net/cookies/cookie_monster.cc

*6777b538SAndroid Build Coastguard Worker// Copyright 2012 The Chromium Authors
*6777b538SAndroid Build Coastguard Worker// Use of this source code is governed by a BSD-style license that can be
*6777b538SAndroid Build Coastguard Worker// found in the LICENSE file.
*6777b538SAndroid Build Coastguard Worker
*6777b538SAndroid Build Coastguard Worker// Portions of this code based on Mozilla:
*6777b538SAndroid Build Coastguard Worker//   (netwerk/cookie/src/nsCookieService.cpp)
*6777b538SAndroid Build Coastguard Worker/* ***** BEGIN LICENSE BLOCK *****
*6777b538SAndroid Build Coastguard Worker * Version: MPL 1.1/GPL 2.0/LGPL 2.1
*6777b538SAndroid Build Coastguard Worker *
*6777b538SAndroid Build Coastguard Worker * The contents of this file are subject to the Mozilla Public License Version
*6777b538SAndroid Build Coastguard Worker * 1.1 (the "License"); you may not use this file except in compliance with
*6777b538SAndroid Build Coastguard Worker * the License. You may obtain a copy of the License at
*6777b538SAndroid Build Coastguard Worker * http://www.mozilla.org/MPL/
*6777b538SAndroid Build Coastguard Worker *
*6777b538SAndroid Build Coastguard Worker * Software distributed under the License is distributed on an "AS IS" basis,
*6777b538SAndroid Build Coastguard Worker * WITHOUT WARRANTY OF ANY KIND, either express or implied. See the License
*6777b538SAndroid Build Coastguard Worker * for the specific language governing rights and limitations under the
*6777b538SAndroid Build Coastguard Worker * License.
*6777b538SAndroid Build Coastguard Worker *
*6777b538SAndroid Build Coastguard Worker * The Original Code is mozilla.org code.
*6777b538SAndroid Build Coastguard Worker *
*6777b538SAndroid Build Coastguard Worker * The Initial Developer of the Original Code is
*6777b538SAndroid Build Coastguard Worker * Netscape Communications Corporation.
*6777b538SAndroid Build Coastguard Worker * Portions created by the Initial Developer are Copyright (C) 2003
*6777b538SAndroid Build Coastguard Worker * the Initial Developer. All Rights Reserved.
*6777b538SAndroid Build Coastguard Worker *
*6777b538SAndroid Build Coastguard Worker * Contributor(s):
*6777b538SAndroid Build Coastguard Worker *   Daniel Witte ([email protected])
*6777b538SAndroid Build Coastguard Worker *   Michiel van Leeuwen ([email protected])
*6777b538SAndroid Build Coastguard Worker *
*6777b538SAndroid Build Coastguard Worker * Alternatively, the contents of this file may be used under the terms of
*6777b538SAndroid Build Coastguard Worker * either the GNU General Public License Version 2 or later (the "GPL"), or
*6777b538SAndroid Build Coastguard Worker * the GNU Lesser General Public License Version 2.1 or later (the "LGPL"),
*6777b538SAndroid Build Coastguard Worker * in which case the provisions of the GPL or the LGPL are applicable instead
*6777b538SAndroid Build Coastguard Worker * of those above. If you wish to allow use of your version of this file only
*6777b538SAndroid Build Coastguard Worker * under the terms of either the GPL or the LGPL, and not to allow others to
*6777b538SAndroid Build Coastguard Worker * use your version of this file under the terms of the MPL, indicate your
*6777b538SAndroid Build Coastguard Worker * decision by deleting the provisions above and replace them with the notice
*6777b538SAndroid Build Coastguard Worker * and other provisions required by the GPL or the LGPL. If you do not delete
*6777b538SAndroid Build Coastguard Worker * the provisions above, a recipient may use your version of this file under
*6777b538SAndroid Build Coastguard Worker * the terms of any one of the MPL, the GPL or the LGPL.
*6777b538SAndroid Build Coastguard Worker *
*6777b538SAndroid Build Coastguard Worker * ***** END LICENSE BLOCK ***** */
*6777b538SAndroid Build Coastguard Worker
*6777b538SAndroid Build Coastguard Worker#include "net/cookies/cookie_monster.h"
*6777b538SAndroid Build Coastguard Worker
*6777b538SAndroid Build Coastguard Worker#include <functional>
*6777b538SAndroid Build Coastguard Worker#include <list>
*6777b538SAndroid Build Coastguard Worker#include <numeric>
*6777b538SAndroid Build Coastguard Worker#include <optional>
*6777b538SAndroid Build Coastguard Worker#include <set>
*6777b538SAndroid Build Coastguard Worker#include <string_view>
*6777b538SAndroid Build Coastguard Worker#include <utility>
*6777b538SAndroid Build Coastguard Worker
*6777b538SAndroid Build Coastguard Worker#include "base/check_is_test.h"
*6777b538SAndroid Build Coastguard Worker#include "base/containers/flat_map.h"
*6777b538SAndroid Build Coastguard Worker#include "base/feature_list.h"
*6777b538SAndroid Build Coastguard Worker#include "base/functional/bind.h"
*6777b538SAndroid Build Coastguard Worker#include "base/functional/callback.h"
*6777b538SAndroid Build Coastguard Worker#include "base/location.h"
*6777b538SAndroid Build Coastguard Worker#include "base/logging.h"
*6777b538SAndroid Build Coastguard Worker#include "base/metrics/field_trial.h"
*6777b538SAndroid Build Coastguard Worker#include "base/metrics/histogram_functions.h"
*6777b538SAndroid Build Coastguard Worker#include "base/metrics/histogram_macros.h"
*6777b538SAndroid Build Coastguard Worker#include "base/ranges/algorithm.h"
*6777b538SAndroid Build Coastguard Worker#include "base/strings/strcat.h"
*6777b538SAndroid Build Coastguard Worker#include "base/strings/string_util.h"
*6777b538SAndroid Build Coastguard Worker#include "base/strings/stringprintf.h"
*6777b538SAndroid Build Coastguard Worker#include "base/task/single_thread_task_runner.h"
*6777b538SAndroid Build Coastguard Worker#include "base/threading/thread_checker.h"
*6777b538SAndroid Build Coastguard Worker#include "base/time/time.h"
*6777b538SAndroid Build Coastguard Worker#include "net/base/isolation_info.h"
*6777b538SAndroid Build Coastguard Worker#include "net/base/registry_controlled_domains/registry_controlled_domain.h"
*6777b538SAndroid Build Coastguard Worker#include "net/base/schemeful_site.h"
*6777b538SAndroid Build Coastguard Worker#include "net/base/url_util.h"
*6777b538SAndroid Build Coastguard Worker#include "net/cookies/canonical_cookie.h"
*6777b538SAndroid Build Coastguard Worker#include "net/cookies/cookie_constants.h"
*6777b538SAndroid Build Coastguard Worker#include "net/cookies/cookie_monster_change_dispatcher.h"
*6777b538SAndroid Build Coastguard Worker#include "net/cookies/cookie_monster_netlog_params.h"
*6777b538SAndroid Build Coastguard Worker#include "net/cookies/cookie_partition_key.h"
*6777b538SAndroid Build Coastguard Worker#include "net/cookies/cookie_partition_key_collection.h"
*6777b538SAndroid Build Coastguard Worker#include "net/cookies/cookie_util.h"
*6777b538SAndroid Build Coastguard Worker#include "net/cookies/parsed_cookie.h"
*6777b538SAndroid Build Coastguard Worker#include "net/http/http_util.h"
*6777b538SAndroid Build Coastguard Worker#include "net/log/net_log.h"
*6777b538SAndroid Build Coastguard Worker#include "net/log/net_log_values.h"
*6777b538SAndroid Build Coastguard Worker#include "url/origin.h"
*6777b538SAndroid Build Coastguard Worker#include "url/third_party/mozilla/url_parse.h"
*6777b538SAndroid Build Coastguard Worker#include "url/url_canon.h"
*6777b538SAndroid Build Coastguard Worker#include "url/url_constants.h"
*6777b538SAndroid Build Coastguard Worker
*6777b538SAndroid Build Coastguard Workerusing base::Time;
*6777b538SAndroid Build Coastguard Workerusing base::TimeTicks;
*6777b538SAndroid Build Coastguard Workerusing TimeRange = net::CookieDeletionInfo::TimeRange;
*6777b538SAndroid Build Coastguard Worker
*6777b538SAndroid Build Coastguard Worker// In steady state, most cookie requests can be satisfied by the in memory
*6777b538SAndroid Build Coastguard Worker// cookie monster store. If the cookie request cannot be satisfied by the in
*6777b538SAndroid Build Coastguard Worker// memory store, the relevant cookies must be fetched from the persistent
*6777b538SAndroid Build Coastguard Worker// store. The task is queued in CookieMonster::tasks_pending_ if it requires
*6777b538SAndroid Build Coastguard Worker// all cookies to be loaded from the backend, or tasks_pending_for_key_ if it
*6777b538SAndroid Build Coastguard Worker// only requires all cookies associated with an eTLD+1.
*6777b538SAndroid Build Coastguard Worker//
*6777b538SAndroid Build Coastguard Worker// On the browser critical paths (e.g. for loading initial web pages in a
*6777b538SAndroid Build Coastguard Worker// session restore) it may take too long to wait for the full load. If a cookie
*6777b538SAndroid Build Coastguard Worker// request is for a specific URL, DoCookieCallbackForURL is called, which
*6777b538SAndroid Build Coastguard Worker// triggers a priority load if the key is not loaded yet by calling
*6777b538SAndroid Build Coastguard Worker// PersistentCookieStore::LoadCookiesForKey. The request is queued in
*6777b538SAndroid Build Coastguard Worker// CookieMonster::tasks_pending_for_key_ and executed upon receiving
*6777b538SAndroid Build Coastguard Worker// notification of key load completion via CookieMonster::OnKeyLoaded(). If
*6777b538SAndroid Build Coastguard Worker// multiple requests for the same eTLD+1 are received before key load
*6777b538SAndroid Build Coastguard Worker// completion, only the first request calls
*6777b538SAndroid Build Coastguard Worker// PersistentCookieStore::LoadCookiesForKey, all subsequent requests are queued
*6777b538SAndroid Build Coastguard Worker// in CookieMonster::tasks_pending_for_key_ and executed upon receiving
*6777b538SAndroid Build Coastguard Worker// notification of key load completion triggered by the first request for the
*6777b538SAndroid Build Coastguard Worker// same eTLD+1.
*6777b538SAndroid Build Coastguard Worker
*6777b538SAndroid Build Coastguard Workerstatic const int kDaysInTenYears = 10 * 365;
*6777b538SAndroid Build Coastguard Workerstatic const int kMinutesInTenYears = kDaysInTenYears * 24 * 60;
*6777b538SAndroid Build Coastguard Worker
*6777b538SAndroid Build Coastguard Workernamespace {
*6777b538SAndroid Build Coastguard Worker
*6777b538SAndroid Build Coastguard Worker// This enum is used to generate a histogramed bitmask measureing the types
*6777b538SAndroid Build Coastguard Worker// of stored cookies. Please do not reorder the list when adding new entries.
