1 // Copyright 2018 The Chromium Authors
2 // Use of this source code is governed by a BSD-style license that can be
3 // found in the LICENSE file.
4
5 #include "net/cookies/cookie_deletion_info.h"
6
7 #include "base/test/scoped_feature_list.h"
8 #include "net/base/features.h"
9 #include "testing/gtest/include/gtest/gtest.h"
10 #include "url/gurl.h"
11
12 namespace net {
13
14 using TimeRange = CookieDeletionInfo::TimeRange;
15
TEST(CookieDeletionInfoTest,TimeRangeValues)16 TEST(CookieDeletionInfoTest, TimeRangeValues) {
17 TimeRange range;
18 EXPECT_EQ(base::Time(), range.start());
19 EXPECT_EQ(base::Time(), range.end());
20
21 const base::Time kTestStart = base::Time::FromDoubleT(1000);
22 const base::Time kTestEnd = base::Time::FromDoubleT(10000);
23
24 EXPECT_EQ(kTestStart, TimeRange(kTestStart, base::Time()).start());
25 EXPECT_EQ(base::Time(), TimeRange(kTestStart, base::Time()).end());
26
27 EXPECT_EQ(kTestStart, TimeRange(kTestStart, kTestEnd).start());
28 EXPECT_EQ(kTestEnd, TimeRange(kTestStart, kTestEnd).end());
29
30 TimeRange range2;
31 range2.SetStart(kTestStart);
32 EXPECT_EQ(kTestStart, range2.start());
33 EXPECT_EQ(base::Time(), range2.end());
34 range2.SetEnd(kTestEnd);
35 EXPECT_EQ(kTestStart, range2.start());
36 EXPECT_EQ(kTestEnd, range2.end());
37 }
38
TEST(CookieDeletionInfoTest,TimeRangeContains)39 TEST(CookieDeletionInfoTest, TimeRangeContains) {
40 // Default TimeRange matches all time values.
41 TimeRange range;
42 EXPECT_TRUE(range.Contains(base::Time::Now()));
43 EXPECT_TRUE(range.Contains(base::Time::Max()));
44
45 // With a start, but no end.
46 const double kTestMinEpoch = 1000;
47 range.SetStart(base::Time::FromDoubleT(kTestMinEpoch));
48 EXPECT_FALSE(range.Contains(base::Time::Min()));
49 EXPECT_FALSE(range.Contains(base::Time::FromDoubleT(kTestMinEpoch - 1)));
50 EXPECT_TRUE(range.Contains(base::Time::FromDoubleT(kTestMinEpoch)));
51 EXPECT_TRUE(range.Contains(base::Time::FromDoubleT(kTestMinEpoch + 1)));
52 EXPECT_TRUE(range.Contains(base::Time::Max()));
53
54 // With an end, but no start.
55 const double kTestMaxEpoch = 10000000;
56 range = TimeRange();
57 range.SetEnd(base::Time::FromDoubleT(kTestMaxEpoch));
58 EXPECT_TRUE(range.Contains(base::Time::Min()));
59 EXPECT_TRUE(range.Contains(base::Time::FromDoubleT(kTestMaxEpoch - 1)));
60 EXPECT_FALSE(range.Contains(base::Time::FromDoubleT(kTestMaxEpoch)));
61 EXPECT_FALSE(range.Contains(base::Time::FromDoubleT(kTestMaxEpoch + 1)));
62 EXPECT_FALSE(range.Contains(base::Time::Max()));
63
64 // With both a start and an end.
65 range.SetStart(base::Time::FromDoubleT(kTestMinEpoch));
66 EXPECT_FALSE(range.Contains(base::Time::Min()));
67 EXPECT_FALSE(range.Contains(base::Time::FromDoubleT(kTestMinEpoch - 1)));
68 EXPECT_TRUE(range.Contains(base::Time::FromDoubleT(kTestMinEpoch)));
69 EXPECT_TRUE(range.Contains(base::Time::FromDoubleT(kTestMinEpoch + 1)));
70 EXPECT_TRUE(range.Contains(base::Time::FromDoubleT(kTestMaxEpoch - 1)));
71 EXPECT_FALSE(range.Contains(base::Time::FromDoubleT(kTestMaxEpoch)));
72 EXPECT_FALSE(range.Contains(base::Time::FromDoubleT(kTestMaxEpoch + 1)));
73 EXPECT_FALSE(range.Contains(base::Time::Max()));
74
75 // And where start==end.
