// Copyright (c) 2012 The Chromium Authors. All rights reserved.
// Use of this source code is governed by a BSD-style license that can be
// found in the LICENSE file.
#include "chrome/browser/content_settings/cookie_settings.h"
#include "base/command_line.h"
#include "base/prefs/pref_service.h"
#include "chrome/browser/chrome_notification_types.h"
#include "chrome/browser/content_settings/content_settings_utils.h"
#include "chrome/browser/content_settings/host_content_settings_map.h"
#include "chrome/browser/profiles/incognito_helpers.h"
#include "chrome/browser/profiles/profile.h"
#include "chrome/common/chrome_switches.h"
#include "chrome/common/content_settings_pattern.h"
#include "chrome/common/pref_names.h"
#include "components/browser_context_keyed_service/browser_context_dependency_manager.h"
#include "components/browser_context_keyed_service/browser_context_keyed_service.h"
#include "components/user_prefs/pref_registry_syncable.h"
#include "content/public/browser/browser_thread.h"
#include "content/public/browser/notification_service.h"
#include "content/public/browser/notification_source.h"
#include "content/public/browser/user_metrics.h"
#include "extensions/common/constants.h"
#include "net/base/net_errors.h"
#include "net/base/static_cookie_policy.h"
#include "url/gurl.h"
using content::BrowserThread;
using content::UserMetricsAction;
namespace {
bool IsValidSetting(ContentSetting setting) {
return (setting == CONTENT_SETTING_ALLOW ||
setting == CONTENT_SETTING_SESSION_ONLY ||
setting == CONTENT_SETTING_BLOCK);
}
bool IsAllowed(ContentSetting setting) {
DCHECK(IsValidSetting(setting));
return (setting == CONTENT_SETTING_ALLOW ||
setting == CONTENT_SETTING_SESSION_ONLY);
}
} // namespace
// static
scoped_refptr<CookieSettings> CookieSettings::Factory::GetForProfile(
Profile* profile) {
DCHECK(BrowserThread::CurrentlyOn(BrowserThread::UI));
return static_cast<CookieSettings*>(
GetInstance()->GetServiceForBrowserContext(profile, true).get());
}
// static
CookieSettings::Factory* CookieSettings::Factory::GetInstance() {
return Singleton<CookieSettings::Factory>::get();
}
CookieSettings::Factory::Factory()
: RefcountedBrowserContextKeyedServiceFactory(
"CookieSettings",
BrowserContextDependencyManager::GetInstance()) {
}
CookieSettings::Factory::~Factory() {}
void CookieSettings::Factory::RegisterProfilePrefs(
user_prefs::PrefRegistrySyncable* registry) {
registry->RegisterBooleanPref(
prefs::kBlockThirdPartyCookies,
false,
user_prefs::PrefRegistrySyncable::SYNCABLE_PREF);
}
content::BrowserContext* CookieSettings::Factory::GetBrowserContextToUse(
content::BrowserContext* context) const {
return chrome::GetBrowserContextRedirectedInIncognito(context);
}
scoped_refptr<RefcountedBrowserContextKeyedService>
CookieSettings::Factory::BuildServiceInstanceFor(
content::BrowserContext* context) const {
Profile* profile = static_cast<Profile*>(context);
return new CookieSettings(profile->GetHostContentSettingsMap(),
profile->GetPrefs());
}
CookieSettings::CookieSettings(
HostContentSettingsMap* host_content_settings_map,
PrefService* prefs)
: host_content_settings_map_(host_content_settings_map),
block_third_party_cookies_(
prefs->GetBoolean(prefs::kBlockThirdPartyCookies)) {
if (block_third_party_cookies_) {
content::RecordAction(
UserMetricsAction("ThirdPartyCookieBlockingEnabled"));
} else {
content::RecordAction(
UserMetricsAction("ThirdPartyCookieBlockingDisabled"));
}
pref_change_registrar_.Init(prefs);
pref_change_registrar_.Add(
prefs::kBlockThirdPartyCookies,
base::Bind(&CookieSettings::OnBlockThirdPartyCookiesChanged,
base::Unretained(this)));
}
ContentSetting
CookieSettings::GetDefaultCookieSetting(std::string* provider_id) const {
return host_content_settings_map_->GetDefaultContentSetting(
CONTENT_SETTINGS_TYPE_COOKIES, provider_id);
}
