Merge Chromium + Blink git repositories
[chromium-blink-merge.git] / components / content_settings / core / browser / cookie_settings_unittest.cc
blob618f98b862d6c25c9d870a8519ef65b474d2205d
1 // Copyright (c) 2012 The Chromium Authors. All rights reserved.
2 // Use of this source code is governed by a BSD-style license that can be
3 // found in the LICENSE file.
5 #include "components/content_settings/core/browser/cookie_settings.h"
7 #include "components/content_settings/core/browser/host_content_settings_map.h"
8 #include "components/content_settings/core/common/content_settings_pattern.h"
9 #include "components/content_settings/core/common/pref_names.h"
10 #include "components/pref_registry/testing_pref_service_syncable.h"
11 #include "testing/gtest/include/gtest/gtest.h"
12 #include "url/gurl.h"
14 namespace content_settings {
16 namespace {
18 class CookieSettingsTest : public testing::Test {
19 public:
20 CookieSettingsTest()
21 : kBlockedSite("http://ads.thirdparty.com"),
22 kAllowedSite("http://good.allays.com"),
23 kFirstPartySite("http://cool.things.com"),
24 kBlockedFirstPartySite("http://no.thirdparties.com"),
25 kChromeURL("chrome://foo"),
26 kExtensionURL("chrome-extension://deadbeef"),
27 kHttpSite("http://example.com"),
28 kHttpsSite("https://example.com"),
29 kAllHttpsSitesPattern(ContentSettingsPattern::FromString("https://*")) {
30 CookieSettings::RegisterProfilePrefs(prefs_.registry());
31 HostContentSettingsMap::RegisterProfilePrefs(prefs_.registry());
32 settings_map_ = new HostContentSettingsMap(&prefs_, false);
33 cookie_settings_ =
34 new CookieSettings(settings_map_.get(), &prefs_, "chrome-extension");
37 ~CookieSettingsTest() override { settings_map_->ShutdownOnUIThread(); }
39 protected:
40 user_prefs::TestingPrefServiceSyncable prefs_;
41 scoped_refptr<HostContentSettingsMap> settings_map_;
42 scoped_refptr<CookieSettings> cookie_settings_;
43 const GURL kBlockedSite;
44 const GURL kAllowedSite;
45 const GURL kFirstPartySite;
46 const GURL kBlockedFirstPartySite;
47 const GURL kChromeURL;
48 const GURL kExtensionURL;
49 const GURL kHttpSite;
50 const GURL kHttpsSite;
51 ContentSettingsPattern kAllHttpsSitesPattern;
54 TEST_F(CookieSettingsTest, TestWhitelistedScheme) {
55 cookie_settings_->SetCookieSetting(ContentSettingsPattern::Wildcard(),
56 ContentSettingsPattern::Wildcard(),
57 CONTENT_SETTING_BLOCK);
58 EXPECT_FALSE(cookie_settings_->IsReadingCookieAllowed(kHttpSite, kChromeURL));
59 EXPECT_TRUE(cookie_settings_->IsReadingCookieAllowed(kHttpsSite, kChromeURL));
60 EXPECT_TRUE(cookie_settings_->IsReadingCookieAllowed(kChromeURL, kHttpSite));
61 #if defined(ENABLE_EXTENSIONS)
62 EXPECT_TRUE(
63 cookie_settings_->IsReadingCookieAllowed(kExtensionURL, kExtensionURL));
64 #else
65 EXPECT_FALSE(
66 cookie_settings_->IsReadingCookieAllowed(kExtensionURL, kExtensionURL));
67 #endif
68 EXPECT_FALSE(
69 cookie_settings_->IsReadingCookieAllowed(kExtensionURL, kHttpSite));
72 TEST_F(CookieSettingsTest, CookiesBlockSingle) {
73 cookie_settings_->SetCookieSetting(
74 ContentSettingsPattern::FromURL(kBlockedSite),
75 ContentSettingsPattern::Wildcard(), CONTENT_SETTING_BLOCK);
76 EXPECT_FALSE(
77 cookie_settings_->IsReadingCookieAllowed(kBlockedSite, kBlockedSite));
