1 // Copyright (c) 2011 The Chromium Authors. All rights reserved. 2 // Use of this source code is governed by a BSD-style license that can be 3 // found in the LICENSE file. 4 5 // Brought to you by the letter D and the number 2. 6 7 #ifndef NET_BASE_COOKIE_MONSTER_H_ 8 #define NET_BASE_COOKIE_MONSTER_H_ 9 #pragma once 10 11 #include <map> 12 #include <string> 13 #include <utility> 14 #include <vector> 15 16 #include "base/basictypes.h" 17 #include "base/gtest_prod_util.h" 18 #include "base/memory/ref_counted.h" 19 #include "base/memory/scoped_ptr.h" 20 #include "base/synchronization/lock.h" 21 #include "base/task.h" 22 #include "base/time.h" 23 #include "net/base/cookie_store.h" 24 25 class GURL; 26 27 namespace base { 28 class Histogram; 29 } 30 31 namespace net { 32 33 class CookieList; 34 35 // The cookie monster is the system for storing and retrieving cookies. It has 36 // an in-memory list of all cookies, and synchronizes non-session cookies to an 37 // optional permanent storage that implements the PersistentCookieStore 38 // interface. 39 // 40 // This class IS thread-safe. Normally, it is only used on the I/O thread, but 41 // is also accessed directly through Automation for UI testing. 42 // 43 // TODO(deanm) Implement CookieMonster, the cookie database. 44 // - Verify that our domain enforcement and non-dotted handling is correct 45 class CookieMonster : public CookieStore { 46 public: 47 class CanonicalCookie; 48 class Delegate; 49 class ParsedCookie; 50 class PersistentCookieStore; 51 52 // Terminology: 53 // * The 'top level domain' (TLD) of an internet domain name is 54 // the terminal "." free substring (e.g. "com" for google.com 55 // or world.std.com). 56 // * The 'effective top level domain' (eTLD) is the longest 57 // "." initiated terminal substring of an internet domain name 58 // that is controlled by a general domain registrar. 59 // (e.g. "co.uk" for news.bbc.co.uk). 60 // * The 'effective top level domain plus one' (eTLD+1) is the 61 // shortest "." delimited terminal substring of an internet 62 // domain name that is not controlled by a general domain 63 // registrar (e.g. "bbc.co.uk" for news.bbc.co.uk, or 64 // "google.com" for news.google.com). The general assumption 65 // is that all hosts and domains under an eTLD+1 share some 66 // administrative control. 67 68 // CookieMap is the central data structure of the CookieMonster. It 69 // is a map whose values are pointers to CanonicalCookie data 70 // structures (the data structures are owned by the CookieMonster 71 // and must be destroyed when removed from the map). There are two 72 // possible keys for the map, controlled on a per-CookieMonster basis 73 // by expiry_and_key_scheme_/SetExpiryAndKeyScheme() 74 // (defaulted by expiry_and_key_default_): 75 76 // If expiry_and_key_scheme_ is EKS_KEEP_RECENT_AND_PURGE_ETLDP1 77 // (default), then the key is based on the effective domain of the 78 // cookies. If the domain of the cookie has an eTLD+1, that is the 79 // key for the map. If the domain of the cookie does not have an eTLD+1, 80 // the key of the map is the host the cookie applies to (it is not 81 // legal to have domain cookies without an eTLD+1). This rule 82 // excludes cookies for, e.g, ".com", ".co.uk", or ".internalnetwork". 83 // This behavior is the same as the behavior in Firefox v 3.6.10. 84 85 // If use_effective_domain_key_scheme_ is EKS_DISCARD_RECENT_AND_PURGE_DOMAIN, 86 // then the key is just the domain of the cookie. Eventually, this 87 // option will be removed. 88 89 // NOTE(deanm): 90 // I benchmarked hash_multimap vs multimap. We're going to be query-heavy 91 // so it would seem like hashing would help. However they were very 92 // close, with multimap being a tiny bit faster. I think this is because 93 // our map is at max around 1000 entries, and the additional complexity 94 // for the hashing might not overcome the O(log(1000)) for querying 95 // a multimap. Also, multimap is standard, another reason to use it. 96 // TODO(rdsmith): This benchmark should be re-done now that we're allowing 97 // subtantially more entries in the map. 98 typedef std::multimap<std::string, CanonicalCookie*> CookieMap; 99 typedef std::pair<CookieMap::iterator, CookieMap::iterator> CookieMapItPair; 100 101 // The key and expiry scheme to be used by the monster. 