*6777b538SAndroid Build Coastguard Worker// New items MUST be added at the end of the list, just before
*6777b538SAndroid Build Coastguard Worker// COOKIE_TYPE_LAST_ENTRY;
*6777b538SAndroid Build Coastguard Worker// There will be 2^COOKIE_TYPE_LAST_ENTRY buckets in the linear histogram.
*6777b538SAndroid Build Coastguard Workerenum CookieType {
*6777b538SAndroid Build Coastguard Worker  COOKIE_TYPE_SAME_SITE = 0,
*6777b538SAndroid Build Coastguard Worker  COOKIE_TYPE_HTTPONLY,
*6777b538SAndroid Build Coastguard Worker  COOKIE_TYPE_SECURE,
*6777b538SAndroid Build Coastguard Worker  COOKIE_TYPE_PERSISTENT,
*6777b538SAndroid Build Coastguard Worker  COOKIE_TYPE_LAST_ENTRY
*6777b538SAndroid Build Coastguard Worker};
*6777b538SAndroid Build Coastguard Worker
*6777b538SAndroid Build Coastguard Workervoid MaybeRunDeleteCallback(base::WeakPtr<net::CookieMonster> cookie_monster,
*6777b538SAndroid Build Coastguard Worker                            base::OnceClosure callback) {
*6777b538SAndroid Build Coastguard Worker  if (cookie_monster && callback)
*6777b538SAndroid Build Coastguard Worker    std::move(callback).Run();
*6777b538SAndroid Build Coastguard Worker}
*6777b538SAndroid Build Coastguard Worker
*6777b538SAndroid Build Coastguard Workertemplate <typename CB, typename... R>
*6777b538SAndroid Build Coastguard Workervoid MaybeRunCookieCallback(base::OnceCallback<CB> callback, R&&... result) {
*6777b538SAndroid Build Coastguard Worker  if (callback) {
*6777b538SAndroid Build Coastguard Worker    std::move(callback).Run(std::forward<R>(result)...);
*6777b538SAndroid Build Coastguard Worker  }
*6777b538SAndroid Build Coastguard Worker}
*6777b538SAndroid Build Coastguard Worker
*6777b538SAndroid Build Coastguard Worker// Anonymous and Fenced Frame uses a CookiePartitionKey with a nonce. In these
*6777b538SAndroid Build Coastguard Worker// contexts, access to unpartitioned cookie is not granted.
*6777b538SAndroid Build Coastguard Worker//
*6777b538SAndroid Build Coastguard Worker// This returns true if the |list| of key should include unpartitioned cookie in
*6777b538SAndroid Build Coastguard Worker// GetCookie...().
*6777b538SAndroid Build Coastguard Workerbool IncludeUnpartitionedCookies(
*6777b538SAndroid Build Coastguard Worker    const net::CookiePartitionKeyCollection& list) {
*6777b538SAndroid Build Coastguard Worker  if (list.IsEmpty() || list.ContainsAllKeys())
*6777b538SAndroid Build Coastguard Worker    return true;
*6777b538SAndroid Build Coastguard Worker
*6777b538SAndroid Build Coastguard Worker  for (const net::CookiePartitionKey& key : list.PartitionKeys()) {
*6777b538SAndroid Build Coastguard Worker    if (!key.nonce())
*6777b538SAndroid Build Coastguard Worker      return true;
*6777b538SAndroid Build Coastguard Worker  }
*6777b538SAndroid Build Coastguard Worker  return false;
*6777b538SAndroid Build Coastguard Worker}
*6777b538SAndroid Build Coastguard Worker
*6777b538SAndroid Build Coastguard Workersize_t NameValueSizeBytes(const net::CanonicalCookie& cc) {
*6777b538SAndroid Build Coastguard Worker  base::CheckedNumeric<size_t> name_value_pair_size = cc.Name().size();
*6777b538SAndroid Build Coastguard Worker  name_value_pair_size += cc.Value().size();
*6777b538SAndroid Build Coastguard Worker  DCHECK(name_value_pair_size.IsValid());
*6777b538SAndroid Build Coastguard Worker  return name_value_pair_size.ValueOrDie();
*6777b538SAndroid Build Coastguard Worker}
*6777b538SAndroid Build Coastguard Worker
*6777b538SAndroid Build Coastguard Workersize_t NumBytesInCookieMapForKey(
*6777b538SAndroid Build Coastguard Worker    const net::CookieMonster::CookieMap& cookie_map,
*6777b538SAndroid Build Coastguard Worker    const std::string& key) {
*6777b538SAndroid Build Coastguard Worker  size_t result = 0;
*6777b538SAndroid Build Coastguard Worker  auto range = cookie_map.equal_range(key);
*6777b538SAndroid Build Coastguard Worker  for (auto it = range.first; it != range.second; ++it) {
*6777b538SAndroid Build Coastguard Worker    result += NameValueSizeBytes(*it->second);
*6777b538SAndroid Build Coastguard Worker  }
*6777b538SAndroid Build Coastguard Worker  return result;
*6777b538SAndroid Build Coastguard Worker}
*6777b538SAndroid Build Coastguard Worker
*6777b538SAndroid Build Coastguard Workersize_t NumBytesInCookieItVector(
*6777b538SAndroid Build Coastguard Worker    const net::CookieMonster::CookieItVector& cookie_its) {
*6777b538SAndroid Build Coastguard Worker  size_t result = 0;
*6777b538SAndroid Build Coastguard Worker  for (const auto& it : cookie_its) {
*6777b538SAndroid Build Coastguard Worker    result += NameValueSizeBytes(*it->second);
*6777b538SAndroid Build Coastguard Worker  }
*6777b538SAndroid Build Coastguard Worker  return result;
*6777b538SAndroid Build Coastguard Worker}
*6777b538SAndroid Build Coastguard Worker
*6777b538SAndroid Build Coastguard Workervoid LogStoredCookieToUMA(const net::CanonicalCookie& cc,
*6777b538SAndroid Build Coastguard Worker                          const net::CookieAccessResult& access_result) {
*6777b538SAndroid Build Coastguard Worker  // Cookie.Type2 collects a bitvector of important cookie attributes.
*6777b538SAndroid Build Coastguard Worker  int32_t type_sample =
*6777b538SAndroid Build Coastguard Worker      !cc.IsEffectivelySameSiteNone(access_result.access_semantics)
*6777b538SAndroid Build Coastguard Worker          ? 1 << COOKIE_TYPE_SAME_SITE
*6777b538SAndroid Build Coastguard Worker          : 0;
*6777b538SAndroid Build Coastguard Worker  type_sample |= cc.IsHttpOnly() ? 1 << COOKIE_TYPE_HTTPONLY : 0;
*6777b538SAndroid Build Coastguard Worker  type_sample |= cc.SecureAttribute() ? 1 << COOKIE_TYPE_SECURE : 0;
*6777b538SAndroid Build Coastguard Worker  type_sample |= cc.IsPersistent() ? 1 << COOKIE_TYPE_PERSISTENT : 0;
*6777b538SAndroid Build Coastguard Worker  UMA_HISTOGRAM_EXACT_LINEAR("Cookie.Type2", type_sample,
*6777b538SAndroid Build Coastguard Worker                             (1 << COOKIE_TYPE_LAST_ENTRY));
*6777b538SAndroid Build Coastguard Worker
*6777b538SAndroid Build Coastguard Worker  // Cookie.SourceType collects the CookieSourceType of the stored cookie.
*6777b538SAndroid Build Coastguard Worker  UMA_HISTOGRAM_ENUMERATION("Cookie.SourceType", cc.SourceType());
*6777b538SAndroid Build Coastguard Worker}
*6777b538SAndroid Build Coastguard Worker
*6777b538SAndroid Build Coastguard Worker}  // namespace
*6777b538SAndroid Build Coastguard Worker
*6777b538SAndroid Build Coastguard Workernamespace net {
*6777b538SAndroid Build Coastguard Worker
*6777b538SAndroid Build Coastguard Worker// See comments at declaration of these variables in cookie_monster.h
*6777b538SAndroid Build Coastguard Worker// for details.
*6777b538SAndroid Build Coastguard Workerconst size_t CookieMonster::kDomainMaxCookies = 180;
*6777b538SAndroid Build Coastguard Workerconst size_t CookieMonster::kDomainPurgeCookies = 30;
*6777b538SAndroid Build Coastguard Workerconst size_t CookieMonster::kMaxCookies = 3300;
*6777b538SAndroid Build Coastguard Workerconst size_t CookieMonster::kPurgeCookies = 300;
*6777b538SAndroid Build Coastguard Worker
*6777b538SAndroid Build Coastguard Workerconst size_t CookieMonster::kMaxDomainPurgedKeys = 100;
*6777b538SAndroid Build Coastguard Worker
*6777b538SAndroid Build Coastguard Workerconst size_t CookieMonster::kPerPartitionDomainMaxCookieBytes = 10240;
*6777b538SAndroid Build Coastguard Workerconst size_t CookieMonster::kPerPartitionDomainMaxCookies = 180;
*6777b538SAndroid Build Coastguard Worker
*6777b538SAndroid Build Coastguard Workerconst size_t CookieMonster::kDomainCookiesQuotaLow = 30;
*6777b538SAndroid Build Coastguard Workerconst size_t CookieMonster::kDomainCookiesQuotaMedium = 50;
*6777b538SAndroid Build Coastguard Workerconst size_t CookieMonster::kDomainCookiesQuotaHigh =
*6777b538SAndroid Build Coastguard Worker    kDomainMaxCookies - kDomainPurgeCookies - kDomainCookiesQuotaLow -
*6777b538SAndroid Build Coastguard Worker    kDomainCookiesQuotaMedium;
*6777b538SAndroid Build Coastguard Worker
*6777b538SAndroid Build Coastguard Workerconst int CookieMonster::kSafeFromGlobalPurgeDays = 30;
*6777b538SAndroid Build Coastguard Worker
*6777b538SAndroid Build Coastguard Workernamespace {
*6777b538SAndroid Build Coastguard Worker
*6777b538SAndroid Build Coastguard Workerbool ContainsControlCharacter(const std::string& s) {
*6777b538SAndroid Build Coastguard Worker  return base::ranges::any_of(s, &HttpUtil::IsControlChar);
*6777b538SAndroid Build Coastguard Worker}
*6777b538SAndroid Build Coastguard Worker
*6777b538SAndroid Build Coastguard Workertypedef std::vector<CanonicalCookie*> CanonicalCookieVector;
*6777b538SAndroid Build Coastguard Worker
*6777b538SAndroid Build Coastguard Worker// Default minimum delay after updating a cookie's LastAccessDate before we
*6777b538SAndroid Build Coastguard Worker// will update it again.