76 range = TimeRange(base::Time::FromDoubleT(kTestMinEpoch),
77 base::Time::FromDoubleT(kTestMinEpoch));
78 EXPECT_FALSE(range.Contains(base::Time::Min()));
79 EXPECT_FALSE(range.Contains(base::Time::FromDoubleT(kTestMinEpoch - 1)));
80 EXPECT_TRUE(range.Contains(base::Time::FromDoubleT(kTestMinEpoch)));
81 EXPECT_FALSE(range.Contains(base::Time::FromDoubleT(kTestMinEpoch + 1)));
82 }
83
TEST(CookieDeletionInfoTest,CookieDeletionInfoMatchSessionControl)84 TEST(CookieDeletionInfoTest, CookieDeletionInfoMatchSessionControl) {
85 auto persistent_cookie = CanonicalCookie::CreateUnsafeCookieForTesting(
86 "persistent-cookie", "persistent-value", "persistent-domain",
87 "persistent-path",
88 /*creation=*/base::Time::Now(),
89 /*expiration=*/base::Time::Max(),
90 /*last_access=*/base::Time::Now(),
91 /*last_update=*/base::Time::Now(),
92 /*secure=*/true,
93 /*httponly=*/false, CookieSameSite::NO_RESTRICTION,
94 CookiePriority::COOKIE_PRIORITY_DEFAULT,
95 /*same_party=*/false);
96
97 auto session_cookie = CanonicalCookie::CreateUnsafeCookieForTesting(
98 "session-cookie", "session-value", "session-domain", "session-path",
99 /*creation=*/base::Time::Now(),
100 /*expiration=*/base::Time(),
101 /*last_access=*/base::Time::Now(),
102 /*last_update=*/base::Time::Now(),
103 /*secure=*/true,
104 /*httponly=*/false, CookieSameSite::NO_RESTRICTION,
105 CookiePriority::COOKIE_PRIORITY_DEFAULT,
106 /*same_party=*/false);
107
108 CookieDeletionInfo delete_info;
109 EXPECT_TRUE(delete_info.Matches(
110 *persistent_cookie,
111 CookieAccessParams{net::CookieAccessSemantics::UNKNOWN,
112 /*delegate_treats_url_as_trustworthy=*/false,
113 CookieSamePartyStatus::kNoSamePartyEnforcement}));
114 EXPECT_TRUE(delete_info.Matches(
115 *session_cookie,
116 CookieAccessParams{net::CookieAccessSemantics::UNKNOWN,
117 /*delegate_treats_url_as_trustworthy=*/false,
118 CookieSamePartyStatus::kNoSamePartyEnforcement}));
119
120 delete_info.session_control =
121 CookieDeletionInfo::SessionControl::PERSISTENT_COOKIES;
122 EXPECT_TRUE(delete_info.Matches(
123 *persistent_cookie,
124 CookieAccessParams{net::CookieAccessSemantics::UNKNOWN,
125 /*delegate_treats_url_as_trustworthy=*/false,
126 CookieSamePartyStatus::kNoSamePartyEnforcement}));
127 EXPECT_FALSE(delete_info.Matches(
128 *session_cookie,
129 CookieAccessParams{net::CookieAccessSemantics::UNKNOWN,
130 /*delegate_treats_url_as_trustworthy=*/false,
131 CookieSamePartyStatus::kNoSamePartyEnforcement}));
132
133 delete_info.session_control =
134 CookieDeletionInfo::SessionControl::SESSION_COOKIES;
135 EXPECT_FALSE(delete_info.Matches(
136 *persistent_cookie,
137 CookieAccessParams{net::CookieAccessSemantics::UNKNOWN,
138 /*delegate_treats_url_as_trustworthy=*/false,
139 CookieSamePartyStatus::kNoSamePartyEnforcement}));
140 EXPECT_TRUE(delete_info.Matches(
141 *session_cookie,
142 CookieAccessParams{net::CookieAccessSemantics::UNKNOWN,
143 /*delegate_treats_url_as_trustworthy=*/false,
144 CookieSamePartyStatus::kNoSamePartyEnforcement}));
145 }
146
TEST(CookieDeletionInfoTest,CookieDeletionInfoMatchHost)147 TEST(CookieDeletionInfoTest, CookieDeletionInfoMatchHost) {
148 auto domain_cookie = CanonicalCookie::CreateUnsafeCookieForTesting(
149 "domain-cookie", "domain-cookie-value",
150 /*domain=*/".example.com", "/path",
151 /*creation=*/base::Time::Now(),
152 /*expiration=*/base::Time::Max(),
153 /*last_access=*/base::Time::Now(),
154 /*last_update=*/base::Time::Now(),
155 /*secure=*/true,
156 /*httponly=*/false, CookieSameSite::NO_RESTRICTION,
