.mojom",
@@ -489,6 +517,7 @@ mojom("mojom") {
    ":cookies_mojom",
    ":mojom_ip_address",
    ":mojom_network_isolation_key",
+    ":mojom_schemeful_site",
    ":url_loader_base",
    ":websocket_mojom",
    "//mojo/public/mojom/base",
@@ -856,17 +885,6 @@ mojom("mojom") {
        "//net",
      ]
    },
-    {
-      types = [
-        {
-          mojom = "network.mojom.SchemefulSite"
-          cpp = "::net::SchemefulSite"
-        },
-      ]
-      traits_headers =
-          [ "//services/network/public/cpp/schemeful_site_mojom_traits.h" ]
-      traits_public_deps = [ "//net" ]
-    },
  ]
  cpp_typemaps += shared_cpp_typemaps

--- a/services/network/public/mojom/cookie_manager.mojom
+++ b/services/network/public/mojom/cookie_manager.mojom
@@ -6,6 +6,7 @@ module network.mojom;
 import "components/content_settings/core/common/content_settings.mojom";
 import "mojo/public/mojom/base/time.mojom";
+import "services/network/public/mojom/schemeful_site.mojom";
 import "url/mojom/url.mojom";
 // Parameters for constructing a cookie manager.
@@ -114,6 +115,7 @@ struct CookieOptions {
  CookieSameSiteContext same_site_cookie_context;
  bool update_access_time = true;
  bool return_excluded_cookies = false;
+  array<SchemefulSite>? full_party_context;
 };
 // See net/cookies/canonical_cookie.{h,cc} for documentation.