Google Git
Sign in
chromium / chromium / src / 3fcb948181d8d4f461b55388660e180e4abf5629 / . / chrome / browser / net / profile_network_context_service.cc
blob: dbecc14e078dbf4526c59697abc7d8632d0942e0 [file] [log] [blame]
// Copyright 2017 The Chromium Authors. All rights reserved.
// Use of this source code is governed by a BSD-style license that can be
// found in the LICENSE file.
#include "chrome/browser/net/profile_network_context_service.h"
#include <string>
#include "base/bind.h"
#include "base/command_line.h"
#include "base/feature_list.h"
#include "base/files/file_path.h"
#include "base/files/file_util.h"
#include "base/logging.h"
#include "base/metrics/field_trial_params.h"
#include "base/metrics/histogram_macros.h"
#include "base/strings/string_split.h"
#include "base/task/post_task.h"
#include "chrome/browser/browser_process.h"
#include "chrome/browser/content_settings/cookie_settings_factory.h"
#include "chrome/browser/content_settings/host_content_settings_map_factory.h"
#include "chrome/browser/data_reduction_proxy/data_reduction_proxy_chrome_settings.h"
#include "chrome/browser/data_reduction_proxy/data_reduction_proxy_chrome_settings_factory.h"
#include "chrome/browser/domain_reliability/service_factory.h"
#include "chrome/browser/net/system_network_context_manager.h"
#include "chrome/browser/profiles/profile.h"
#include "chrome/common/chrome_constants.h"
#include "chrome/common/chrome_content_client.h"
#include "chrome/common/chrome_features.h"
#include "chrome/common/chrome_paths_internal.h"
#include "chrome/common/chrome_switches.h"
#include "chrome/common/pref_names.h"
#include "components/certificate_transparency/pref_names.h"
#include "components/content_settings/core/browser/host_content_settings_map.h"
#include "components/data_reduction_proxy/core/common/data_reduction_proxy_params.h"
#include "components/language/core/browser/pref_names.h"
#include "components/metrics/metrics_pref_names.h"
#include "components/pref_registry/pref_registry_syncable.h"
#include "components/prefs/pref_registry_simple.h"
#include "components/prefs/pref_service.h"
#include "content/public/browser/browser_context.h"
#include "content/public/browser/browser_thread.h"
#include "content/public/browser/network_service_instance.h"
#include "content/public/browser/shared_cors_origin_access_list.h"
#include "content/public/browser/storage_partition.h"
#include "content/public/common/content_features.h"
#include "content/public/common/service_names.mojom.h"
#include "content/public/common/url_constants.h"
#include "net/base/features.h"
#include "net/http/http_auth_preferences.h"
#include "net/http/http_util.h"
#include "services/network/public/cpp/cors/origin_access_list.h"
#include "services/network/public/cpp/features.h"
#include "services/network/public/mojom/network_service.mojom.h"
#if defined(OS_CHROMEOS)
#include "chrome/browser/chromeos/policy/policy_cert_service.h"
#include "chrome/browser/chromeos/policy/policy_cert_service_factory.h"
#include "chrome/browser/chromeos/profiles/profile_helper.h"
#include "chrome/browser/policy/profile_policy_connector.h"
#include "chromeos/constants/chromeos_switches.h"
#include "components/user_manager/user.h"
#include "components/user_manager/user_manager.h"
#endif
#if BUILDFLAG(TRIAL_COMPARISON_CERT_VERIFIER_SUPPORTED)
#include "chrome/browser/net/trial_comparison_cert_verifier_controller.h"