*6777b538SAndroid Build Coastguard Workerconst int kDefaultAccessUpdateThresholdSeconds = 60;
*6777b538SAndroid Build Coastguard Worker
*6777b538SAndroid Build Coastguard Worker// Comparator to sort cookies from highest creation date to lowest
*6777b538SAndroid Build Coastguard Worker// creation date.
*6777b538SAndroid Build Coastguard Workerstruct OrderByCreationTimeDesc {
*6777b538SAndroid Build Coastguard Worker  bool operator()(const CookieMonster::CookieMap::iterator& a,
*6777b538SAndroid Build Coastguard Worker                  const CookieMonster::CookieMap::iterator& b) const {
*6777b538SAndroid Build Coastguard Worker    return a->second->CreationDate() > b->second->CreationDate();
*6777b538SAndroid Build Coastguard Worker  }
*6777b538SAndroid Build Coastguard Worker};
*6777b538SAndroid Build Coastguard Worker
*6777b538SAndroid Build Coastguard Workerbool LRACookieSorter(const CookieMonster::CookieMap::iterator& it1,
*6777b538SAndroid Build Coastguard Worker                     const CookieMonster::CookieMap::iterator& it2) {
*6777b538SAndroid Build Coastguard Worker  if (it1->second->LastAccessDate() != it2->second->LastAccessDate())
*6777b538SAndroid Build Coastguard Worker    return it1->second->LastAccessDate() < it2->second->LastAccessDate();
*6777b538SAndroid Build Coastguard Worker
*6777b538SAndroid Build Coastguard Worker  // Ensure stability for == last access times by falling back to creation.
*6777b538SAndroid Build Coastguard Worker  return it1->second->CreationDate() < it2->second->CreationDate();
*6777b538SAndroid Build Coastguard Worker}
*6777b538SAndroid Build Coastguard Worker
*6777b538SAndroid Build Coastguard Worker// For a CookieItVector iterator range [|it_begin|, |it_end|),
*6777b538SAndroid Build Coastguard Worker// sorts the first |num_sort| elements by LastAccessDate().
*6777b538SAndroid Build Coastguard Workervoid SortLeastRecentlyAccessed(CookieMonster::CookieItVector::iterator it_begin,
*6777b538SAndroid Build Coastguard Worker                               CookieMonster::CookieItVector::iterator it_end,
*6777b538SAndroid Build Coastguard Worker                               size_t num_sort) {
*6777b538SAndroid Build Coastguard Worker  DCHECK_LE(static_cast<int>(num_sort), it_end - it_begin);
*6777b538SAndroid Build Coastguard Worker  std::partial_sort(it_begin, it_begin + num_sort, it_end, LRACookieSorter);
*6777b538SAndroid Build Coastguard Worker}
*6777b538SAndroid Build Coastguard Worker
*6777b538SAndroid Build Coastguard Worker// Given a single cookie vector |cookie_its|, pushs all of the secure cookies in
*6777b538SAndroid Build Coastguard Worker// |cookie_its| into |secure_cookie_its| and all of the non-secure cookies into
*6777b538SAndroid Build Coastguard Worker// |non_secure_cookie_its|. Both |secure_cookie_its| and |non_secure_cookie_its|
*6777b538SAndroid Build Coastguard Worker// must be non-NULL.
*6777b538SAndroid Build Coastguard Workervoid SplitCookieVectorIntoSecureAndNonSecure(
*6777b538SAndroid Build Coastguard Worker    const CookieMonster::CookieItVector& cookie_its,
*6777b538SAndroid Build Coastguard Worker    CookieMonster::CookieItVector* secure_cookie_its,
*6777b538SAndroid Build Coastguard Worker    CookieMonster::CookieItVector* non_secure_cookie_its) {
*6777b538SAndroid Build Coastguard Worker  DCHECK(secure_cookie_its && non_secure_cookie_its);
*6777b538SAndroid Build Coastguard Worker  for (const auto& curit : cookie_its) {
*6777b538SAndroid Build Coastguard Worker    if (curit->second->SecureAttribute()) {
*6777b538SAndroid Build Coastguard Worker      secure_cookie_its->push_back(curit);
*6777b538SAndroid Build Coastguard Worker    } else {
*6777b538SAndroid Build Coastguard Worker      non_secure_cookie_its->push_back(curit);
*6777b538SAndroid Build Coastguard Worker    }
*6777b538SAndroid Build Coastguard Worker  }
*6777b538SAndroid Build Coastguard Worker}
*6777b538SAndroid Build Coastguard Worker
*6777b538SAndroid Build Coastguard Workerbool LowerBoundAccessDateComparator(const CookieMonster::CookieMap::iterator it,
*6777b538SAndroid Build Coastguard Worker                                    const Time& access_date) {
*6777b538SAndroid Build Coastguard Worker  return it->second->LastAccessDate() < access_date;
*6777b538SAndroid Build Coastguard Worker}
*6777b538SAndroid Build Coastguard Worker
*6777b538SAndroid Build Coastguard Worker// For a CookieItVector iterator range [|it_begin|, |it_end|)
*6777b538SAndroid Build Coastguard Worker// from a CookieItVector sorted by LastAccessDate(), returns the
*6777b538SAndroid Build Coastguard Worker// first iterator with access date >= |access_date|, or cookie_its_end if this
*6777b538SAndroid Build Coastguard Worker// holds for all.
*6777b538SAndroid Build Coastguard WorkerCookieMonster::CookieItVector::iterator LowerBoundAccessDate(
*6777b538SAndroid Build Coastguard Worker    const CookieMonster::CookieItVector::iterator its_begin,
*6777b538SAndroid Build Coastguard Worker    const CookieMonster::CookieItVector::iterator its_end,
*6777b538SAndroid Build Coastguard Worker    const Time& access_date) {
*6777b538SAndroid Build Coastguard Worker  return std::lower_bound(its_begin, its_end, access_date,
*6777b538SAndroid Build Coastguard Worker                          LowerBoundAccessDateComparator);
*6777b538SAndroid Build Coastguard Worker}
*6777b538SAndroid Build Coastguard Worker
*6777b538SAndroid Build Coastguard Worker// Mapping between DeletionCause and CookieChangeCause; the
*6777b538SAndroid Build Coastguard Worker// mapping also provides a boolean that specifies whether or not an
*6777b538SAndroid Build Coastguard Worker// OnCookieChange notification ought to be generated.
*6777b538SAndroid Build Coastguard Workertypedef struct ChangeCausePair_struct {
*6777b538SAndroid Build Coastguard Worker  CookieChangeCause cause;
*6777b538SAndroid Build Coastguard Worker  bool notify;
*6777b538SAndroid Build Coastguard Worker} ChangeCausePair;
*6777b538SAndroid Build Coastguard Workerconst ChangeCausePair kChangeCauseMapping[] = {
*6777b538SAndroid Build Coastguard Worker    // DELETE_COOKIE_EXPLICIT
*6777b538SAndroid Build Coastguard Worker    {CookieChangeCause::EXPLICIT, true},
*6777b538SAndroid Build Coastguard Worker    // DELETE_COOKIE_OVERWRITE
*6777b538SAndroid Build Coastguard Worker    {CookieChangeCause::OVERWRITE, true},
*6777b538SAndroid Build Coastguard Worker    // DELETE_COOKIE_EXPIRED
*6777b538SAndroid Build Coastguard Worker    {CookieChangeCause::EXPIRED, true},
*6777b538SAndroid Build Coastguard Worker    // DELETE_COOKIE_EVICTED
*6777b538SAndroid Build Coastguard Worker    {CookieChangeCause::EVICTED, true},
*6777b538SAndroid Build Coastguard Worker    // DELETE_COOKIE_DUPLICATE_IN_BACKING_STORE
*6777b538SAndroid Build Coastguard Worker    {CookieChangeCause::EXPLICIT, false},
*6777b538SAndroid Build Coastguard Worker    // DELETE_COOKIE_DONT_RECORD
*6777b538SAndroid Build Coastguard Worker    {CookieChangeCause::EXPLICIT, false},
*6777b538SAndroid Build Coastguard Worker    // DELETE_COOKIE_EVICTED_DOMAIN
*6777b538SAndroid Build Coastguard Worker    {CookieChangeCause::EVICTED, true},
*6777b538SAndroid Build Coastguard Worker    // DELETE_COOKIE_EVICTED_GLOBAL
*6777b538SAndroid Build Coastguard Worker    {CookieChangeCause::EVICTED, true},
*6777b538SAndroid Build Coastguard Worker    // DELETE_COOKIE_EVICTED_DOMAIN_PRE_SAFE
*6777b538SAndroid Build Coastguard Worker    {CookieChangeCause::EVICTED, true},
*6777b538SAndroid Build Coastguard Worker    // DELETE_COOKIE_EVICTED_DOMAIN_POST_SAFE
*6777b538SAndroid Build Coastguard Worker    {CookieChangeCause::EVICTED, true},
*6777b538SAndroid Build Coastguard Worker    // DELETE_COOKIE_EXPIRED_OVERWRITE
*6777b538SAndroid Build Coastguard Worker    {CookieChangeCause::EXPIRED_OVERWRITE, true},
*6777b538SAndroid Build Coastguard Worker    // DELETE_COOKIE_CONTROL_CHAR
*6777b538SAndroid Build Coastguard Worker    {CookieChangeCause::EVICTED, true},
*6777b538SAndroid Build Coastguard Worker    // DELETE_COOKIE_NON_SECURE
*6777b538SAndroid Build Coastguard Worker    {CookieChangeCause::EVICTED, true},
*6777b538SAndroid Build Coastguard Worker    // DELETE_COOKIE_EVICTED_PER_PARTITION_DOMAIN
*6777b538SAndroid Build Coastguard Worker    {CookieChangeCause::EVICTED, true},
*6777b538SAndroid Build Coastguard Worker    // DELETE_COOKIE_LAST_ENTRY
*6777b538SAndroid Build Coastguard Worker    {CookieChangeCause::EXPLICIT, false}};
*6777b538SAndroid Build Coastguard Worker
*6777b538SAndroid Build Coastguard Workerbool IsCookieEligibleForEviction(CookiePriority current_priority_level,
*6777b538SAndroid Build Coastguard Worker                                 bool protect_secure_cookies,
*6777b538SAndroid Build Coastguard Worker                                 const CanonicalCookie* cookie) {
*6777b538SAndroid Build Coastguard Worker  if (cookie->Priority() == current_priority_level && protect_secure_cookies)
*6777b538SAndroid Build Coastguard Worker    return !cookie->SecureAttribute();
*6777b538SAndroid Build Coastguard Worker
*6777b538SAndroid Build Coastguard Worker  return cookie->Priority() == current_priority_level;
*6777b538SAndroid Build Coastguard Worker}
*6777b538SAndroid Build Coastguard Worker
*6777b538SAndroid Build Coastguard Workersize_t CountCookiesForPossibleDeletion(
*6777b538SAndroid Build Coastguard Worker    CookiePriority priority,
*6777b538SAndroid Build Coastguard Worker    const CookieMonster::CookieItVector* cookies,
*6777b538SAndroid Build Coastguard Worker    bool protect_secure_cookies) {
*6777b538SAndroid Build Coastguard Worker  size_t cookies_count = 0U;
*6777b538SAndroid Build Coastguard Worker  for (const auto& cookie : *cookies) {
*6777b538SAndroid Build Coastguard Worker    if (cookie->second->Priority() == priority) {
*6777b538SAndroid Build Coastguard Worker      if (!protect_secure_cookies || cookie->second->SecureAttribute()) {
*6777b538SAndroid Build Coastguard Worker        cookies_count++;
*6777b538SAndroid Build Coastguard Worker      }
*6777b538SAndroid Build Coastguard Worker    }
*6777b538SAndroid Build Coastguard Worker  }
*6777b538SAndroid Build Coastguard Worker  return cookies_count;
*6777b538SAndroid Build Coastguard Worker}
*6777b538SAndroid Build Coastguard Worker
*6777b538SAndroid Build Coastguard Workerstruct DeletionCookieLists {
*6777b538SAndroid Build Coastguard Worker  std::list<CookieMonster::CookieItList::const_iterator> host_cookies;
*6777b538SAndroid Build Coastguard Worker  std::list<CookieMonster::CookieItList::const_iterator> domain_cookies;
*6777b538SAndroid Build Coastguard Worker};
*6777b538SAndroid Build Coastguard Worker
*6777b538SAndroid Build Coastguard Worker// Performs 2 tasks
*6777b538SAndroid Build Coastguard Worker// * Counts every cookie at the given `priority` in `cookies`. This is the
*6777b538SAndroid Build Coastguard Worker// return value.
