Add cookieException for google drive and referer exception for facebook

fixes #698 fixes #9810 Auditors: @diracdeltas, @bsclifton, @bbondy Test Plan: 1. Go to facebook 2. Make sure block 3rd party cookies 5. You should be able to upload image to comment 1. Go to google drive 2. Make sure block 3rd party cookies 3. You should be able to download file
brave · Jul 6, 2017 · dc208c1 · dc208c1
1 parent 0562bf4
commit dc208c1
Show file tree

Hide file tree

Showing 2 changed files with 14 additions and 5 deletions.
diff --git a/app/filtering.js b/app/filtering.js
@@ -33,6 +33,7 @@ const {updateElectronDownloadItem} = require('./browser/electronDownloadItem')
 const {fullscreenOption} = require('./common/constants/settingsEnums')
 const isThirdPartyHost = require('./browser/isThirdPartyHost')
 var extensionState = require('./common/state/extensionState.js')
+const {cookieExceptions, refererExceptions} = require('../js/data/siteHacks')
 
 let appStore = null
 
@@ -46,9 +47,6 @@ let initializedPartitions = {}
 const transparent1pxGif = 'data:image/gif;base64,R0lGODlhAQABAIAAAAAAAP///yH5BAEAAAAALAAAAAABAAEAAAIBRAA7'
 const pdfjsOrigin = `chrome-extension://${config.PDFJSExtensionId}`
 
-// Third party domains that require a valid referer to work
-const refererExceptions = ['use.typekit.net', 'cloud.typography.com', 'www.moremorewin.net']
-
 /**
  * Maps partition name to the session object
  */
@@ -273,10 +271,17 @@ function registerForBeforeSendHeaders (session, partition) {
 
       if (cookieSetting === 'blockAllCookies' ||
         isThirdPartyHost(parsedFirstPartyUrl.hostname, parsedTargetUrl.hostname)) {
+        let hasCookieException = false
+        cookieExceptions.forEach((exceptionPair) => {
+          if (getOrigin(firstPartyUrl) === exceptionPair[0] && getOrigin(details.url) === exceptionPair[1] && cookieSetting !== 'blockAllCookies') {
+            hasCookieException = true
+          }
+        })
         // Clear cookie and referer on third-party requests
         if (requestHeaders['Cookie'] &&
-            getOrigin(firstPartyUrl) !== pdfjsOrigin) {
+            getOrigin(firstPartyUrl) !== pdfjsOrigin && !hasCookieException) {
           requestHeaders['Cookie'] = undefined
+          console.log(getOrigin(details.url))
         }
         if (cookieSetting !== 'blockAllCookies' &&
             requestHeaders['Referer'] &&

diff --git a/js/data/siteHacks.js b/js/data/siteHacks.js
@@ -27,9 +27,13 @@ const emptyDataURI = {
  */
 module.exports.cookieExceptions = [
   ['https://inbox.google.com', 'https://hangouts.google.com'],
-  ['https://mail.google.com', 'https://hangouts.google.com']
+  ['https://mail.google.com', 'https://hangouts.google.com'],
+  ['https://drive.google.com', 'https://doc-0g-3g-docs.googleusercontent.com']
 ]
 
+// Third party domains that require a valid referer to work
+module.exports.refererExceptions = ['use.typekit.net', 'cloud.typography.com', 'www.moremorewin.net', 'scontent.fsnc1-1.fna.fbcdn.net']
+
 /**
  * Holds an array of [Primary URL, subresource URL] to allow 3rd party localstorage.
  * Subresource URL can be '*' or undefined to indicate all.