1 /* -*- Mode: C++; tab-width: 2; indent-tabs-mode: nil; c-basic-offset: 2 -*- */
2 /* This Source Code Form is subject to the terms of the Mozilla Public
3 * License, v. 2.0. If a copy of the MPL was not distributed with this
4 * file, You can obtain one at http://mozilla.org/MPL/2.0/. */
6 #ifndef mozilla_net_CookieCommons_h
7 #define mozilla_net_CookieCommons_h
11 #include "mozIThirdPartyUtil.h"
14 #include "nsICookie.h"
15 #include "mozilla/net/NeckoChannelParams.h"
18 class nsIConsoleReportCollector
;
19 class nsICookieJarSettings
;
20 class nsIEffectiveTLDService
;
32 // these constants represent an operation being performed on cookies
33 enum CookieOperation
{ OPERATION_READ
, OPERATION_WRITE
};
35 // these constants represent a decision about a cookie based on user prefs.
38 STATUS_ACCEPT_SESSION
,
40 // STATUS_REJECTED_WITH_ERROR indicates the cookie should be rejected because
41 // of an error (rather than something the user can control). this is used for
42 // notification purposes, since we only want to notify of rejections where
43 // the user can do something about it (e.g. whitelist the site).
44 STATUS_REJECTED_WITH_ERROR
49 // pref string constants
50 static const char kPrefMaxNumberOfCookies
[] = "network.cookie.maxNumber";
51 static const char kPrefMaxCookiesPerHost
[] = "network.cookie.maxPerHost";
52 static const char kPrefCookieQuotaPerHost
[] = "network.cookie.quotaPerHost";
53 static const char kPrefCookiePurgeAge
[] = "network.cookie.purgeAge";
55 // default limits for the cookie list. these can be tuned by the
56 // network.cookie.maxNumber and network.cookie.maxPerHost prefs respectively.
57 static const uint32_t kMaxCookiesPerHost
= 180;
58 static const uint32_t kCookieQuotaPerHost
= 150;
59 static const uint32_t kMaxNumberOfCookies
= 3000;
60 static const uint32_t kMaxBytesPerCookie
= 4096;
61 static const uint32_t kMaxBytesPerPath
= 1024;
63 static const int64_t kCookiePurgeAge
=
64 int64_t(30 * 24 * 60 * 60) * PR_USEC_PER_SEC
; // 30 days in microseconds
66 class CookieCommons final
{
68 static bool DomainMatches(Cookie
* aCookie
, const nsACString
& aHost
);
70 static bool PathMatches(Cookie
* aCookie
, const nsACString
& aPath
);
72 static nsresult
GetBaseDomain(nsIEffectiveTLDService
* aTLDService
,
73 nsIURI
* aHostURI
, nsACString
& aBaseDomain
,
74 bool& aRequireHostMatch
);
76 static nsresult
GetBaseDomain(nsIPrincipal
* aPrincipal
,
77 nsACString
& aBaseDomain
);
79 static nsresult
GetBaseDomainFromHost(nsIEffectiveTLDService
* aTLDService
,
80 const nsACString
& aHost
,
81 nsCString
& aBaseDomain
);
83 static void NotifyRejected(nsIURI
* aHostURI
, nsIChannel
* aChannel
,
84 uint32_t aRejectedReason
,
85 CookieOperation aOperation
);
87 static bool CheckPathSize(const CookieStruct
& aCookieData
);
89 static bool CheckNameAndValueSize(const CookieStruct
& aCookieData
);
91 static bool CheckName(const CookieStruct
& aCookieData
);
93 static bool CheckValue(const CookieStruct
& aCookieData
);
95 static bool CheckCookiePermission(nsIChannel
* aChannel
,
96 CookieStruct
& aCookieData
);
98 static bool CheckCookiePermission(nsIPrincipal
* aPrincipal
,
99 nsICookieJarSettings
* aCookieJarSettings
,
100 CookieStruct
& aCookieData
);
102 static already_AddRefed
<Cookie
> CreateCookieFromDocument(
103 dom::Document
* aDocument
, const nsACString
& aCookieString
,
104 int64_t aCurrentTimeInUsec
, nsIEffectiveTLDService
* aTLDService
,
105 mozIThirdPartyUtil
* aThirdPartyUtil
,
106 std::function
<bool(const nsACString
&, const OriginAttributes
&)>&&
107 aHasExistingCookiesLambda
,
108 nsIURI
** aDocumentURI
, nsACString
& aBaseDomain
, OriginAttributes
& aAttrs
);
110 static already_AddRefed
<nsICookieJarSettings
> GetCookieJarSettings(
111 nsIChannel
* aChannel
);
113 static bool ShouldIncludeCrossSiteCookieForDocument(Cookie
* aCookie
,
114 dom::Document
* aDocument
);
116 static bool IsSchemeSupported(nsIPrincipal
* aPrincipal
);
117 static bool IsSchemeSupported(nsIURI
* aURI
);
118 static bool IsSchemeSupported(const nsACString
& aScheme
);
120 static nsICookie::schemeType
URIToSchemeType(nsIURI
* aURI
);
122 static nsICookie::schemeType
PrincipalToSchemeType(nsIPrincipal
* aPrincipal
);
124 static nsICookie::schemeType
SchemeToSchemeType(const nsACString
& aScheme
);
126 // Returns true if the channel is a safe top-level navigation or if it's a
128 static bool IsSafeTopLevelNav(nsIChannel
* aChannel
);
130 // Returns true if the channel is a foreign with respect to the host-uri.
131 // For loads of TYPE_DOCUMENT, this function returns true if it's a cross
133 // `aHadCrossSiteRedirects` will be true iff the channel had a cross-site
134 // redirect before the final URI.
135 static bool IsSameSiteForeign(nsIChannel
* aChannel
, nsIURI
* aHostURI
,
136 bool* aHadCrossSiteRedirects
);
140 } // namespace mozilla
142 #endif // mozilla_net_CookieCommons_h