Updating trunk VERSION from 1014.0 to 1015.0
[chromium-blink-merge.git] / net / base / cookie_util.cc
blob8d8a0c370c878db746f1b9841d012c396029f88f
1 // Copyright (c) 2011 The Chromium Authors. All rights reserved.
2 // Use of this source code is governed by a BSD-style license that can be
3 // found in the LICENSE file.
5 #include "net/base/cookie_util.h"
7 #include "base/logging.h"
8 #include "googleurl/src/gurl.h"
9 #include "net/base/net_util.h"
10 #include "net/base/registry_controlled_domain.h"
12 namespace net {
13 namespace cookie_util {
15 bool DomainIsHostOnly(const std::string& domain_string) {
16 return (domain_string.empty() || domain_string[0] != '.');
19 std::string GetEffectiveDomain(const std::string& scheme,
20 const std::string& host) {
21 if (scheme == "http" || scheme == "https")
22 return RegistryControlledDomainService::GetDomainAndRegistry(host);
24 if (!DomainIsHostOnly(host))
25 return host.substr(1);
26 return host;
29 bool GetCookieDomainWithString(const GURL& url,
30 const std::string& domain_string,
31 std::string* result) {
32 const std::string url_host(url.host());
34 // If no domain was specified in the domain string, default to a host cookie.
35 // We match IE/Firefox in allowing a domain=IPADDR if it matches the url
36 // ip address hostname exactly. It should be treated as a host cookie.
37 if (domain_string.empty() ||
38 (url.HostIsIPAddress() && url_host == domain_string)) {
39 *result = url_host;
40 DCHECK(DomainIsHostOnly(*result));
41 return true;
44 // Get the normalized domain specified in cookie line.
45 url_canon::CanonHostInfo ignored;
46 std::string cookie_domain(CanonicalizeHost(domain_string, &ignored));
47 if (cookie_domain.empty())
48 return false;
49 if (cookie_domain[0] != '.')
50 cookie_domain = "." + cookie_domain;
52 // Ensure |url| and |cookie_domain| have the same domain+registry.
53 const std::string url_scheme(url.scheme());
54 const std::string url_domain_and_registry(
55 GetEffectiveDomain(url_scheme, url_host));
56 if (url_domain_and_registry.empty())
57 return false; // IP addresses/intranet hosts can't set domain cookies.
58 const std::string cookie_domain_and_registry(
59 GetEffectiveDomain(url_scheme, cookie_domain));
60 if (url_domain_and_registry != cookie_domain_and_registry)
61 return false; // Can't set a cookie on a different domain + registry.
63 // Ensure |url_host| is |cookie_domain| or one of its subdomains. Given that
64 // we know the domain+registry are the same from the above checks, this is
65 // basically a simple string suffix check.
66 const bool is_suffix = (url_host.length() < cookie_domain.length()) ?
67 (cookie_domain != ("." + url_host)) :
68 (url_host.compare(url_host.length() - cookie_domain.length(),
69 cookie_domain.length(), cookie_domain) != 0);
70 if (is_suffix)
71 return false;
73 *result = cookie_domain;
74 return true;
77 } // namespace cookie_utils
78 } // namespace net