#endif
#if BUILDFLAG(ENABLE_EXTENSIONS)
#include "extensions/common/constants.h"
#endif
namespace {
bool* g_discard_domain_reliability_uploads_for_testing = nullptr;
std::vector<std::string> TranslateStringArray(const base::ListValue* list) {
std::vector<std::string> strings;
for (const base::Value& value : *list) {
DCHECK(value.is_string());
strings.push_back(value.GetString());
}
return strings;
}
std::string ComputeAcceptLanguageFromPref(const std::string& language_pref) {
std::string accept_languages_str =
base::FeatureList::IsEnabled(features::kUseNewAcceptLanguageHeader)
? net::HttpUtil::ExpandLanguageList(language_pref)
: language_pref;
return net::HttpUtil::GenerateAcceptLanguageHeader(accept_languages_str);
}
#if defined(OS_CHROMEOS)
bool ShouldUseBuiltinCertVerifier(Profile* profile) {
base::CommandLine* command_line = base::CommandLine::ForCurrentProcess();
if (command_line->HasSwitch(chromeos::switches::kForceCertVerifierBuiltin))
return true;
if (chromeos::ProfileHelper::Get()->IsSigninProfile(profile) ||
chromeos::ProfileHelper::Get()->IsLockScreenAppProfile(profile)) {
return true;
}
const PrefService::Preference* builtin_cert_verifier_enabled_pref =
g_browser_process->local_state()->FindPreference(
prefs::kBuiltinCertificateVerifierEnabled);
if (builtin_cert_verifier_enabled_pref->IsManaged())
return builtin_cert_verifier_enabled_pref->GetValue()->GetBool();
return base::FeatureList::IsEnabled(
net::features::kCertVerifierBuiltinFeature);
}
network::mojom::AdditionalCertificatesPtr GetAdditionalCertificates(
const policy::PolicyCertService* policy_cert_service,
const base::FilePath& storage_partition_path) {
auto additional_certificates = network::mojom::AdditionalCertificates::New();
policy_cert_service->GetPolicyCertificatesForStoragePartition(
storage_partition_path, &(additional_certificates->all_certificates),
&(additional_certificates->trust_anchors));
return additional_certificates;
}
#endif // defined (OS_CHROMEOS)
} // namespace
ProfileNetworkContextService::ProfileNetworkContextService(Profile* profile)
: profile_(profile), proxy_config_monitor_(profile) {
PrefService* profile_prefs = profile->GetPrefs();
quic_allowed_.Init(
prefs::kQuicAllowed, profile_prefs,
base::Bind(&ProfileNetworkContextService::DisableQuicIfNotAllowed,
base::Unretained(this)));
pref_accept_language_.Init(
language::prefs::kAcceptLanguages, profile_prefs,
base::BindRepeating(&ProfileNetworkContextService::UpdateAcceptLanguage,
base::Unretained(this)));
enable_referrers_.Init(
prefs::kEnableReferrers, profile_prefs,
base::BindRepeating(&ProfileNetworkContextService::UpdateReferrersEnabled,
base::Unretained(this)));
cookie_settings_ = CookieSettingsFactory::GetForProfile(profile);
cookie_settings_observer_.Add(cookie_settings_.get());
DisableQuicIfNotAllowed();
// Observe content settings so they can be synced to the network service.
HostContentSettingsMapFactory::GetForProfile(profile_)->AddObserver(this);
pref_change_registrar_.Init(profile_prefs);
#if defined(OS_CHROMEOS)
using_builtin_cert_verifier_ = ShouldUseBuiltinCertVerifier(profile_);
VLOG(0) << "Using " << (using_builtin_cert_verifier_ ? "built-in" : "legacy")
<< " cert verifier.";
#endif
// When any of the following CT preferences change, we schedule an update
// to aggregate the actual update using a |ct_policy_update_timer_|.
