Google Git
Sign in
chromium / chromium / src.git / 2db3a4287cc5ebbd7b1189509380cfc5647715ef / . / content / browser / renderer_host / cookie_utils.cc
blob: 28c979695f4a3dd983d26c55b7e8a960ee2a460c [file] [log] [blame]
Alexander Timin1cc31f42020-05-12 16:26:01[diff] [blame]1// Copyright 2020 The Chromium Authors. All rights reserved.
2// Use of this source code is governed by a BSD-style license that can be
3// found in the LICENSE file.
4
danakjc492bf82020-09-09 20:02:44[diff] [blame]5#include "content/browser/renderer_host/cookie_utils.h"
Alexander Timin1cc31f42020-05-12 16:26:01[diff] [blame]6
7#include "content/browser/devtools/devtools_instrumentation.h"
danakjc492bf82020-09-09 20:02:44[diff] [blame]8#include "content/browser/renderer_host/frame_tree_node.h"
9#include "content/browser/renderer_host/render_frame_host_impl.h"
Alexander Timin1cc31f42020-05-12 16:26:01[diff] [blame]10#include "content/public/browser/browser_context.h"
11#include "content/public/browser/cookie_access_details.h"
12#include "content/public/common/content_client.h"
Jihwan Marc Kim3e132f12020-05-20 17:33:19[diff] [blame]13#include "net/cookies/cookie_inclusion_status.h"
Alexander Timin1cc31f42020-05-12 16:26:01[diff] [blame]14#include "services/metrics/public/cpp/ukm_builders.h"
15
16namespace content {
17
18namespace {
19
Jihwan Marc Kim3e132f12020-05-20 17:33:19[diff] [blame]20void RecordContextDowngradeUKM(RenderFrameHost* rfh,
21 CookieAccessDetails::Type access_type,
22 const net::CookieInclusionStatus& status,
23 const GURL& url) {
Alexander Timin1cc31f42020-05-12 16:26:01[diff] [blame]24 DCHECK(rfh);
25 ukm::SourceId source_id = rfh->GetPageUkmSourceId();
26
27 if (access_type == CookieAccessDetails::Type::kRead) {
28 ukm::builders::SchemefulSameSiteContextDowngrade(source_id)
29 .SetRequestPerCookie(status.GetBreakingDowngradeMetricsEnumValue(url))
30 .Record(ukm::UkmRecorder::Get());
31 } else {
32 DCHECK(access_type == CookieAccessDetails::Type::kChange);
33 ukm::builders::SchemefulSameSiteContextDowngrade(source_id)
34 .SetResponsePerCookie(status.GetBreakingDowngradeMetricsEnumValue(url))
35 .Record(ukm::UkmRecorder::Get());
36 }
37}
38
Simon Zünd657178e2021-05-27 06:19:55[diff] [blame]39bool ShouldReportDevToolsIssueForStatus(
40 const net::CookieInclusionStatus& status) {
41 return status.ShouldWarn() ||
42 status.HasExclusionReason(
43 net::CookieInclusionStatus::EXCLUDE_INVALID_SAMEPARTY);
44}
45
Alexander Timin1cc31f42020-05-12 16:26:01[diff] [blame]46} // namespace
47
48void SplitCookiesIntoAllowedAndBlocked(
49 const network::mojom::CookieAccessDetailsPtr& cookie_details,
50 CookieAccessDetails* allowed,
51 CookieAccessDetails* blocked) {
52 *allowed =
53 CookieAccessDetails({cookie_details->type,
54 cookie_details->url,
55 cookie_details->site_for_cookies.RepresentativeUrl(),
56 {},
57 /* blocked_by_policy=*/false});
58 *blocked =
59 CookieAccessDetails({cookie_details->type,
60 cookie_details->url,
61 cookie_details->site_for_cookies.RepresentativeUrl(),
62 {},
63 /* blocked_by_policy=*/true});
64
Ayu Ishii2e3998902020-07-14 18:22:30[diff] [blame]65 for (auto& cookie_and_access_result : cookie_details->cookie_list) {
cfredric76b2d222021-01-27 20:12:04[diff] [blame]66 if (cookie_and_access_result->access_result.status.HasOnlyExclusionReason(
Jihwan Marc Kim3e132f12020-05-20 17:33:19[diff] [blame]67 net::CookieInclusionStatus::EXCLUDE_USER_PREFERENCES)) {