80 TEST_F(CookieSettingsTest, CookiesBlockThirdParty) {
81 prefs_.SetBoolean(prefs::kBlockThirdPartyCookies, true);
82 EXPECT_FALSE(
83 cookie_settings_->IsReadingCookieAllowed(kBlockedSite, kFirstPartySite));
84 EXPECT_FALSE(cookie_settings_->IsCookieSessionOnly(kBlockedSite));
85 EXPECT_FALSE(
86 cookie_settings_->IsSettingCookieAllowed(kBlockedSite, kFirstPartySite));
89 TEST_F(CookieSettingsTest, CookiesAllowThirdParty) {
90 EXPECT_TRUE(
91 cookie_settings_->IsReadingCookieAllowed(kBlockedSite, kFirstPartySite));
92 EXPECT_TRUE(
93 cookie_settings_->IsSettingCookieAllowed(kBlockedSite, kFirstPartySite));
94 EXPECT_FALSE(cookie_settings_->IsCookieSessionOnly(kBlockedSite));
97 TEST_F(CookieSettingsTest, CookiesExplicitBlockSingleThirdParty) {
98 cookie_settings_->SetCookieSetting(
99 ContentSettingsPattern::FromURL(kBlockedSite),
100 ContentSettingsPattern::Wildcard(), CONTENT_SETTING_BLOCK);
101 EXPECT_FALSE(
102 cookie_settings_->IsReadingCookieAllowed(kBlockedSite, kFirstPartySite));
103 EXPECT_FALSE(
104 cookie_settings_->IsSettingCookieAllowed(kBlockedSite, kFirstPartySite));
105 EXPECT_TRUE(
106 cookie_settings_->IsSettingCookieAllowed(kAllowedSite, kFirstPartySite));
109 TEST_F(CookieSettingsTest, CookiesExplicitSessionOnly) {
110 cookie_settings_->SetCookieSetting(
111 ContentSettingsPattern::FromURL(kBlockedSite),
112 ContentSettingsPattern::Wildcard(), CONTENT_SETTING_SESSION_ONLY);
113 EXPECT_TRUE(
114 cookie_settings_->IsReadingCookieAllowed(kBlockedSite, kFirstPartySite));
115 EXPECT_TRUE(
116 cookie_settings_->IsSettingCookieAllowed(kBlockedSite, kFirstPartySite));
117 EXPECT_TRUE(cookie_settings_->IsCookieSessionOnly(kBlockedSite));
119 prefs_.SetBoolean(prefs::kBlockThirdPartyCookies, true);
120 EXPECT_TRUE(
121 cookie_settings_->IsReadingCookieAllowed(kBlockedSite, kFirstPartySite));
122 EXPECT_TRUE(
123 cookie_settings_->IsSettingCookieAllowed(kBlockedSite, kFirstPartySite));
124 EXPECT_TRUE(cookie_settings_->IsCookieSessionOnly(kBlockedSite));
127 TEST_F(CookieSettingsTest, CookiesThirdPartyBlockedExplicitAllow) {
128 cookie_settings_->SetCookieSetting(
129 ContentSettingsPattern::FromURL(kAllowedSite),
130 ContentSettingsPattern::Wildcard(), CONTENT_SETTING_ALLOW);
131 prefs_.SetBoolean(prefs::kBlockThirdPartyCookies, true);
132 EXPECT_TRUE(
133 cookie_settings_->IsReadingCookieAllowed(kAllowedSite, kFirstPartySite));
134 EXPECT_TRUE(
135 cookie_settings_->IsSettingCookieAllowed(kAllowedSite, kFirstPartySite));
136 EXPECT_FALSE(cookie_settings_->IsCookieSessionOnly(kAllowedSite));
138 // Extensions should always be allowed to use cookies.
139 EXPECT_TRUE(
140 cookie_settings_->IsReadingCookieAllowed(kAllowedSite, kExtensionURL));
141 EXPECT_TRUE(
142 cookie_settings_->IsSettingCookieAllowed(kAllowedSite, kExtensionURL));
145 TEST_F(CookieSettingsTest, CookiesThirdPartyBlockedAllSitesAllowed) {
146 cookie_settings_->SetCookieSetting(
147 ContentSettingsPattern::FromURL(kAllowedSite),
148 ContentSettingsPattern::Wildcard(), CONTENT_SETTING_ALLOW);
149 prefs_.SetBoolean(prefs::kBlockThirdPartyCookies, true);
150 // As an example for a pattern that matches all hosts but not all origins,
151 // match all HTTPS sites.