pref_change_registrar_.Add(
certificate_transparency::prefs::kCTRequiredHosts,
base::BindRepeating(&ProfileNetworkContextService::ScheduleUpdateCTPolicy,
base::Unretained(this)));
pref_change_registrar_.Add(
certificate_transparency::prefs::kCTExcludedHosts,
base::BindRepeating(&ProfileNetworkContextService::ScheduleUpdateCTPolicy,
base::Unretained(this)));
pref_change_registrar_.Add(
certificate_transparency::prefs::kCTExcludedSPKIs,
base::BindRepeating(&ProfileNetworkContextService::ScheduleUpdateCTPolicy,
base::Unretained(this)));
pref_change_registrar_.Add(
certificate_transparency::prefs::kCTExcludedLegacySPKIs,
base::BindRepeating(&ProfileNetworkContextService::ScheduleUpdateCTPolicy,
base::Unretained(this)));
}
ProfileNetworkContextService::~ProfileNetworkContextService() {}
mojo::Remote<network::mojom::NetworkContext>
ProfileNetworkContextService::CreateNetworkContext(
bool in_memory,
const base::FilePath& relative_partition_path) {
mojo::Remote<network::mojom::NetworkContext> network_context;
content::GetNetworkService()->CreateNetworkContext(
network_context.BindNewPipeAndPassReceiver(),
CreateNetworkContextParams(in_memory, relative_partition_path));
if ((!in_memory && !profile_->IsOffTheRecord())) {
// TODO(jam): delete this code 1 year after Network Service shipped to all
// stable users, which would be after M83 branches.
base::FilePath media_cache_path = GetPartitionPath(relative_partition_path)
.Append(chrome::kMediaCacheDirname);
base::PostTask(
FROM_HERE,
{base::ThreadPool(), base::TaskPriority::BEST_EFFORT, base::MayBlock(),
base::TaskShutdownBehavior::CONTINUE_ON_SHUTDOWN},
base::BindOnce(base::IgnoreResult(&base::DeleteFile), media_cache_path,
true /* recursive */));
}
std::vector<network::mojom::NetworkContext*> contexts{network_context.get()};
UpdateCTPolicyForContexts(contexts);
return network_context;
}
#if defined(OS_CHROMEOS)
void ProfileNetworkContextService::UpdateAdditionalCertificates() {
const policy::PolicyCertService* policy_cert_service =
policy::PolicyCertServiceFactory::GetForProfile(profile_);
if (!policy_cert_service)
return;
content::BrowserContext::ForEachStoragePartition(
profile_, base::BindRepeating(
[](const policy::PolicyCertService* policy_cert_service,
content::StoragePartition* storage_partition) {
auto additional_certificates = GetAdditionalCertificates(
policy_cert_service, storage_partition->GetPath());
storage_partition->GetNetworkContext()
->UpdateAdditionalCertificates(
std::move(additional_certificates));
},
policy_cert_service));
}
#endif
void ProfileNetworkContextService::RegisterProfilePrefs(
user_prefs::PrefRegistrySyncable* registry) {
registry->RegisterBooleanPref(prefs::kQuicAllowed, true);
}
// static
void ProfileNetworkContextService::RegisterLocalStatePrefs(
PrefRegistrySimple* registry) {
registry->RegisterListPref(prefs::kHSTSPolicyBypassList);
}
void ProfileNetworkContextService::DisableQuicIfNotAllowed() {
if (!quic_allowed_.IsManaged())
return;
// If QUIC is allowed, do nothing (re-enabling QUIC is not supported).