Ayu Ishii2e3998902020-07-14 18:22:30[diff] [blame]68 blocked->cookie_list.push_back(
cfredric76b2d222021-01-27 20:12:04[diff] [blame]69 std::move(cookie_and_access_result->cookie_or_line->get_cookie()));
70 } else if (cookie_and_access_result->access_result.status.IsInclude()) {
Ayu Ishii2e3998902020-07-14 18:22:30[diff] [blame]71 allowed->cookie_list.push_back(
cfredric76b2d222021-01-27 20:12:04[diff] [blame]72 std::move(cookie_and_access_result->cookie_or_line->get_cookie()));
Alexander Timin1cc31f42020-05-12 16:26:01[diff] [blame]73 }
74 }
75}
76
cfredrica5fb0982021-01-09 00:18:01[diff] [blame]77void EmitCookieWarningsAndMetrics(
Alexander Timin1cc31f42020-05-12 16:26:01[diff] [blame]78 RenderFrameHostImpl* rfh,
79 const network::mojom::CookieAccessDetailsPtr& cookie_details) {
80 RenderFrameHostImpl* root_frame_host = rfh->GetMainFrame();
81
Sreeja Kamishettye49854f82021-06-02 00:52:03[diff] [blame]82 if (!root_frame_host->IsActive())
Alexander Timin1cc31f42020-05-12 16:26:01[diff] [blame]83 return;
84
85 bool samesite_treated_as_lax_cookies = false;
86 bool samesite_none_insecure_cookies = false;
Alexander Timin1cc31f42020-05-12 16:26:01[diff] [blame]87 bool breaking_context_downgrade = false;
Lily Chenc4423c02021-03-11 16:02:02[diff] [blame]88 bool lax_allow_unsafe_cookies = false;
Alexander Timin1cc31f42020-05-12 16:26:01[diff] [blame]89
cfredrica5fb0982021-01-09 00:18:01[diff] [blame]90 bool same_party = false;
91 bool same_party_exclusion_overruled_samesite = false;
92 bool same_party_inclusion_overruled_samesite = false;
93
cfredric362c4a02021-07-09 22:40:40[diff] [blame]94 bool samesite_none_cookie_required = false;
95 bool samesite_none_cookie_sameparty_included_by_top_resource = false;
96 bool samesite_none_cookie_sameparty_included_by_ancestors = false;
97 bool samesite_none_cookie_included_by_samesite_lax = false;
98 bool samesite_none_cookie_included_by_samesite_strict = false;
99
Lily Chen2db3a422021-07-20 18:02:25[diff] [blame^]100 bool samesite_cookie_inclusion_changed_by_cross_site_redirect = false;
101
cfredric76b2d222021-01-27 20:12:04[diff] [blame]102 for (const network::mojom::CookieOrLineWithAccessResultPtr& cookie :
Alexander Timin1cc31f42020-05-12 16:26:01[diff] [blame]103 cookie_details->cookie_list) {
Simon Zünd657178e2021-05-27 06:19:55[diff] [blame]104 if (ShouldReportDevToolsIssueForStatus(cookie->access_result.status)) {
105 devtools_instrumentation::ReportSameSiteCookieIssue(
106 root_frame_host, cookie, cookie_details->url,
107 cookie_details->site_for_cookies,
108 cookie_details->type == CookieAccessDetails::Type::kRead
109 ? blink::mojom::SameSiteCookieOperation::kReadCookie
110 : blink::mojom::SameSiteCookieOperation::kSetCookie,
111 cookie_details->devtools_request_id);
112 }
113
cfredric76b2d222021-01-27 20:12:04[diff] [blame]114 if (cookie->access_result.status.ShouldWarn()) {
115 const net::CookieInclusionStatus& status = cookie->access_result.status;
Lily Chen9de4065b2020-06-24 20:18:47[diff] [blame]116 samesite_treated_as_lax_cookies =
117 samesite_treated_as_lax_cookies ||
cfredrica5fb0982021-01-09 00:18:01[diff] [blame]118 status.HasWarningReason(
Jihwan Marc Kim3e132f12020-05-20 17:33:19[diff] [blame]119 net::CookieInclusionStatus::
Lily Chen9de4065b2020-06-24 20:18:47[diff] [blame]120 WARN_SAMESITE_UNSPECIFIED_CROSS_SITE_CONTEXT) ||
cfredrica5fb0982021-01-09 00:18:01[diff] [blame]121 status.HasWarningReason(
