IsolatedPrerender should check for cookies on higher domains

m.foo.com can set cookies on foo.com, so when checking for cookies in
the eligibility code path, any cookie applicable to the same or higher
domain up until TLD should cause the prefetch to be non-eligible.

Also adds some browsertesting in the same vein.

Bug: 1096765
Change-Id: I23801d45bbdd789b52977613bf1086deda166460
Reviewed-on: https://chromium-review.googlesource.com/c/chromium/src/+/2264933Reviewed-by: Tarun Bansal <tbansal@chromium.org>
Commit-Queue: Robert Ogden <robertogden@chromium.org>
Cr-Commit-Position: refs/heads/master@{#782033}

chrome/browser/prerender/isolated/isolated_prerender_browsertest.cc

@@ -854,6 +854,140 @@ IN_PROC_BROWSER_TEST_F(
   EXPECT_FALSE(auth_observer->GotAuthChallenge());
 }
 
+IN_PROC_BROWSER_TEST_F(IsolatedPrerenderBrowserTest,
+                       DISABLE_ON_WIN_MAC_CHROMEOS(CookieOnHigherLevelDomain)) {
+  SetDataSaverEnabled(true);
+  ui_test_utils::NavigateToURL(browser(), GURL("about:blank"));
+  WaitForUpdatedCustomProxyConfig();
+
+  ASSERT_TRUE(content::SetCookie(browser()->profile(), GURL("https://foo.com"),
+                                 "type=PeanutButter"));
+
+  IsolatedPrerenderTabHelper* tab_helper =
+      IsolatedPrerenderTabHelper::FromWebContents(GetWebContents());
+
+  GURL prefetch_url("https://m.foo.com");
+  GURL doc_url("https://www.google.com/search?q=test");
+  MakeNavigationPrediction(doc_url, {prefetch_url});
+  base::RunLoop().RunUntilIdle();
+
+  EXPECT_EQ(1U, tab_helper->srp_metrics().predicted_urls_count_);
+  EXPECT_EQ(0U, tab_helper->srp_metrics().prefetch_eligible_count_);
+
+  ui_test_utils::NavigateToURL(browser(), prefetch_url);
+
+  ASSERT_TRUE(tab_helper->after_srp_metrics());
+  EXPECT_EQ(base::make_optional(IsolatedPrerenderTabHelper::PrefetchStatus::
+                                    kPrefetchNotEligibleUserHasCookies),
+            tab_helper->after_srp_metrics()->prefetch_status_);
+}
+
+IN_PROC_BROWSER_TEST_F(IsolatedPrerenderBrowserTest,
+                       DISABLE_ON_WIN_MAC_CHROMEOS(CookieOnOtherPath)) {
+  SetDataSaverEnabled(true);
+  ui_test_utils::NavigateToURL(browser(), GURL("about:blank"));
+  WaitForUpdatedCustomProxyConfig();
+
+  ASSERT_TRUE(content::SetCookie(browser()->profile(), GURL("https://foo.com"),
+                                 "cookietype=PeanutButter;path=/cookiecookie"));
+
+  IsolatedPrerenderTabHelper* tab_helper =
+      IsolatedPrerenderTabHelper::FromWebContents(GetWebContents());
+
+  GURL prefetch_url("https://foo.com/no-cookies-here");
+  GURL doc_url("https://www.google.com/search?q=test");
+  MakeNavigationPrediction(doc_url, {prefetch_url});
+  base::RunLoop().RunUntilIdle();
+
+  EXPECT_EQ(1U, tab_helper->srp_metrics().predicted_urls_count_);
+  EXPECT_EQ(0U, tab_helper->srp_metrics().prefetch_eligible_count_);
+
+  ui_test_utils::NavigateToURL(browser(), prefetch_url);
+
+  ASSERT_TRUE(tab_helper->after_srp_metrics());
+  EXPECT_EQ(base::make_optional(IsolatedPrerenderTabHelper::PrefetchStatus::
+                                    kPrefetchNotEligibleUserHasCookies),
+            tab_helper->after_srp_metrics()->prefetch_status_);
+}
+
+IN_PROC_BROWSER_TEST_F(IsolatedPrerenderBrowserTest,
+                       DISABLE_ON_WIN_MAC_CHROMEOS(ExpiredCookie)) {
+  SetDataSaverEnabled(true);
+  ui_test_utils::NavigateToURL(browser(), GURL("about:blank"));
+  WaitForUpdatedCustomProxyConfig();
+
+  ASSERT_TRUE(content::SetCookie(
+      browser()->profile(), GetOriginServerURL("/"),
+      "cookietype=Stale;Expires=Sat, 1 Jan 2000 00:00:00 GMT"));
+
+  IsolatedPrerenderTabHelper* tab_helper =
+      IsolatedPrerenderTabHelper::FromWebContents(GetWebContents());
+
+  GURL prefetch_url = GetOriginServerURL("/simple.html");
+
+  TestTabHelperObserver tab_helper_observer(tab_helper);
+  tab_helper_observer.SetExpectedSuccessfulURLs({prefetch_url});
+
+  base::RunLoop run_loop;
+  tab_helper_observer.SetOnPrefetchSuccessfulClosure(run_loop.QuitClosure());
+
+  GURL doc_url("https://www.google.com/search?q=test");
+  MakeNavigationPrediction(doc_url, {prefetch_url});
+
+  run_loop.Run();
+
+  EXPECT_EQ(1U, tab_helper->srp_metrics().predicted_urls_count_);
+  EXPECT_EQ(1U, tab_helper->srp_metrics().prefetch_eligible_count_);
+  EXPECT_EQ(1U, tab_helper->srp_metrics().prefetch_successful_count_);
+
+  ui_test_utils::NavigateToURL(browser(), prefetch_url);
+
+  ASSERT_TRUE(tab_helper->after_srp_metrics());
+  EXPECT_EQ(
+      base::make_optional(
+          IsolatedPrerenderTabHelper::PrefetchStatus::kPrefetchUsedNoProbe),
+      tab_helper->after_srp_metrics()->prefetch_status_);
+}
+
+IN_PROC_BROWSER_TEST_F(
+    IsolatedPrerenderBrowserTest,
+    DISABLE_ON_WIN_MAC_CHROMEOS(CookieOnNonApplicableDomain)) {
+  SetDataSaverEnabled(true);
+  ui_test_utils::NavigateToURL(browser(), GURL("about:blank"));
+  WaitForUpdatedCustomProxyConfig();
+
+  ASSERT_TRUE(content::SetCookie(browser()->profile(), GURL("https://foo.com"),
+                                 "cookietype=Oatmeal"));
+
+  IsolatedPrerenderTabHelper* tab_helper =
+      IsolatedPrerenderTabHelper::FromWebContents(GetWebContents());
+
+  GURL prefetch_url = GetOriginServerURL("/simple.html");
+
+  TestTabHelperObserver tab_helper_observer(tab_helper);
+  tab_helper_observer.SetExpectedSuccessfulURLs({prefetch_url});
+
+  base::RunLoop run_loop;
+  tab_helper_observer.SetOnPrefetchSuccessfulClosure(run_loop.QuitClosure());
+
+  GURL doc_url("https://www.google.com/search?q=test");
+  MakeNavigationPrediction(doc_url, {prefetch_url});
+
+  run_loop.Run();
+
+  EXPECT_EQ(1U, tab_helper->srp_metrics().predicted_urls_count_);
+  EXPECT_EQ(1U, tab_helper->srp_metrics().prefetch_eligible_count_);
+  EXPECT_EQ(1U, tab_helper->srp_metrics().prefetch_successful_count_);
+
+  ui_test_utils::NavigateToURL(browser(), prefetch_url);
+
+  ASSERT_TRUE(tab_helper->after_srp_metrics());
+  EXPECT_EQ(
+      base::make_optional(
+          IsolatedPrerenderTabHelper::PrefetchStatus::kPrefetchUsedNoProbe),
+      tab_helper->after_srp_metrics()->prefetch_status_);
+}
+
 IN_PROC_BROWSER_TEST_F(
     IsolatedPrerenderBrowserTest,
     DISABLE_ON_WIN_MAC_CHROMEOS(NoAuthChallenges_FromOrigin)) {

