Fix network cookies availability in 1PES mode.

brave · Aug 12, 2021 · 3a9177c · 3a9177c
1 parent 4626031
commit 3a9177c
Show file tree

Hide file tree

Showing 7 changed files with 95 additions and 29 deletions.
diff --git a/browser/ephemeral_storage/ephemeral_storage_1p_browsertest.cc b/browser/ephemeral_storage/ephemeral_storage_1p_browsertest.cc
@@ -390,3 +390,43 @@ IN_PROC_BROWSER_TEST_F(EphemeralStorage1pBrowserTest,
   EXPECT_EQ("third-party-a.com", third_party_values.session_storage);
   EXPECT_EQ("name=third-party-a.com", third_party_values.cookies);
 }
+
+IN_PROC_BROWSER_TEST_F(EphemeralStorage1pBrowserTest, NetworkCookiesAreSetIn1p) {
+  SetCookieSetting(a_site_ephemeral_storage_url_, CONTENT_SETTING_SESSION_ONLY);
+  GURL a_site_set_cookie_url = https_server_.GetURL(
+      "a.com", "/set-cookie?name=acom;path=/;SameSite=None;Secure");
+
+  WebContents* site_a_tab_network_cookies = LoadURLInNewTab(a_site_set_cookie_url);
+  WebContents* site_a_tab = LoadURLInNewTab(a_site_ephemeral_storage_url_);
+  EXPECT_TRUE(http_request_monitor_.HasHttpRequestWithCookie(
+      a_site_ephemeral_storage_url_, "name=acom"));
+
+  ValuesFromFrames site_a_tab_values = GetValuesFromFrames(site_a_tab);
+  EXPECT_EQ(nullptr, site_a_tab_values.main_frame.local_storage);
+  EXPECT_EQ(nullptr, site_a_tab_values.iframe_1.local_storage);
+  EXPECT_EQ(nullptr, site_a_tab_values.iframe_2.local_storage);
+
+  EXPECT_EQ(nullptr, site_a_tab_values.main_frame.session_storage);
+  EXPECT_EQ(nullptr, site_a_tab_values.iframe_1.session_storage);
+  EXPECT_EQ(nullptr, site_a_tab_values.iframe_2.session_storage);
+
+  EXPECT_EQ("name=acom", site_a_tab_values.main_frame.cookies);
+  EXPECT_EQ("", site_a_tab_values.iframe_1.cookies);
+  EXPECT_EQ("", site_a_tab_values.iframe_2.cookies);
+
+  WebContents* site_b_tab = LoadURLInNewTab(b_site_ephemeral_storage_url_);
+  ExpectValuesFromFramesAreEmpty(FROM_HERE, GetValuesFromFrames(site_b_tab));
+
+  // Close a.com tabs.
+  CloseWebContents(site_a_tab_network_cookies);
+  CloseWebContents(site_a_tab);
+  http_request_monitor_.Clear();
+
+  // Load a.com tab again.
+  WebContents* site_a_tab2 = LoadURLInNewTab(a_site_ephemeral_storage_url_);
+  EXPECT_FALSE(http_request_monitor_.HasHttpRequestWithCookie(
+      a_site_ephemeral_storage_url_, "name=acom"));
+
+  // Cookie values should be empty after a cleanup.
+  ExpectValuesFromFramesAreEmpty(FROM_HERE, GetValuesFromFrames(site_a_tab2));
+}
diff --git a/browser/ephemeral_storage/ephemeral_storage_browsertest.cc b/browser/ephemeral_storage/ephemeral_storage_browsertest.cc
@@ -208,6 +208,14 @@ WebContents* EphemeralStorageBrowserTest::LoadURLInNewTab(GURL url) {
   return add_tab.Wait();
 }
 
+void EphemeralStorageBrowserTest::CloseWebContents(WebContents* web_contents) {
+  int tab_index =
+      browser()->tab_strip_model()->GetIndexOfWebContents(web_contents);
+  bool was_closed = browser()->tab_strip_model()->CloseWebContentsAt(
+      tab_index, TabStripModel::CloseTypes::CLOSE_NONE);
+  EXPECT_TRUE(was_closed);
+}
+
 void EphemeralStorageBrowserTest::SetStorageValueInFrame(
     RenderFrameHost* host,
     std::string value,

diff --git a/browser/ephemeral_storage/ephemeral_storage_browsertest.h b/browser/ephemeral_storage/ephemeral_storage_browsertest.h
@@ -67,6 +67,7 @@ class EphemeralStorageBrowserTest : public InProcessBrowserTest {
   ValuesFromFrames GetValuesFromFrames(content::WebContents* web_contents);
 
   content::WebContents* LoadURLInNewTab(GURL url);
+  void CloseWebContents(content::WebContents* web_contents);
 
   void SetStorageValueInFrame(content::RenderFrameHost* host,
                               std::string value,

diff --git a/chromium_src/components/content_settings/core/common/cookie_settings_base.cc b/chromium_src/components/content_settings/core/common/cookie_settings_base.cc
@@ -89,15 +89,6 @@ bool IsFirstPartyAccessAllowed(
 