bool CookieSettings::IsReadingCookieAllowed(const GURL& url,
const GURL& first_party_url) const {
ContentSetting setting = GetCookieSetting(url, first_party_url, false, NULL);
return IsAllowed(setting);
}
bool CookieSettings::IsSettingCookieAllowed(const GURL& url,
const GURL& first_party_url) const {
ContentSetting setting = GetCookieSetting(url, first_party_url, true, NULL);
return IsAllowed(setting);
}
bool CookieSettings::IsCookieSessionOnly(const GURL& origin) const {
ContentSetting setting = GetCookieSetting(origin, origin, true, NULL);
DCHECK(IsValidSetting(setting));
return (setting == CONTENT_SETTING_SESSION_ONLY);
}
void CookieSettings::GetCookieSettings(
ContentSettingsForOneType* settings) const {
return host_content_settings_map_->GetSettingsForOneType(
CONTENT_SETTINGS_TYPE_COOKIES, std::string(), settings);
}
void CookieSettings::SetDefaultCookieSetting(ContentSetting setting) {
DCHECK(IsValidSetting(setting));
host_content_settings_map_->SetDefaultContentSetting(
CONTENT_SETTINGS_TYPE_COOKIES, setting);
}
void CookieSettings::SetCookieSetting(
const ContentSettingsPattern& primary_pattern,
const ContentSettingsPattern& secondary_pattern,
ContentSetting setting) {
DCHECK(IsValidSetting(setting));
if (setting == CONTENT_SETTING_SESSION_ONLY) {
DCHECK(secondary_pattern == ContentSettingsPattern::Wildcard());
}
host_content_settings_map_->SetContentSetting(primary_pattern,
secondary_pattern,
CONTENT_SETTINGS_TYPE_COOKIES,
std::string(),
setting);
}
void CookieSettings::ResetCookieSetting(
const ContentSettingsPattern& primary_pattern,
const ContentSettingsPattern& secondary_pattern) {
host_content_settings_map_->SetContentSetting(primary_pattern,
secondary_pattern,
CONTENT_SETTINGS_TYPE_COOKIES,
std::string(),
CONTENT_SETTING_DEFAULT);
}
void CookieSettings::ShutdownOnUIThread() {
DCHECK(BrowserThread::CurrentlyOn(BrowserThread::UI));
pref_change_registrar_.RemoveAll();
}
ContentSetting CookieSettings::GetCookieSetting(
const GURL& url,
const GURL& first_party_url,
bool setting_cookie,
content_settings::SettingSource* source) const {
if (HostContentSettingsMap::ShouldAllowAllContent(
url, first_party_url, CONTENT_SETTINGS_TYPE_COOKIES))
return CONTENT_SETTING_ALLOW;
// First get any host-specific settings.
content_settings::SettingInfo info;
scoped_ptr<base::Value> value(host_content_settings_map_->GetWebsiteSetting(
url,
first_party_url,
CONTENT_SETTINGS_TYPE_COOKIES,
std::string(),
&info));
if (source)
*source = info.source;
// If no explicit exception has been made and third-party cookies are blocked
// by default, apply that rule.
if (info.primary_pattern.MatchesAllHosts() &&
info.secondary_pattern.MatchesAllHosts() &&
ShouldBlockThirdPartyCookies() &&
!first_party_url.SchemeIs(extensions::kExtensionScheme)) {
bool not_strict = CommandLine::ForCurrentProcess()->HasSwitch(
switches::kOnlyBlockSettingThirdPartyCookies);
net::StaticCookiePolicy policy(not_strict ?
net::StaticCookiePolicy::BLOCK_SETTING_THIRD_PARTY_COOKIES :
net::StaticCookiePolicy::BLOCK_ALL_THIRD_PARTY_COOKIES);
int rv;
if (setting_cookie)
rv = policy.CanSetCookie(url, first_party_url);
else
rv = policy.CanGetCookies(url, first_party_url);
DCHECK_NE(net::ERR_IO_PENDING, rv);
if (rv != net::OK)
return CONTENT_SETTING_BLOCK;
}
// We should always have a value, at least from the default provider.
DCHECK(value.get());
return content_settings::ValueToContentSetting(value.get());
}
CookieSettings::~CookieSettings() {}
void CookieSettings::OnBlockThirdPartyCookiesChanged() {
DCHECK(BrowserThread::CurrentlyOn(BrowserThread::UI));
base::AutoLock auto_lock(lock_);
block_third_party_cookies_ = pref_change_registrar_.prefs()->GetBoolean(
prefs::kBlockThirdPartyCookies);
}
bool CookieSettings::ShouldBlockThirdPartyCookies() const {
base::AutoLock auto_lock(lock_);
return block_third_party_cookies_;
}