152 cookie_settings_->SetCookieSetting(kAllHttpsSitesPattern,
153 ContentSettingsPattern::Wildcard(),
154 CONTENT_SETTING_ALLOW);
155 cookie_settings_->SetDefaultCookieSetting(CONTENT_SETTING_SESSION_ONLY);
157 // |kAllowedSite| should be allowed.
158 EXPECT_TRUE(
159 cookie_settings_->IsReadingCookieAllowed(kAllowedSite, kBlockedSite));
160 EXPECT_TRUE(
161 cookie_settings_->IsSettingCookieAllowed(kAllowedSite, kBlockedSite));
162 EXPECT_FALSE(cookie_settings_->IsCookieSessionOnly(kAllowedSite));
164 // HTTPS sites should be allowed in a first-party context.
165 EXPECT_TRUE(cookie_settings_->IsReadingCookieAllowed(kHttpsSite, kHttpsSite));
166 EXPECT_TRUE(cookie_settings_->IsSettingCookieAllowed(kHttpsSite, kHttpsSite));
167 EXPECT_FALSE(cookie_settings_->IsCookieSessionOnly(kAllowedSite));
169 // HTTP sites should be allowed, but session-only.
170 EXPECT_TRUE(cookie_settings_->IsReadingCookieAllowed(kFirstPartySite,
171 kFirstPartySite));
172 EXPECT_TRUE(cookie_settings_->IsSettingCookieAllowed(kFirstPartySite,
173 kFirstPartySite));
174 EXPECT_TRUE(cookie_settings_->IsCookieSessionOnly(kFirstPartySite));
176 // Third-party cookies should be blocked.
177 EXPECT_FALSE(
178 cookie_settings_->IsReadingCookieAllowed(kFirstPartySite, kBlockedSite));
179 EXPECT_FALSE(
180 cookie_settings_->IsSettingCookieAllowed(kFirstPartySite, kBlockedSite));
181 EXPECT_FALSE(
182 cookie_settings_->IsReadingCookieAllowed(kHttpsSite, kBlockedSite));
183 EXPECT_FALSE(
184 cookie_settings_->IsSettingCookieAllowed(kHttpsSite, kBlockedSite));
187 TEST_F(CookieSettingsTest, CookiesBlockEverything) {
188 cookie_settings_->SetDefaultCookieSetting(CONTENT_SETTING_BLOCK);
190 EXPECT_FALSE(cookie_settings_->IsReadingCookieAllowed(kFirstPartySite,
191 kFirstPartySite));
192 EXPECT_FALSE(cookie_settings_->IsSettingCookieAllowed(kFirstPartySite,
193 kFirstPartySite));
194 EXPECT_FALSE(
195 cookie_settings_->IsSettingCookieAllowed(kAllowedSite, kFirstPartySite));
198 TEST_F(CookieSettingsTest, CookiesBlockEverythingExceptAllowed) {
199 cookie_settings_->SetDefaultCookieSetting(CONTENT_SETTING_BLOCK);
200 cookie_settings_->SetCookieSetting(
201 ContentSettingsPattern::FromURL(kAllowedSite),
202 ContentSettingsPattern::Wildcard(), CONTENT_SETTING_ALLOW);
203 EXPECT_FALSE(cookie_settings_->IsReadingCookieAllowed(kFirstPartySite,
204 kFirstPartySite));
205 EXPECT_FALSE(cookie_settings_->IsSettingCookieAllowed(kFirstPartySite,
206 kFirstPartySite));
207 EXPECT_TRUE(
208 cookie_settings_->IsReadingCookieAllowed(kAllowedSite, kFirstPartySite));
209 EXPECT_TRUE(
210 cookie_settings_->IsSettingCookieAllowed(kAllowedSite, kFirstPartySite));
211 EXPECT_TRUE(
212 cookie_settings_->IsReadingCookieAllowed(kAllowedSite, kAllowedSite));
213 EXPECT_TRUE(
214 cookie_settings_->IsSettingCookieAllowed(kAllowedSite, kAllowedSite));
215 EXPECT_FALSE(cookie_settings_->IsCookieSessionOnly(kAllowedSite));
218 TEST_F(CookieSettingsTest, CookiesBlockSingleFirstParty) {
219 cookie_settings_->SetCookieSetting(
