chrome_cookie_policy.cc revision dc0f95d653279beabeb9817299e2902918ba123e
1c407dc5cd9bdc5668497f21b26b09d988ab439deBen Murdoch// Copyright (c) 2010 The Chromium Authors. All rights reserved. 2c407dc5cd9bdc5668497f21b26b09d988ab439deBen Murdoch// Use of this source code is governed by a BSD-style license that can be 3c407dc5cd9bdc5668497f21b26b09d988ab439deBen Murdoch// found in the LICENSE file. 4c407dc5cd9bdc5668497f21b26b09d988ab439deBen Murdoch 5c407dc5cd9bdc5668497f21b26b09d988ab439deBen Murdoch#include "chrome/browser/net/chrome_cookie_policy.h" 6c407dc5cd9bdc5668497f21b26b09d988ab439deBen Murdoch 772a454cd3513ac24fbdd0e0cb9ad70b86a99b801Kristian Monsen#include "base/command_line.h" 8c407dc5cd9bdc5668497f21b26b09d988ab439deBen Murdoch#include "base/string_util.h" 9c407dc5cd9bdc5668497f21b26b09d988ab439deBen Murdoch#include "chrome/browser/browser_list.h" 1021d179b334e59e9a3bfcaed4c4430bef1bc5759dKristian Monsen#include "chrome/browser/content_settings/host_content_settings_map.h" 1172a454cd3513ac24fbdd0e0cb9ad70b86a99b801Kristian Monsen#include "chrome/common/chrome_switches.h" 12dc0f95d653279beabeb9817299e2902918ba123eKristian Monsen#include "content/browser/browser_thread.h" 13c407dc5cd9bdc5668497f21b26b09d988ab439deBen Murdoch#include "net/base/net_errors.h" 14c407dc5cd9bdc5668497f21b26b09d988ab439deBen Murdoch#include "net/base/static_cookie_policy.h" 15c407dc5cd9bdc5668497f21b26b09d988ab439deBen Murdoch 16c407dc5cd9bdc5668497f21b26b09d988ab439deBen Murdoch// If we queue up more than this number of completions, then switch from ASK to 17c407dc5cd9bdc5668497f21b26b09d988ab439deBen Murdoch// BLOCK. More than this number of requests at once seems like it could be a 18c407dc5cd9bdc5668497f21b26b09d988ab439deBen Murdoch// sign of trouble anyways. 19c407dc5cd9bdc5668497f21b26b09d988ab439deBen Murdochstatic const size_t kMaxCompletionsPerHost = 10000; 20c407dc5cd9bdc5668497f21b26b09d988ab439deBen Murdoch 21c407dc5cd9bdc5668497f21b26b09d988ab439deBen Murdoch// ---------------------------------------------------------------------------- 22c407dc5cd9bdc5668497f21b26b09d988ab439deBen Murdoch 23c407dc5cd9bdc5668497f21b26b09d988ab439deBen MurdochChromeCookiePolicy::ChromeCookiePolicy(HostContentSettingsMap* map) 24c407dc5cd9bdc5668497f21b26b09d988ab439deBen Murdoch : host_content_settings_map_(map) { 2572a454cd3513ac24fbdd0e0cb9ad70b86a99b801Kristian Monsen strict_third_party_blocking_ = CommandLine::ForCurrentProcess()->HasSwitch( 2672a454cd3513ac24fbdd0e0cb9ad70b86a99b801Kristian Monsen switches::kBlockReadingThirdPartyCookies); 27c407dc5cd9bdc5668497f21b26b09d988ab439deBen Murdoch} 28c407dc5cd9bdc5668497f21b26b09d988ab439deBen Murdoch 29c407dc5cd9bdc5668497f21b26b09d988ab439deBen MurdochChromeCookiePolicy::~ChromeCookiePolicy() { 30c407dc5cd9bdc5668497f21b26b09d988ab439deBen Murdoch DCHECK(host_completions_map_.empty()); 31c407dc5cd9bdc5668497f21b26b09d988ab439deBen Murdoch} 32c407dc5cd9bdc5668497f21b26b09d988ab439deBen Murdoch 33c407dc5cd9bdc5668497f21b26b09d988ab439deBen Murdochint ChromeCookiePolicy::CanGetCookies(const GURL& url, 34c407dc5cd9bdc5668497f21b26b09d988ab439deBen Murdoch const GURL& first_party, 35c407dc5cd9bdc5668497f21b26b09d988ab439deBen Murdoch net::CompletionCallback* callback) { 36731df977c0511bca2206b5f333555b1205ff1f43Iain Merrick DCHECK(BrowserThread::CurrentlyOn(BrowserThread::IO)); 37c407dc5cd9bdc5668497f21b26b09d988ab439deBen Murdoch 38c407dc5cd9bdc5668497f21b26b09d988ab439deBen Murdoch if (host_content_settings_map_->BlockThirdPartyCookies()) { 3972a454cd3513ac24fbdd0e0cb9ad70b86a99b801Kristian Monsen net::StaticCookiePolicy policy(strict_third_party_blocking_ ? 