102 // EKS_KEEP_RECENT_AND_PURGE_ETLDP1 means to use 103 // the new key scheme based on effective domain and save recent cookies 104 // in global garbage collection. EKS_DISCARD_RECENT_AND_PURGE_DOMAIN 105 // means to use the old key scheme based on full domain and be ruthless 106 // about purging. 107 enum ExpiryAndKeyScheme { 108 EKS_KEEP_RECENT_AND_PURGE_ETLDP1, 109 EKS_DISCARD_RECENT_AND_PURGE_DOMAIN, 110 EKS_LAST_ENTRY 111 }; 112 113 // The store passed in should not have had Init() called on it yet. This 114 // class will take care of initializing it. The backing store is NOT owned by 115 // this class, but it must remain valid for the duration of the cookie 116 // monster's existence. If |store| is NULL, then no backing store will be 117 // updated. If |delegate| is non-NULL, it will be notified on 118 // creation/deletion of cookies. 119 CookieMonster(PersistentCookieStore* store, Delegate* delegate); 120 121 // Only used during unit testing. 122 CookieMonster(PersistentCookieStore* store, 123 Delegate* delegate, 124 int last_access_threshold_milliseconds); 125 126 // Parses the string with the cookie time (very forgivingly). 127 static base::Time ParseCookieTime(const std::string& time_string); 128 129 // Returns true if a domain string represents a host-only cookie, 130 // i.e. it doesn't begin with a leading '.' character. 131 static bool DomainIsHostOnly(const std::string& domain_string); 132 133 // Sets a cookie given explicit user-provided cookie attributes. The cookie 134 // name, value, domain, etc. are each provided as separate strings. This 135 // function expects each attribute to be well-formed. It will check for 136 // disallowed characters (e.g. the ';' character is disallowed within the 137 // cookie value attribute) and will return false without setting the cookie 138 // if such characters are found. 139 bool SetCookieWithDetails(const GURL& url, 140 const std::string& name, 141 const std::string& value, 142 const std::string& domain, 143 const std::string& path, 144 const base::Time& expiration_time, 145 bool secure, bool http_only); 146 147 // Returns all the cookies, for use in management UI, etc. This does not mark 148 // the cookies as having been accessed. 149 // The returned cookies are ordered by longest path, then by earliest 150 // creation date. 151 CookieList GetAllCookies(); 152 153 // Returns all the cookies, for use in management UI, etc. Filters results 154 // using given url scheme, host / domain and path and options. This does not 155 // mark the cookies as having been accessed. 156 // The returned cookies are ordered by longest path, then earliest 157 // creation date. 158 CookieList GetAllCookiesForURLWithOptions(const GURL& url, 159 const CookieOptions& options); 160 161 // Invokes GetAllCookiesForURLWithOptions with options set to include HTTP 162 // only cookies. 163 CookieList GetAllCookiesForURL(const GURL& url); 164 165 // Deletes all of the cookies. 166 int DeleteAll(bool sync_to_store); 167 // Deletes all of the cookies that have a creation_date greater than or equal 168 // to |delete_begin| and less than |delete_end| 169 int DeleteAllCreatedBetween(const base::Time& delete_begin, 170 const base::Time& delete_end, 171 bool sync_to_store); 172 // Deletes all of the cookies that have a creation_date more recent than the 173 // one passed into the function via |delete_after|. 174 int DeleteAllCreatedAfter(const base::Time& delete_begin, bool sync_to_store); 175 176 // Deletes all cookies that match the host of the given URL 177 // regardless of path. This includes all http_only and secure cookies, 178 // but does not include any domain cookies that may apply to this host. 179 // Returns the number of cookies deleted. 180 int DeleteAllForHost(const GURL& url); 181 182 // Deletes one specific cookie. 183 bool DeleteCanonicalCookie(const CanonicalCookie& cookie); 184 185 // Override the default list of schemes that are allowed to be set in 186 // this cookie store. Calling his overrides the value of 187 // "enable_file_scheme_". 188 // If this this method is called, it must be called before first use of 189 // the instance (i.e. as part of the instance initialization process). 190 void SetCookieableSchemes(const char* schemes[], size_t num_schemes); 191 192 // Overrides the default key and expiry scheme. See comments 193 // before CookieMap and Garbage collection constants for details. This 194 // function must be called before initialization. 