cookie_settings_unittest.cc | Explore in Territory

// Copyright 2018 The Chromium Authors
// Use of this source code is governed by a BSD-style license that can be
// found in the LICENSE file.

#include "services/network/cookie_settings.h"

#include <optional>
#include <tuple>
#include <utility>

#include "base/functional/callback_helpers.h"
#include "base/test/metrics/histogram_tester.h"
#include "base/test/scoped_feature_list.h"
#include "base/test/task_environment.h"
#include "components/content_settings/core/common/content_settings.h"
#include "components/content_settings/core/common/content_settings_metadata.h"
#include "components/content_settings/core/common/features.h"
#include "components/privacy_sandbox/privacy_sandbox_features.h"
#include "net/base/features.h"
#include "net/base/network_delegate.h"
#include "net/base/schemeful_site.h"
#include "net/cookies/canonical_cookie.h"
#include "net/cookies/canonical_cookie_test_helpers.h"
#include "net/cookies/cookie_constants.h"
#include "net/cookies/cookie_inclusion_status.h"
#include "net/cookies/cookie_setting_override.h"
#include "net/cookies/cookie_util.h"
#include "net/cookies/site_for_cookies.h"
#include "net/cookies/static_cookie_policy.h"
#include "net/first_party_sets/first_party_set_metadata.h"
#include "services/network/tpcd/metadata/manager.h"
#include "testing/gmock/include/gmock/gmock.h"
#include "testing/gtest/include/gtest/gtest.h"
#include "url/origin.h"

namespace network {
namespace {

_;
AllOf;
ElementsAre;
IsEmpty;
Not;
UnorderedElementsAre;

constexpr char kAllowedRequestsHistogram[] = …;

constexpr char kDomainURL[] = …;
constexpr char kURL[] = …;
constexpr char kOtherURL[] = …;
constexpr char kSubDomainURL[] = …;
constexpr char kDomain[] = …;
constexpr char kDotDomain[] = …;
constexpr char kSubDomain[] = …;
constexpr char kOtherDomain[] = …;
constexpr char kDomainWildcardPattern[] = …;
constexpr char kFPSOwnerURL[] = …;
constexpr char kFPSMemberURL[] = …;
constexpr char kUnrelatedURL[] = …;

std::unique_ptr<net::CanonicalCookie> MakeCanonicalCookie(
    const std::string& name,
    const std::string& domain,
    std::optional<net::CookiePartitionKey> cookie_partition_key =
        std::nullopt) { … }

std::unique_ptr<net::CanonicalCookie> MakeCanonicalSameSiteNoneCookie(
    const std::string& name,
    const std::string& domain,
    std::optional<net::CookiePartitionKey> cookie_partition_key =
        std::nullopt) { … }

// NOTE: Consider modifying
// /components/content_settings/core/browser/cookie_settings_unittest.cc if
// applicable.

// To avoid an explosion of test cases, please don't just add a boolean to
// the test features. Consider whether features can interact with each other and
// whether you really need all combinations.

// Controls features that can unblock 3p cookies.
enum GrantSource { … };

// Features that can block 3p cookies.
enum BlockSource { … };

enum TestVariables { … };

class CookieSettingsTestBase : public testing::Test { … };

// Default test class to be used by most tests. If you want to add a new
// parameter, consider whether all test cases actually require this parameter
// or whether it is sufficient to add a new subclass of CookieSettingsTestBase.
class CookieSettingsTest : public CookieSettingsTestBase { … };

// Parameterized class that tests combinations of StorageAccess grants and 3pcd
// grants. Tests that don't need the whole range of combinations should create
// their own parameterized subclasses.
class CookieSettingsTestP : public CookieSettingsTestBase,
                            public testing::WithParamInterface<
                                std::tuple</*kGrantSource*/ GrantSource,
                                           /*kBlockSource*/ BlockSource>> { … };

TEST_F(CookieSettingsTest, GetCookieSettingDefault) { … }

TEST_F(CookieSettingsTest, GetCookieSetting) { … }

class CookieSettingsTrackingProtectionTest : public CookieSettingsTestBase { … };

// The TRACKING_PROTECTION content setting is not registered on iOS
#if !BUILDFLAG(IS_IOS)
TEST_F(CookieSettingsTrackingProtectionTest,
       GetCookieSettingUsesTrackingProtectionSetting) { … }
#endif

TEST_F(CookieSettingsTest, GetCookieSettingMultipleProviders) { … }

TEST_F(CookieSettingsTest, GetCookieSettingOtrProviders) { … }

TEST_P(CookieSettingsTestP, GetCookieSettingMustMatchBothPatterns) { … }

TEST_F(CookieSettingsTest, GetCookieSettingGetsFirstSetting) { … }

TEST_F(CookieSettingsTest, GetCookieSettingDontBlockThirdParty) { … }

TEST_F(CookieSettingsTest, GetCookieSettingBlockThirdParty) { … }

TEST_P(CookieSettingsTestP,
       GetCookieSettingOverridePreservesSessionOnlySetting) { … }