 }  // namespace
 
-ScopedEphemeralStorageAwareness::ScopedEphemeralStorageAwareness(
-    bool* ephemeral_storage_aware)
-    : ephemeral_storage_aware_auto_reset_(ephemeral_storage_aware, true) {}
-ScopedEphemeralStorageAwareness::~ScopedEphemeralStorageAwareness() = default;
-ScopedEphemeralStorageAwareness::ScopedEphemeralStorageAwareness(
-    ScopedEphemeralStorageAwareness&& rhs) = default;
-ScopedEphemeralStorageAwareness& ScopedEphemeralStorageAwareness::operator=(
-    ScopedEphemeralStorageAwareness&& rhs) = default;
-
 bool CookieSettingsBase::ShouldUseEphemeralStorage(
     const GURL& url,
     const GURL& site_for_cookies,
@@ -131,8 +122,9 @@ bool CookieSettingsBase::ShouldUseEphemeralStorage(
 }
 
 ScopedEphemeralStorageAwareness
-CookieSettingsBase::CreateScopedEphemeralStorageAwareness() const {
-  return ScopedEphemeralStorageAwareness(&ephemeral_storage_aware_);
+CookieSettingsBase::CreateScopedEphemeralStorageAwareness(
+    EphemeralStorageAwareType type) const {
+  return ScopedEphemeralStorageAwareness(&ephemeral_storage_aware_, type);
 }
 
 bool CookieSettingsBase::IsEphemeralCookieAccessAllowed(
@@ -146,7 +138,7 @@ bool CookieSettingsBase::IsEphemeralCookieAccessAllowed(
     const GURL& site_for_cookies,
     const absl::optional<url::Origin>& top_frame_origin) const {
   auto scoped_ephemeral_storage_awareness =
-      CreateScopedEphemeralStorageAwareness();
+      CreateScopedEphemeralStorageAwareness(EphemeralStorageAwareType::kAware);
   return IsCookieAccessAllowed(url, site_for_cookies, top_frame_origin);
 }
 
@@ -160,7 +152,7 @@ bool CookieSettingsBase::IsCookieAccessAllowed(
     const GURL& url,
     const GURL& site_for_cookies,
     const absl::optional<url::Origin>& top_frame_origin) const {
-  if (ephemeral_storage_aware_ &&
+  if (ephemeral_storage_aware_ == EphemeralStorageAwareType::kAware &&
       ShouldUseEphemeralStorage(url, site_for_cookies, top_frame_origin)) {
     return true;
   }
@@ -185,8 +177,11 @@ bool CookieSettingsBase::IsCookieAccessAllowedImpl(
   const bool is_1p_ephemeral =
       is_1p_ephemeral_feature_enabled && IsCookieSessionOnly(first_party_url);
 
-  if (is_1p_ephemeral && allow)
+  if (is_1p_ephemeral && allow &&
+      ephemeral_storage_aware_ !=
+          EphemeralStorageAwareType::kNotAwareButAllowIn1pEphemeralMode) {
     return false;
+  }
 
   if (!IsFirstPartyAccessAllowed(first_party_url, this))
     return false;

diff --git a/chromium_src/components/content_settings/core/common/cookie_settings_base.h b/chromium_src/components/content_settings/core/common/cookie_settings_base.h
@@ -10,26 +10,24 @@
 
 namespace content_settings {
 
-// Helper to allow patchless ephemeral storage access in Chromium code.
-class ScopedEphemeralStorageAwareness {
- public:
-  explicit ScopedEphemeralStorageAwareness(bool* ephemeral_storage_aware);
-  ScopedEphemeralStorageAwareness(ScopedEphemeralStorageAwareness&&);
-  ScopedEphemeralStorageAwareness& operator=(ScopedEphemeralStorageAwareness&&);
-  ~ScopedEphemeralStorageAwareness();
-
- private:
-  base::AutoReset<bool> ephemeral_storage_aware_auto_reset_;
+enum class EphemeralStorageAwareType {
+  kNone,
+  kAware,
+  kNotAwareButAllowIn1pEphemeralMode,
 };
 