195 void SetExpiryAndKeyScheme(ExpiryAndKeyScheme key_scheme); 196 197 // Instructs the cookie monster to not delete expired cookies. This is used 198 // in cases where the cookie monster is used as a data structure to keep 199 // arbitrary cookies. 200 void SetKeepExpiredCookies(); 201 202 // Delegates the call to set the |clear_local_store_on_exit_| flag of the 203 // PersistentStore if it exists. 204 void SetClearPersistentStoreOnExit(bool clear_local_store); 205 206 // There are some unknowns about how to correctly handle file:// cookies, 207 // and our implementation for this is not robust enough. This allows you 208 // to enable support, but it should only be used for testing. Bug 1157243. 209 // Must be called before creating a CookieMonster instance. 210 static void EnableFileScheme(); 211 212 // Flush the backing store (if any) to disk and post the given task when done. 213 // WARNING: THE CALLBACK WILL RUN ON A RANDOM THREAD. IT MUST BE THREAD SAFE. 214 // It may be posted to the current thread, or it may run on the thread that 215 // actually does the flushing. Your Task should generally post a notification 216 // to the thread you actually want to be notified on. 217 void FlushStore(Task* completion_task); 218 219 // CookieStore implementation. 220 221 // Sets the cookies specified by |cookie_list| returned from |url| 222 // with options |options| in effect. 223 virtual bool SetCookieWithOptions(const GURL& url, 224 const std::string& cookie_line, 225 const CookieOptions& options); 226 227 // Gets all cookies that apply to |url| given |options|. 228 // The returned cookies are ordered by longest path, then earliest 229 // creation date. 230 virtual std::string GetCookiesWithOptions(const GURL& url, 231 const CookieOptions& options); 232 233 // Deletes all cookies with that might apply to |url| that has |cookie_name|. 234 virtual void DeleteCookie(const GURL& url, const std::string& cookie_name); 235 236 virtual CookieMonster* GetCookieMonster(); 237 238 // Debugging method to perform various validation checks on the map. 239 // Currently just checking that there are no null CanonicalCookie pointers 240 // in the map. 241 // Argument |arg| is to allow retaining of arbitrary data if the CHECKs 242 // in the function trip. TODO(rdsmith):Remove hack. 243 void ValidateMap(int arg); 244 245 // The default list of schemes the cookie monster can handle. 246 static const char* kDefaultCookieableSchemes[]; 247 static const int kDefaultCookieableSchemesCount; 248 249 private: 250 // Testing support. 251 // For SetCookieWithCreationTime. 252 FRIEND_TEST_ALL_PREFIXES(CookieMonsterTest, 253 TestCookieDeleteAllCreatedAfterTimestamp); 254 FRIEND_TEST_ALL_PREFIXES(CookieMonsterTest, 255 TestCookieDeleteAllCreatedBetweenTimestamps); 256 257 // For gargage collection constants. 258 FRIEND_TEST_ALL_PREFIXES(CookieMonsterTest, TestHostGarbageCollection); 259 FRIEND_TEST_ALL_PREFIXES(CookieMonsterTest, TestTotalGarbageCollection); 260 FRIEND_TEST_ALL_PREFIXES(CookieMonsterTest, GarbageCollectionTriggers); 261 FRIEND_TEST_ALL_PREFIXES(CookieMonsterTest, TestGCTimes); 262 263 // For validation of key values. 264 FRIEND_TEST_ALL_PREFIXES(CookieMonsterTest, TestDomainTree); 265 FRIEND_TEST_ALL_PREFIXES(CookieMonsterTest, TestImport); 266 FRIEND_TEST_ALL_PREFIXES(CookieMonsterTest, GetKey); 267 FRIEND_TEST_ALL_PREFIXES(CookieMonsterTest, TestGetKey); 268 269 // Internal reasons for deletion, used to populate informative histograms 270 // and to provide a public cause for onCookieChange notifications. 271 // 272 // If you add or remove causes from this list, please be sure to also update 273 // the Delegate::ChangeCause mapping inside ChangeCauseMapping. Moreover, 274 // these are used as array indexes, so avoid reordering to keep the 275 // histogram buckets consistent. New items (if necessary) should be added 276 // at the end of the list, just before DELETE_COOKIE_LAST_ENTRY. 277 enum DeletionCause { 278 DELETE_COOKIE_EXPLICIT = 0, 279 DELETE_COOKIE_OVERWRITE, 280 DELETE_COOKIE_EXPIRED, 281 DELETE_COOKIE_EVICTED, 282 DELETE_COOKIE_DUPLICATE_IN_BACKING_STORE, 283 DELETE_COOKIE_DONT_RECORD, // e.g. For final cleanup after flush to store. 