if (quic_allowed_.GetValue())
return;
g_browser_process->system_network_context_manager()->DisableQuic();
}
void ProfileNetworkContextService::UpdateAcceptLanguage() {
content::BrowserContext::ForEachStoragePartition(
profile_, base::BindRepeating(
[](const std::string& accept_language,
content::StoragePartition* storage_partition) {
storage_partition->GetNetworkContext()->SetAcceptLanguage(
accept_language);
},
ComputeAcceptLanguage()));
}
void ProfileNetworkContextService::OnThirdPartyCookieBlockingChanged(
bool block_third_party_cookies) {
content::BrowserContext::ForEachStoragePartition(
profile_, base::BindRepeating(
[](bool block_third_party_cookies,
content::StoragePartition* storage_partition) {
storage_partition->GetCookieManagerForBrowserProcess()
->BlockThirdPartyCookies(block_third_party_cookies);
},
block_third_party_cookies));
}
std::string ProfileNetworkContextService::ComputeAcceptLanguage() const {
return ComputeAcceptLanguageFromPref(pref_accept_language_.GetValue());
}
void ProfileNetworkContextService::UpdateReferrersEnabled() {
content::BrowserContext::ForEachStoragePartition(
profile_,
base::BindRepeating(
[](bool enable_referrers,
content::StoragePartition* storage_partition) {
storage_partition->GetNetworkContext()->SetEnableReferrers(
enable_referrers);
},
enable_referrers_.GetValue()));
}
void ProfileNetworkContextService::UpdateCTPolicyForContexts(
const std::vector<network::mojom::NetworkContext*>& contexts) {
auto* prefs = profile_->GetPrefs();
const base::ListValue* ct_required =
prefs->GetList(certificate_transparency::prefs::kCTRequiredHosts);
const base::ListValue* ct_excluded =
prefs->GetList(certificate_transparency::prefs::kCTExcludedHosts);
const base::ListValue* ct_excluded_spkis =
prefs->GetList(certificate_transparency::prefs::kCTExcludedSPKIs);
const base::ListValue* ct_excluded_legacy_spkis =
prefs->GetList(certificate_transparency::prefs::kCTExcludedLegacySPKIs);
std::vector<std::string> required(TranslateStringArray(ct_required));
std::vector<std::string> excluded(TranslateStringArray(ct_excluded));
std::vector<std::string> excluded_spkis(
TranslateStringArray(ct_excluded_spkis));
std::vector<std::string> excluded_legacy_spkis(
TranslateStringArray(ct_excluded_legacy_spkis));
for (auto* context : contexts) {
context->SetCTPolicy(required, excluded, excluded_spkis,
excluded_legacy_spkis);
}
}
void ProfileNetworkContextService::UpdateCTPolicy() {
std::vector<network::mojom::NetworkContext*> contexts;
content::BrowserContext::ForEachStoragePartition(
profile_,
base::BindRepeating(
[](std::vector<network::mojom::NetworkContext*>* contexts_ptr,
content::StoragePartition* storage_partition) {
contexts_ptr->push_back(storage_partition->GetNetworkContext());
},
&contexts));
UpdateCTPolicyForContexts(contexts);
}
void ProfileNetworkContextService::ScheduleUpdateCTPolicy() {
ct_policy_update_timer_.Start(FROM_HERE, base::TimeDelta::FromSeconds(0),
this,
&ProfileNetworkContextService::UpdateCTPolicy);
}
// static
network::mojom::CookieManagerParamsPtr
ProfileNetworkContextService::CreateCookieManagerParams(
Profile* profile,
const content_settings::CookieSettings& cookie_settings) {
auto out = network::mojom::CookieManagerParams::New();
out->block_third_party_cookies =
cookie_settings.ShouldBlockThirdPartyCookies();
out->secure_origin_cookies_allowed_schemes.push_back(
content::kChromeUIScheme);
#if BUILDFLAG(ENABLE_EXTENSIONS)
out->third_party_cookies_allowed_schemes.push_back(
extensions::kExtensionScheme);
#endif
ContentSettingsForOneType settings;
HostContentSettingsMap* host_content_settings_map =
HostContentSettingsMapFactory::GetForProfile(profile);
host_content_settings_map->GetSettingsForOneType(
CONTENT_SETTINGS_TYPE_COOKIES, std::string(), &settings);
out->settings = std::move(settings);
ContentSettingsForOneType settings_for_legacy_cookie_access;
host_content_settings_map->GetSettingsForOneType(
CONTENT_SETTINGS_TYPE_LEGACY_COOKIE_ACCESS, std::string(),
&settings_for_legacy_cookie_access);