*6777b538SAndroid Build Coastguard Worker// * Fills in the host & domain lists for `could_be_deleted` with every cookie
*6777b538SAndroid Build Coastguard Worker// of the given {secureness, priority} in `cookies`.
*6777b538SAndroid Build Coastguard Workersize_t CountCookiesAndGenerateListsForPossibleDeletion(
*6777b538SAndroid Build Coastguard Worker    CookiePriority priority,
*6777b538SAndroid Build Coastguard Worker    DeletionCookieLists& could_be_deleted,
*6777b538SAndroid Build Coastguard Worker    const CookieMonster::CookieItList* cookies,
*6777b538SAndroid Build Coastguard Worker    bool generate_for_secure) {
*6777b538SAndroid Build Coastguard Worker  size_t total_cookies_at_priority = 0;
*6777b538SAndroid Build Coastguard Worker
*6777b538SAndroid Build Coastguard Worker  for (auto list_it = cookies->begin(); list_it != cookies->end(); list_it++) {
*6777b538SAndroid Build Coastguard Worker    const auto cookiemap_it = *list_it;
*6777b538SAndroid Build Coastguard Worker    const auto& cookie = cookiemap_it->second;
*6777b538SAndroid Build Coastguard Worker
*6777b538SAndroid Build Coastguard Worker    if (cookie->Priority() != priority) {
*6777b538SAndroid Build Coastguard Worker      continue;
*6777b538SAndroid Build Coastguard Worker    }
*6777b538SAndroid Build Coastguard Worker
*6777b538SAndroid Build Coastguard Worker    // Because we want to keep a specific number of cookies per priority level,
*6777b538SAndroid Build Coastguard Worker    // independent of securness of the cookies, we need to count all the cookies
*6777b538SAndroid Build Coastguard Worker    // at the level even if we'll skip adding them to the deletion lists.
*6777b538SAndroid Build Coastguard Worker    total_cookies_at_priority++;
*6777b538SAndroid Build Coastguard Worker
*6777b538SAndroid Build Coastguard Worker    if (cookie->IsSecure() != generate_for_secure) {
*6777b538SAndroid Build Coastguard Worker      continue;
*6777b538SAndroid Build Coastguard Worker    }
*6777b538SAndroid Build Coastguard Worker
*6777b538SAndroid Build Coastguard Worker    if (cookie->IsHostCookie()) {
*6777b538SAndroid Build Coastguard Worker      could_be_deleted.host_cookies.push_back(list_it);
*6777b538SAndroid Build Coastguard Worker    } else {  // Is a domain cookie.
*6777b538SAndroid Build Coastguard Worker      could_be_deleted.domain_cookies.push_back(list_it);
*6777b538SAndroid Build Coastguard Worker    }
*6777b538SAndroid Build Coastguard Worker  }
*6777b538SAndroid Build Coastguard Worker
*6777b538SAndroid Build Coastguard Worker  return total_cookies_at_priority;
*6777b538SAndroid Build Coastguard Worker}
*6777b538SAndroid Build Coastguard Worker
*6777b538SAndroid Build Coastguard Worker// Records minutes until the expiration date of a cookie to the appropriate
*6777b538SAndroid Build Coastguard Worker// histogram. Only histograms cookies that have an expiration date (i.e. are
*6777b538SAndroid Build Coastguard Worker// persistent).
*6777b538SAndroid Build Coastguard Workervoid HistogramExpirationDuration(const CanonicalCookie& cookie,
*6777b538SAndroid Build Coastguard Worker                                 base::Time creation_time) {
*6777b538SAndroid Build Coastguard Worker  if (!cookie.IsPersistent())
*6777b538SAndroid Build Coastguard Worker    return;
*6777b538SAndroid Build Coastguard Worker
*6777b538SAndroid Build Coastguard Worker  int expiration_duration_minutes =
*6777b538SAndroid Build Coastguard Worker      (cookie.ExpiryDate() - creation_time).InMinutes();
*6777b538SAndroid Build Coastguard Worker  if (cookie.SecureAttribute()) {
*6777b538SAndroid Build Coastguard Worker    UMA_HISTOGRAM_CUSTOM_COUNTS("Cookie.ExpirationDurationMinutesSecure",
*6777b538SAndroid Build Coastguard Worker                                expiration_duration_minutes, 1,
*6777b538SAndroid Build Coastguard Worker                                kMinutesInTenYears, 50);
*6777b538SAndroid Build Coastguard Worker  } else {
*6777b538SAndroid Build Coastguard Worker    UMA_HISTOGRAM_CUSTOM_COUNTS("Cookie.ExpirationDurationMinutesNonSecure",
*6777b538SAndroid Build Coastguard Worker                                expiration_duration_minutes, 1,
*6777b538SAndroid Build Coastguard Worker                                kMinutesInTenYears, 50);
*6777b538SAndroid Build Coastguard Worker  }
*6777b538SAndroid Build Coastguard Worker  // The proposed rfc6265bis sets an upper limit on Expires/Max-Age attribute
*6777b538SAndroid Build Coastguard Worker  // values of 400 days. We need to study the impact this change would have:
*6777b538SAndroid Build Coastguard Worker  // https://httpwg.org/http-extensions/draft-ietf-httpbis-rfc6265bis.html
*6777b538SAndroid Build Coastguard Worker  int expiration_duration_days = (cookie.ExpiryDate() - creation_time).InDays();
*6777b538SAndroid Build Coastguard Worker  if (expiration_duration_days > 400) {
*6777b538SAndroid Build Coastguard Worker    UMA_HISTOGRAM_CUSTOM_COUNTS("Cookie.ExpirationDuration400DaysGT",
*6777b538SAndroid Build Coastguard Worker                                expiration_duration_days, 401, kDaysInTenYears,
*6777b538SAndroid Build Coastguard Worker                                100);
*6777b538SAndroid Build Coastguard Worker  } else {
*6777b538SAndroid Build Coastguard Worker    UMA_HISTOGRAM_CUSTOM_COUNTS("Cookie.ExpirationDuration400DaysLTE",
*6777b538SAndroid Build Coastguard Worker                                expiration_duration_days, 1, 400, 50);
*6777b538SAndroid Build Coastguard Worker  }
*6777b538SAndroid Build Coastguard Worker}
*6777b538SAndroid Build Coastguard Worker
*6777b538SAndroid Build Coastguard Worker}  // namespace
*6777b538SAndroid Build Coastguard Worker
*6777b538SAndroid Build Coastguard WorkerCookieMonster::CookieMonster(scoped_refptr<PersistentCookieStore> store,
*6777b538SAndroid Build Coastguard Worker                             NetLog* net_log)
*6777b538SAndroid Build Coastguard Worker    : CookieMonster(std::move(store),
*6777b538SAndroid Build Coastguard Worker                    base::Seconds(kDefaultAccessUpdateThresholdSeconds),
*6777b538SAndroid Build Coastguard Worker                    net_log) {}
*6777b538SAndroid Build Coastguard Worker
*6777b538SAndroid Build Coastguard WorkerCookieMonster::CookieMonster(scoped_refptr<PersistentCookieStore> store,
*6777b538SAndroid Build Coastguard Worker                             base::TimeDelta last_access_threshold,
*6777b538SAndroid Build Coastguard Worker                             NetLog* net_log)
*6777b538SAndroid Build Coastguard Worker    : change_dispatcher_(this),
*6777b538SAndroid Build Coastguard Worker      net_log_(NetLogWithSource::Make(net_log, NetLogSourceType::COOKIE_STORE)),
*6777b538SAndroid Build Coastguard Worker      store_(std::move(store)),
*6777b538SAndroid Build Coastguard Worker      last_access_threshold_(last_access_threshold),
*6777b538SAndroid Build Coastguard Worker      last_statistic_record_time_(base::Time::Now()) {
*6777b538SAndroid Build Coastguard Worker  cookieable_schemes_.insert(
*6777b538SAndroid Build Coastguard Worker      cookieable_schemes_.begin(), kDefaultCookieableSchemes,
*6777b538SAndroid Build Coastguard Worker      kDefaultCookieableSchemes + kDefaultCookieableSchemesCount);
*6777b538SAndroid Build Coastguard Worker  net_log_.BeginEvent(NetLogEventType::COOKIE_STORE_ALIVE, [&] {
*6777b538SAndroid Build Coastguard Worker    return NetLogCookieMonsterConstructorParams(store_ != nullptr);
*6777b538SAndroid Build Coastguard Worker  });
*6777b538SAndroid Build Coastguard Worker}
*6777b538SAndroid Build Coastguard Worker
*6777b538SAndroid Build Coastguard Worker// Asynchronous CookieMonster API
*6777b538SAndroid Build Coastguard Worker
*6777b538SAndroid Build Coastguard Workervoid CookieMonster::FlushStore(base::OnceClosure callback) {
*6777b538SAndroid Build Coastguard Worker  DCHECK_CALLED_ON_VALID_THREAD(thread_checker_);
*6777b538SAndroid Build Coastguard Worker
*6777b538SAndroid Build Coastguard Worker  if (initialized_ && store_.get()) {
*6777b538SAndroid Build Coastguard Worker    store_->Flush(std::move(callback));
*6777b538SAndroid Build Coastguard Worker  } else if (callback) {
*6777b538SAndroid Build Coastguard Worker    base::SingleThreadTaskRunner::GetCurrentDefault()->PostTask(
*6777b538SAndroid Build Coastguard Worker        FROM_HERE, std::move(callback));
*6777b538SAndroid Build Coastguard Worker  }
*6777b538SAndroid Build Coastguard Worker}
*6777b538SAndroid Build Coastguard Worker
*6777b538SAndroid Build Coastguard Workervoid CookieMonster::SetForceKeepSessionState() {
*6777b538SAndroid Build Coastguard Worker  DCHECK_CALLED_ON_VALID_THREAD(thread_checker_);
*6777b538SAndroid Build Coastguard Worker
*6777b538SAndroid Build Coastguard Worker  if (store_)
*6777b538SAndroid Build Coastguard Worker    store_->SetForceKeepSessionState();
*6777b538SAndroid Build Coastguard Worker}
*6777b538SAndroid Build Coastguard Worker
*6777b538SAndroid Build Coastguard Workervoid CookieMonster::SetAllCookiesAsync(const CookieList& list,
*6777b538SAndroid Build Coastguard Worker                                       SetCookiesCallback callback) {
*6777b538SAndroid Build Coastguard Worker  DoCookieCallback(base::BindOnce(
*6777b538SAndroid Build Coastguard Worker      // base::Unretained is safe as DoCookieCallback stores
*6777b538SAndroid Build Coastguard Worker      // the callback on |*this|, so the callback will not outlive
*6777b538SAndroid Build Coastguard Worker      // the object.
