android_webview/browser/aw_cookie_access_policy.cc

   1 // Copyright (c) 2012 The Chromium Authors. All rights reserved.
   2 // Use of this source code is governed by a BSD-style license that can be
   3 // found in the LICENSE file.
   4
   5 #include "android_webview/browser/aw_cookie_access_policy.h"
   6
   7 #include "android_webview/browser/aw_contents_io_thread_client.h"
   8
   9 #include "base/logging.h"
  10 #include "base/memory/scoped_ptr.h"
  11 #include "content/public/browser/browser_thread.h"
  12 #include "content/public/browser/resource_request_info.h"
  13 #include "net/base/net_errors.h"
  14
  15 using base::AutoLock;
  16 using content::BrowserThread;
  17 using content::ResourceRequestInfo;
  18 using net::StaticCookiePolicy;
  19
  20 namespace android_webview {
  21
  22 namespace {
  23 base::LazyInstance<AwCookieAccessPolicy>::Leaky g_lazy_instance;
  24 }  // namespace
  25
  26 AwCookieAccessPolicy::~AwCookieAccessPolicy() {
  27 }
  28
  29 AwCookieAccessPolicy::AwCookieAccessPolicy()
  30     : accept_cookies_(true) {
  31 }
  32
  33 AwCookieAccessPolicy* AwCookieAccessPolicy::GetInstance() {
  34   return g_lazy_instance.Pointer();
  35 }
  36
  37 bool AwCookieAccessPolicy::GetShouldAcceptCookies() {
  38   AutoLock lock(lock_);
  39   return accept_cookies_;
  40 }
  41
  42 void AwCookieAccessPolicy::SetShouldAcceptCookies(bool allow) {
  43   AutoLock lock(lock_);
  44   accept_cookies_ = allow;
  45 }
  46
  47 bool AwCookieAccessPolicy::GetShouldAcceptThirdPartyCookies(
  48     int render_process_id,
  49     int render_frame_id) {
  50   scoped_ptr<AwContentsIoThreadClient> io_thread_client =
  51       AwContentsIoThreadClient::FromID(render_process_id, render_frame_id);
  52   if (!io_thread_client) {
  53     return false;
  54   }
  55   return io_thread_client->ShouldAcceptThirdPartyCookies();
  56 }
  57
  58 bool AwCookieAccessPolicy::GetShouldAcceptThirdPartyCookies(
  59     const net::URLRequest& request) {
  60   const ResourceRequestInfo* info = ResourceRequestInfo::ForRequest(&request);
  61   if (!info) {
  62     return false;
  63   }
  64   return GetShouldAcceptThirdPartyCookies(info->GetChildID(),
  65                                           info->GetRenderFrameID());
  66 }
  67
  68 bool AwCookieAccessPolicy::OnCanGetCookies(const net::URLRequest& request,
  69                                            const net::CookieList& cookie_list) {
  70   bool global = GetShouldAcceptCookies();
  71   bool thirdParty = GetShouldAcceptThirdPartyCookies(request);
  72   return AwStaticCookiePolicy(global, thirdParty)
  73       .AllowGet(request.url(), request.first_party_for_cookies());
  74 }
  75
  76 bool AwCookieAccessPolicy::OnCanSetCookie(const net::URLRequest& request,
  77                                           const std::string& cookie_line,
  78                                           net::CookieOptions* options) {
  79   bool global = GetShouldAcceptCookies();
  80   bool thirdParty = GetShouldAcceptThirdPartyCookies(request);
  81   return AwStaticCookiePolicy(global, thirdParty)
  82       .AllowSet(request.url(), request.first_party_for_cookies());
  83 }
  84
  85 bool AwCookieAccessPolicy::AllowGetCookie(const GURL& url,
  86                                           const GURL& first_party,
  87                                           const net::CookieList& cookie_list,
  88                                           content::ResourceContext* context,
  89                                           int render_process_id,
  90                                           int render_frame_id) {
  91   bool global = GetShouldAcceptCookies();
  92   bool thirdParty =
  93       GetShouldAcceptThirdPartyCookies(render_process_id, render_frame_id);
  94   return AwStaticCookiePolicy(global, thirdParty).AllowGet(url, first_party);
  95 }
  96
  97 bool AwCookieAccessPolicy::AllowSetCookie(const GURL& url,
  98                                           const GURL& first_party,
  99                                           const std::string& cookie_line,
 100                                           content::ResourceContext* context,
 101                                           int render_process_id,
 102                                           int render_frame_id,
 103                                           net::CookieOptions* options) {
 104   bool global = GetShouldAcceptCookies();
 105   bool thirdParty =
 106       GetShouldAcceptThirdPartyCookies(render_process_id, render_frame_id);
 107   return AwStaticCookiePolicy(global, thirdParty).AllowSet(url, first_party);
 108 }
 109
 110 AwStaticCookiePolicy::AwStaticCookiePolicy(bool accept_cookies,
 111                                            bool accept_third_party_cookies)
 112     : accept_cookies_(accept_cookies),
 113       accept_third_party_cookies_(accept_third_party_cookies) {
 114 }
 115
 116 StaticCookiePolicy::Type AwStaticCookiePolicy::GetPolicy(const GURL& url)
 117     const {
 118   // File URLs are a special case. We want file URLs to be able to set cookies
 119   // but (for the purpose of cookies) Chrome considers different file URLs to
 120   // come from different origins so we use the 'allow all' cookie policy for
 121   // file URLs.
 122   bool isFile = url.SchemeIsFile();
 123   if (!accept_cookies()) {
 124     return StaticCookiePolicy::BLOCK_ALL_COOKIES;
 125   }
 126   if (accept_third_party_cookies() || isFile) {
 127     return StaticCookiePolicy::ALLOW_ALL_COOKIES;
 128   }
 129   return StaticCookiePolicy::BLOCK_ALL_THIRD_PARTY_COOKIES;
 130 }
 131
 132 bool AwStaticCookiePolicy::AllowSet(const GURL& url,
 133                                     const GURL& first_party) const {
 134
 135   return StaticCookiePolicy(GetPolicy(url)).CanSetCookie(url, first_party) ==
 136          net::OK;
 137 }
 138
 139 bool AwStaticCookiePolicy::AllowGet(const GURL& url,
 140                                     const GURL& first_party) const {
 141   return StaticCookiePolicy(GetPolicy(url)).CanGetCookies(url, first_party) ==
 142          net::OK;
 143 }
 144
 145 }  // namespace android_webview