284 DELETE_COOKIE_EVICTED_DOMAIN, 285 DELETE_COOKIE_EVICTED_GLOBAL, 286 287 // Cookies evicted during domain level garbage collection that 288 // were accessed longer ago than kSafeFromGlobalPurgeDays 289 DELETE_COOKIE_EVICTED_DOMAIN_PRE_SAFE, 290 291 // Cookies evicted during domain level garbage collection that 292 // were accessed more recently than kSafeFromGlobalPurgeDays 293 // (and thus would have been preserved by global garbage collection). 294 DELETE_COOKIE_EVICTED_DOMAIN_POST_SAFE, 295 296 // A common idiom is to remove a cookie by overwriting it with an 297 // already-expired expiration date. This captures that case. 298 DELETE_COOKIE_EXPIRED_OVERWRITE, 299 300 DELETE_COOKIE_LAST_ENTRY 301 }; 302 303 // Cookie garbage collection thresholds. Based off of the Mozilla defaults. 304 // When the number of cookies gets to k{Domain,}MaxCookies 305 // purge down to k{Domain,}MaxCookies - k{Domain,}PurgeCookies. 306 // It might seem scary to have a high purge value, but really it's not. 307 // You just make sure that you increase the max to cover the increase 308 // in purge, and we would have been purging the same amount of cookies. 309 // We're just going through the garbage collection process less often. 310 // Note that the DOMAIN values are per eTLD+1; see comment for the 311 // CookieMap typedef. So, e.g., the maximum number of cookies allowed for 312 // google.com and all of its subdomains will be 150-180. 313 // 314 // If the expiry and key scheme follows firefox standards (default, 315 // set by SetExpiryAndKeyScheme()), any cookies accessed more recently 316 // than kSafeFromGlobalPurgeDays will not be evicted by global garbage 317 // collection, even if we have more than kMaxCookies. This does not affect 318 // domain garbage collection. 319 // 320 // Present in .h file to make accessible to tests through FRIEND_TEST. 321 // Actual definitions are in cookie_monster.cc. 322 static const size_t kDomainMaxCookies; 323 static const size_t kDomainPurgeCookies; 324 static const size_t kMaxCookies; 325 static const size_t kPurgeCookies; 326 327 // The number of days since last access that cookies will not be subject 328 // to global garbage collection. 329 static const int kSafeFromGlobalPurgeDays; 330 331 // Default value for key and expiry scheme scheme. 332 static const ExpiryAndKeyScheme expiry_and_key_default_ = 333 EKS_KEEP_RECENT_AND_PURGE_ETLDP1; 334 335 // Record statistics every kRecordStatisticsIntervalSeconds of uptime. 336 static const int kRecordStatisticsIntervalSeconds = 10 * 60; 337 338 ~CookieMonster(); 339 340 bool SetCookieWithCreationTime(const GURL& url, 341 const std::string& cookie_line, 342 const base::Time& creation_time); 343 344 // Called by all non-static functions to ensure that the cookies store has 345 // been initialized. This is not done during creating so it doesn't block 346 // the window showing. 347 // Note: this method should always be called with lock_ held. 348 void InitIfNecessary() { 349 if (!initialized_) { 350 if (store_) 351 InitStore(); 352 initialized_ = true; 353 } 354 } 355 356 // Initializes the backing store and reads existing cookies from it. 357 // Should only be called by InitIfNecessary(). 358 void InitStore(); 359 360 // Checks that |cookies_| matches our invariants, and tries to repair any 361 // inconsistencies. (In other words, it does not have duplicate cookies). 362 void EnsureCookiesMapIsValid(); 363 364 // Checks for any duplicate cookies for CookieMap key |key| which lie between 365 // |begin| and |end|. If any are found, all but the most recent are deleted. 366 // Returns the number of duplicate cookies that were deleted. 367 int TrimDuplicateCookiesForKey(const std::string& key, 368 CookieMap::iterator begin, 369 CookieMap::iterator end); 370 371 void SetDefaultCookieableSchemes(); 372 373 void FindCookiesForHostAndDomain(const GURL& url, 374 const CookieOptions& options, 375 bool update_access_time, 376 std::vector<CanonicalCookie*>* cookies); 377 378 void FindCookiesForKey(const std::string& key, 379 const GURL& url, 380 const CookieOptions& options, 381 const base::Time& current, 382 bool update_access_time, 383 std::vector<CanonicalCookie*>* cookies); 384 385 // Delete any cookies that are equivalent to |ecc| (same path, domain, etc). 386 // If |skip_httponly| is true, httponly cookies will not be deleted. The 387 // return value with be true if |skip_httponly| skipped an httponly cookie. 388 // |key| is the key to find the cookie in cookies_; see the comment before 389 // the CookieMap typedef for details. 