TEST_F(CookieSettingsTest, GetCookieSettingDontBlockThirdPartyWithException) { … }

// The Storage Access API should unblock storage access that would otherwise be
// blocked.
TEST_P(CookieSettingsTestP, GetCookieSettingSAAUnblocks) { … }

TEST_P(CookieSettingsTestP, GetCookieSettingSAAUnblocksViaFedCM) { … }

// The Top-Level Storage Access API should unblock storage access that would
// otherwise be blocked.
TEST_P(CookieSettingsTestP, GetCookieSettingTopLevelStorageAccessUnblocks) { … }

// Subdomains of the granted embedding url should not gain access if a valid
// grant exists.
TEST_P(CookieSettingsTestP, GetCookieSettingSAAResourceWildcards) { … }

// Subdomains of the granted top level url should not grant access if a valid
// grant exists.
TEST_P(CookieSettingsTestP, GetCookieSettingSAATopLevelWildcards) { … }

// Any Storage Access API grant should not override an explicit setting to block
// cookie access.
TEST_P(CookieSettingsTestP, GetCookieSettingSAARespectsSettings) { … }

// Once a grant expires access should no longer be given.
TEST_P(CookieSettingsTestP, GetCookieSettingSAAExpiredGrant) { … }

TEST_F(CookieSettingsTest, CreateDeleteCookieOnExitPredicateNoSettings) { … }

TEST_F(CookieSettingsTest, CreateDeleteCookieOnExitPredicateNoSessionOnly) { … }

TEST_F(CookieSettingsTest, CreateDeleteCookieOnExitPredicateSessionOnly) { … }

TEST_F(CookieSettingsTest, CreateDeleteCookieOnExitPredicateExceptionOnly) { … }

TEST_F(CookieSettingsTest, CreateDeleteCookieOnExitPredicateAllow) { … }

TEST_F(CookieSettingsTest, GetCookieSettingSecureOriginCookiesAllowed) { … }

TEST_F(CookieSettingsTest, GetCookieSettingWithThirdPartyCookiesAllowedScheme) { … }

TEST_F(CookieSettingsTest, GetCookieSettingMatchingSchemeCookiesAllowed) { … }

TEST_F(CookieSettingsTest, LegacyCookieAccessDefault) { … }

TEST_F(CookieSettingsTest, CookieAccessSemanticsForDomain) { … }

TEST_F(CookieSettingsTest, CookieAccessSemanticsForDomainWithWildcard) { … }

TEST_P(CookieSettingsTestP, IsPrivacyModeEnabled) { … }

TEST_P(CookieSettingsTestP, IsCookieAccessible_SameSiteNoneCookie) { … }

TEST_P(CookieSettingsTestP, IsCookieAccessible_SameSiteLaxCookie) { … }

TEST_P(CookieSettingsTestP, IsCookieAccessible_PartitionedCookies) { … }

TEST_P(CookieSettingsTestP, IsCookieAccessible_NoneExemptionReason) { … }

TEST_P(CookieSettingsTestP, IsCookieAccessible_SitesInFirstPartySets) { … }

TEST_P(CookieSettingsTestP, AnnotateAndMoveUserBlockedCookies_CrossSiteEmbed) { … }

TEST_F(CookieSettingsTest,
       AnnotateAndMoveUserBlockedCookies_CrossSiteEmbed_3PCAllowed) { … }

TEST_F(CookieSettingsTest,
       AnnotateAndMoveUserBlockedCookies_SameSiteEmbed_3PCAllowed) { … }

TEST_P(CookieSettingsTestP,
       AnnotateAndMoveUserBlockedCookies_SameSiteEmbed_FirstPartyContext) { … }

TEST_P(CookieSettingsTestP,
       AnnotateAndMoveUserBlockedCookies_SameSiteEmbed_ThirdPartyContext) { … }

TEST_P(CookieSettingsTestP,
       AnnotateAndMoveUserBlockedCookies_SitesInFirstPartySet) { … }

TEST_P(
    CookieSettingsTestP,
    AnnotateAndMoveUserBlockedCookies_SitesInFirstPartySet_FirstPartyURLBlocked) { … }

namespace {

net::CookieAccessResultList MakePartitionedCookie() { … }

}  // namespace

TEST_F(CookieSettingsTest,
       AnnotateAndMoveUserBlockedCookies_PartitionedCookies) { … }