*6777b538SAndroid Build Coastguard Worker      &CookieMonster::SetAllCookies, base::Unretained(this), list,
*6777b538SAndroid Build Coastguard Worker      std::move(callback)));
*6777b538SAndroid Build Coastguard Worker}
*6777b538SAndroid Build Coastguard Worker
*6777b538SAndroid Build Coastguard Workervoid CookieMonster::SetCanonicalCookieAsync(
*6777b538SAndroid Build Coastguard Worker    std::unique_ptr<CanonicalCookie> cookie,
*6777b538SAndroid Build Coastguard Worker    const GURL& source_url,
*6777b538SAndroid Build Coastguard Worker    const CookieOptions& options,
*6777b538SAndroid Build Coastguard Worker    SetCookiesCallback callback,
*6777b538SAndroid Build Coastguard Worker    std::optional<CookieAccessResult> cookie_access_result) {
*6777b538SAndroid Build Coastguard Worker  DCHECK(cookie->IsCanonical());
*6777b538SAndroid Build Coastguard Worker
*6777b538SAndroid Build Coastguard Worker  std::string domain = cookie->Domain();
*6777b538SAndroid Build Coastguard Worker  DoCookieCallbackForHostOrDomain(
*6777b538SAndroid Build Coastguard Worker      base::BindOnce(
*6777b538SAndroid Build Coastguard Worker          // base::Unretained is safe as DoCookieCallbackForHostOrDomain stores
*6777b538SAndroid Build Coastguard Worker          // the callback on |*this|, so the callback will not outlive
*6777b538SAndroid Build Coastguard Worker          // the object.
*6777b538SAndroid Build Coastguard Worker          &CookieMonster::SetCanonicalCookie, base::Unretained(this),
*6777b538SAndroid Build Coastguard Worker          std::move(cookie), source_url, options, std::move(callback),
*6777b538SAndroid Build Coastguard Worker          std::move(cookie_access_result)),
*6777b538SAndroid Build Coastguard Worker      domain);
*6777b538SAndroid Build Coastguard Worker}
*6777b538SAndroid Build Coastguard Worker
*6777b538SAndroid Build Coastguard Workervoid CookieMonster::GetCookieListWithOptionsAsync(
*6777b538SAndroid Build Coastguard Worker    const GURL& url,
*6777b538SAndroid Build Coastguard Worker    const CookieOptions& options,
*6777b538SAndroid Build Coastguard Worker    const CookiePartitionKeyCollection& cookie_partition_key_collection,
*6777b538SAndroid Build Coastguard Worker    GetCookieListCallback callback) {
*6777b538SAndroid Build Coastguard Worker  DoCookieCallbackForURL(
*6777b538SAndroid Build Coastguard Worker      base::BindOnce(
*6777b538SAndroid Build Coastguard Worker          // base::Unretained is safe as DoCookieCallbackForURL stores
*6777b538SAndroid Build Coastguard Worker          // the callback on |*this|, so the callback will not outlive
*6777b538SAndroid Build Coastguard Worker          // the object.
*6777b538SAndroid Build Coastguard Worker          &CookieMonster::GetCookieListWithOptions, base::Unretained(this), url,
*6777b538SAndroid Build Coastguard Worker          options, cookie_partition_key_collection, std::move(callback)),
*6777b538SAndroid Build Coastguard Worker      url);
*6777b538SAndroid Build Coastguard Worker}
*6777b538SAndroid Build Coastguard Worker
*6777b538SAndroid Build Coastguard Workervoid CookieMonster::GetAllCookiesAsync(GetAllCookiesCallback callback) {
*6777b538SAndroid Build Coastguard Worker  DoCookieCallback(base::BindOnce(
*6777b538SAndroid Build Coastguard Worker      // base::Unretained is safe as DoCookieCallback stores
*6777b538SAndroid Build Coastguard Worker      // the callback on |*this|, so the callback will not outlive
*6777b538SAndroid Build Coastguard Worker      // the object.
*6777b538SAndroid Build Coastguard Worker      &CookieMonster::GetAllCookies, base::Unretained(this),
*6777b538SAndroid Build Coastguard Worker      std::move(callback)));
*6777b538SAndroid Build Coastguard Worker}
*6777b538SAndroid Build Coastguard Worker
*6777b538SAndroid Build Coastguard Workervoid CookieMonster::GetAllCookiesWithAccessSemanticsAsync(
*6777b538SAndroid Build Coastguard Worker    GetAllCookiesWithAccessSemanticsCallback callback) {
*6777b538SAndroid Build Coastguard Worker  DoCookieCallback(base::BindOnce(
*6777b538SAndroid Build Coastguard Worker      // base::Unretained is safe as DoCookieCallback stores
*6777b538SAndroid Build Coastguard Worker      // the callback on |*this|, so the callback will not outlive
*6777b538SAndroid Build Coastguard Worker      // the object.
*6777b538SAndroid Build Coastguard Worker      &CookieMonster::GetAllCookies, base::Unretained(this),
*6777b538SAndroid Build Coastguard Worker      base::BindOnce(&CookieMonster::AttachAccessSemanticsListForCookieList,
*6777b538SAndroid Build Coastguard Worker                     base::Unretained(this), std::move(callback))));
*6777b538SAndroid Build Coastguard Worker}
*6777b538SAndroid Build Coastguard Worker
*6777b538SAndroid Build Coastguard Workervoid CookieMonster::DeleteCanonicalCookieAsync(const CanonicalCookie& cookie,
*6777b538SAndroid Build Coastguard Worker                                               DeleteCallback callback) {
*6777b538SAndroid Build Coastguard Worker  DoCookieCallback(base::BindOnce(
*6777b538SAndroid Build Coastguard Worker      // base::Unretained is safe as DoCookieCallback stores
*6777b538SAndroid Build Coastguard Worker      // the callback on |*this|, so the callback will not outlive
*6777b538SAndroid Build Coastguard Worker      // the object.
*6777b538SAndroid Build Coastguard Worker      &CookieMonster::DeleteCanonicalCookie, base::Unretained(this), cookie,
*6777b538SAndroid Build Coastguard Worker      std::move(callback)));
*6777b538SAndroid Build Coastguard Worker}
*6777b538SAndroid Build Coastguard Worker
*6777b538SAndroid Build Coastguard Workervoid CookieMonster::DeleteAllCreatedInTimeRangeAsync(
*6777b538SAndroid Build Coastguard Worker    const TimeRange& creation_range,
*6777b538SAndroid Build Coastguard Worker    DeleteCallback callback) {
*6777b538SAndroid Build Coastguard Worker  DoCookieCallback(base::BindOnce(
*6777b538SAndroid Build Coastguard Worker      // base::Unretained is safe as DoCookieCallback stores
*6777b538SAndroid Build Coastguard Worker      // the callback on |*this|, so the callback will not outlive
*6777b538SAndroid Build Coastguard Worker      // the object.
*6777b538SAndroid Build Coastguard Worker      &CookieMonster::DeleteAllCreatedInTimeRange, base::Unretained(this),
*6777b538SAndroid Build Coastguard Worker      creation_range, std::move(callback)));
*6777b538SAndroid Build Coastguard Worker}
*6777b538SAndroid Build Coastguard Worker
*6777b538SAndroid Build Coastguard Workervoid CookieMonster::DeleteAllMatchingInfoAsync(CookieDeletionInfo delete_info,
*6777b538SAndroid Build Coastguard Worker                                               DeleteCallback callback) {
*6777b538SAndroid Build Coastguard Worker  auto cookie_matcher =
*6777b538SAndroid Build Coastguard Worker      base::BindRepeating(&CookieMonster::MatchCookieDeletionInfo,
*6777b538SAndroid Build Coastguard Worker                          base::Unretained(this), std::move(delete_info));
*6777b538SAndroid Build Coastguard Worker
*6777b538SAndroid Build Coastguard Worker  DoCookieCallback(base::BindOnce(
*6777b538SAndroid Build Coastguard Worker      // base::Unretained is safe as DoCookieCallback stores
*6777b538SAndroid Build Coastguard Worker      // the callback on |*this|, so the callback will not outlive
*6777b538SAndroid Build Coastguard Worker      // the object.
*6777b538SAndroid Build Coastguard Worker      &CookieMonster::DeleteMatchingCookies, base::Unretained(this),
*6777b538SAndroid Build Coastguard Worker      std::move(cookie_matcher), DELETE_COOKIE_EXPLICIT, std::move(callback)));
*6777b538SAndroid Build Coastguard Worker}
*6777b538SAndroid Build Coastguard Worker
*6777b538SAndroid Build Coastguard Workervoid CookieMonster::DeleteSessionCookiesAsync(
*6777b538SAndroid Build Coastguard Worker    CookieStore::DeleteCallback callback) {
*6777b538SAndroid Build Coastguard Worker  auto session_cookie_matcher =
*6777b538SAndroid Build Coastguard Worker      base::BindRepeating([](const net::CanonicalCookie& cookie) {
*6777b538SAndroid Build Coastguard Worker        return !cookie.IsPersistent();
*6777b538SAndroid Build Coastguard Worker      });
*6777b538SAndroid Build Coastguard Worker  DoCookieCallback(base::BindOnce(
*6777b538SAndroid Build Coastguard Worker      // base::Unretained is safe as DoCookieCallback stores
*6777b538SAndroid Build Coastguard Worker      // the callback on |*this|, so the callback will not outlive
*6777b538SAndroid Build Coastguard Worker      // the object.