390 // NOTE: There should never be more than a single matching equivalent cookie. 391 bool DeleteAnyEquivalentCookie(const std::string& key, 392 const CanonicalCookie& ecc, 393 bool skip_httponly, 394 bool already_expired); 395 396 // Takes ownership of *cc. 397 void InternalInsertCookie(const std::string& key, 398 CanonicalCookie* cc, 399 bool sync_to_store); 400 401 // Helper function that sets cookies with more control. 402 // Not exposed as we don't want callers to have the ability 403 // to specify (potentially duplicate) creation times. 404 bool SetCookieWithCreationTimeAndOptions(const GURL& url, 405 const std::string& cookie_line, 406 const base::Time& creation_time, 407 const CookieOptions& options); 408 409 410 // Helper function that sets a canonical cookie, deleting equivalents and 411 // performing garbage collection. 412 bool SetCanonicalCookie(scoped_ptr<CanonicalCookie>* cc, 413 const base::Time& creation_time, 414 const CookieOptions& options); 415 416 void InternalUpdateCookieAccessTime(CanonicalCookie* cc, 417 const base::Time& current_time); 418 419 // |deletion_cause| argument is used for collecting statistics and choosing 420 // the correct Delegate::ChangeCause for OnCookieChanged notifications. 421 void InternalDeleteCookie(CookieMap::iterator it, bool sync_to_store, 422 DeletionCause deletion_cause); 423 424 // If the number of cookies for CookieMap key |key|, or globally, are 425 // over the preset maximums above, garbage collect, first for the host and 426 // then globally. See comments above garbage collection threshold 427 // constants for details. 428 // 429 // Returns the number of cookies deleted (useful for debugging). 430 int GarbageCollect(const base::Time& current, const std::string& key); 431 432 // Helper for GarbageCollect(); can be called directly as well. Deletes 433 // all expired cookies in |itpair|. If |cookie_its| is non-NULL, it is 434 // populated with all the non-expired cookies from |itpair|. 435 // 436 // Returns the number of cookies deleted. 437 int GarbageCollectExpired(const base::Time& current, 438 const CookieMapItPair& itpair, 439 std::vector<CookieMap::iterator>* cookie_its); 440 441 // Helper for GarbageCollect(). Deletes all cookies in the list 442 // that were accessed before |keep_accessed_after|, using DeletionCause 443 // |cause|. If |keep_accessed_after| is null, deletes all cookies in the 444 // list. Returns the number of cookies deleted. 445 int GarbageCollectDeleteList(const base::Time& current, 446 const base::Time& keep_accessed_after, 447 DeletionCause cause, 448 std::vector<CookieMap::iterator>& cookie_its); 449 450 // Find the key (for lookup in cookies_) based on the given domain. 451 // See comment on keys before the CookieMap typedef. 452 std::string GetKey(const std::string& domain) const; 453 454 bool HasCookieableScheme(const GURL& url); 455 456 // Statistics support 457 458 // This function should be called repeatedly, and will record 459 // statistics if a sufficient time period has passed. 460 void RecordPeriodicStats(const base::Time& current_time); 461 462 // Initialize the above variables; should only be called from 463 // the constructor. 464 void InitializeHistograms(); 465 466 // The resolution of our time isn't enough, so we do something 467 // ugly and increment when we've seen the same time twice. 468 base::Time CurrentTime(); 469 470 // Histogram variables; see CookieMonster::InitializeHistograms() in 471 // cookie_monster.cc for details. 472 base::Histogram* histogram_expiration_duration_minutes_; 473 base::Histogram* histogram_between_access_interval_minutes_; 474 base::Histogram* histogram_evicted_last_access_minutes_; 475 base::Histogram* histogram_count_; 476 base::Histogram* histogram_domain_count_; 477 base::Histogram* histogram_etldp1_count_; 478 base::Histogram* histogram_domain_per_etldp1_count_; 479 base::Histogram* histogram_number_duplicate_db_cookies_; 480 base::Histogram* histogram_cookie_deletion_cause_; 481 base::Histogram* histogram_time_get_; 482 base::Histogram* histogram_time_load_; 483 484 CookieMap cookies_; 485 486 // Indicates whether the cookie store has been initialized. This happens 487 // lazily in InitStoreIfNecessary(). 