157 CookiePriority::COOKIE_PRIORITY_DEFAULT,
158 /*same_party=*/false);
159
160 auto host_cookie = CanonicalCookie::CreateUnsafeCookieForTesting(
161 "host-cookie", "host-cookie-value",
162 /*domain=*/"thehost.hosting.com", "/path",
163 /*creation=*/base::Time::Now(),
164 /*expiration=*/base::Time::Max(),
165 /*last_access=*/base::Time::Now(),
166 /*last_update=*/base::Time::Now(),
167 /*secure=*/true,
168 /*httponly=*/false, CookieSameSite::NO_RESTRICTION,
169 CookiePriority::COOKIE_PRIORITY_DEFAULT,
170 /*same_party=*/false);
171
172 EXPECT_TRUE(domain_cookie->IsDomainCookie());
173 EXPECT_TRUE(host_cookie->IsHostCookie());
174
175 CookieDeletionInfo delete_info;
176 EXPECT_TRUE(delete_info.Matches(
177 *domain_cookie,
178 CookieAccessParams{net::CookieAccessSemantics::UNKNOWN,
179 /*delegate_treats_url_as_trustworthy=*/false,
180 CookieSamePartyStatus::kNoSamePartyEnforcement}));
181 EXPECT_TRUE(delete_info.Matches(
182 *host_cookie,
183 CookieAccessParams{net::CookieAccessSemantics::UNKNOWN,
184 /*delegate_treats_url_as_trustworthy=*/false,
185 CookieSamePartyStatus::kNoSamePartyEnforcement}));
186
187 delete_info.host = "thehost.hosting.com";
188 EXPECT_FALSE(delete_info.Matches(
189 *domain_cookie,
190 CookieAccessParams{net::CookieAccessSemantics::UNKNOWN,
191 /*delegate_treats_url_as_trustworthy=*/false,
192 CookieSamePartyStatus::kNoSamePartyEnforcement}));
193 EXPECT_TRUE(delete_info.Matches(
194 *host_cookie,
195 CookieAccessParams{net::CookieAccessSemantics::UNKNOWN,
196 /*delegate_treats_url_as_trustworthy=*/false,
197 CookieSamePartyStatus::kNoSamePartyEnforcement}));
198
199 delete_info.host = "otherhost.hosting.com";
200 EXPECT_FALSE(delete_info.Matches(
201 *domain_cookie,
202 CookieAccessParams{net::CookieAccessSemantics::UNKNOWN,
203 /*delegate_treats_url_as_trustworthy=*/false,
204 CookieSamePartyStatus::kNoSamePartyEnforcement}));
205 EXPECT_FALSE(delete_info.Matches(
206 *host_cookie,
207 CookieAccessParams{net::CookieAccessSemantics::UNKNOWN,
208 /*delegate_treats_url_as_trustworthy=*/false,
209 CookieSamePartyStatus::kNoSamePartyEnforcement}));
210
211 delete_info.host = "thehost.otherhosting.com";
212 EXPECT_FALSE(delete_info.Matches(
213 *domain_cookie,
214 CookieAccessParams{net::CookieAccessSemantics::UNKNOWN,
215 /*delegate_treats_url_as_trustworthy=*/false,
216 CookieSamePartyStatus::kNoSamePartyEnforcement}));
217 EXPECT_FALSE(delete_info.Matches(
218 *host_cookie,
219 CookieAccessParams{net::CookieAccessSemantics::UNKNOWN,
220 /*delegate_treats_url_as_trustworthy=*/false,
221 CookieSamePartyStatus::kNoSamePartyEnforcement}));
222 }
223
TEST(CookieDeletionInfoTest,CookieDeletionInfoMatchName)224 TEST(CookieDeletionInfoTest, CookieDeletionInfoMatchName) {
225 auto cookie1 = CanonicalCookie::CreateUnsafeCookieForTesting(
226 "cookie1-name", "cookie1-value",
227 /*domain=*/".example.com", "/path",
228 /*creation=*/base::Time::Now(),
229 /*expiration=*/base::Time::Max(),
230 /*last_access=*/base::Time::Now(),
231 /*last_update=*/base::Time::Now(),
232 /*secure=*/true,
233 /*httponly=*/false, CookieSameSite::NO_RESTRICTION,
234 CookiePriority::COOKIE_PRIORITY_DEFAULT,
235 /*same_party=*/false);
236 auto cookie2 = CanonicalCookie::CreateUnsafeCookieForTesting(
237 "cookie2-name", "cookie2-value",
238 /*domain=*/".example.com", "/path",
239 /*creation=*/base::Time::Now(),
240 /*expiration=*/base::Time::Max(),
241 /*last_access=*/base::Time::Now(),
242 /*last_update=*/base::Time::Now(),