*6777b538SAndroid Build Coastguard Worker      &CookieMonster::DeleteMatchingCookies, base::Unretained(this),
*6777b538SAndroid Build Coastguard Worker      std::move(session_cookie_matcher), DELETE_COOKIE_EXPIRED,
*6777b538SAndroid Build Coastguard Worker      std::move(callback)));
*6777b538SAndroid Build Coastguard Worker}
*6777b538SAndroid Build Coastguard Worker
*6777b538SAndroid Build Coastguard Workervoid CookieMonster::DeleteMatchingCookiesAsync(
*6777b538SAndroid Build Coastguard Worker    CookieStore::DeletePredicate predicate,
*6777b538SAndroid Build Coastguard Worker    CookieStore::DeleteCallback callback) {
*6777b538SAndroid Build Coastguard Worker  DoCookieCallback(base::BindOnce(
*6777b538SAndroid Build Coastguard Worker      // base::Unretained is safe as DoCookieCallback stores
*6777b538SAndroid Build Coastguard Worker      // the callback on |*this|, so the callback will not outlive
*6777b538SAndroid Build Coastguard Worker      // the object.
*6777b538SAndroid Build Coastguard Worker      &CookieMonster::DeleteMatchingCookies, base::Unretained(this),
*6777b538SAndroid Build Coastguard Worker      std::move(predicate), DELETE_COOKIE_EXPLICIT, std::move(callback)));
*6777b538SAndroid Build Coastguard Worker}
*6777b538SAndroid Build Coastguard Worker
*6777b538SAndroid Build Coastguard Workervoid CookieMonster::SetCookieableSchemes(
*6777b538SAndroid Build Coastguard Worker    const std::vector<std::string>& schemes,
*6777b538SAndroid Build Coastguard Worker    SetCookieableSchemesCallback callback) {
*6777b538SAndroid Build Coastguard Worker  DCHECK_CALLED_ON_VALID_THREAD(thread_checker_);
*6777b538SAndroid Build Coastguard Worker
*6777b538SAndroid Build Coastguard Worker  // Calls to this method will have no effect if made after a WebView or
*6777b538SAndroid Build Coastguard Worker  // CookieManager instance has been created.
*6777b538SAndroid Build Coastguard Worker  if (initialized_) {
*6777b538SAndroid Build Coastguard Worker    MaybeRunCookieCallback(std::move(callback), false);
*6777b538SAndroid Build Coastguard Worker    return;
*6777b538SAndroid Build Coastguard Worker  }
*6777b538SAndroid Build Coastguard Worker
*6777b538SAndroid Build Coastguard Worker  cookieable_schemes_ = schemes;
*6777b538SAndroid Build Coastguard Worker  MaybeRunCookieCallback(std::move(callback), true);
*6777b538SAndroid Build Coastguard Worker}
*6777b538SAndroid Build Coastguard Worker
*6777b538SAndroid Build Coastguard Worker// This function must be called before the CookieMonster is used.
*6777b538SAndroid Build Coastguard Workervoid CookieMonster::SetPersistSessionCookies(bool persist_session_cookies) {
*6777b538SAndroid Build Coastguard Worker  DCHECK_CALLED_ON_VALID_THREAD(thread_checker_);
*6777b538SAndroid Build Coastguard Worker  DCHECK(!initialized_);
*6777b538SAndroid Build Coastguard Worker  net_log_.AddEntryWithBoolParams(
*6777b538SAndroid Build Coastguard Worker      NetLogEventType::COOKIE_STORE_SESSION_PERSISTENCE, NetLogEventPhase::NONE,
*6777b538SAndroid Build Coastguard Worker      "persistence", persist_session_cookies);
*6777b538SAndroid Build Coastguard Worker  persist_session_cookies_ = persist_session_cookies;
*6777b538SAndroid Build Coastguard Worker}
*6777b538SAndroid Build Coastguard Worker
*6777b538SAndroid Build Coastguard Workerconst char* const CookieMonster::kDefaultCookieableSchemes[] = {"http", "https",
*6777b538SAndroid Build Coastguard Worker                                                                "ws", "wss"};
*6777b538SAndroid Build Coastguard Workerconst int CookieMonster::kDefaultCookieableSchemesCount =
*6777b538SAndroid Build Coastguard Worker    std::size(kDefaultCookieableSchemes);
*6777b538SAndroid Build Coastguard Worker
*6777b538SAndroid Build Coastguard WorkerCookieChangeDispatcher& CookieMonster::GetChangeDispatcher() {
*6777b538SAndroid Build Coastguard Worker  return change_dispatcher_;
*6777b538SAndroid Build Coastguard Worker}
*6777b538SAndroid Build Coastguard Worker
*6777b538SAndroid Build Coastguard WorkerCookieMonster::~CookieMonster() {
*6777b538SAndroid Build Coastguard Worker  DCHECK_CALLED_ON_VALID_THREAD(thread_checker_);
*6777b538SAndroid Build Coastguard Worker  net_log_.EndEvent(NetLogEventType::COOKIE_STORE_ALIVE);
*6777b538SAndroid Build Coastguard Worker}
*6777b538SAndroid Build Coastguard Worker
*6777b538SAndroid Build Coastguard Worker// static
*6777b538SAndroid Build Coastguard Workerbool CookieMonster::CookieSorter(const CanonicalCookie* cc1,
*6777b538SAndroid Build Coastguard Worker                                 const CanonicalCookie* cc2) {
*6777b538SAndroid Build Coastguard Worker  // Mozilla sorts on the path length (longest first), and then it sorts by
*6777b538SAndroid Build Coastguard Worker  // creation time (oldest first).  The RFC says the sort order for the domain
*6777b538SAndroid Build Coastguard Worker  // attribute is undefined.
*6777b538SAndroid Build Coastguard Worker  if (cc1->Path().length() == cc2->Path().length())
*6777b538SAndroid Build Coastguard Worker    return cc1->CreationDate() < cc2->CreationDate();
*6777b538SAndroid Build Coastguard Worker  return cc1->Path().length() > cc2->Path().length();
*6777b538SAndroid Build Coastguard Worker}
*6777b538SAndroid Build Coastguard Worker
*6777b538SAndroid Build Coastguard Workervoid CookieMonster::GetAllCookies(GetAllCookiesCallback callback) {
*6777b538SAndroid Build Coastguard Worker  DCHECK_CALLED_ON_VALID_THREAD(thread_checker_);
*6777b538SAndroid Build Coastguard Worker
*6777b538SAndroid Build Coastguard Worker  // This function is being called to scrape the cookie list for management UI
*6777b538SAndroid Build Coastguard Worker  // or similar.  We shouldn't show expired cookies in this list since it will
*6777b538SAndroid Build Coastguard Worker  // just be confusing to users, and this function is called rarely enough (and
*6777b538SAndroid Build Coastguard Worker  // is already slow enough) that it's OK to take the time to garbage collect
*6777b538SAndroid Build Coastguard Worker  // the expired cookies now.
*6777b538SAndroid Build Coastguard Worker  //
*6777b538SAndroid Build Coastguard Worker  // Note that this does not prune cookies to be below our limits (if we've
*6777b538SAndroid Build Coastguard Worker  // exceeded them) the way that calling GarbageCollect() would.
*6777b538SAndroid Build Coastguard Worker  GarbageCollectExpired(
*6777b538SAndroid Build Coastguard Worker      Time::Now(), CookieMapItPair(cookies_.begin(), cookies_.end()), nullptr);
*6777b538SAndroid Build Coastguard Worker  GarbageCollectAllExpiredPartitionedCookies(Time::Now());
*6777b538SAndroid Build Coastguard Worker
*6777b538SAndroid Build Coastguard Worker  // Copy the CanonicalCookie pointers from the map so that we can use the same
*6777b538SAndroid Build Coastguard Worker  // sorter as elsewhere, then copy the result out.
*6777b538SAndroid Build Coastguard Worker  std::vector<CanonicalCookie*> cookie_ptrs;
*6777b538SAndroid Build Coastguard Worker  cookie_ptrs.reserve(cookies_.size());
*6777b538SAndroid Build Coastguard Worker  for (const auto& cookie : cookies_)
*6777b538SAndroid Build Coastguard Worker    cookie_ptrs.push_back(cookie.second.get());
*6777b538SAndroid Build Coastguard Worker
*6777b538SAndroid Build Coastguard Worker  for (const auto& cookie_partition : partitioned_cookies_) {
*6777b538SAndroid Build Coastguard Worker    for (const auto& cookie : *cookie_partition.second.get())
*6777b538SAndroid Build Coastguard Worker      cookie_ptrs.push_back(cookie.second.get());
*6777b538SAndroid Build Coastguard Worker  }
*6777b538SAndroid Build Coastguard Worker
*6777b538SAndroid Build Coastguard Worker  std::sort(cookie_ptrs.begin(), cookie_ptrs.end(), CookieSorter);
*6777b538SAndroid Build Coastguard Worker
*6777b538SAndroid Build Coastguard Worker  CookieList cookie_list;
*6777b538SAndroid Build Coastguard Worker  cookie_list.reserve(cookie_ptrs.size());
*6777b538SAndroid Build Coastguard Worker  for (auto* cookie_ptr : cookie_ptrs)
*6777b538SAndroid Build Coastguard Worker    cookie_list.push_back(*cookie_ptr);
*6777b538SAndroid Build Coastguard Worker
*6777b538SAndroid Build Coastguard Worker  MaybeRunCookieCallback(std::move(callback), cookie_list);
*6777b538SAndroid Build Coastguard Worker}
*6777b538SAndroid Build Coastguard Worker
*6777b538SAndroid Build Coastguard Workervoid CookieMonster::AttachAccessSemanticsListForCookieList(
*6777b538SAndroid Build Coastguard Worker    GetAllCookiesWithAccessSemanticsCallback callback,
*6777b538SAndroid Build Coastguard Worker    const CookieList& cookie_list) {
*6777b538SAndroid Build Coastguard Worker  std::vector<CookieAccessSemantics> access_semantics_list;
*6777b538SAndroid Build Coastguard Worker  for (const CanonicalCookie& cookie : cookie_list) {
*6777b538SAndroid Build Coastguard Worker    access_semantics_list.push_back(GetAccessSemanticsForCookie(cookie));
*6777b538SAndroid Build Coastguard Worker  }
*6777b538SAndroid Build Coastguard Worker  MaybeRunCookieCallback(std::move(callback), cookie_list,
*6777b538SAndroid Build Coastguard Worker                         access_semantics_list);
*6777b538SAndroid Build Coastguard Worker}
*6777b538SAndroid Build Coastguard Worker
*6777b538SAndroid Build Coastguard Workervoid CookieMonster::GetCookieListWithOptions(
*6777b538SAndroid Build Coastguard Worker    const GURL& url,
*6777b538SAndroid Build Coastguard Worker    const CookieOptions& options,
*6777b538SAndroid Build Coastguard Worker    const CookiePartitionKeyCollection& cookie_partition_key_collection,
*6777b538SAndroid Build Coastguard Worker    GetCookieListCallback callback) {
*6777b538SAndroid Build Coastguard Worker  DCHECK_CALLED_ON_VALID_THREAD(thread_checker_);
*6777b538SAndroid Build Coastguard Worker
*6777b538SAndroid Build Coastguard Worker  CookieAccessResultList included_cookies;
*6777b538SAndroid Build Coastguard Worker  CookieAccessResultList excluded_cookies;
*6777b538SAndroid Build Coastguard Worker  if (HasCookieableScheme(url)) {