Jihwan Marc Kim3e132f12020-05-20 17:33:19[diff] [blame]122 net::CookieInclusionStatus::
Lily Chen9de4065b2020-06-24 20:18:47[diff] [blame]123 WARN_SAMESITE_UNSPECIFIED_LAX_ALLOW_UNSAFE);
Alexander Timin1cc31f42020-05-12 16:26:01[diff] [blame]124
Lily Chen9de4065b2020-06-24 20:18:47[diff] [blame]125 samesite_none_insecure_cookies =
126 samesite_none_insecure_cookies ||
cfredrica5fb0982021-01-09 00:18:01[diff] [blame]127 status.HasWarningReason(
Lily Chen9de4065b2020-06-24 20:18:47[diff] [blame]128 net::CookieInclusionStatus::WARN_SAMESITE_NONE_INSECURE);
129
Lily Chenc4423c02021-03-11 16:02:02[diff] [blame]130 lax_allow_unsafe_cookies =
131 lax_allow_unsafe_cookies ||
132 status.HasWarningReason(
133 net::CookieInclusionStatus::
134 WARN_SAMESITE_UNSPECIFIED_LAX_ALLOW_UNSAFE);
135
cfredrica5fb0982021-01-09 00:18:01[diff] [blame]136 same_party = same_party ||
137 status.HasWarningReason(
138 net::CookieInclusionStatus::WARN_TREATED_AS_SAMEPARTY);
139
140 same_party_exclusion_overruled_samesite =
141 same_party_exclusion_overruled_samesite ||
142 status.HasWarningReason(
143 net::CookieInclusionStatus::
144 WARN_SAMEPARTY_EXCLUSION_OVERRULED_SAMESITE);
145
146 same_party_inclusion_overruled_samesite =
147 same_party_inclusion_overruled_samesite ||
148 status.HasWarningReason(
149 net::CookieInclusionStatus::
150 WARN_SAMEPARTY_INCLUSION_OVERRULED_SAMESITE);
cfredric362c4a02021-07-09 22:40:40[diff] [blame]151
152 samesite_none_cookie_required =
153 samesite_none_cookie_required ||
154 status.HasWarningReason(
155 net::CookieInclusionStatus::WARN_SAMESITE_NONE_REQUIRED);
156 samesite_none_cookie_sameparty_included_by_top_resource =
157 samesite_none_cookie_sameparty_included_by_top_resource ||
158 status.HasWarningReason(
159 net::CookieInclusionStatus::
160 WARN_SAMESITE_NONE_INCLUDED_BY_SAMEPARTY_TOP_RESOURCE);
161 samesite_none_cookie_sameparty_included_by_ancestors =
162 samesite_none_cookie_sameparty_included_by_ancestors ||
163 status.HasWarningReason(
164 net::CookieInclusionStatus::
165 WARN_SAMESITE_NONE_INCLUDED_BY_SAMEPARTY_ANCESTORS);
166 samesite_none_cookie_included_by_samesite_lax =
167 samesite_none_cookie_included_by_samesite_lax ||
168 status.HasWarningReason(
169 net::CookieInclusionStatus::
170 WARN_SAMESITE_NONE_INCLUDED_BY_SAMESITE_LAX);
171 samesite_none_cookie_included_by_samesite_strict =
172 samesite_none_cookie_included_by_samesite_strict ||
173 status.HasWarningReason(
174 net::CookieInclusionStatus::
175 WARN_SAMESITE_NONE_INCLUDED_BY_SAMESITE_STRICT);
Lily Chen2db3a422021-07-20 18:02:25[diff] [blame^]176
177 samesite_cookie_inclusion_changed_by_cross_site_redirect =
178 samesite_cookie_inclusion_changed_by_cross_site_redirect ||
179 status.HasWarningReason(
180 net::CookieInclusionStatus::
181 WARN_CROSS_SITE_REDIRECT_DOWNGRADE_CHANGES_INCLUSION);
Alexander Timin1cc31f42020-05-12 16:26:01[diff] [blame]182 }
Alexander Timin1cc31f42020-05-12 16:26:01[diff] [blame]183
Ayu Ishii2e3998902020-07-14 18:22:30[diff] [blame]184 breaking_context_downgrade =
185 breaking_context_downgrade ||
cfredric76b2d222021-01-27 20:12:04[diff] [blame]186 cookie->access_result.status.HasDowngradeWarning();
Alexander Timin1cc31f42020-05-12 16:26:01[diff] [blame]187
cfredric76b2d222021-01-27 20:12:04[diff] [blame]188 if (cookie->access_result.status.HasDowngradeWarning()) {
Steven Binglerdad03342020-05-19 17:21:59[diff] [blame]189 // Unlike with UMA, do not record cookies that have no downgrade warning.
