Google Git
Sign in
chromium / chromium / src.git / 6bfe7b30555ba3c3a1ba272493ef1f2dd2127c7f / . / chrome / browser / net / samesite_cookies_policy_browsertest.cc
blob: bd82a3e5b9d114b78dc23f04b2e28987d89d8823 [file] [log] [blame]
Lily Chen4d9d84a2019-10-18 20:57:27[diff] [blame]1// Copyright 2019 The Chromium Authors. All rights reserved.
2// Use of this source code is governed by a BSD-style license that can be
3// found in the LICENSE file.
4
5#include <memory>
6
7#include "base/command_line.h"
8#include "base/test/scoped_feature_list.h"
9#include "chrome/browser/policy/policy_test_utils.h"
10#include "chrome/browser/profiles/profile.h"
11#include "chrome/browser/ui/browser.h"
12#include "chrome/test/base/in_process_browser_test.h"
13#include "components/policy/core/common/policy_map.h"
14#include "components/policy/policy_constants.h"
Peter Kasting919ce652020-05-07 10:22:36[diff] [blame]15#include "content/public/test/browser_test.h"
Lily Chen4d9d84a2019-10-18 20:57:27[diff] [blame]16#include "content/public/test/browser_test_utils.h"
17#include "content/public/test/test_utils.h"
18#include "net/base/features.h"
19#include "testing/gmock/include/gmock/gmock.h"
20#include "testing/gtest/include/gtest/gtest.h"
21
22namespace policy {
23
24namespace {
25const char kURL[] = "http://example.com";
26} // namespace
27
28// Test fixture that enables (if param is true) and disables (if param is false)
Steven Bingler01b87f92020-07-17 13:53:29[diff] [blame]29// SameSite-by-default, Cookies-without-SameSite-must-be-Secure, and Schemeful
30// Same-Site to test the policies that override those features, under both
31// conditions.
Lily Chen4d9d84a2019-10-18 20:57:27[diff] [blame]32class SameSiteCookiesPolicyTest : public PolicyTest,
33 public ::testing::WithParamInterface<bool> {
34 public:
35 SameSiteCookiesPolicyTest() {
36 std::vector<base::Feature> samesite_features = {
37 net::features::kSameSiteByDefaultCookies,
Steven Bingler01b87f92020-07-17 13:53:29[diff] [blame]38 net::features::kCookiesWithoutSameSiteMustBeSecure,
39 net::features::kSchemefulSameSite};
Lily Chen4d9d84a2019-10-18 20:57:27[diff] [blame]40 if (AreSameSiteFeaturesEnabled()) {
41 feature_list_.InitWithFeatures(samesite_features /* enabled */, {});
42 } else {
43 feature_list_.InitWithFeatures({}, samesite_features /* disabled */);
44 }
45 }
46
47 ~SameSiteCookiesPolicyTest() = default;
48
49 protected:
50 bool AreSameSiteFeaturesEnabled() { return GetParam(); }
51
52 private:
53 base::test::ScopedFeatureList feature_list_;
54};
55
56IN_PROC_BROWSER_TEST_P(SameSiteCookiesPolicyTest,
57 DefaultLegacyCookieAccessSettingIsAllow) {
58 PolicyMap policies;
59 // Set a policy to allow Legacy access for all cookies.
60 SetPolicy(&policies, key::kLegacySameSiteCookieBehaviorEnabled,
Aya ElAttare8811742020-07-20 08:24:37[diff] [blame]61 base::Value(1));
Lily Chen4d9d84a2019-10-18 20:57:27[diff] [blame]62 UpdateProviderPolicy(policies);
63
64 GURL url(kURL);
65 Profile* profile = browser()->profile();
66
67 // No cookies at startup
68 ASSERT_TRUE(content::GetCookies(profile, url).empty());
69
70 // Set a cookie from a same-site context. The cookie does not specify
71 // SameSite, so it may default to Lax if the SameSite features are enabled.
72 // Since the context used is same-site, it should always work.