out->settings_for_legacy_cookie_access =
std::move(settings_for_legacy_cookie_access);
return out;
}
void ProfileNetworkContextService::FlushProxyConfigMonitorForTesting() {
proxy_config_monitor_.FlushForTesting();
}
void ProfileNetworkContextService::SetDiscardDomainReliabilityUploadsForTesting(
bool value) {
g_discard_domain_reliability_uploads_for_testing = new bool(value);
}
network::mojom::NetworkContextParamsPtr
ProfileNetworkContextService::CreateNetworkContextParams(
bool in_memory,
const base::FilePath& relative_partition_path) {
if (profile_->IsOffTheRecord())
in_memory = true;
base::FilePath path(GetPartitionPath(relative_partition_path));
network::mojom::NetworkContextParamsPtr network_context_params =
g_browser_process->system_network_context_manager()
->CreateDefaultNetworkContextParams();
network_context_params->context_name = std::string("main");
network_context_params->accept_language = ComputeAcceptLanguage();
network_context_params->enable_referrers = enable_referrers_.GetValue();
base::CommandLine* command_line = base::CommandLine::ForCurrentProcess();
if (command_line->HasSwitch(switches::kShortReportingDelay)) {
network_context_params->reporting_delivery_interval =
base::TimeDelta::FromMilliseconds(100);
}
network_context_params->cors_extra_safelisted_request_header_names =
SplitString(base::GetFieldTrialParamValueByFeature(
features::kExtraSafelistedRequestHeadersForOutOfBlinkCors,
"extra-safelisted-request-headers"),
",", base::TRIM_WHITESPACE, base::SPLIT_WANT_NONEMPTY);
// Always enable the HTTP cache.
network_context_params->http_cache_enabled = true;
// Allow/disallow ambient authentication with default credentials based on the
// profile type.
// TODO(https://crbug.com/458508): Allow this behavior to be controllable by
// policy.
if (profile_->IsGuestSession()) {
network_context_params->allow_default_credentials =
base::FeatureList::IsEnabled(
features::kEnableAmbientAuthenticationInGuestSession)
? net::HttpAuthPreferences::ALLOW_DEFAULT_CREDENTIALS
: net::HttpAuthPreferences::DISALLOW_DEFAULT_CREDENTIALS;
} else if (profile_->IsIncognitoProfile()) {
network_context_params->allow_default_credentials =
base::FeatureList::IsEnabled(
features::kEnableAmbientAuthenticationInIncognito)
? net::HttpAuthPreferences::ALLOW_DEFAULT_CREDENTIALS
: net::HttpAuthPreferences::DISALLOW_DEFAULT_CREDENTIALS;
} else {
network_context_params->allow_default_credentials =
net::HttpAuthPreferences::ALLOW_DEFAULT_CREDENTIALS;
}
network_context_params->cookie_manager_params =
CreateCookieManagerParams(profile_, *cookie_settings_);
// Configure on-disk storage for non-OTR profiles. OTR profiles just use
// default behavior (in memory storage, default sizes).
if (!in_memory) {
PrefService* local_state = g_browser_process->local_state();
// Configure the HTTP cache path and size.
base::FilePath base_cache_path;
chrome::GetUserCacheDirectory(path, &base_cache_path);
base::FilePath disk_cache_dir =
local_state->GetFilePath(prefs::kDiskCacheDir);
if (!disk_cache_dir.empty())
base_cache_path = disk_cache_dir.Append(base_cache_path.BaseName());
network_context_params->http_cache_path =
base_cache_path.Append(chrome::kCacheDirname);
network_context_params->http_cache_max_size =
local_state->GetInteger(prefs::kDiskCacheSize);
// Currently this just contains HttpServerProperties, but that will likely
// change.
network_context_params->http_server_properties_path =
path.Append(chrome::kNetworkPersistentStateFilename);
base::FilePath cookie_path = path;
cookie_path = cookie_path.Append(chrome::kCookieFilename);
network_context_params->cookie_path = cookie_path;
#if BUILDFLAG(ENABLE_REPORTING)
base::FilePath reporting_and_nel_store_path = path;
reporting_and_nel_store_path = reporting_and_nel_store_path.Append(
chrome::kReportingAndNelStoreFilename);
network_context_params->reporting_and_nel_store_path =
reporting_and_nel_store_path;
#endif // BUILDFLAG(ENABLE_REPORTING)
if (relative_partition_path.empty()) { // This is the main partition.