488 bool initialized_; 489 490 // Indicates whether this cookie monster uses the new effective domain 491 // key scheme or not. 492 ExpiryAndKeyScheme expiry_and_key_scheme_; 493 494 scoped_refptr<PersistentCookieStore> store_; 495 496 base::Time last_time_seen_; 497 498 // Minimum delay after updating a cookie's LastAccessDate before we will 499 // update it again. 500 const base::TimeDelta last_access_threshold_; 501 502 // Approximate date of access time of least recently accessed cookie 503 // in |cookies_|. Note that this is not guaranteed to be accurate, only a) 504 // to be before or equal to the actual time, and b) to be accurate 505 // immediately after a garbage collection that scans through all the cookies. 506 // This value is used to determine whether global garbage collection might 507 // find cookies to purge. 508 // Note: The default Time() constructor will create a value that compares 509 // earlier than any other time value, which is is wanted. Thus this 510 // value is not initialized. 511 base::Time earliest_access_time_; 512 513 std::vector<std::string> cookieable_schemes_; 514 515 scoped_refptr<Delegate> delegate_; 516 517 // Lock for thread-safety 518 base::Lock lock_; 519 520 base::Time last_statistic_record_time_; 521 522 bool keep_expired_cookies_; 523 524 static bool enable_file_scheme_; 525 526 DISALLOW_COPY_AND_ASSIGN(CookieMonster); 527 }; 528 529 class CookieMonster::CanonicalCookie { 530 public: 531 532 // These constructors do no validation or canonicalization of their inputs; 533 // the resulting CanonicalCookies should not be relied on to be canonical 534 // unless the caller has done appropriate validation and canonicalization 535 // themselves. 536 CanonicalCookie(); 537 CanonicalCookie(const GURL& url, 538 const std::string& name, 539 const std::string& value, 540 const std::string& domain, 541 const std::string& path, 542 const base::Time& creation, 543 const base::Time& expiration, 544 const base::Time& last_access, 545 bool secure, 546 bool httponly, 547 bool has_expires); 548 549 // This constructor does canonicalization but not validation. 550 // The result of this constructor should not be relied on in contexts 551 // in which pre-validation of the ParsedCookie has not been done. 552 CanonicalCookie(const GURL& url, const ParsedCookie& pc); 553 554 ~CanonicalCookie(); 555 556 // Supports the default copy constructor. 557 558 // Creates a canonical cookie from unparsed attribute values. 559 // Canonicalizes and validates inputs. May return NULL if an attribute 560 // value is invalid. 561 static CanonicalCookie* Create(const GURL& url, 562 const std::string& name, 563 const std::string& value, 564 const std::string& domain, 565 const std::string& path, 566 const base::Time& creation, 567 const base::Time& expiration, 568 bool secure, 569 bool http_only); 570 571 const std::string& Source() const { return source_; } 572 const std::string& Name() const { return name_; } 573 const std::string& Value() const { return value_; } 574 const std::string& Domain() const { return domain_; } 575 const std::string& Path() const { return path_; } 576 const base::Time& CreationDate() const { return creation_date_; } 577 const base::Time& LastAccessDate() const { return last_access_date_; } 578 bool DoesExpire() const { return has_expires_; } 579 #if defined(ANDROID) 580 // Android can shut down our app at any time, so we persist session cookies. 581 bool IsPersistent() const { return true; } 582 bool IsSessionCookie() const { return !DoesExpire(); } 583 #else 584 bool IsPersistent() const { return DoesExpire(); } 585 #endif 586 const base::Time& ExpiryDate() const { return expiry_date_; } 587 bool IsSecure() const { return secure_; } 588 bool IsHttpOnly() const { return httponly_; } 589 bool IsDomainCookie() const { 590 return !domain_.empty() && domain_[0] == '.'; } 591 bool IsHostCookie() const { return !IsDomainCookie(); } 592 593 bool IsExpired(const base::Time& current) { 594 return has_expires_ && current >= expiry_date_; 595 } 596 597 // Are the cookies considered equivalent in the eyes of RFC 2965. 598 // The RFC says that name must match (case-sensitive), domain must 599 // match (case insensitive), and path must match (case sensitive). 600 // For the case insensitive domain compare, we rely on the domain 601 // having been canonicalized (in 602 // GetCookieDomainWithString->CanonicalizeHost). 