Steven Bingler8d76c2a42020-03-24 17:13:32[diff] [blame]73 EXPECT_TRUE(content::SetCookie(profile, url, "samesite-unspecified=1",
74 net::CookieOptions::SameSiteCookieContext(
75 net::CookieOptions::SameSiteCookieContext::
76 ContextType::SAME_SITE_LAX)));
Lily Chen4d9d84a2019-10-18 20:57:27[diff] [blame]77 EXPECT_EQ("samesite-unspecified=1", content::GetCookies(profile, url));
78
79 // Overwrite the cookie from a cross-site context. Because we have a policy
80 // that allows Legacy access for all domains, this will work even if the
81 // SameSite features are enabled. (It works regardless, if they are disabled.)
82 EXPECT_TRUE(content::SetCookie(
83 profile, url, "samesite-unspecified=2",
Steven Bingler8d76c2a42020-03-24 17:13:32[diff] [blame]84 net::CookieOptions::SameSiteCookieContext(
85 net::CookieOptions::SameSiteCookieContext::ContextType::CROSS_SITE)));
Lily Chen4d9d84a2019-10-18 20:57:27[diff] [blame]86 // Cookie has the new value because we were able to successfully overwrite it.
87 EXPECT_EQ("samesite-unspecified=2", content::GetCookies(profile, url));
88 // Fetching the cookies from a cross-site context also works because of the
89 // policy.
Steven Bingler8d76c2a42020-03-24 17:13:32[diff] [blame]90 EXPECT_EQ("samesite-unspecified=2",
91 content::GetCookies(profile, url,
92 net::CookieOptions::SameSiteCookieContext(
93 net::CookieOptions::SameSiteCookieContext::
94 ContextType::CROSS_SITE)));
Steven Bingler01b87f92020-07-17 13:53:29[diff] [blame]95
96 // When Schemeful Same-Site is enabled a context downgrade to an insufficient
97 // context should still be allowed with legacy access. This'll always work if
98 // Schemeful Same-Site is disabled because the schemeless context is Lax
99 // which is sufficient.
100 EXPECT_TRUE(content::SetCookie(
101 profile, url, "samesite-lax=1; SameSite=Lax",
102 net::CookieOptions::SameSiteCookieContext(
103 net::CookieOptions::SameSiteCookieContext::ContextType::SAME_SITE_LAX,
104 net::CookieOptions::SameSiteCookieContext::ContextType::CROSS_SITE)));
105 // Similarly when we try to get the cookie.
106 EXPECT_THAT(
107 content::GetCookies(profile, url,
108 net::CookieOptions::SameSiteCookieContext(
109 net::CookieOptions::SameSiteCookieContext::
110 ContextType::SAME_SITE_LAX,
111 net::CookieOptions::SameSiteCookieContext::
112 ContextType::CROSS_SITE)),
113 testing::HasSubstr("samesite-lax=1"));
Lily Chen4d9d84a2019-10-18 20:57:27[diff] [blame]114}
115
116IN_PROC_BROWSER_TEST_P(SameSiteCookiesPolicyTest,
117 DefaultLegacyCookieAccessSettingIsBlock) {
118 PolicyMap policies;
119 // Set a policy to block Legacy access for all cookies.
120 SetPolicy(&policies, key::kLegacySameSiteCookieBehaviorEnabled,
Aya ElAttare8811742020-07-20 08:24:37[diff] [blame]121 base::Value(2));
Lily Chen4d9d84a2019-10-18 20:57:27[diff] [blame]122 UpdateProviderPolicy(policies);
123
124 GURL url(kURL);
125 Profile* profile = browser()->profile();
126
127 // No cookies at startup
128 ASSERT_TRUE(content::GetCookies(profile, url).empty());
129
130 // Set a cookie from a same-site context. The cookie does not specify
131 // SameSite, so it may default to Lax if the SameSite features are enabled.
132 // Since the context used is same-site, it should always work.
Steven Bingler8d76c2a42020-03-24 17:13:32[diff] [blame]133 EXPECT_TRUE(content::SetCookie(profile, url, "samesite-unspecified=1",
134 net::CookieOptions::SameSiteCookieContext(
135 net::CookieOptions::SameSiteCookieContext::
136 ContextType::SAME_SITE_LAX)));
Lily Chen4d9d84a2019-10-18 20:57:27[diff] [blame]137 EXPECT_EQ("samesite-unspecified=1", content::GetCookies(profile, url));
138
139 // Overwrite the cookie from a cross-site context. Because we have a policy
140 // that blocks Legacy access for all domains, this will not work even if the
141 // SameSite features are disabled. (It doesn't work regardless, if they are
142 // enabled.)
