From 2180af0a401c4f37d31f96bf1d5d141e4ec4be8d Mon Sep 17 00:00:00 2001 From: twifkak Date: Fri, 11 Sep 2015 10:36:57 -0700 Subject: [PATCH] Add LOAD_DO_NOT_SEND_AUTH_DATA to PrecacheFetcher. This is needed for proper "privacy mode". This may break URLs with "user:pass@" in them, so a change is being introduced in the pipeline that filters such URLs out. BUG=309216 Review URL: https://codereview.chromium.org/1335743002 Cr-Commit-Position: refs/heads/master@{#348423} --- components/precache/core/precache_fetcher.cc | 21 ++++++++++++--------- components/precache/core/precache_fetcher.h | 2 +- .../precache/core/precache_fetcher_unittest.cc | 12 ++++++------ 3 files changed, 19 insertions(+), 16 deletions(-) diff --git a/components/precache/core/precache_fetcher.cc b/components/precache/core/precache_fetcher.cc index 97f1eeff40a3..65d598a2de83 100644 --- a/components/precache/core/precache_fetcher.cc +++ b/components/precache/core/precache_fetcher.cc @@ -29,12 +29,15 @@ using net::URLFetcher; namespace precache { -// LOAD_DO_NOT_*_COOKIES is for privacy reasons. If a user clears their -// cookies, but a tracking beacon is prefetched and the beacon specifies its -// source URL in a URL param, the beacon site would be able to rebuild a -// profile of the user. -const int kNoCookies = - net::LOAD_DO_NOT_SAVE_COOKIES | net::LOAD_DO_NOT_SEND_COOKIES; +// The following flags are for privacy reasons. For example, if a user clears +// their cookies, but a tracking beacon is prefetched and the beacon specifies +// its source URL in a URL param, the beacon site would be able to rebuild a +// profile of the user. All three flags should occur together, or not at all, +// per +// https://groups.google.com/a/chromium.org/d/topic/net-dev/vvcodRV6SdM/discussion. +const int kNoTracking = + net::LOAD_DO_NOT_SAVE_COOKIES | net::LOAD_DO_NOT_SEND_COOKIES | + net::LOAD_DO_NOT_SEND_AUTH_DATA; namespace { @@ -156,7 +159,7 @@ void PrecacheFetcher::Fetcher::LoadFromCache() { fetch_stage_ = FetchStage::CACHE; url_fetcher_cache_ = URLFetcher::Create(url_, URLFetcher::GET, this); url_fetcher_cache_->SetRequestContext(request_context_); - url_fetcher_cache_->SetLoadFlags(net::LOAD_ONLY_FROM_CACHE | kNoCookies); + url_fetcher_cache_->SetLoadFlags(net::LOAD_ONLY_FROM_CACHE | kNoTracking); scoped_ptr null_writer(new URLFetcherNullWriter); url_fetcher_cache_->SaveResponseWithWriter(null_writer.Pass()); url_fetcher_cache_->Start(); @@ -170,7 +173,7 @@ void PrecacheFetcher::Fetcher::LoadFromNetwork() { // LOAD_VALIDATE_CACHE allows us to refresh Date headers for resources // already in the cache. The Date headers are updated from 304s as well as // 200s. - url_fetcher_network_->SetLoadFlags(net::LOAD_VALIDATE_CACHE | kNoCookies); + url_fetcher_network_->SetLoadFlags(net::LOAD_VALIDATE_CACHE | kNoTracking); // We don't need a copy of the response body for resource requests. The // request is issued only to populate the browser cache. scoped_ptr null_writer(new URLFetcherNullWriter); @@ -178,7 +181,7 @@ void PrecacheFetcher::Fetcher::LoadFromNetwork() { } else { // Config and manifest requests do not need to be revalidated. It's okay if // they expire from the cache minutes after we request them. - url_fetcher_network_->SetLoadFlags(kNoCookies); + url_fetcher_network_->SetLoadFlags(kNoTracking); } url_fetcher_network_->Start(); } diff --git a/components/precache/core/precache_fetcher.h b/components/precache/core/precache_fetcher.h index d5728018fd74..c4f16733fd14 100644 --- a/components/precache/core/precache_fetcher.h +++ b/components/precache/core/precache_fetcher.h @@ -26,7 +26,7 @@ class URLRequestContextGetter; namespace precache { // Visible for testing. -extern const int kNoCookies; +extern const int kNoTracking; // Public interface to code that fetches resources that the user is likely to // want to fetch in the future, putting them in the network stack disk cache. diff --git a/components/precache/core/precache_fetcher_unittest.cc b/components/precache/core/precache_fetcher_unittest.cc index cac75bfed535..ceffb4d82498 100644 --- a/components/precache/core/precache_fetcher_unittest.cc +++ b/components/precache/core/precache_fetcher_unittest.cc @@ -200,7 +200,7 @@ TEST_F(PrecacheFetcherFetcherTest, Config) { loop_.RunUntilIdle(); ASSERT_NE(nullptr, fetcher); - EXPECT_EQ(kNoCookies, fetcher->GetLoadFlags()); + EXPECT_EQ(kNoTracking, fetcher->GetLoadFlags()); EXPECT_EQ(true, callback_called_); } @@ -225,9 +225,9 @@ TEST_F(PrecacheFetcherFetcherTest, ResourceNotInCache) { loop_.RunUntilIdle(); ASSERT_NE(nullptr, fetcher1); - EXPECT_EQ(net::LOAD_ONLY_FROM_CACHE | kNoCookies, fetcher1->GetLoadFlags()); + EXPECT_EQ(net::LOAD_ONLY_FROM_CACHE | kNoTracking, fetcher1->GetLoadFlags()); ASSERT_NE(nullptr, fetcher2); - EXPECT_EQ(net::LOAD_VALIDATE_CACHE | kNoCookies, fetcher2->GetLoadFlags()); + EXPECT_EQ(net::LOAD_VALIDATE_CACHE | kNoTracking, fetcher2->GetLoadFlags()); EXPECT_EQ(true, callback_called_); } @@ -253,9 +253,9 @@ TEST_F(PrecacheFetcherFetcherTest, ResourceHasStrongValidators) { loop_.RunUntilIdle(); ASSERT_NE(nullptr, fetcher1); - EXPECT_EQ(net::LOAD_ONLY_FROM_CACHE | kNoCookies, fetcher1->GetLoadFlags()); + EXPECT_EQ(net::LOAD_ONLY_FROM_CACHE | kNoTracking, fetcher1->GetLoadFlags()); ASSERT_NE(nullptr, fetcher2); - EXPECT_EQ(net::LOAD_VALIDATE_CACHE | kNoCookies, fetcher2->GetLoadFlags()); + EXPECT_EQ(net::LOAD_VALIDATE_CACHE | kNoTracking, fetcher2->GetLoadFlags()); EXPECT_EQ(true, callback_called_); } @@ -272,7 +272,7 @@ TEST_F(PrecacheFetcherFetcherTest, ResourceHasNoValidators) { loop_.RunUntilIdle(); - EXPECT_EQ(net::LOAD_ONLY_FROM_CACHE | kNoCookies, fetcher->GetLoadFlags()); + EXPECT_EQ(net::LOAD_ONLY_FROM_CACHE | kNoTracking, fetcher->GetLoadFlags()); EXPECT_EQ(true, callback_called_); } -- 2.11.4.GIT