*6777b538SAndroid Build Coastguard Worker    std::vector<CanonicalCookie*> cookie_ptrs;
*6777b538SAndroid Build Coastguard Worker    if (IncludeUnpartitionedCookies(cookie_partition_key_collection)) {
*6777b538SAndroid Build Coastguard Worker      cookie_ptrs = FindCookiesForRegistryControlledHost(url);
*6777b538SAndroid Build Coastguard Worker    } else {
*6777b538SAndroid Build Coastguard Worker      DCHECK(!cookie_partition_key_collection.IsEmpty());
*6777b538SAndroid Build Coastguard Worker    }
*6777b538SAndroid Build Coastguard Worker
*6777b538SAndroid Build Coastguard Worker    if (!cookie_partition_key_collection.IsEmpty()) {
*6777b538SAndroid Build Coastguard Worker      if (cookie_partition_key_collection.ContainsAllKeys()) {
*6777b538SAndroid Build Coastguard Worker        for (const auto& it : partitioned_cookies_) {
*6777b538SAndroid Build Coastguard Worker          std::vector<CanonicalCookie*> partitioned_cookie_ptrs =
*6777b538SAndroid Build Coastguard Worker              FindPartitionedCookiesForRegistryControlledHost(it.first, url);
*6777b538SAndroid Build Coastguard Worker          cookie_ptrs.insert(cookie_ptrs.end(), partitioned_cookie_ptrs.begin(),
*6777b538SAndroid Build Coastguard Worker                             partitioned_cookie_ptrs.end());
*6777b538SAndroid Build Coastguard Worker        }
*6777b538SAndroid Build Coastguard Worker      } else {
*6777b538SAndroid Build Coastguard Worker        for (const CookiePartitionKey& key :
*6777b538SAndroid Build Coastguard Worker             cookie_partition_key_collection.PartitionKeys()) {
*6777b538SAndroid Build Coastguard Worker          std::vector<CanonicalCookie*> partitioned_cookie_ptrs =
*6777b538SAndroid Build Coastguard Worker              FindPartitionedCookiesForRegistryControlledHost(key, url);
*6777b538SAndroid Build Coastguard Worker          cookie_ptrs.insert(cookie_ptrs.end(), partitioned_cookie_ptrs.begin(),
*6777b538SAndroid Build Coastguard Worker                             partitioned_cookie_ptrs.end());
*6777b538SAndroid Build Coastguard Worker        }
*6777b538SAndroid Build Coastguard Worker      }
*6777b538SAndroid Build Coastguard Worker    }
*6777b538SAndroid Build Coastguard Worker    std::sort(cookie_ptrs.begin(), cookie_ptrs.end(), CookieSorter);
*6777b538SAndroid Build Coastguard Worker
*6777b538SAndroid Build Coastguard Worker    included_cookies.reserve(cookie_ptrs.size());
*6777b538SAndroid Build Coastguard Worker    FilterCookiesWithOptions(url, options, &cookie_ptrs, &included_cookies,
*6777b538SAndroid Build Coastguard Worker                             &excluded_cookies);
*6777b538SAndroid Build Coastguard Worker  }
*6777b538SAndroid Build Coastguard Worker
*6777b538SAndroid Build Coastguard Worker  MaybeRunCookieCallback(std::move(callback), included_cookies,
*6777b538SAndroid Build Coastguard Worker                         excluded_cookies);
*6777b538SAndroid Build Coastguard Worker}
*6777b538SAndroid Build Coastguard Worker
*6777b538SAndroid Build Coastguard Workervoid CookieMonster::DeleteAllCreatedInTimeRange(const TimeRange& creation_range,
*6777b538SAndroid Build Coastguard Worker                                                DeleteCallback callback) {
*6777b538SAndroid Build Coastguard Worker  DCHECK_CALLED_ON_VALID_THREAD(thread_checker_);
*6777b538SAndroid Build Coastguard Worker
*6777b538SAndroid Build Coastguard Worker  uint32_t num_deleted = 0;
*6777b538SAndroid Build Coastguard Worker  for (auto it = cookies_.begin(); it != cookies_.end();) {
*6777b538SAndroid Build Coastguard Worker    auto curit = it;
*6777b538SAndroid Build Coastguard Worker    CanonicalCookie* cc = curit->second.get();
*6777b538SAndroid Build Coastguard Worker    ++it;
*6777b538SAndroid Build Coastguard Worker
*6777b538SAndroid Build Coastguard Worker    if (creation_range.Contains(cc->CreationDate())) {
*6777b538SAndroid Build Coastguard Worker      InternalDeleteCookie(curit, true, /*sync_to_store*/
*6777b538SAndroid Build Coastguard Worker                           DELETE_COOKIE_EXPLICIT);
*6777b538SAndroid Build Coastguard Worker      ++num_deleted;
*6777b538SAndroid Build Coastguard Worker    }
*6777b538SAndroid Build Coastguard Worker  }
*6777b538SAndroid Build Coastguard Worker
*6777b538SAndroid Build Coastguard Worker  for (PartitionedCookieMap::iterator partition_it =
*6777b538SAndroid Build Coastguard Worker           partitioned_cookies_.begin();
*6777b538SAndroid Build Coastguard Worker       partition_it != partitioned_cookies_.end();) {
*6777b538SAndroid Build Coastguard Worker    auto cur_partition_it = partition_it;
*6777b538SAndroid Build Coastguard Worker    CookieMap::iterator cookie_it = cur_partition_it->second->begin();
*6777b538SAndroid Build Coastguard Worker    CookieMap::iterator cookie_end = cur_partition_it->second->end();
*6777b538SAndroid Build Coastguard Worker    // InternalDeletePartitionedCookie may delete this cookie partition if it
*6777b538SAndroid Build Coastguard Worker    // only has one cookie, so we need to increment the iterator beforehand.
*6777b538SAndroid Build Coastguard Worker    ++partition_it;
*6777b538SAndroid Build Coastguard Worker
*6777b538SAndroid Build Coastguard Worker    while (cookie_it != cookie_end) {
*6777b538SAndroid Build Coastguard Worker      auto cur_cookie_it = cookie_it;
*6777b538SAndroid Build Coastguard Worker      CanonicalCookie* cc = cur_cookie_it->second.get();
*6777b538SAndroid Build Coastguard Worker      ++cookie_it;
*6777b538SAndroid Build Coastguard Worker
*6777b538SAndroid Build Coastguard Worker      if (creation_range.Contains(cc->CreationDate())) {
*6777b538SAndroid Build Coastguard Worker        InternalDeletePartitionedCookie(cur_partition_it, cur_cookie_it,
*6777b538SAndroid Build Coastguard Worker                                        true /*sync_to_store*/,
*6777b538SAndroid Build Coastguard Worker                                        DELETE_COOKIE_EXPLICIT);
*6777b538SAndroid Build Coastguard Worker        ++num_deleted;
*6777b538SAndroid Build Coastguard Worker      }
*6777b538SAndroid Build Coastguard Worker    }
*6777b538SAndroid Build Coastguard Worker  }
*6777b538SAndroid Build Coastguard Worker
*6777b538SAndroid Build Coastguard Worker  FlushStore(
*6777b538SAndroid Build Coastguard Worker      base::BindOnce(&MaybeRunDeleteCallback, weak_ptr_factory_.GetWeakPtr(),
*6777b538SAndroid Build Coastguard Worker                     callback ? base::BindOnce(std::move(callback), num_deleted)
*6777b538SAndroid Build Coastguard Worker                              : base::OnceClosure()));
*6777b538SAndroid Build Coastguard Worker}
*6777b538SAndroid Build Coastguard Worker
*6777b538SAndroid Build Coastguard Workerbool CookieMonster::MatchCookieDeletionInfo(
*6777b538SAndroid Build Coastguard Worker    const CookieDeletionInfo& delete_info,
*6777b538SAndroid Build Coastguard Worker    const net::CanonicalCookie& cookie) {
*6777b538SAndroid Build Coastguard Worker  bool delegate_treats_url_as_trustworthy = false;  // irrelevant if no URL.
*6777b538SAndroid Build Coastguard Worker  if (delete_info.url.has_value()) {
*6777b538SAndroid Build Coastguard Worker    delegate_treats_url_as_trustworthy =
*6777b538SAndroid Build Coastguard Worker        cookie_access_delegate() &&
*6777b538SAndroid Build Coastguard Worker        cookie_access_delegate()->ShouldTreatUrlAsTrustworthy(
*6777b538SAndroid Build Coastguard Worker            delete_info.url.value());
*6777b538SAndroid Build Coastguard Worker  }
*6777b538SAndroid Build Coastguard Worker
*6777b538SAndroid Build Coastguard Worker  return delete_info.Matches(
*6777b538SAndroid Build Coastguard Worker      cookie, CookieAccessParams{GetAccessSemanticsForCookie(cookie),
*6777b538SAndroid Build Coastguard Worker                                 delegate_treats_url_as_trustworthy});
*6777b538SAndroid Build Coastguard Worker}
*6777b538SAndroid Build Coastguard Worker
*6777b538SAndroid Build Coastguard Workervoid CookieMonster::DeleteCanonicalCookie(const CanonicalCookie& cookie,
*6777b538SAndroid Build Coastguard Worker                                          DeleteCallback callback) {
*6777b538SAndroid Build Coastguard Worker  DCHECK_CALLED_ON_VALID_THREAD(thread_checker_);
*6777b538SAndroid Build Coastguard Worker  uint32_t result = 0u;
*6777b538SAndroid Build Coastguard Worker  CookieMap* cookie_map = nullptr;
*6777b538SAndroid Build Coastguard Worker  PartitionedCookieMap::iterator cookie_partition_it;
*6777b538SAndroid Build Coastguard Worker
*6777b538SAndroid Build Coastguard Worker  if (cookie.IsPartitioned()) {
*6777b538SAndroid Build Coastguard Worker    cookie_partition_it =
*6777b538SAndroid Build Coastguard Worker        partitioned_cookies_.find(cookie.PartitionKey().value());
*6777b538SAndroid Build Coastguard Worker    if (cookie_partition_it != partitioned_cookies_.end())
*6777b538SAndroid Build Coastguard Worker      cookie_map = cookie_partition_it->second.get();
*6777b538SAndroid Build Coastguard Worker  } else {
*6777b538SAndroid Build Coastguard Worker    cookie_map = &cookies_;
*6777b538SAndroid Build Coastguard Worker  }
*6777b538SAndroid Build Coastguard Worker  if (cookie_map) {
*6777b538SAndroid Build Coastguard Worker    for (CookieMapItPair its = cookie_map->equal_range(GetKey(cookie.Domain()));
*6777b538SAndroid Build Coastguard Worker         its.first != its.second; ++its.first) {
*6777b538SAndroid Build Coastguard Worker      const std::unique_ptr<CanonicalCookie>& candidate = its.first->second;
*6777b538SAndroid Build Coastguard Worker      // Historically, this has refused modification if the cookie has changed
*6777b538SAndroid Build Coastguard Worker      // value in between the CanonicalCookie object was returned by a getter
*6777b538SAndroid Build Coastguard Worker      // and when this ran.  The later parts of the conditional (everything but
*6777b538SAndroid Build Coastguard Worker      // the equivalence check) attempt to preserve this behavior.