chrome/browser/prerender/isolated/isolated_prerender_tab_helper.cc

@@ -112,6 +112,33 @@ void OnGotCookieList(
                  kPrefetchNotEligibleUserHasCookies);
     return;
   }
+
+  // Cookies are tricky because cookies for different paths or a higher level
+  // domain (e.g.: m.foo.com and foo.com) may not show up in |cookie_list|, but
+  // they will show up in |excluded_cookies|. To check for any cookies for a
+  // domain, compare the domains of the prefetched |url| and the domains of all
+  // the returned cookies.
+  bool excluded_cookie_has_tld = false;
+  for (const auto& cookie_result : excluded_cookies) {
+    if (cookie_result.cookie.IsExpired(base::Time::Now())) {
+      // Expired cookies don't count.
+      continue;
+    }
+
+    if (url.DomainIs(cookie_result.cookie.DomainWithoutDot())) {
+      excluded_cookie_has_tld = true;
+      break;
+    }
+  }
+
+  if (excluded_cookie_has_tld) {
+    std::move(result_callback)
+        .Run(url, false,
+             IsolatedPrerenderTabHelper::PrefetchStatus::
+                 kPrefetchNotEligibleUserHasCookies);
+    return;
+  }
+
   std::move(result_callback).Run(url, true, base::nullopt);
 }
 
@@ -954,6 +981,7 @@ void IsolatedPrerenderTabHelper::CheckEligibilityOfURL(
   }
 
   net::CookieOptions options = net::CookieOptions::MakeAllInclusive();
+  options.set_return_excluded_cookies();
   default_storage_partition->GetCookieManagerForBrowserProcess()->GetCookieList(
       url, options,
       base::BindOnce(&OnGotCookieList, url, std::move(result_callback)));