243 /*secure=*/true,
244 /*httponly=*/false, CookieSameSite::NO_RESTRICTION,
245 CookiePriority::COOKIE_PRIORITY_DEFAULT,
246 /*same_party=*/false);
247
248 CookieDeletionInfo delete_info;
249 delete_info.name = "cookie1-name";
250 EXPECT_TRUE(delete_info.Matches(
251 *cookie1,
252 CookieAccessParams{net::CookieAccessSemantics::UNKNOWN,
253 /*delegate_treats_url_as_trustworthy=*/false,
254 CookieSamePartyStatus::kNoSamePartyEnforcement}));
255 EXPECT_FALSE(delete_info.Matches(
256 *cookie2,
257 CookieAccessParams{net::CookieAccessSemantics::UNKNOWN,
258 /*delegate_treats_url_as_trustworthy=*/false,
259 CookieSamePartyStatus::kNoSamePartyEnforcement}));
260 }
261
TEST(CookieDeletionInfoTest,CookieDeletionInfoMatchValue)262 TEST(CookieDeletionInfoTest, CookieDeletionInfoMatchValue) {
263 auto cookie1 = CanonicalCookie::CreateUnsafeCookieForTesting(
264 "cookie1-name", "cookie1-value",
265 /*domain=*/".example.com", "/path",
266 /*creation=*/base::Time::Now(),
267 /*expiration=*/base::Time::Max(),
268 /*last_access=*/base::Time::Now(),
269 /*last_update=*/base::Time::Now(),
270 /*secure=*/true,
271 /*httponly=*/false, CookieSameSite::NO_RESTRICTION,
272 CookiePriority::COOKIE_PRIORITY_DEFAULT,
273 /*same_party=*/false);
274 auto cookie2 = CanonicalCookie::CreateUnsafeCookieForTesting(
275 "cookie2-name", "cookie2-value",
276 /*domain=*/".example.com", "/path",
277 /*creation=*/base::Time::Now(),
278 /*expiration=*/base::Time::Max(),
279 /*last_access=*/base::Time::Now(),
280 /*last_update=*/base::Time::Now(),
281 /*secure=*/true,
282 /*httponly=*/false, CookieSameSite::NO_RESTRICTION,
283 CookiePriority::COOKIE_PRIORITY_DEFAULT,
284 /*same_party=*/false);
285
286 CookieDeletionInfo delete_info;
287 delete_info.value_for_testing = "cookie2-value";
288 EXPECT_FALSE(delete_info.Matches(
289 *cookie1,
290 CookieAccessParams{net::CookieAccessSemantics::UNKNOWN,
291 /*delegate_treats_url_as_trustworthy=*/false,
292 CookieSamePartyStatus::kNoSamePartyEnforcement}));
293 EXPECT_TRUE(delete_info.Matches(
294 *cookie2,
295 CookieAccessParams{net::CookieAccessSemantics::UNKNOWN,
296 /*delegate_treats_url_as_trustworthy=*/false,
297 CookieSamePartyStatus::kNoSamePartyEnforcement}));
298 }
299
TEST(CookieDeletionInfoTest,CookieDeletionInfoMatchUrl)300 TEST(CookieDeletionInfoTest, CookieDeletionInfoMatchUrl) {
301 auto cookie = CanonicalCookie::CreateUnsafeCookieForTesting(
302 "cookie-name", "cookie-value",
303 /*domain=*/"www.example.com", "/path",
304 /*creation=*/base::Time::Now(),
305 /*expiration=*/base::Time::Max(),
306 /*last_access=*/base::Time::Now(),
307 /*last_update=*/base::Time::Now(),
308 /*secure=*/true,
309 /*httponly=*/false, CookieSameSite::NO_RESTRICTION,
310 CookiePriority::COOKIE_PRIORITY_DEFAULT,
311 /*same_party=*/false);
312
313 CookieDeletionInfo delete_info;
314 delete_info.url = GURL("https://www.example.com/path");
315 EXPECT_TRUE(delete_info.Matches(
316 *cookie,
317 CookieAccessParams{net::CookieAccessSemantics::UNKNOWN,
318 /*delegate_treats_url_as_trustworthy=*/false,
319 CookieSamePartyStatus::kNoSamePartyEnforcement}));
320
321 delete_info.url = GURL("https://www.example.com/another/path");
322 EXPECT_FALSE(delete_info.Matches(
323 *cookie,
324 CookieAccessParams{net::CookieAccessSemantics::UNKNOWN,
325 /*delegate_treats_url_as_trustworthy=*/false,
326 CookieSamePartyStatus::kNoSamePartyEnforcement}));
327
328 delete_info.url = GURL("http://www.example.com/path");
329 // Secure cookie on http:// URL -> no match.