603 bool IsEquivalent(const CanonicalCookie& ecc) const { 604 // It seems like it would make sense to take secure and httponly into 605 // account, but the RFC doesn't specify this. 606 // NOTE: Keep this logic in-sync with TrimDuplicateCookiesForHost(). 607 return (name_ == ecc.Name() && domain_ == ecc.Domain() 608 && path_ == ecc.Path()); 609 } 610 611 void SetLastAccessDate(const base::Time& date) { 612 last_access_date_ = date; 613 } 614 615 bool IsOnPath(const std::string& url_path) const; 616 bool IsDomainMatch(const std::string& scheme, const std::string& host) const; 617 618 std::string DebugString() const; 619 620 // Returns the cookie source when cookies are set for |url|. This function 621 // is public for unit test purposes only. 622 static std::string GetCookieSourceFromURL(const GURL& url); 623 624 private: 625 // The source member of a canonical cookie is the origin of the URL that tried 626 // to set this cookie, minus the port number if any. This field is not 627 // persistent though; its only used in the in-tab cookies dialog to show the 628 // user the source URL. This is used for both allowed and blocked cookies. 629 // When a CanonicalCookie is constructed from the backing store (common case) 630 // this field will be null. CanonicalCookie consumers should not rely on 631 // this field unless they guarantee that the creator of those 632 // CanonicalCookies properly initialized the field. 633 std::string source_; 634 std::string name_; 635 std::string value_; 636 std::string domain_; 637 std::string path_; 638 base::Time creation_date_; 639 base::Time expiry_date_; 640 base::Time last_access_date_; 641 bool secure_; 642 bool httponly_; 643 bool has_expires_; 644 }; 645 646 class CookieMonster::Delegate 647 : public base::RefCountedThreadSafe<CookieMonster::Delegate> { 648 public: 649 // The publicly relevant reasons a cookie might be changed. 650 enum ChangeCause { 651 // The cookie was changed directly by a consumer's action. 652 CHANGE_COOKIE_EXPLICIT, 653 // The cookie was automatically removed due to an insert operation that 654 // overwrote it. 655 CHANGE_COOKIE_OVERWRITE, 656 // The cookie was automatically removed as it expired. 657 CHANGE_COOKIE_EXPIRED, 658 // The cookie was automatically evicted during garbage collection. 659 CHANGE_COOKIE_EVICTED, 660 // The cookie was overwritten with an already-expired expiration date. 661 CHANGE_COOKIE_EXPIRED_OVERWRITE 662 }; 663 664 // Will be called when a cookie is added or removed. The function is passed 665 // the respective |cookie| which was added to or removed from the cookies. 666 // If |removed| is true, the cookie was deleted, and |cause| will be set 667 // to the reason for it's removal. If |removed| is false, the cookie was 668 // added, and |cause| will be set to CHANGE_COOKIE_EXPLICIT. 669 // 670 // As a special case, note that updating a cookie's properties is implemented 671 // as a two step process: the cookie to be updated is first removed entirely, 672 // generating a notification with cause CHANGE_COOKIE_OVERWRITE. Afterwards, 673 // a new cookie is written with the updated values, generating a notification 674 // with cause CHANGE_COOKIE_EXPLICIT. 675 virtual void OnCookieChanged(const CookieMonster::CanonicalCookie& cookie, 676 bool removed, 677 ChangeCause cause) = 0; 678 protected: 679 friend class base::RefCountedThreadSafe<CookieMonster::Delegate>; 680 virtual ~Delegate() {} 681 }; 682 683 class CookieMonster::ParsedCookie { 684 public: 685 typedef std::pair<std::string, std::string> TokenValuePair; 686 typedef std::vector<TokenValuePair> PairList; 687 688 // The maximum length of a cookie string we will try to parse 689 static const size_t kMaxCookieSize = 4096; 690 // The maximum number of Token/Value pairs. Shouldn't have more than 8. 691 static const int kMaxPairs = 16; 692 693 // Construct from a cookie string like "BLAH=1; path=/; domain=.google.com" 694 ParsedCookie(const std::string& cookie_line); 695 ~ParsedCookie(); 696 697 // You should not call any other methods on the class if !IsValid 698 bool IsValid() const { return is_valid_; } 699 700 const std::string& Name() const { return pairs_[0].first; } 701 const std::string& Token() const { return Name(); } 702 const std::string& Value() const { return pairs_[0].second; } 703 704 bool HasPath() const { return path_index_ != 0; } 705 const std::string& Path() const { return pairs_[path_index_].second; } 706 bool HasDomain() const { return domain_index_ != 