+// Helper to allow patchless ephemeral storage access in Chromium code.
+using ScopedEphemeralStorageAwareness =
+    base::AutoReset<EphemeralStorageAwareType>;
+
 }  // namespace content_settings
 
 #define BRAVE_COOKIE_SETTINGS_BASE_H                                      \
   bool ShouldUseEphemeralStorage(                                         \
       const GURL& url, const GURL& site_for_cookies,                      \
       const absl::optional<url::Origin>& top_frame_origin) const;         \
-  ScopedEphemeralStorageAwareness CreateScopedEphemeralStorageAwareness() \
-      const;                                                              \
+  ScopedEphemeralStorageAwareness CreateScopedEphemeralStorageAwareness(  \
+      EphemeralStorageAwareType type) const;                              \
   bool IsEphemeralCookieAccessAllowed(const GURL& url,                    \
                                       const GURL& first_party_url) const; \
   bool IsEphemeralCookieAccessAllowed(                                    \
@@ -46,7 +44,8 @@ class ScopedEphemeralStorageAwareness {
       const GURL& url, const GURL& site_for_cookies,                      \
       const absl::optional<url::Origin>& top_frame_origin) const;         \
                                                                           \
-  mutable bool ephemeral_storage_aware_ = false;
+  mutable EphemeralStorageAwareType ephemeral_storage_aware_ =            \
+      EphemeralStorageAwareType::kNone;
 
 #include "../../../../../../components/content_settings/core/common/cookie_settings_base.h"
 

diff --git a/chromium_src/services/network/network_service_network_delegate.cc b/chromium_src/services/network/network_service_network_delegate.cc
@@ -7,12 +7,16 @@
 
 #define OnCanGetCookies OnCanGetCookies_ChromiumImpl
 #define OnCanSetCookie OnCanSetCookie_ChromiumImpl
+#define OnForcePrivacyMode OnForcePrivacyMode_ChromiumImpl
 
 #include "../../../../services/network/network_service_network_delegate.cc"
 
+#undef OnForcePrivacyMode
 #undef OnCanSetCookie
 #undef OnCanGetCookies
 
+using content_settings::EphemeralStorageAwareType;
+
 namespace network {
 
 bool NetworkServiceNetworkDelegate::OnCanGetCookies(
@@ -22,7 +26,8 @@ bool NetworkServiceNetworkDelegate::OnCanGetCookies(
   auto scoped_ephemeral_storage_awareness =
       network_context_->cookie_manager()
           ->cookie_settings()
-          .CreateScopedEphemeralStorageAwareness();
+          .CreateScopedEphemeralStorageAwareness(
+              EphemeralStorageAwareType::kAware);
   return OnCanGetCookies_ChromiumImpl(request, allowed_from_caller);
 }
 
@@ -35,9 +40,24 @@ bool NetworkServiceNetworkDelegate::OnCanSetCookie(
   auto scoped_ephemeral_storage_awareness =
       network_context_->cookie_manager()
           ->cookie_settings()
-          .CreateScopedEphemeralStorageAwareness();
+          .CreateScopedEphemeralStorageAwareness(
+              EphemeralStorageAwareType::kAware);
   return OnCanSetCookie_ChromiumImpl(request, cookie, options,
                                      allowed_from_caller);
 }
 
+bool NetworkServiceNetworkDelegate::OnForcePrivacyMode(
+    const GURL& url,
+    const net::SiteForCookies& site_for_cookies,
+    const absl::optional<url::Origin>& top_frame_origin) const {
+  // Enable ephemeral storage support for the call.
+  auto scoped_ephemeral_storage_awareness =
+      network_context_->cookie_manager()
+          ->cookie_settings()
+          .CreateScopedEphemeralStorageAwareness(
+              EphemeralStorageAwareType::kNotAwareButAllowIn1pEphemeralMode);
+  return OnForcePrivacyMode_ChromiumImpl(url, site_for_cookies,
+                                         top_frame_origin);
+}
+
 }  // namespace network
diff --git a/chromium_src/services/network/network_service_network_delegate.h b/chromium_src/services/network/network_service_network_delegate.h
@@ -13,6 +13,9 @@
   bool OnCanSetCookie_ChromiumImpl(                                       \
       const net::URLRequest& request, const net::CanonicalCookie& cookie, \
       net::CookieOptions* options, bool allowed_from_caller);             \
+  bool OnForcePrivacyMode_ChromiumImpl(                                   \
+      const GURL& url, const net::SiteForCookies& site_for_cookies,       \
+      const absl::optional<url::Origin>& top_frame_origin) const;         \
   void FinishedCanSendReportingReports
 
 #include "../../../../services/network/network_service_network_delegate.h"