330 EXPECT_FALSE(delete_info.Matches(
331 *cookie,
332 CookieAccessParams{net::CookieAccessSemantics::UNKNOWN,
333 /*delegate_treats_url_as_trustworthy=*/false,
334 CookieSamePartyStatus::kNoSamePartyEnforcement}));
335
336 // Secure cookie on http:// URL, but delegate says treat is as trustworhy ->
337 // match.
338 EXPECT_TRUE(delete_info.Matches(
339 *cookie,
340 CookieAccessParams{net::CookieAccessSemantics::UNKNOWN,
341 /*delegate_treats_url_as_trustworthy=*/true,
342 CookieSamePartyStatus::kNoSamePartyEnforcement}));
343 }
344
TEST(CookieDeletionInfoTest,CookieDeletionInfoDomainMatchesDomain)345 TEST(CookieDeletionInfoTest, CookieDeletionInfoDomainMatchesDomain) {
346 CookieDeletionInfo delete_info;
347
348 const double kTestMinEpoch = 1000;
349 const double kTestMaxEpoch = 10000000;
350 delete_info.creation_range.SetStart(base::Time::FromDoubleT(kTestMinEpoch));
351 delete_info.creation_range.SetEnd(base::Time::FromDoubleT(kTestMaxEpoch));
352
353 auto create_cookie = [kTestMinEpoch](std::string cookie_domain) {
354 return *CanonicalCookie::CreateUnsafeCookieForTesting(
355 /*name=*/"test-cookie",
356 /*value=*/"cookie-value", cookie_domain,
357 /*path=*/"cookie/path",
358 /*creation=*/base::Time::FromDoubleT(kTestMinEpoch + 1),
359 /*expiration=*/base::Time::Max(),
360 /*last_access=*/base::Time::FromDoubleT(kTestMinEpoch + 1),
361 /*last_update=*/base::Time::Now(),
362 /*secure=*/true,
363 /*httponly=*/false,
364 /*same_site=*/CookieSameSite::NO_RESTRICTION,
365 /*priority=*/CookiePriority::COOKIE_PRIORITY_DEFAULT,
366 /*same_party=*/false);
367 };
368
369 // by default empty domain list and default match action will match.
370 EXPECT_TRUE(delete_info.Matches(
371 create_cookie("example.com"),
372 CookieAccessParams{net::CookieAccessSemantics::UNKNOWN,
373 /*delegate_treats_url_as_trustworthy=*/false,
374 CookieSamePartyStatus::kNoSamePartyEnforcement}));
375
376 const char kExtensionHostname[] = "mgndgikekgjfcpckkfioiadnlibdjbkf";
377
378 // Only using the inclusion list because this is only testing
379 // DomainMatchesDomainSet and not CookieDeletionInfo::Matches.
