1 // Copyright (c) 2012 The Chromium Authors. All rights reserved. 2 // Use of this source code is governed by a BSD-style license that can be 3 // found in the LICENSE file. 4 5 #ifndef ANDROID_WEBVIEW_BROWSER_AW_COOKIE_ACCESS_POLICY_H_ 6 #define ANDROID_WEBVIEW_BROWSER_AW_COOKIE_ACCESS_POLICY_H_ 7 8 #include "base/basictypes.h" 9 #include "base/lazy_instance.h" 10 #include "base/synchronization/lock.h" 11 #include "net/base/static_cookie_policy.h" 12 #include "net/cookies/canonical_cookie.h" 13 #include "net/url_request/url_request.h" 14 15 namespace content { 16 class ResourceContext; 17 } 18 19 namespace net { 20 class CookieOptions; 21 } 22 23 class GURL; 24 25 namespace android_webview { 26 27 // Manages the cookie access (both setting and getting) policy for WebView. 28 // Currently we don't distinguish between sources (i.e. network vs. JavaScript) 29 // or between reading vs. writing cookies. 30 class AwCookieAccessPolicy { 31 public: 32 static AwCookieAccessPolicy* GetInstance(); 33 34 // Can we read/write any cookies? 35 bool GetShouldAcceptCookies(); 36 void SetShouldAcceptCookies(bool allow); 37 38 // Can we read/write third party cookies? 39 bool GetShouldAcceptThirdPartyCookies(int render_process_id, 40 int render_frame_id); 41 bool GetShouldAcceptThirdPartyCookies(const net::URLRequest& request); 42 43 // These are the functions called when operating over cookies from the 44 // network. See NetworkDelegate for further descriptions. 45 bool OnCanGetCookies(const net::URLRequest& request, 46 const net::CookieList& cookie_list); 47 bool OnCanSetCookie(const net::URLRequest& request, 48 const std::string& cookie_line, 49 net::CookieOptions* options); 50 51 // These are the functions called when operating over cookies from the 52 // renderer. See ContentBrowserClient for further descriptions. 53 bool AllowGetCookie(const GURL& url, 54 const GURL& first_party, 55 const net::CookieList& cookie_list, 56 content::ResourceContext* context, 57 int render_process_id, 58 int render_frame_id); 59 bool AllowSetCookie(const GURL& url, 60 const GURL& first_party, 61 const std::string& cookie_line, 62 content::ResourceContext* context, 63 int render_process_id, 64 int render_frame_id, 65 net::CookieOptions* options); 66 67 private: 68 friend struct base::DefaultLazyInstanceTraits<AwCookieAccessPolicy>; 69 70 AwCookieAccessPolicy(); 71 ~AwCookieAccessPolicy(); 72 bool accept_cookies_; 73 base::Lock lock_; 74 75 DISALLOW_COPY_AND_ASSIGN(AwCookieAccessPolicy); 76 }; 77 78 class AwStaticCookiePolicy { 79 public: 80 AwStaticCookiePolicy(bool allow_global_access, 81 bool allow_third_party_access); 82 83 bool accept_cookies() const { 84 return accept_cookies_; 85 } 86 87 bool accept_third_party_cookies() const { 88 return accept_third_party_cookies_; 89 } 90 91 bool AllowGet(const GURL& url, const GURL& first_party) const; 92 bool AllowSet(const GURL& url, const GURL& first_party) const; 93 94 private: 95 const bool accept_cookies_; 96 const bool accept_third_party_cookies_; 97 98 // We have two bits of state but only three different cases: 99 // If !ShouldAcceptCookies 100 // then reject all cookies. 101 // If ShouldAcceptCookies and !ShouldAcceptThirdPartyCookies 102 // then reject third party. 103 // If ShouldAcceptCookies and ShouldAcceptThirdPartyCookies 104 // then allow all cookies. 105 net::StaticCookiePolicy::Type GetPolicy(const GURL& url) const; 106 107 DISALLOW_COPY_AND_ASSIGN(AwStaticCookiePolicy); 108 }; 109 110 } // namespace android_webview 111 112 #endif // ANDROID_WEBVIEW_BROWSER_AW_COOKIE_ACCESS_POLICY_H_ 113