220 ContentSettingsPattern::FromURL(kAllowedSite),
221 ContentSettingsPattern::FromURL(kFirstPartySite), CONTENT_SETTING_ALLOW);
222 cookie_settings_->SetCookieSetting(
223 ContentSettingsPattern::FromURL(kAllowedSite),
224 ContentSettingsPattern::FromURL(kBlockedFirstPartySite),
225 CONTENT_SETTING_BLOCK);
227 EXPECT_TRUE(
228 cookie_settings_->IsReadingCookieAllowed(kAllowedSite, kFirstPartySite));
229 EXPECT_TRUE(
230 cookie_settings_->IsSettingCookieAllowed(kAllowedSite, kFirstPartySite));
231 EXPECT_FALSE(cookie_settings_->IsCookieSessionOnly(kAllowedSite));
233 EXPECT_FALSE(cookie_settings_->IsReadingCookieAllowed(
234 kAllowedSite, kBlockedFirstPartySite));
235 EXPECT_FALSE(cookie_settings_->IsSettingCookieAllowed(
236 kAllowedSite, kBlockedFirstPartySite));
238 cookie_settings_->SetDefaultCookieSetting(CONTENT_SETTING_BLOCK);
240 EXPECT_TRUE(
241 cookie_settings_->IsReadingCookieAllowed(kAllowedSite, kFirstPartySite));
242 EXPECT_TRUE(
243 cookie_settings_->IsSettingCookieAllowed(kAllowedSite, kFirstPartySite));
244 EXPECT_FALSE(cookie_settings_->IsCookieSessionOnly(kAllowedSite));
246 EXPECT_FALSE(cookie_settings_->IsReadingCookieAllowed(
247 kAllowedSite, kBlockedFirstPartySite));
248 EXPECT_FALSE(cookie_settings_->IsSettingCookieAllowed(
249 kAllowedSite, kBlockedFirstPartySite));
251 cookie_settings_->ResetCookieSetting(
252 ContentSettingsPattern::FromURL(kAllowedSite),
253 ContentSettingsPattern::FromURL(kFirstPartySite));
255 EXPECT_FALSE(
256 cookie_settings_->IsReadingCookieAllowed(kAllowedSite, kFirstPartySite));
257 EXPECT_FALSE(
258 cookie_settings_->IsSettingCookieAllowed(kAllowedSite, kFirstPartySite));
261 TEST_F(CookieSettingsTest, ExtensionsRegularSettings) {
262 cookie_settings_->SetCookieSetting(
263 ContentSettingsPattern::FromURL(kBlockedSite),
264 ContentSettingsPattern::Wildcard(), CONTENT_SETTING_BLOCK);
266 // Regular cookie settings also apply to extensions.
267 EXPECT_FALSE(
268 cookie_settings_->IsReadingCookieAllowed(kBlockedSite, kExtensionURL));
271 TEST_F(CookieSettingsTest, ExtensionsOwnCookies) {
272 cookie_settings_->SetDefaultCookieSetting(CONTENT_SETTING_BLOCK);
274 #if defined(ENABLE_EXTENSIONS)
275 // Extensions can always use cookies (and site data) in their own origin.
276 EXPECT_TRUE(
277 cookie_settings_->IsReadingCookieAllowed(kExtensionURL, kExtensionURL));
278 #else
279 // Except if extensions are disabled. Then the extension-specific checks do
280 // not exist and the default setting is to block.
281 EXPECT_FALSE(
282 cookie_settings_->IsReadingCookieAllowed(kExtensionURL, kExtensionURL));
283 #endif
286 TEST_F(CookieSettingsTest, ExtensionsThirdParty) {
287 prefs_.SetBoolean(prefs::kBlockThirdPartyCookies, true);
289 // XHRs stemming from extensions are exempt from third-party cookie blocking
290 // rules (as the first party is always the extension's security origin).
291 EXPECT_TRUE(
292 cookie_settings_->IsSettingCookieAllowed(kBlockedSite, kExtensionURL));
295 } // namespace
297 } // namespace content_settings