143 EXPECT_FALSE(content::SetCookie(
144 profile, url, "samesite-unspecified=2",
Steven Bingler8d76c2a42020-03-24 17:13:32[diff] [blame]145 net::CookieOptions::SameSiteCookieContext(
146 net::CookieOptions::SameSiteCookieContext::ContextType::CROSS_SITE)));
Lily Chen4d9d84a2019-10-18 20:57:27[diff] [blame]147 // Cookie still has the previous value because re-setting it failed.
148 EXPECT_EQ("samesite-unspecified=1", content::GetCookies(profile, url));
149 // Fetching the unspecified-samesite cookie from a cross-site context does not
150 // work because of the policy.
Steven Bingler8d76c2a42020-03-24 17:13:32[diff] [blame]151 EXPECT_EQ("",
152 content::GetCookies(profile, url,
153 net::CookieOptions::SameSiteCookieContext(
154 net::CookieOptions::SameSiteCookieContext::
155 ContextType::CROSS_SITE)));
Steven Bingler01b87f92020-07-17 13:53:29[diff] [blame]156
157 // When Schemeful Same-Site is enabled a context downgrade to an insufficient
158 // context should always be blocked. If Schemeful Same-Site is disabled then
159 // this shouldn't be blocked.
160 // Similarly when we try to get the cookie.
161 if (AreSameSiteFeaturesEnabled()) {
162 EXPECT_FALSE(
163 content::SetCookie(profile, url, "samesite-lax=1; SameSite=Lax",
164 net::CookieOptions::SameSiteCookieContext(
165 net::CookieOptions::SameSiteCookieContext::
166 ContextType::SAME_SITE_LAX,
167 net::CookieOptions::SameSiteCookieContext::
168 ContextType::CROSS_SITE)));
169 // We should be able to get the cookie which was previously added.
170 EXPECT_EQ("samesite-unspecified=1", content::GetCookies(profile, url));
171 // But no cookies should be returned for a downgrade to an insufficient
172 // context, since SameSite-by-default is active which requires a minimum of
173 // a Lax context.
174 EXPECT_EQ(
175 "", content::GetCookies(profile, url,
176 net::CookieOptions::SameSiteCookieContext(
177 net::CookieOptions::SameSiteCookieContext::
178 ContextType::SAME_SITE_LAX,
179 net::CookieOptions::SameSiteCookieContext::
180 ContextType::CROSS_SITE)));
181 } else {
182 EXPECT_TRUE(
183 content::SetCookie(profile, url, "samesite-lax=1; SameSite=Lax",
184 net::CookieOptions::SameSiteCookieContext(
185 net::CookieOptions::SameSiteCookieContext::
186 ContextType::SAME_SITE_LAX,
187 net::CookieOptions::SameSiteCookieContext::
188 ContextType::CROSS_SITE)));
189 EXPECT_THAT(
190 content::GetCookies(profile, url,
191 net::CookieOptions::SameSiteCookieContext(
192 net::CookieOptions::SameSiteCookieContext::
193 ContextType::SAME_SITE_LAX,
194 net::CookieOptions::SameSiteCookieContext::
195 ContextType::CROSS_SITE)),
196 testing::HasSubstr("samesite-lax=1"));
197 }
Lily Chen4d9d84a2019-10-18 20:57:27[diff] [blame]198}
199
200IN_PROC_BROWSER_TEST_P(SameSiteCookiesPolicyTest,
201 AllowLegacyCookieAccessForDomain) {
202 GURL legacy_allowed_domain_url(kURL);
203 GURL other_domain_url("http://other-domain.example");
204
205 // Set a policy to allow Legacy cookie access for one domain only.
Aya ElAttare8811742020-07-20 08:24:37[diff] [blame]206 base::Value policy_value(base::Value::Type::LIST);
207 policy_value.Append(legacy_allowed_domain_url.host());
Lily Chen4d9d84a2019-10-18 20:57:27[diff] [blame]208
209 PolicyMap policies;
210 // Set a policy to allow Legacy access for the given domain only.