0; } 707 const std::string& Domain() const { return pairs_[domain_index_].second; } 708 bool HasExpires() const { return expires_index_ != 0; } 709 const std::string& Expires() const { return pairs_[expires_index_].second; } 710 bool HasMaxAge() const { return maxage_index_ != 0; } 711 const std::string& MaxAge() const { return pairs_[maxage_index_].second; } 712 bool IsSecure() const { return secure_index_ != 0; } 713 bool IsHttpOnly() const { return httponly_index_ != 0; } 714 715 // Returns the number of attributes, for example, returning 2 for: 716 // "BLAH=hah; path=/; domain=.google.com" 717 size_t NumberOfAttributes() const { return pairs_.size() - 1; } 718 719 // For debugging only! 720 std::string DebugString() const; 721 722 // Returns an iterator pointing to the first terminator character found in 723 // the given string. 724 static std::string::const_iterator FindFirstTerminator(const std::string& s); 725 726 // Given iterators pointing to the beginning and end of a string segment, 727 // returns as output arguments token_start and token_end to the start and end 728 // positions of a cookie attribute token name parsed from the segment, and 729 // updates the segment iterator to point to the next segment to be parsed. 730 // If no token is found, the function returns false. 731 static bool ParseToken(std::string::const_iterator* it, 732 const std::string::const_iterator& end, 733 std::string::const_iterator* token_start, 734 std::string::const_iterator* token_end); 735 736 // Given iterators pointing to the beginning and end of a string segment, 737 // returns as output arguments value_start and value_end to the start and end 738 // positions of a cookie attribute value parsed from the segment, and updates 739 // the segment iterator to point to the next segment to be parsed. 740 static void ParseValue(std::string::const_iterator* it, 741 const std::string::const_iterator& end, 742 std::string::const_iterator* value_start, 743 std::string::const_iterator* value_end); 744 745 // Same as the above functions, except the input is assumed to contain the 746 // desired token/value and nothing else. 747 static std::string ParseTokenString(const std::string& token); 748 static std::string ParseValueString(const std::string& value); 749 750 private: 751 static const char kTerminator[]; 752 static const int kTerminatorLen; 753 static const char kWhitespace[]; 754 static const char kValueSeparator[]; 755 static const char kTokenSeparator[]; 756 757 void ParseTokenValuePairs(const std::string& cookie_line); 758 void SetupAttributes(); 759 760 PairList pairs_; 761 bool is_valid_; 762 // These will default to 0, but that should never be valid since the 763 // 0th index is the user supplied token/value, not an attribute. 764 // We're really never going to have more than like 8 attributes, so we 765 // could fit these into 3 bits each if we're worried about size... 766 size_t path_index_; 767 size_t domain_index_; 768 size_t expires_index_; 769 size_t maxage_index_; 770 size_t secure_index_; 771 size_t httponly_index_; 772 773 DISALLOW_COPY_AND_ASSIGN(ParsedCookie); 774 }; 775 776 typedef base::RefCountedThreadSafe<CookieMonster::PersistentCookieStore> 777 RefcountedPersistentCookieStore; 778 779 class CookieMonster::PersistentCookieStore 780 : public RefcountedPersistentCookieStore { 781 public: 782 virtual ~PersistentCookieStore() {} 783 784 // Initializes the store and retrieves the existing cookies. This will be 785 // called only once at startup. 786 virtual bool Load(std::vector<CookieMonster::CanonicalCookie*>* cookies) = 0; 787 788 virtual void AddCookie(const CanonicalCookie& cc) = 0; 789 virtual void UpdateCookieAccessTime(const CanonicalCookie& cc) = 0; 790 virtual void DeleteCookie(const CanonicalCookie& cc) = 0; 791 792 // Sets the value of the user preference whether the persistent storage 793 // must be deleted upon destruction. 794 virtual void SetClearLocalStateOnExit(bool clear_local_state) = 0; 795 796 // Flush the store and post the given Task when complete. 797 virtual void Flush(Task* completion_task) = 0; 798 799 protected: 800 PersistentCookieStore() {} 801 802 private: 803 DISALLOW_COPY_AND_ASSIGN(PersistentCookieStore); 804 }; 805 806 class CookieList : public std::vector<CookieMonster::CanonicalCookie> { 807 }; 808 809 } // namespace net 810 811 #endif // NET_BASE_COOKIE_MONSTER_H_ 812