network_context_params->restore_old_session_cookies =
profile_->ShouldRestoreOldSessionCookies();
network_context_params->persist_session_cookies =
profile_->ShouldPersistSessionCookies();
} else {
// Copy behavior of ProfileImplIOData::InitializeAppRequestContext.
network_context_params->restore_old_session_cookies = false;
network_context_params->persist_session_cookies = false;
}
network_context_params->transport_security_persister_path = path;
}
const base::ListValue* hsts_policy_bypass_list =
g_browser_process->local_state()->GetList(prefs::kHSTSPolicyBypassList);
for (const auto& value : *hsts_policy_bypass_list) {
std::string string_value;
if (!value.GetAsString(&string_value)) {
continue;
}
network_context_params->hsts_policy_bypass_list.push_back(string_value);
}
// NOTE(mmenke): Keep these protocol handlers and
// ProfileIOData::SetUpJobFactoryDefaultsForBuilder in sync with
// ProfileIOData::IsHandledProtocol().
// TODO(mmenke): Find a better way of handling tracking supported schemes.
#if !BUILDFLAG(DISABLE_FTP_SUPPORT)
network_context_params->enable_ftp_url_support = true;
#endif // !BUILDFLAG(DISABLE_FTP_SUPPORT)
proxy_config_monitor_.AddToNetworkContextParams(network_context_params.get());
network_context_params->enable_certificate_reporting = true;
network_context_params->enable_expect_ct_reporting = true;
#if BUILDFLAG(TRIAL_COMPARISON_CERT_VERIFIER_SUPPORTED)
if (!in_memory && !network_context_params->use_builtin_cert_verifier &&
TrialComparisonCertVerifierController::MaybeAllowedForProfile(profile_)) {
network::mojom::TrialComparisonCertVerifierConfigClientPtr config_client;
auto config_client_request = mojo::MakeRequest(&config_client);
network_context_params->trial_comparison_cert_verifier_params =
network::mojom::TrialComparisonCertVerifierParams::New();
if (!trial_comparison_cert_verifier_controller_) {
trial_comparison_cert_verifier_controller_ =
std::make_unique<TrialComparisonCertVerifierController>(profile_);
}
trial_comparison_cert_verifier_controller_->AddClient(
std::move(config_client),
mojo::MakeRequest(
&network_context_params->trial_comparison_cert_verifier_params
->report_client));
network_context_params->trial_comparison_cert_verifier_params
->initial_allowed =
trial_comparison_cert_verifier_controller_->IsAllowed();
network_context_params->trial_comparison_cert_verifier_params
->config_client_request = std::move(config_client_request);
}
#endif
if (domain_reliability::DomainReliabilityServiceFactory::
ShouldCreateService()) {
network_context_params->enable_domain_reliability = true;
network_context_params->domain_reliability_upload_reporter =
domain_reliability::DomainReliabilityServiceFactory::
kUploadReporterString;
network_context_params->discard_domain_reliablity_uploads =
g_discard_domain_reliability_uploads_for_testing
? *g_discard_domain_reliability_uploads_for_testing
: !g_browser_process->local_state()->GetBoolean(
metrics::prefs::kMetricsReportingEnabled);
}
if (data_reduction_proxy::params::IsEnabledWithNetworkService()) {
auto* drp_settings =
DataReductionProxyChromeSettingsFactory::GetForBrowserContext(profile_);
if (drp_settings) {
mojo::Remote<network::mojom::CustomProxyConfigClient> config_client;
network_context_params->custom_proxy_config_client_receiver =
config_client.BindNewPipeAndPassReceiver();
drp_settings->AddCustomProxyConfigClient(std::move(config_client));
}
}
#if defined(OS_CHROMEOS)
// Note: On non-ChromeOS platforms, the |use_builtin_cert_verifier| param
// value is inherited from CreateDefaultNetworkContextParams.