Alexander Timin1cc31f42020-05-12 16:26:01[diff] [blame]190 RecordContextDowngradeUKM(rfh, cookie_details->type,
cfredric76b2d222021-01-27 20:12:04[diff] [blame]191 cookie->access_result.status,
Ayu Ishii2e3998902020-07-14 18:22:30[diff] [blame]192 cookie_details->url);
Alexander Timin1cc31f42020-05-12 16:26:01[diff] [blame]193 }
194 }
195
Alexander Timin1cc31f42020-05-12 16:26:01[diff] [blame]196 if (samesite_treated_as_lax_cookies) {
197 GetContentClient()->browser()->LogWebFeatureForCurrentPage(
198 rfh, blink::mojom::WebFeature::kCookieNoSameSite);
199 }
200
201 if (samesite_none_insecure_cookies) {
202 GetContentClient()->browser()->LogWebFeatureForCurrentPage(
203 rfh, blink::mojom::WebFeature::kCookieInsecureAndSameSiteNone);
204 }
205
206 if (breaking_context_downgrade) {
207 GetContentClient()->browser()->LogWebFeatureForCurrentPage(
208 rfh, blink::mojom::WebFeature::kSchemefulSameSiteContextDowngrade);
209 }
cfredrica5fb0982021-01-09 00:18:01[diff] [blame]210
Lily Chenc4423c02021-03-11 16:02:02[diff] [blame]211 if (lax_allow_unsafe_cookies) {
212 GetContentClient()->browser()->LogWebFeatureForCurrentPage(
213 rfh, blink::mojom::WebFeature::kLaxAllowingUnsafeCookies);
214 }
215
cfredrica5fb0982021-01-09 00:18:01[diff] [blame]216 if (same_party) {
217 GetContentClient()->browser()->LogWebFeatureForCurrentPage(
218 rfh, blink::mojom::WebFeature::kSamePartyCookieAttribute);
219 }
220
221 if (same_party_exclusion_overruled_samesite) {
222 GetContentClient()->browser()->LogWebFeatureForCurrentPage(
223 rfh,
224 blink::mojom::WebFeature::kSamePartyCookieExclusionOverruledSameSite);
225 }
226
227 if (same_party_inclusion_overruled_samesite) {
228 GetContentClient()->browser()->LogWebFeatureForCurrentPage(
229 rfh,
230 blink::mojom::WebFeature::kSamePartyCookieInclusionOverruledSameSite);
231 }
cfredric362c4a02021-07-09 22:40:40[diff] [blame]232
233 if (samesite_none_cookie_required) {
234 GetContentClient()->browser()->LogWebFeatureForCurrentPage(
235 rfh, blink::mojom::WebFeature::kSameSiteNoneRequired);
236 }
237 if (samesite_none_cookie_sameparty_included_by_top_resource) {
238 GetContentClient()->browser()->LogWebFeatureForCurrentPage(
239 rfh,
240 blink::mojom::WebFeature::kSameSiteNoneIncludedBySamePartyTopResource);
241 }
242 if (samesite_none_cookie_sameparty_included_by_ancestors) {
243 GetContentClient()->browser()->LogWebFeatureForCurrentPage(
244 rfh,
245 blink::mojom::WebFeature::kSameSiteNoneIncludedBySamePartyAncestors);
246 }
247 if (samesite_none_cookie_included_by_samesite_lax) {
248 GetContentClient()->browser()->LogWebFeatureForCurrentPage(
249 rfh, blink::mojom::WebFeature::kSameSiteNoneIncludedBySameSiteLax);
250 }
251 if (samesite_none_cookie_included_by_samesite_strict) {
252 GetContentClient()->browser()->LogWebFeatureForCurrentPage(
253 rfh, blink::mojom::WebFeature::kSameSiteNoneIncludedBySameSiteStrict);
254 }
Lily Chen2db3a422021-07-20 18:02:25[diff] [blame^]255
256 if (samesite_cookie_inclusion_changed_by_cross_site_redirect) {
257 GetContentClient()->browser()->LogWebFeatureForCurrentPage(
258 rfh, blink::mojom::WebFeature::
259 kSameSiteCookieInclusionChangedByCrossSiteRedirect);
260 }
Alexander Timin1cc31f42020-05-12 16:26:01[diff] [blame]261}
262
263} // namespace content