211 SetPolicy(&policies, key::kLegacySameSiteCookieBehaviorEnabledForDomainList,
212 std::move(policy_value));
213 UpdateProviderPolicy(policies);
214
215 Profile* profile = browser()->profile();
216
217 // No cookies at startup
218 ASSERT_TRUE(content::GetCookies(profile, legacy_allowed_domain_url).empty());
219 ASSERT_TRUE(content::GetCookies(profile, other_domain_url).empty());
220
221 // Set a cookie from a same-site context. The cookie does not specify
222 // SameSite, so it may default to Lax if the SameSite features are enabled.
223 // Since the context used is same-site, it should always work.
Steven Bingler8d76c2a42020-03-24 17:13:32[diff] [blame]224 EXPECT_TRUE(content::SetCookie(profile, legacy_allowed_domain_url,
225 "samesite-unspecified=1",
226 net::CookieOptions::SameSiteCookieContext(
227 net::CookieOptions::SameSiteCookieContext::
228 ContextType::SAME_SITE_LAX)));
Lily Chen4d9d84a2019-10-18 20:57:27[diff] [blame]229 EXPECT_EQ("samesite-unspecified=1",
230 content::GetCookies(profile, legacy_allowed_domain_url));
231 // Do the same on the other domain...
Steven Bingler8d76c2a42020-03-24 17:13:32[diff] [blame]232 EXPECT_TRUE(content::SetCookie(profile, other_domain_url,
233 "samesite-unspecified=1",
234 net::CookieOptions::SameSiteCookieContext(
235 net::CookieOptions::SameSiteCookieContext::
236 ContextType::SAME_SITE_LAX)));
Lily Chen4d9d84a2019-10-18 20:57:27[diff] [blame]237 EXPECT_EQ("samesite-unspecified=1",
238 content::GetCookies(profile, other_domain_url));
239
240 // Overwrite the cookie from a cross-site context. Because we have a policy
241 // that allows Legacy access for one domain but not the other, this will work
242 // on the policy-specified domain even if SameSite features are enabled, but
243 // it will not work for the other domain. (It works regardless, if they are
244 // disabled.)
245 EXPECT_TRUE(content::SetCookie(
246 profile, legacy_allowed_domain_url, "samesite-unspecified=2",
Steven Bingler8d76c2a42020-03-24 17:13:32[diff] [blame]247 net::CookieOptions::SameSiteCookieContext(
248 net::CookieOptions::SameSiteCookieContext::ContextType::CROSS_SITE)));
Lily Chen4d9d84a2019-10-18 20:57:27[diff] [blame]249 EXPECT_EQ("samesite-unspecified=2",
250 content::GetCookies(profile, legacy_allowed_domain_url));
251 EXPECT_EQ("samesite-unspecified=2",
Steven Bingler8d76c2a42020-03-24 17:13:32[diff] [blame]252 content::GetCookies(profile, legacy_allowed_domain_url,
253 net::CookieOptions::SameSiteCookieContext(
254 net::CookieOptions::SameSiteCookieContext::
255 ContextType::CROSS_SITE)));
Steven Bingler01b87f92020-07-17 13:53:29[diff] [blame]256 // When Schemeful Same-Site is enabled a context downgrade to an insufficient
257 // context should still be allowed with legacy access. This'll always work if
258 // Schemeful Same-Site is disabled because the schemeless context is Lax
259 // which is sufficient.
260 EXPECT_TRUE(content::SetCookie(
261 profile, legacy_allowed_domain_url, "samesite-lax=1; SameSite=Lax",
262 net::CookieOptions::SameSiteCookieContext(
263 net::CookieOptions::SameSiteCookieContext::ContextType::SAME_SITE_LAX,
264 net::CookieOptions::SameSiteCookieContext::ContextType::CROSS_SITE)));
265 // Similarly when we try to get the cookie.
266 EXPECT_THAT(
267 content::GetCookies(profile, legacy_allowed_domain_url,
268 net::CookieOptions::SameSiteCookieContext(
269 net::CookieOptions::SameSiteCookieContext::
270 ContextType::SAME_SITE_LAX,
271 net::CookieOptions::SameSiteCookieContext::
272 ContextType::CROSS_SITE)),
273 testing::HasSubstr("samesite-lax=1"));
274
Lily Chen4d9d84a2019-10-18 20:57:27[diff] [blame]275 // For the domain that is not Legacy by policy, we expect it to work only if
276 // the SameSite features are disabled.