380 delete_info.domains_and_ips_to_delete =
381 std::set<std::string>({"example.com", "another.com", "192.168.0.1"});
382 EXPECT_TRUE(delete_info.Matches(
383 create_cookie(".example.com"),
384 CookieAccessParams{net::CookieAccessSemantics::UNKNOWN,
385 /*delegate_treats_url_as_trustworthy=*/false,
386 CookieSamePartyStatus::kNoSamePartyEnforcement}));
387 EXPECT_TRUE(delete_info.Matches(
388 create_cookie("example.com"),
389 CookieAccessParams{net::CookieAccessSemantics::UNKNOWN,
390 /*delegate_treats_url_as_trustworthy=*/false,
391 CookieSamePartyStatus::kNoSamePartyEnforcement}));
392 EXPECT_TRUE(delete_info.Matches(
393 create_cookie(".another.com"),
394 CookieAccessParams{net::CookieAccessSemantics::UNKNOWN,
395 /*delegate_treats_url_as_trustworthy=*/false,
396 CookieSamePartyStatus::kNoSamePartyEnforcement}));
397 EXPECT_TRUE(delete_info.Matches(
398 create_cookie("192.168.0.1"),
399 CookieAccessParams{net::CookieAccessSemantics::UNKNOWN,
400 /*delegate_treats_url_as_trustworthy=*/false,
401 CookieSamePartyStatus::kNoSamePartyEnforcement}));
402 EXPECT_FALSE(delete_info.Matches(
403 create_cookie(".nomatch.com"),
404 CookieAccessParams{net::CookieAccessSemantics::UNKNOWN,
405 /*delegate_treats_url_as_trustworthy=*/false,
406 CookieSamePartyStatus::kNoSamePartyEnforcement}));
407 EXPECT_FALSE(delete_info.Matches(
408 create_cookie("192.168.0.2"),
409 CookieAccessParams{net::CookieAccessSemantics::UNKNOWN,
410 /*delegate_treats_url_as_trustworthy=*/false,
411 CookieSamePartyStatus::kNoSamePartyEnforcement}));
412 EXPECT_FALSE(delete_info.Matches(
413 create_cookie(kExtensionHostname),
414 CookieAccessParams{net::CookieAccessSemantics::UNKNOWN,
415 /*delegate_treats_url_as_trustworthy=*/false,
416 CookieSamePartyStatus::kNoSamePartyEnforcement}));
417 }
418
TEST(CookieDeletionInfoTest,CookieDeletionInfoMatchesDomainList)419 TEST(CookieDeletionInfoTest, CookieDeletionInfoMatchesDomainList) {
420 CookieDeletionInfo delete_info;
421
422 auto create_cookie = [](std::string cookie_domain) {
423 return *CanonicalCookie::CreateUnsafeCookieForTesting(
424 /*name=*/"test-cookie",
425 /*value=*/"cookie-value", cookie_domain,
426 /*path=*/"cookie/path",
427 /*creation=*/base::Time::Now(),
428 /*expiration=*/base::Time::Max(),
429 /*last_access=*/base::Time::Now(),
430 /*last_update=*/base::Time::Now(),
431 /*secure=*/false,
432 /*httponly=*/false,
433 /*same_site=*/CookieSameSite::NO_RESTRICTION,
434 /*priority=*/CookiePriority::COOKIE_PRIORITY_DEFAULT,
435 /*same_party=*/false);
436 };
437
438 // With two empty lists (default) should match any domain.
439 EXPECT_TRUE(delete_info.Matches(
440 create_cookie("anything.com"),
441 CookieAccessParams{net::CookieAccessSemantics::UNKNOWN,
442 /*delegate_treats_url_as_trustworthy=*/false,
443 CookieSamePartyStatus::kNoSamePartyEnforcement}));
444
445 // With only an "to_delete" list.
446 delete_info.domains_and_ips_to_delete =
447 std::set<std::string>({"includea.com", "includeb.com"});
448 EXPECT_TRUE(delete_info.Matches(
449 create_cookie("includea.com"),
450 CookieAccessParams{net::CookieAccessSemantics::UNKNOWN,
451 /*delegate_treats_url_as_trustworthy=*/false,
452 CookieSamePartyStatus::kNoSamePartyEnforcement}));
453 EXPECT_TRUE(delete_info.Matches(
454 create_cookie("includeb.com"),
455 CookieAccessParams{net::CookieAccessSemantics::UNKNOWN,
456 /*delegate_treats_url_as_trustworthy=*/false,
457 CookieSamePartyStatus::kNoSamePartyEnforcement}));
458 EXPECT_FALSE(delete_info.Matches(
459 create_cookie("anything.com"),
460 CookieAccessParams{net::CookieAccessSemantics::UNKNOWN,
461 /*delegate_treats_url_as_trustworthy=*/false,
462 CookieSamePartyStatus::kNoSamePartyEnforcement}));
463
464 // With only an "to_ignore" list.
465 delete_info.domains_and_ips_to_delete.clear();
466 delete_info.domains_and_ips_to_ignore.insert("exclude.com");
467 EXPECT_TRUE(delete_info.Matches(
468 create_cookie("anything.com"),
469 CookieAccessParams{net::CookieAccessSemantics::UNKNOWN,
470 /*delegate_treats_url_as_trustworthy=*/false,
471 CookieSamePartyStatus::kNoSamePartyEnforcement}));
472 EXPECT_FALSE(delete_info.Matches(
473 create_cookie("exclude.com"),
474 CookieAccessParams{net::CookieAccessSemantics::UNKNOWN,
475 /*delegate_treats_url_as_trustworthy=*/false,
476 CookieSamePartyStatus::kNoSamePartyEnforcement}));
477
478 // Now with both lists populated.
