1 // Copyright 2013 The Chromium Authors. All rights reserved. 2 // Use of this source code is governed by a BSD-style license that can be 3 // found in the LICENSE file. 4 5 #ifndef NET_COOKIES_COOKIE_CONSTANTS_H_ 6 #define NET_COOKIES_COOKIE_CONSTANTS_H_ 7 8 #include <string> 9 10 #include "base/time/time.h" 11 #include "net/base/net_export.h" 12 13 namespace net { 14 15 // The time threshold for considering a cookie "short-lived" for the purposes of 16 // allowing unsafe methods for unspecified-SameSite cookies defaulted into Lax. 17 NET_EXPORT extern const base::TimeDelta kLaxAllowUnsafeMaxAge; 18 // The short version of the above time threshold, to be used for tests. 19 NET_EXPORT extern const base::TimeDelta kShortLaxAllowUnsafeMaxAge; 20 21 enum CookiePriority { 22 COOKIE_PRIORITY_LOW = 0, 23 COOKIE_PRIORITY_MEDIUM = 1, 24 COOKIE_PRIORITY_HIGH = 2, 25 COOKIE_PRIORITY_DEFAULT = COOKIE_PRIORITY_MEDIUM 26 }; 27 28 // See https://tools.ietf.org/html/draft-ietf-httpbis-cookie-same-site-00 29 // and https://tools.ietf.org/html/draft-ietf-httpbis-rfc6265bis for 30 // information about same site cookie restrictions. 31 // These values are allowed for the SameSite field of a cookie. They mostly 32 // correspond to CookieEffectiveSameSite values. 33 // Note: Don't renumber, as these values are persisted to a database. 34 enum class CookieSameSite { 35 UNSPECIFIED = -1, 36 NO_RESTRICTION = 0, 37 LAX_MODE = 1, 38 STRICT_MODE = 2, 39 // Reserved 3 (was EXTENDED_MODE), next number is 4. 40 }; 41 42 // These are the enforcement modes that may be applied to a cookie when deciding 43 // inclusion/exclusion. They mostly correspond to CookieSameSite values. 44 // Keep in sync with enums.xml. 45 enum class CookieEffectiveSameSite { 46 NO_RESTRICTION = 0, 47 LAX_MODE = 1, 48 STRICT_MODE = 2, 49 LAX_MODE_ALLOW_UNSAFE = 3, 50 // Undefined is used when no value applies for the object as there is no 51 // valid cookie object to evaluate on. 52 UNDEFINED = 4, 53 54 // Keep last, used for histograms. 55 COUNT 56 }; 57 58 // Used for histograms only. Do not renumber. Keep in sync with enums.xml. 59 enum class CookieSameSiteString { 60 // No SameSite attribute is present. 61 kUnspecified = 0, 62 // The SameSite attribute is present but has no value. 63 kEmptyString = 1, 64 // The SameSite attribute has an unrecognized value. 65 kUnrecognized = 2, 66 // The SameSite attribute has a recognized value. 67 kLax = 3, 68 kStrict = 4, 69 kNone = 5, 70 kExtended = 6, // Deprecated, kept for metrics only. 71 72 // Keep last, update if adding new value. 73 kMaxValue = kExtended 74 }; 75 76 // What rules to apply when determining whether access to a particular cookie is 77 // allowed. 78 enum class CookieAccessSemantics { 79 // Has not been checked yet or there is no way to check. 80 UNKNOWN = -1, 81 // Has been checked and the cookie should *not* be subject to legacy access 82 // rules. 83 NONLEGACY = 0, 84 // Has been checked and the cookie should be subject to legacy access rules. 85 LEGACY, 86 }; 87 88 // What scheme was used in the setting of a cookie. 89 // Do not renumber. 90 enum class CookieSourceScheme { 91 kUnset = 0, 92 kNonSecure = 1, 93 kSecure = 2, 94 95 kMaxValue = kSecure // Keep as the last value. 96 }; 97 98 enum class CookiePort { 99 // DO NOT REORDER OR RENUMBER. These are used for histograms. 100 101 // Potentially interesting port values for cookies for use with histograms. 