network_context_params->use_builtin_cert_verifier =
using_builtin_cert_verifier_;
bool profile_supports_policy_certs = false;
if (chromeos::ProfileHelper::IsSigninProfile(profile_))
profile_supports_policy_certs = true;
user_manager::UserManager* user_manager = user_manager::UserManager::Get();
if (user_manager) {
const user_manager::User* user =
chromeos::ProfileHelper::Get()->GetUserByProfile(profile_);
// No need to initialize NSS for users with empty username hash:
// Getters for a user's NSS slots always return NULL slot if the user's
// username hash is empty, even when the NSS is not initialized for the
// user.
if (user && !user->username_hash().empty()) {
network_context_params->username_hash = user->username_hash();
network_context_params->nss_path = profile_->GetPath();
profile_supports_policy_certs = true;
}
}
if (profile_supports_policy_certs &&
policy::PolicyCertServiceFactory::CreateAndStartObservingForProfile(
profile_)) {
const policy::PolicyCertService* policy_cert_service =
policy::PolicyCertServiceFactory::GetForProfile(profile_);
network_context_params->initial_additional_certificates =
GetAdditionalCertificates(policy_cert_service,
GetPartitionPath(relative_partition_path));
}
#endif
// Should be initialized with existing per-profile CORS access lists.
network_context_params->cors_origin_access_list =
profile_->GetSharedCorsOriginAccessList()
->GetOriginAccessList()
.CreateCorsOriginAccessPatternsList();
return network_context_params;
}
base::FilePath ProfileNetworkContextService::GetPartitionPath(
const base::FilePath& relative_partition_path) {
base::FilePath path = profile_->GetPath();
if (!relative_partition_path.empty())
path = path.Append(relative_partition_path);
return path;
}
void ProfileNetworkContextService::OnContentSettingChanged(
const ContentSettingsPattern& primary_pattern,
const ContentSettingsPattern& secondary_pattern,
ContentSettingsType content_type,
const std::string& resource_identifier) {
if (content_type != CONTENT_SETTINGS_TYPE_COOKIES &&
content_type != CONTENT_SETTINGS_TYPE_LEGACY_COOKIE_ACCESS &&
content_type != CONTENT_SETTINGS_TYPE_DEFAULT) {
return;
}
if (content_type == CONTENT_SETTINGS_TYPE_COOKIES ||
content_type == CONTENT_SETTINGS_TYPE_DEFAULT) {
ContentSettingsForOneType cookies_settings;
HostContentSettingsMapFactory::GetForProfile(profile_)
->GetSettingsForOneType(CONTENT_SETTINGS_TYPE_COOKIES, std::string(),
&cookies_settings);
content::BrowserContext::ForEachStoragePartition(
profile_, base::BindRepeating(
[](ContentSettingsForOneType settings,
content::StoragePartition* storage_partition) {
storage_partition->GetCookieManagerForBrowserProcess()
->SetContentSettings(settings);
},
cookies_settings));
}
if (content_type == CONTENT_SETTINGS_TYPE_LEGACY_COOKIE_ACCESS ||
content_type == CONTENT_SETTINGS_TYPE_DEFAULT) {
ContentSettingsForOneType legacy_cookie_access_settings;
HostContentSettingsMapFactory::GetForProfile(profile_)
->GetSettingsForOneType(CONTENT_SETTINGS_TYPE_LEGACY_COOKIE_ACCESS,
std::string(), &legacy_cookie_access_settings);
content::BrowserContext::ForEachStoragePartition(
profile_, base::BindRepeating(
[](ContentSettingsForOneType settings,
content::StoragePartition* storage_partition) {
storage_partition->GetCookieManagerForBrowserProcess()
->SetContentSettingsForLegacyCookieAccess(settings);
},
legacy_cookie_access_settings));
}
}