277 if (AreSameSiteFeaturesEnabled()) {
Steven Bingler8d76c2a42020-03-24 17:13:32[diff] [blame]278 EXPECT_FALSE(
279 content::SetCookie(profile, other_domain_url, "samesite-unspecified=2",
280 net::CookieOptions::SameSiteCookieContext(
281 net::CookieOptions::SameSiteCookieContext::
282 ContextType::CROSS_SITE)));
Lily Chen4d9d84a2019-10-18 20:57:27[diff] [blame]283 EXPECT_EQ("samesite-unspecified=1",
284 content::GetCookies(profile, other_domain_url));
Steven Bingler8d76c2a42020-03-24 17:13:32[diff] [blame]285 EXPECT_EQ(
286 "", content::GetCookies(profile, other_domain_url,
287 net::CookieOptions::SameSiteCookieContext(
288 net::CookieOptions::SameSiteCookieContext::
289 ContextType::CROSS_SITE)));
Steven Bingler01b87f92020-07-17 13:53:29[diff] [blame]290 EXPECT_FALSE(content::SetCookie(
291 profile, other_domain_url, "samesite-lax=1; SameSite=Lax",
292 net::CookieOptions::SameSiteCookieContext(
293 net::CookieOptions::SameSiteCookieContext::ContextType::
294 SAME_SITE_LAX,
295 net::CookieOptions::SameSiteCookieContext::ContextType::
296 CROSS_SITE)));
297 // We should be able to get the cookie which was previously added.
298 EXPECT_EQ("samesite-unspecified=1",
299 content::GetCookies(profile, other_domain_url));
300 // But no cookies should be returned for a downgrade to an insufficient
301 // context, since SameSite-by-default is active which requires a minimum of
302 // a Lax context.
303 EXPECT_EQ(
304 "", content::GetCookies(profile, other_domain_url,
305 net::CookieOptions::SameSiteCookieContext(
306 net::CookieOptions::SameSiteCookieContext::
307 ContextType::SAME_SITE_LAX,
308 net::CookieOptions::SameSiteCookieContext::
309 ContextType::CROSS_SITE)));
Lily Chen4d9d84a2019-10-18 20:57:27[diff] [blame]310 } else {
Steven Bingler8d76c2a42020-03-24 17:13:32[diff] [blame]311 EXPECT_TRUE(
312 content::SetCookie(profile, other_domain_url, "samesite-unspecified=2",
313 net::CookieOptions::SameSiteCookieContext(
314 net::CookieOptions::SameSiteCookieContext::
315 ContextType::CROSS_SITE)));
Lily Chen4d9d84a2019-10-18 20:57:27[diff] [blame]316 EXPECT_EQ("samesite-unspecified=2",
317 content::GetCookies(profile, other_domain_url));
Steven Bingler8d76c2a42020-03-24 17:13:32[diff] [blame]318 EXPECT_EQ(
319 "samesite-unspecified=2",
320 content::GetCookies(profile, other_domain_url,
321 net::CookieOptions::SameSiteCookieContext(
322 net::CookieOptions::SameSiteCookieContext::
323 ContextType::CROSS_SITE)));
Steven Bingler01b87f92020-07-17 13:53:29[diff] [blame]324
325 EXPECT_TRUE(content::SetCookie(
326 profile, other_domain_url, "samesite-lax=1; SameSite=Lax",
327 net::CookieOptions::SameSiteCookieContext(
328 net::CookieOptions::SameSiteCookieContext::ContextType::
329 SAME_SITE_LAX,
330 net::CookieOptions::SameSiteCookieContext::ContextType::
331 CROSS_SITE)));
332 EXPECT_THAT(
333 content::GetCookies(profile, other_domain_url,
334 net::CookieOptions::SameSiteCookieContext(
335 net::CookieOptions::SameSiteCookieContext::
336 ContextType::SAME_SITE_LAX,
337 net::CookieOptions::SameSiteCookieContext::
338 ContextType::CROSS_SITE)),
339 testing::HasSubstr("samesite-lax=1"));
Lily Chen4d9d84a2019-10-18 20:57:27[diff] [blame]340 }
341}
342
Ilia Samsonova20b6f32019-12-09 03:20:43[diff] [blame]343INSTANTIATE_TEST_SUITE_P(All,
Lily Chen4d9d84a2019-10-18 20:57:27[diff] [blame]344 SameSiteCookiesPolicyTest,
345 ::testing::Bool());
346
347} // namespace policy