479 //
480 // +----------------------+
481 // | to_delete | outside.com
482 // | |
483 // | left.com +---------------------+
484 // | | mid.com | to_ignore |
485 // | | | |
486 // +------------|---------+ |
487 // | right.com |
488 // | |
489 // +---------------------+
490 delete_info.domains_and_ips_to_delete =
491 std::set<std::string>({"left.com", "mid.com"});
492 delete_info.domains_and_ips_to_ignore =
493 std::set<std::string>({"mid.com", "right.com"});
494
495 EXPECT_TRUE(delete_info.Matches(
496 create_cookie("left.com"),
497 CookieAccessParams{net::CookieAccessSemantics::UNKNOWN,
498 /*delegate_treats_url_as_trustworthy=*/false,
499 CookieSamePartyStatus::kNoSamePartyEnforcement}));
500 EXPECT_FALSE(delete_info.Matches(
501 create_cookie("mid.com"),
502 CookieAccessParams{net::CookieAccessSemantics::UNKNOWN,
503 /*delegate_treats_url_as_trustworthy=*/false,
504 CookieSamePartyStatus::kNoSamePartyEnforcement}));
505 EXPECT_FALSE(delete_info.Matches(
506 create_cookie("right.com"),
507 CookieAccessParams{net::CookieAccessSemantics::UNKNOWN,
508 /*delegate_treats_url_as_trustworthy=*/false,
509 CookieSamePartyStatus::kNoSamePartyEnforcement}));
510 EXPECT_FALSE(delete_info.Matches(
511 create_cookie("outside.com"),
512 CookieAccessParams{net::CookieAccessSemantics::UNKNOWN,
513 /*delegate_treats_url_as_trustworthy=*/false,
514 CookieSamePartyStatus::kNoSamePartyEnforcement}));
515 }
516
517 // Test that Matches() works regardless of the cookie access semantics (because
518 // the IncludeForRequestURL call uses CookieOptions::MakeAllInclusive).
TEST(CookieDeletionInfoTest,MatchesWithCookieAccessSemantics)519 TEST(CookieDeletionInfoTest, MatchesWithCookieAccessSemantics) {
520 // Cookie with unspecified SameSite.
521 auto cookie = CanonicalCookie::Create(GURL("https://www.example.com"),
522 "cookie=1", base::Time::Now(),
523 /*server_time=*/absl::nullopt,
524 /*cookie_partition_key=*/absl::nullopt);
525
526 CookieDeletionInfo delete_info;
527 delete_info.url = GURL("https://www.example.com/path");
528 EXPECT_TRUE(delete_info.Matches(
529 *cookie,
530 CookieAccessParams{CookieAccessSemantics::UNKNOWN,
531 /*delegate_treats_url_as_trustworthy=*/false,
532 CookieSamePartyStatus::kNoSamePartyEnforcement}));
533 EXPECT_TRUE(delete_info.Matches(
534 *cookie,
535 CookieAccessParams{CookieAccessSemantics::LEGACY,
536 /*delegate_treats_url_as_trustworthy=*/false,
537 CookieSamePartyStatus::kNoSamePartyEnforcement}));
538 EXPECT_TRUE(delete_info.Matches(
539 *cookie,
540 CookieAccessParams{CookieAccessSemantics::NONLEGACY,
541 /*delegate_treats_url_as_trustworthy=*/false,
542 CookieSamePartyStatus::kNoSamePartyEnforcement}));
543 }
544
TEST(CookieDeletionInfoTest,MatchesCookiePartitionKeyCollection)545 TEST(CookieDeletionInfoTest, MatchesCookiePartitionKeyCollection) {
546 const CookiePartitionKey kPartitionKey =
547 CookiePartitionKey::FromURLForTesting(GURL("https://www.foo.com"));
548 const CookiePartitionKey kOtherPartitionKey =
549 CookiePartitionKey::FromURLForTesting(GURL("https://www.bar.com"));
550 const CookiePartitionKeyCollection kEmptyKeychain;
551 const CookiePartitionKeyCollection kSingletonKeychain(kPartitionKey);
552 const CookiePartitionKeyCollection kMultipleKeysKeychain(
553 {kPartitionKey, kOtherPartitionKey});
554 const CookiePartitionKeyCollection kAllKeysKeychain =
555 CookiePartitionKeyCollection::ContainsAll();
556 const absl::optional<CookiePartitionKey> kPartitionKeyOpt =
557 absl::make_optional(kPartitionKey);
558 const CookiePartitionKeyCollection kOtherKeySingletonKeychain(
559 kOtherPartitionKey);
560
561 struct TestCase {
562 const std::string desc;
563 const CookiePartitionKeyCollection filter_cookie_partition_key_collection;
564 const absl::optional<CookiePartitionKey> cookie_partition_key;
565 bool expects_match;
566 } test_cases[] = {
567 // Unpartitioned cookie always matches
568 {"Unpartitioned empty keychain", kEmptyKeychain, absl::nullopt, true},
569 {"Unpartitioned singleton keychain", kSingletonKeychain, absl::nullopt,
570 true},
571 {"Unpartitioned multiple keys", kMultipleKeysKeychain, absl::nullopt,
572 true},
573 {"Unpartitioned all keys", kAllKeysKeychain, absl::nullopt, true},
574 // Partitioned cookie only matches keychains which contain its partition
575 // key.