TEST_F(CookieSettingsTest, GetStorageAccessStatus) { … }

// NOTE: These tests will fail if their FINAL name is of length greater than 256
// characters. Thus, try to avoid (unnecessary) generalized parameterization
// when possible.
std::string CustomTestName(
    const testing::TestParamInfo<CookieSettingsTestP::ParamType>& info) { … }

INSTANTIATE_TEST_SUITE_P(…);

class CookieSettingsTpcdMetadataGrantsTest
    : public CookieSettingsTestBase,
      public testing::WithParamInterface</* net::features::kTpcdMetadataGrants:
                                          */
                                         bool> { … };

TEST_P(CookieSettingsTpcdMetadataGrantsTest, Grants) { … }

TEST_P(CookieSettingsTpcdMetadataGrantsTest, IsCookieAccessible) { … }

TEST_P(CookieSettingsTpcdMetadataGrantsTest,
       AnnotateAndMoveUserBlockedCookies) { … }

TEST_P(CookieSettingsTpcdMetadataGrantsTest, ExplicitSettingPreserved) { … }

INSTANTIATE_TEST_SUITE_P(…);

class CookieSettingsTpcdTrialTest
    : public CookieSettingsTestBase,
      public testing::WithParamInterface</* net::features::kTpcdTrialSettings:
                                          */
                                         bool> { … };

TEST_P(CookieSettingsTpcdTrialTest, OverrideDefaultBlock3pcSetting) { … }

TEST_P(CookieSettingsTpcdTrialTest, IsCookieAccessible) { … }

TEST_P(CookieSettingsTpcdTrialTest, AnnotateAndMoveUserBlockedCookies) { … }

TEST_P(CookieSettingsTpcdTrialTest, PreserveBlockAllCookiesSetting) { … }

TEST_P(CookieSettingsTpcdTrialTest, PreserveExplicitBlock3pcSetting) { … }

INSTANTIATE_TEST_SUITE_P(…);

class CookieSettingsTopLevelTpcdTrialTest
    : public CookieSettingsTestBase,
      public testing::
          WithParamInterface</* net::features::kTopLevelTpcdTrialSettings:
                              */
                             bool> { … };

TEST_P(CookieSettingsTopLevelTpcdTrialTest, OverrideDefaultBlock3pcSetting) { … }

TEST_P(CookieSettingsTopLevelTpcdTrialTest, IsCookieAccessible) { … }

TEST_P(CookieSettingsTopLevelTpcdTrialTest, AnnotateAndMoveUserBlockedCookies) { … }

TEST_P(CookieSettingsTopLevelTpcdTrialTest, PreserveBlockAllCookiesSetting) { … }

TEST_P(CookieSettingsTopLevelTpcdTrialTest, PreserveExplicitBlock3pcSetting) { … }

INSTANTIATE_TEST_SUITE_P(…);

// The TOP_LEVEL_TPCD_ORIGIN_TRIAL content setting type is not registered on
// iOS.

#if !BUILDFLAG(IS_IOS)
class CookieSettingsTopLevelTpcdOriginTrialTest
    : public CookieSettingsTestBase,
      public testing::
          WithParamInterface</* net::features::kTopLevelTpcdOriginTrial:
                              */
                             bool> { … };

// Verifies that `ContentSettingsType::TOP_LEVEL_TPCD_ORIGIN_TRIAL` is
// allow-by-default and doesn't prevent cookie access.
TEST_P(CookieSettingsTopLevelTpcdOriginTrialTest, AllowByDefault) { … }

TEST_P(CookieSettingsTopLevelTpcdOriginTrialTest, IsCookieAccessible) { … }

TEST_P(CookieSettingsTopLevelTpcdOriginTrialTest, UnblockedByMitigations) { … }

TEST_P(CookieSettingsTopLevelTpcdOriginTrialTest,
       BypassDefaultAllowAllCookiesSetting) { … }

TEST_P(CookieSettingsTopLevelTpcdOriginTrialTest,
       PreserveExplicitAllow3pcSetting) { … }

TEST_P(CookieSettingsTopLevelTpcdOriginTrialTest,
       PreserveExplicitBlock3pcSetting) { … }

TEST_P(CookieSettingsTopLevelTpcdOriginTrialTest,
       PreserveBlockAll3PCookiesSetting) { … }

TEST_P(CookieSettingsTopLevelTpcdOriginTrialTest,
       PreserveBlockAllCookiesSetting) { … }

TEST_P(CookieSettingsTopLevelTpcdOriginTrialTest,
       AnnotateAndMoveUserBlockedCookies) { … }

INSTANTIATE_TEST_SUITE_P(…);
#endif  // !BUILDFLAG(IS_IOS)

}  // namespace
}  // namespace network
chromium/services/network/cookie_settings_unittest.cc