4072a454cd3513ac24fbdd0e0cb9ad70b86a99b801Kristian Monsen net::StaticCookiePolicy::BLOCK_ALL_THIRD_PARTY_COOKIES : 4172a454cd3513ac24fbdd0e0cb9ad70b86a99b801Kristian Monsen net::StaticCookiePolicy::BLOCK_SETTING_THIRD_PARTY_COOKIES); 42c407dc5cd9bdc5668497f21b26b09d988ab439deBen Murdoch int rv = policy.CanGetCookies(url, first_party, NULL); 43c407dc5cd9bdc5668497f21b26b09d988ab439deBen Murdoch if (rv != net::OK) 44c407dc5cd9bdc5668497f21b26b09d988ab439deBen Murdoch return rv; 45c407dc5cd9bdc5668497f21b26b09d988ab439deBen Murdoch } 46c407dc5cd9bdc5668497f21b26b09d988ab439deBen Murdoch 47c407dc5cd9bdc5668497f21b26b09d988ab439deBen Murdoch int policy = CheckPolicy(url); 48731df977c0511bca2206b5f333555b1205ff1f43Iain Merrick if (policy == net::OK_FOR_SESSION_ONLY) 49731df977c0511bca2206b5f333555b1205ff1f43Iain Merrick policy = net::OK; 50c407dc5cd9bdc5668497f21b26b09d988ab439deBen Murdoch if (policy != net::ERR_IO_PENDING) 51c407dc5cd9bdc5668497f21b26b09d988ab439deBen Murdoch return policy; 52c407dc5cd9bdc5668497f21b26b09d988ab439deBen Murdoch 53c407dc5cd9bdc5668497f21b26b09d988ab439deBen Murdoch DCHECK(callback); 54c407dc5cd9bdc5668497f21b26b09d988ab439deBen Murdoch 55c407dc5cd9bdc5668497f21b26b09d988ab439deBen Murdoch // If we are currently prompting the user for a 'set-cookie' matching this 56c407dc5cd9bdc5668497f21b26b09d988ab439deBen Murdoch // host, then we need to defer reading cookies. 57c407dc5cd9bdc5668497f21b26b09d988ab439deBen Murdoch HostCompletionsMap::iterator it = host_completions_map_.find(url.host()); 58c407dc5cd9bdc5668497f21b26b09d988ab439deBen Murdoch if (it == host_completions_map_.end()) { 59c407dc5cd9bdc5668497f21b26b09d988ab439deBen Murdoch policy = net::OK; 60c407dc5cd9bdc5668497f21b26b09d988ab439deBen Murdoch } else if (it->second.size() >= kMaxCompletionsPerHost) { 61c407dc5cd9bdc5668497f21b26b09d988ab439deBen Murdoch LOG(ERROR) << "Would exceed kMaxCompletionsPerHost"; 62c407dc5cd9bdc5668497f21b26b09d988ab439deBen Murdoch policy = net::ERR_ACCESS_DENIED; 63c407dc5cd9bdc5668497f21b26b09d988ab439deBen Murdoch } else { 64c407dc5cd9bdc5668497f21b26b09d988ab439deBen Murdoch it->second.push_back(Completion::ForGetCookies(callback)); 65c407dc5cd9bdc5668497f21b26b09d988ab439deBen Murdoch policy = net::ERR_IO_PENDING; 66c407dc5cd9bdc5668497f21b26b09d988ab439deBen Murdoch } 67c407dc5cd9bdc5668497f21b26b09d988ab439deBen Murdoch return policy; 68c407dc5cd9bdc5668497f21b26b09d988ab439deBen Murdoch} 69c407dc5cd9bdc5668497f21b26b09d988ab439deBen Murdoch 70c407dc5cd9bdc5668497f21b26b09d988ab439deBen Murdochint ChromeCookiePolicy::CanSetCookie(const GURL& url, 71c407dc5cd9bdc5668497f21b26b09d988ab439deBen Murdoch const GURL& first_party, 72c407dc5cd9bdc5668497f21b26b09d988ab439deBen Murdoch const std::string& cookie_line, 73c407dc5cd9bdc5668497f21b26b09d988ab439deBen Murdoch net::CompletionCallback* callback) { 74731df977c0511bca2206b5f333555b1205ff1f43Iain Merrick DCHECK(BrowserThread::CurrentlyOn(BrowserThread::IO)); 75c407dc5cd9bdc5668497f21b26b09d988ab439deBen Murdoch 76c407dc5cd9bdc5668497f21b26b09d988ab439deBen Murdoch if (host_content_settings_map_->BlockThirdPartyCookies()) { 7772a454cd3513ac24fbdd0e0cb9ad70b86a99b801Kristian Monsen net::StaticCookiePolicy policy(strict_third_party_blocking_ ? 