102 103 // Not a port explicitly listed below, including invalid ports (-1, 65536, 104 // etc). 105 kOther = 0, 106 // HTTP 107 k80 = 1, 108 k81 = 2, 109 k82 = 3, 110 k83 = 4, 111 k84 = 5, 112 k85 = 6, 113 // HTTPS 114 k443 = 7, 115 k444 = 8, 116 k445 = 9, 117 k446 = 10, 118 k447 = 11, 119 k448 = 12, 120 // JS Framework 121 k3000 = 13, 122 k3001 = 14, 123 k3002 = 15, 124 k3003 = 16, 125 k3004 = 17, 126 k3005 = 18, 127 // JS Framework 128 k4200 = 19, 129 k4201 = 20, 130 k4202 = 21, 131 k4203 = 22, 132 k4204 = 23, 133 k4205 = 24, 134 // JS Framework 135 k5000 = 25, 136 k5001 = 26, 137 k5002 = 27, 138 k5003 = 28, 139 k5004 = 29, 140 k5005 = 30, 141 // Common Dev Ports 142 k7000 = 31, 143 k7001 = 32, 144 k7002 = 33, 145 k7003 = 34, 146 k7004 = 35, 147 k7005 = 36, 148 // HTTP 149 k8000 = 37, 150 k8001 = 38, 151 k8002 = 39, 152 k8003 = 40, 153 k8004 = 41, 154 k8005 = 42, 155 // HTTP 156 k8080 = 43, 157 k8081 = 44, 158 k8082 = 45, 159 k8083 = 46, 160 k8084 = 47, 161 k8085 = 48, 162 // HTTP 163 k8090 = 49, 164 k8091 = 50, 165 k8092 = 51, 166 k8093 = 52, 167 k8094 = 53, 168 k8095 = 54, 169 // JS Framework 170 k8100 = 55, 171 k8101 = 56, 172 k8102 = 57, 173 k8103 = 58, 174 k8104 = 59, 175 k8105 = 60, 176 // JS Framework 177 k8200 = 61, 178 k8201 = 62, 179 k8202 = 63, 180 k8203 = 64, 181 k8204 = 65, 182 k8205 = 66, 183 // HTTP(S) 184 k8443 = 67, 185 k8444 = 68, 186 k8445 = 69, 187 k8446 = 70, 188 k8447 = 71, 189 k8448 = 72, 190 // HTTP 191 k8888 = 73, 192 k8889 = 74, 193 k8890 = 75, 194 k8891 = 76, 195 k8892 = 77, 196 k8893 = 78, 197 // Common Dev Ports 198 k9000 = 79, 199 k9001 = 80, 200 k9002 = 81, 201 k9003 = 82, 202 k9004 = 83, 203 k9005 = 84, 204 // HTTP 205 k9090 = 85, 206 k9091 = 86, 207 k9092 = 87, 208 k9093 = 88, 209 k9094 = 89, 210 k9095 = 90, 211 212 // Keep as last value. 213 kMaxValue = k9095 214 215 }; 216 217 // Returns the Set-Cookie header priority token corresponding to |priority|. 218 NET_EXPORT std::string CookiePriorityToString(CookiePriority priority); 219 220 // Converts the Set-Cookie header priority token |priority| to a CookiePriority. 221 // Defaults to COOKIE_PRIORITY_DEFAULT for empty or unrecognized strings. 222 NET_EXPORT CookiePriority StringToCookiePriority(const std::string& priority); 223 224 // Returns a string corresponding to the value of the |same_site| token. 225 // Intended only for debugging/logging. 226 NET_EXPORT std::string CookieSameSiteToString(CookieSameSite same_site); 227 228 // Converts the Set-Cookie header SameSite token |same_site| to a 229 // CookieSameSite. Defaults to CookieSameSite::UNSPECIFIED for empty or 230 // unrecognized strings. Returns an appropriate value of CookieSameSiteString in 231 // |samesite_string| to indicate what type of string was parsed as the SameSite 232 // attribute value, if a pointer is provided. 233 NET_EXPORT CookieSameSite 234 StringToCookieSameSite(const std::string& same_site, 235 CookieSameSiteString* samesite_string = nullptr); 236 237 NET_EXPORT void RecordCookieSameSiteAttributeValueHistogram( 238 CookieSameSiteString value, 239 bool is_cookie_same_party = false); 240 241 // This function reduces the 65535 available TCP port values down to a <100 242 // potentially interesting values that cookies could be set by or sent to. This 243 // is because UMA cannot handle the full range. 244 NET_EXPORT CookiePort ReducePortRangeForCookieHistogram(const int port); 245 246 } // namespace net 247 248 #endif // NET_COOKIES_COOKIE_CONSTANTS_H_ 249