1 // Copyright (c) 2012 The Chromium Authors. All rights reserved.
2 // Use of this source code is governed by a BSD-style license that can be
3 // found in the LICENSE file.
4
5 #include "android_webview/browser/aw_cookie_access_policy.h"
6
7 #include "android_webview/browser/aw_contents_io_thread_client.h"
8
9 #include "base/logging.h"
10 #include "base/memory/scoped_ptr.h"
11 #include "content/public/browser/browser_thread.h"
12 #include "content/public/browser/resource_request_info.h"
13 #include "net/base/net_errors.h"
14
15 using base::AutoLock;
16 using content::BrowserThread;
17 using content::ResourceRequestInfo;
18 using net::StaticCookiePolicy;
19
20 namespace android_webview {
21
22 namespace {
23 base::LazyInstance<AwCookieAccessPolicy>::Leaky g_lazy_instance;
24 } // namespace
25
~AwCookieAccessPolicy()26 AwCookieAccessPolicy::~AwCookieAccessPolicy() {
27 }
28
AwCookieAccessPolicy()29 AwCookieAccessPolicy::AwCookieAccessPolicy()
30 : accept_cookies_(true) {
31 }
32
GetInstance()33 AwCookieAccessPolicy* AwCookieAccessPolicy::GetInstance() {
34 return g_lazy_instance.Pointer();
35 }
36
GetShouldAcceptCookies()37 bool AwCookieAccessPolicy::GetShouldAcceptCookies() {
38 AutoLock lock(lock_);
39 return accept_cookies_;
40 }
41
SetShouldAcceptCookies(bool allow)42 void AwCookieAccessPolicy::SetShouldAcceptCookies(bool allow) {
43 AutoLock lock(lock_);
44 accept_cookies_ = allow;
45 }
46
GetShouldAcceptThirdPartyCookies(int render_process_id,int render_frame_id)47 bool AwCookieAccessPolicy::GetShouldAcceptThirdPartyCookies(
48 int render_process_id,
49 int render_frame_id) {
50 scoped_ptr<AwContentsIoThreadClient> io_thread_client =
51 AwContentsIoThreadClient::FromID(render_process_id, render_frame_id);
52 if (!io_thread_client) {
53 return false;
54 }
55 return io_thread_client->ShouldAcceptThirdPartyCookies();
56 }
57
GetShouldAcceptThirdPartyCookies(const net::URLRequest & request)58 bool AwCookieAccessPolicy::GetShouldAcceptThirdPartyCookies(
59 const net::URLRequest& request) {
60 const ResourceRequestInfo* info = ResourceRequestInfo::ForRequest(&request);
61 if (!info) {
62 return false;
63 }
64 return GetShouldAcceptThirdPartyCookies(info->GetChildID(),
65 info->GetRenderFrameID());
66 }
67
OnCanGetCookies(const net::URLRequest & request,const net::CookieList & cookie_list)68 bool AwCookieAccessPolicy::OnCanGetCookies(const net::URLRequest& request,
69 const net::CookieList& cookie_list) {
70 bool global = GetShouldAcceptCookies();
71 bool thirdParty = GetShouldAcceptThirdPartyCookies(request);
72 return AwStaticCookiePolicy(global, thirdParty)
73 .AllowGet(request.url(), request.first_party_for_cookies());
74 }
75
OnCanSetCookie(const net::URLRequest & request,const std::string & cookie_line,net::CookieOptions * options)76 bool AwCookieAccessPolicy::OnCanSetCookie(const net::URLRequest& request,
77 const std::string& cookie_line,
78 net::CookieOptions* options) {
79 bool global = GetShouldAcceptCookies();
80 bool thirdParty = GetShouldAcceptThirdPartyCookies(request);
81 return AwStaticCookiePolicy(global, thirdParty)
82 .AllowSet(request.url(), request.first_party_for_cookies());
83 }
84
AllowGetCookie(const GURL & url,const GURL & first_party,const net::CookieList & cookie_list,content::ResourceContext * context,int render_process_id,int render_frame_id)85 bool AwCookieAccessPolicy::AllowGetCookie(const GURL& url,
86 const GURL& first_party,
87 const net::CookieList& cookie_list,
88 content::ResourceContext* context,
89 int render_process_id,
90 int render_frame_id) {
91 bool global = GetShouldAcceptCookies();
92 bool thirdParty =
93 GetShouldAcceptThirdPartyCookies(render_process_id, render_frame_id);
94 return AwStaticCookiePolicy(global, thirdParty).AllowGet(url, first_party);
95 }
96
AllowSetCookie(const GURL & url,const GURL & first_party,const std::string & cookie_line,content::ResourceContext * context,int render_process_id,int render_frame_id,net::CookieOptions * options)97 bool AwCookieAccessPolicy::AllowSetCookie(const GURL& url,
98 const GURL& first_party,
99 const std::string& cookie_line,
100 content::ResourceContext* context,
101 int render_process_id,
102 int render_frame_id,
103 net::CookieOptions* options) {
104 bool global = GetShouldAcceptCookies();
105 bool thirdParty =
106 GetShouldAcceptThirdPartyCookies(render_process_id, render_frame_id);
107 return AwStaticCookiePolicy(global, thirdParty).AllowSet(url, first_party);
108 }
109
AwStaticCookiePolicy(bool accept_cookies,bool accept_third_party_cookies)110 AwStaticCookiePolicy::AwStaticCookiePolicy(bool accept_cookies,
111 bool accept_third_party_cookies)
112 : accept_cookies_(accept_cookies),
113 accept_third_party_cookies_(accept_third_party_cookies) {
114 }
115
GetPolicy(const GURL & url) const116 StaticCookiePolicy::Type AwStaticCookiePolicy::GetPolicy(const GURL& url)
117 const {
118 // File URLs are a special case. We want file URLs to be able to set cookies
119 // but (for the purpose of cookies) Chrome considers different file URLs to
120 // come from different origins so we use the 'allow all' cookie policy for
121 // file URLs.
122 bool isFile = url.SchemeIsFile();
123 if (!accept_cookies()) {
124 return StaticCookiePolicy::BLOCK_ALL_COOKIES;
125 }
126 if (accept_third_party_cookies() || isFile) {
127 return StaticCookiePolicy::ALLOW_ALL_COOKIES;
128 }
129 return StaticCookiePolicy::BLOCK_ALL_THIRD_PARTY_COOKIES;
130 }
131
AllowSet(const GURL & url,const GURL & first_party) const132 bool AwStaticCookiePolicy::AllowSet(const GURL& url,
133 const GURL& first_party) const {
134
135 return StaticCookiePolicy(GetPolicy(url)).CanSetCookie(url, first_party) ==
136 net::OK;
137 }
138
AllowGet(const GURL & url,const GURL & first_party) const139 bool AwStaticCookiePolicy::AllowGet(const GURL& url,
140 const GURL& first_party) const {
141 return StaticCookiePolicy(GetPolicy(url)).CanGetCookies(url, first_party) ==
142 net::OK;
143 }
144
145 } // namespace android_webview
146