| // Copyright 2017 The Chromium Authors. All rights reserved. |
| // Use of this source code is governed by a BSD-style license that can be |
| // found in the LICENSE file. |
| |
| module network.mojom; |
| |
| import "services/network/public/mojom/cookie_manager.mojom"; |
| import "mojo/public/mojom/base/time.mojom"; |
| import "url/mojom/url.mojom"; |
| import "url/mojom/origin.mojom"; |
| |
| enum CookieMatchType { |
| EQUALS, |
| STARTS_WITH, |
| }; |
| |
| struct CookieManagerGetOptions { |
| string name; |
| CookieMatchType match_type; |
| }; |
| |
| // Affects whether http-only cookies are accessible, and the rules used for |
| // SameSite cookie computations. |
| enum RestrictedCookieManagerRole { |
| // Used for script access to cookies. Will not be able to get to HttpOnly |
| // cookies, and will apply SameSite cookies access rules appropriate for |
| // script cookie access. OK to give to the renderer. |
| SCRIPT, |
| |
| // Access to cookies appropriate for network requests --- meant for cases |
| // where, for some reason, a fetch needs to be performed by some external |
| // library. Will get HttpOnly cookies, and compute SameSite accessibility |
| // appropriate for subresource loading (but NOT for navigations). |
| // |
| // Should only be used within the browser. |
| NETWORK |
| }; |
| |
| // Capability to access the cookie store on behalf of a single origin. |
| // |
| // Instances of this interface are restricted to a single origin, and will |
| // fail operations on cookies that aren't visible within that origin. Untrusted |
| // processes, like renderer processes, should only receive |
| // RestrictedCookieManager instances for the origins that they are allowed to |
| // represent. |
| // |
| // Implementations of this interface must assume all inputs are untrusted, and |
| // must ensure that a potentially compromised caller process is not able to |
| // access more than the cookies visible to the RestrictedCookieManager's origin. |
| // |
| // TODO(pwnall): Make this a strict subset of CookieManager. At the moment (Q2 |
| // 2018) the interface is diverged from CookieManager to allow its primary user |
| // (the Web Platform's Async Cookies API) to iterate quickly. |
| interface RestrictedCookieManager { |
| // Returns some of the cookies that would be sent in a request to |url|. |
| // |
| // |url| is an URL capable of receiving HTTP requests. |site_for_cookies| is |
| // the "site for cookies" values defined in RFC 6265bis, and roughly maps to |
| // the URL of the top-level frame in Document contexts, and to the script URL |
| // in service workers. |top_frame_origin| is the actual origin of the top |
| // level frame or the script url for service workers. |site_for_cookies| is |
| // used to determine if a cookie is accessed in a third-party context. |
| // |top_frame_origin| is used to check for content settings. |
| // |options| filters the returned list of cookies. |
| GetAllForUrl( |
| url.mojom.Url url, url.mojom.Url site_for_cookies, |
| url.mojom.Origin top_frame_origin, |
| CookieManagerGetOptions options) => (array<CanonicalCookie> cookies); |
| |
| SetCanonicalCookie(CanonicalCookie cookie, |
| url.mojom.Url url, |
| url.mojom.Url site_for_cookies, |
| url.mojom.Origin top_frame_origin) => (bool success); |
| |
| // Subscribes to changes in the cookies transmitted in a request to an URL. |
| // |
| // The subscription is canceled by closing the pipe. |
| AddChangeListener(url.mojom.Url url, url.mojom.Url site_for_cookies, |
| url.mojom.Origin top_frame_origin, |
| CookieChangeListener listener) => (); |
| |
| // Sets a cookie. If setting of this cookie is not permitted either by web |
| // platform rules, or user preferences, the attempt will be silently ignored. |
| // This does not extend to passing in a |url| that does not match the origin |
| // RestrictedCookieManager is bound to --- that will be treated as the |
| // renderer violating security rules. |
| // |
| // The implementation may block, e.g. while cookies are still being loaded, or |
| // to serialize with other operations. |
| [Sync] |
| SetCookieFromString(url.mojom.Url url, url.mojom.Url site_for_cookies, |
| url.mojom.Origin top_frame_origin, |
| string cookie) => (); |
| |
| // Used to get cookies for the given URL. Cookies that are blocked by user |
| // preferences will be skipped, down to potentially returning an empty string. |
| // The implementation may block, e.g. while cookies are still being loaded, or |
| // to serialize with other operations. |
| // |
| // Passing in |url| that does not match the origin RestrictedCookieManager |
| // is bounded to will be treated as the renderer violating security rules. |
| [Sync] |
| GetCookiesString(url.mojom.Url url, |
| url.mojom.Url site_for_cookies, |
| url.mojom.Origin top_frame_origin) => (string cookies); |
| |
| // Used to check if cookies are enabled for the given URL in context of a |
| // given site. |
| // |
| // Passing in |url| that does not match the origin RestrictedCookieManager |
| // is bounded to will be treated as the renderer violating security rules. |
| [Sync] |
| CookiesEnabledFor( |
| url.mojom.Url url, |
| url.mojom.Url site_for_cookies, |
| url.mojom.Origin top_frame_origin) => (bool cookies_enabled); |
| }; |