576 {"Partitioned empty keychain", kEmptyKeychain, kPartitionKeyOpt, false},
577 {"Partitioned singleton keychain", kSingletonKeychain, kPartitionKeyOpt,
578 true},
579 {"Partitioned multiple keys", kMultipleKeysKeychain, kPartitionKeyOpt,
580 true},
581 {"Partitioned all keys", kAllKeysKeychain, kPartitionKeyOpt, true},
582 {"Partitioned mismatched keys", kOtherKeySingletonKeychain,
583 kPartitionKeyOpt, false},
584 };
585
586 for (const auto& test_case : test_cases) {
587 SCOPED_TRACE(test_case.desc);
588 auto cookie = CanonicalCookie::Create(
589 GURL("https://www.example.com"),
590 "__Host-foo=bar; Secure; Path=/; Partitioned", base::Time::Now(),
591 /*server_time=*/absl::nullopt, test_case.cookie_partition_key);
592 CookieDeletionInfo delete_info;
593 delete_info.cookie_partition_key_collection =
594 test_case.filter_cookie_partition_key_collection;
595 EXPECT_EQ(
596 test_case.expects_match,
597 delete_info.Matches(
598 *cookie, CookieAccessParams{
599 net::CookieAccessSemantics::UNKNOWN,
600 /*delegate_treats_url_as_trustworthy=*/false,
601 CookieSamePartyStatus::kNoSamePartyEnforcement}));
602 }
603 }
604
TEST(CookieDeletionInfoTest,MatchesExcludeUnpartitionedCookies)605 TEST(CookieDeletionInfoTest, MatchesExcludeUnpartitionedCookies) {
606 struct TestCase {
607 const std::string desc;
608 const absl::optional<CookiePartitionKey> cookie_partition_key;
609 bool partitioned_state_only;
610 bool expects_match;
611 } test_cases[] = {
612 {"Unpartitioned cookie not excluded", absl::nullopt, false, true},
613 {"Unpartitioned cookie excluded", absl::nullopt, true, false},
614 {"Partitioned cookie when unpartitioned not excluded",
615 CookiePartitionKey::FromURLForTesting(GURL("https://foo.com")), false,
616 true},
617 {"Partitioned cookie when unpartitioned excluded",
618 CookiePartitionKey::FromURLForTesting(GURL("https://foo.com")), true,
619 true},
620 {"Nonced partitioned cookie when unpartitioned not excluded",
621 CookiePartitionKey::FromURLForTesting(GURL("https://foo.com"),
622 base::UnguessableToken::Create()),
623 false, true},
624 {"Nonced partitioned cookie when unpartitioned excluded",
625 CookiePartitionKey::FromURLForTesting(GURL("https://foo.com"),
626 base::UnguessableToken::Create()),
627 true, true},
628 };
629
630 for (const auto& test_case : test_cases) {
631 SCOPED_TRACE(test_case.desc);
632 auto cookie = CanonicalCookie::Create(
633 GURL("https://www.example.com"),
634 "__Host-foo=bar; Secure; Path=/; Partitioned", base::Time::Now(),
635 /*server_time=*/absl::nullopt, test_case.cookie_partition_key);
636 CookieDeletionInfo delete_info;
637 delete_info.partitioned_state_only = test_case.partitioned_state_only;
638 EXPECT_EQ(
639 test_case.expects_match,
640 delete_info.Matches(
641 *cookie, CookieAccessParams{
642 net::CookieAccessSemantics::UNKNOWN,
643 /*delegate_treats_url_as_trustworthy=*/false,
644 CookieSamePartyStatus::kNoSamePartyEnforcement}));
645 }
646 }
647
648 } // namespace net
649