7872a454cd3513ac24fbdd0e0cb9ad70b86a99b801Kristian Monsen net::StaticCookiePolicy::BLOCK_ALL_THIRD_PARTY_COOKIES : 7972a454cd3513ac24fbdd0e0cb9ad70b86a99b801Kristian Monsen net::StaticCookiePolicy::BLOCK_SETTING_THIRD_PARTY_COOKIES); 80c407dc5cd9bdc5668497f21b26b09d988ab439deBen Murdoch int rv = policy.CanSetCookie(url, first_party, cookie_line, NULL); 81c407dc5cd9bdc5668497f21b26b09d988ab439deBen Murdoch if (rv != net::OK) 82c407dc5cd9bdc5668497f21b26b09d988ab439deBen Murdoch return rv; 83c407dc5cd9bdc5668497f21b26b09d988ab439deBen Murdoch } 84c407dc5cd9bdc5668497f21b26b09d988ab439deBen Murdoch 85c407dc5cd9bdc5668497f21b26b09d988ab439deBen Murdoch int policy = CheckPolicy(url); 86c407dc5cd9bdc5668497f21b26b09d988ab439deBen Murdoch if (policy != net::ERR_IO_PENDING) 87c407dc5cd9bdc5668497f21b26b09d988ab439deBen Murdoch return policy; 88c407dc5cd9bdc5668497f21b26b09d988ab439deBen Murdoch 89c407dc5cd9bdc5668497f21b26b09d988ab439deBen Murdoch DCHECK(callback); 90c407dc5cd9bdc5668497f21b26b09d988ab439deBen Murdoch 91c407dc5cd9bdc5668497f21b26b09d988ab439deBen Murdoch Completions& completions = host_completions_map_[url.host()]; 92c407dc5cd9bdc5668497f21b26b09d988ab439deBen Murdoch if (completions.size() >= kMaxCompletionsPerHost) { 93c407dc5cd9bdc5668497f21b26b09d988ab439deBen Murdoch LOG(ERROR) << "Would exceed kMaxCompletionsPerHost"; 94c407dc5cd9bdc5668497f21b26b09d988ab439deBen Murdoch policy = net::ERR_ACCESS_DENIED; 95c407dc5cd9bdc5668497f21b26b09d988ab439deBen Murdoch } else { 96c407dc5cd9bdc5668497f21b26b09d988ab439deBen Murdoch completions.push_back(Completion::ForSetCookie(callback)); 97c407dc5cd9bdc5668497f21b26b09d988ab439deBen Murdoch policy = net::ERR_IO_PENDING; 98c407dc5cd9bdc5668497f21b26b09d988ab439deBen Murdoch } 99c407dc5cd9bdc5668497f21b26b09d988ab439deBen Murdoch 100c407dc5cd9bdc5668497f21b26b09d988ab439deBen Murdoch return policy; 101c407dc5cd9bdc5668497f21b26b09d988ab439deBen Murdoch} 102c407dc5cd9bdc5668497f21b26b09d988ab439deBen Murdoch 103c407dc5cd9bdc5668497f21b26b09d988ab439deBen Murdochint ChromeCookiePolicy::CheckPolicy(const GURL& url) const { 104c407dc5cd9bdc5668497f21b26b09d988ab439deBen Murdoch ContentSetting setting = host_content_settings_map_->GetContentSetting( 1053345a6884c488ff3a535c2c9acdd33d74b37e311Iain Merrick url, CONTENT_SETTINGS_TYPE_COOKIES, ""); 106c407dc5cd9bdc5668497f21b26b09d988ab439deBen Murdoch if (setting == CONTENT_SETTING_BLOCK) 107c407dc5cd9bdc5668497f21b26b09d988ab439deBen Murdoch return net::ERR_ACCESS_DENIED; 108c407dc5cd9bdc5668497f21b26b09d988ab439deBen Murdoch if (setting == CONTENT_SETTING_ALLOW) 109c407dc5cd9bdc5668497f21b26b09d988ab439deBen Murdoch return net::OK; 110c407dc5cd9bdc5668497f21b26b09d988ab439deBen Murdoch if (setting == CONTENT_SETTING_SESSION_ONLY) 111c407dc5cd9bdc5668497f21b26b09d988ab439deBen Murdoch return net::OK_FOR_SESSION_ONLY; 112c407dc5cd9bdc5668497f21b26b09d988ab439deBen Murdoch return net::ERR_IO_PENDING; // Need to prompt. 113c407dc5cd9bdc5668497f21b26b09d988ab439deBen Murdoch} 114c407dc5cd9bdc5668497f21b26b09d988ab439deBen Murdoch 115