*6777b538SAndroid Build Coastguard Worker      if (candidate->IsEquivalent(cookie) &&
*6777b538SAndroid Build Coastguard Worker          candidate->Value() == cookie.Value()) {
*6777b538SAndroid Build Coastguard Worker        if (cookie.IsPartitioned()) {
*6777b538SAndroid Build Coastguard Worker          InternalDeletePartitionedCookie(cookie_partition_it, its.first, true,
*6777b538SAndroid Build Coastguard Worker                                          DELETE_COOKIE_EXPLICIT);
*6777b538SAndroid Build Coastguard Worker        } else {
*6777b538SAndroid Build Coastguard Worker          InternalDeleteCookie(its.first, true, DELETE_COOKIE_EXPLICIT);
*6777b538SAndroid Build Coastguard Worker        }
*6777b538SAndroid Build Coastguard Worker        result = 1u;
*6777b538SAndroid Build Coastguard Worker        break;
*6777b538SAndroid Build Coastguard Worker      }
*6777b538SAndroid Build Coastguard Worker    }
*6777b538SAndroid Build Coastguard Worker  }
*6777b538SAndroid Build Coastguard Worker  FlushStore(
*6777b538SAndroid Build Coastguard Worker      base::BindOnce(&MaybeRunDeleteCallback, weak_ptr_factory_.GetWeakPtr(),
*6777b538SAndroid Build Coastguard Worker                     callback ? base::BindOnce(std::move(callback), result)
*6777b538SAndroid Build Coastguard Worker                              : base::OnceClosure()));
*6777b538SAndroid Build Coastguard Worker}
*6777b538SAndroid Build Coastguard Worker
*6777b538SAndroid Build Coastguard Workervoid CookieMonster::DeleteMatchingCookies(DeletePredicate predicate,
*6777b538SAndroid Build Coastguard Worker                                          DeletionCause cause,
*6777b538SAndroid Build Coastguard Worker                                          DeleteCallback callback) {
*6777b538SAndroid Build Coastguard Worker  DCHECK_CALLED_ON_VALID_THREAD(thread_checker_);
*6777b538SAndroid Build Coastguard Worker  DCHECK(predicate);
*6777b538SAndroid Build Coastguard Worker
*6777b538SAndroid Build Coastguard Worker  uint32_t num_deleted = 0;
*6777b538SAndroid Build Coastguard Worker  for (auto it = cookies_.begin(); it != cookies_.end();) {
*6777b538SAndroid Build Coastguard Worker    auto curit = it;
*6777b538SAndroid Build Coastguard Worker    CanonicalCookie* cc = curit->second.get();
*6777b538SAndroid Build Coastguard Worker    ++it;
*6777b538SAndroid Build Coastguard Worker    if (predicate.Run(*cc)) {
*6777b538SAndroid Build Coastguard Worker      InternalDeleteCookie(curit, true /*sync_to_store*/, cause);
*6777b538SAndroid Build Coastguard Worker      ++num_deleted;
*6777b538SAndroid Build Coastguard Worker    }
*6777b538SAndroid Build Coastguard Worker  }
*6777b538SAndroid Build Coastguard Worker  for (auto partition_it = partitioned_cookies_.begin();
*6777b538SAndroid Build Coastguard Worker       partition_it != partitioned_cookies_.end();) {
*6777b538SAndroid Build Coastguard Worker    // InternalDeletePartitionedCookie may invalidate |partition_it| if that
*6777b538SAndroid Build Coastguard Worker    // cookie partition only has one cookie.
*6777b538SAndroid Build Coastguard Worker    auto cur_partition_it = partition_it;
*6777b538SAndroid Build Coastguard Worker    CookieMap::iterator cookie_it = cur_partition_it->second->begin();
*6777b538SAndroid Build Coastguard Worker    CookieMap::iterator cookie_end = cur_partition_it->second->end();
*6777b538SAndroid Build Coastguard Worker    ++partition_it;
*6777b538SAndroid Build Coastguard Worker
*6777b538SAndroid Build Coastguard Worker    while (cookie_it != cookie_end) {
*6777b538SAndroid Build Coastguard Worker      auto cur_cookie_it = cookie_it;
*6777b538SAndroid Build Coastguard Worker      CanonicalCookie* cc = cur_cookie_it->second.get();
*6777b538SAndroid Build Coastguard Worker      ++cookie_it;
*6777b538SAndroid Build Coastguard Worker
*6777b538SAndroid Build Coastguard Worker      if (predicate.Run(*cc)) {
*6777b538SAndroid Build Coastguard Worker        InternalDeletePartitionedCookie(cur_partition_it, cur_cookie_it, true,
*6777b538SAndroid Build Coastguard Worker                                        cause);
*6777b538SAndroid Build Coastguard Worker        ++num_deleted;
*6777b538SAndroid Build Coastguard Worker      }
*6777b538SAndroid Build Coastguard Worker    }
*6777b538SAndroid Build Coastguard Worker  }
*6777b538SAndroid Build Coastguard Worker
*6777b538SAndroid Build Coastguard Worker  FlushStore(
*6777b538SAndroid Build Coastguard Worker      base::BindOnce(&MaybeRunDeleteCallback, weak_ptr_factory_.GetWeakPtr(),
*6777b538SAndroid Build Coastguard Worker                     callback ? base::BindOnce(std::move(callback), num_deleted)
*6777b538SAndroid Build Coastguard Worker                              : base::OnceClosure()));
*6777b538SAndroid Build Coastguard Worker}
*6777b538SAndroid Build Coastguard Worker
*6777b538SAndroid Build Coastguard Workervoid CookieMonster::MarkCookieStoreAsInitialized() {
*6777b538SAndroid Build Coastguard Worker  DCHECK_CALLED_ON_VALID_THREAD(thread_checker_);
*6777b538SAndroid Build Coastguard Worker  initialized_ = true;
*6777b538SAndroid Build Coastguard Worker}
*6777b538SAndroid Build Coastguard Worker
*6777b538SAndroid Build Coastguard Workervoid CookieMonster::FetchAllCookiesIfNecessary() {
*6777b538SAndroid Build Coastguard Worker  DCHECK_CALLED_ON_VALID_THREAD(thread_checker_);
*6777b538SAndroid Build Coastguard Worker  if (store_.get() && !started_fetching_all_cookies_) {
*6777b538SAndroid Build Coastguard Worker    started_fetching_all_cookies_ = true;
*6777b538SAndroid Build Coastguard Worker    FetchAllCookies();
*6777b538SAndroid Build Coastguard Worker  }
*6777b538SAndroid Build Coastguard Worker}
*6777b538SAndroid Build Coastguard Worker
*6777b538SAndroid Build Coastguard Workervoid CookieMonster::FetchAllCookies() {
*6777b538SAndroid Build Coastguard Worker  DCHECK_CALLED_ON_VALID_THREAD(thread_checker_);
*6777b538SAndroid Build Coastguard Worker  DCHECK(store_.get()) << "Store must exist to initialize";
*6777b538SAndroid Build Coastguard Worker  DCHECK(!finished_fetching_all_cookies_)
*6777b538SAndroid Build Coastguard Worker      << "All cookies have already been fetched.";
*6777b538SAndroid Build Coastguard Worker
*6777b538SAndroid Build Coastguard Worker  // We bind in the current time so that we can report the wall-clock time for
*6777b538SAndroid Build Coastguard Worker  // loading cookies.
*6777b538SAndroid Build Coastguard Worker  store_->Load(base::BindOnce(&CookieMonster::OnLoaded,
*6777b538SAndroid Build Coastguard Worker                              weak_ptr_factory_.GetWeakPtr(), TimeTicks::Now()),
*6777b538SAndroid Build Coastguard Worker               net_log_);
*6777b538SAndroid Build Coastguard Worker}
*6777b538SAndroid Build Coastguard Worker
*6777b538SAndroid Build Coastguard Workervoid CookieMonster::OnLoaded(
*6777b538SAndroid Build Coastguard Worker    TimeTicks beginning_time,
*6777b538SAndroid Build Coastguard Worker    std::vector<std::unique_ptr<CanonicalCookie>> cookies) {
*6777b538SAndroid Build Coastguard Worker  DCHECK_CALLED_ON_VALID_THREAD(thread_checker_);
*6777b538SAndroid Build Coastguard Worker  StoreLoadedCookies(std::move(cookies));
*6777b538SAndroid Build Coastguard Worker  base::UmaHistogramCustomTimes("Cookie.TimeBlockedOnLoad",
*6777b538SAndroid Build Coastguard Worker                                base::TimeTicks::Now() - beginning_time,
*6777b538SAndroid Build Coastguard Worker                                base::Milliseconds(1), base::Minutes(1), 50);
*6777b538SAndroid Build Coastguard Worker
*6777b538SAndroid Build Coastguard Worker  // Invoke the task queue of cookie request.
*6777b538SAndroid Build Coastguard Worker  InvokeQueue();
*6777b538SAndroid Build Coastguard Worker}
*6777b538SAndroid Build Coastguard Worker
*6777b538SAndroid Build Coastguard Workervoid CookieMonster::OnKeyLoaded(
*6777b538SAndroid Build Coastguard Worker    const std::string& key,
*6777b538SAndroid Build Coastguard Worker    std::vector<std::unique_ptr<CanonicalCookie>> cookies) {
*6777b538SAndroid Build Coastguard Worker  DCHECK_CALLED_ON_VALID_THREAD(thread_checker_);
*6777b538SAndroid Build Coastguard Worker
*6777b538SAndroid Build Coastguard Worker  StoreLoadedCookies(std::move(cookies));
*6777b538SAndroid Build Coastguard Worker
*6777b538SAndroid Build Coastguard Worker  auto tasks_pending_for_key = tasks_pending_for_key_.find(key);
*6777b538SAndroid Build Coastguard Worker
*6777b538SAndroid Build Coastguard Worker  // TODO(mmenke): Can this be turned into a DCHECK?
*6777b538SAndroid Build Coastguard Worker  if (tasks_pending_for_key == tasks_pending_for_key_.end())
*6777b538SAndroid Build Coastguard Worker    return;
*6777b538SAndroid Build Coastguard Worker
*6777b538SAndroid Build Coastguard Worker  // Run all tasks for the key. Note that running a task can result in multiple
*6777b538SAndroid Build Coastguard Worker  // tasks being added to the back of the deque.
*6777b538SAndroid Build Coastguard Worker  while (!tasks_pending_for_key->second.empty()) {
*6777b538SAndroid Build Coastguard Worker    base::OnceClosure task = std::move(tasks_pending_for_key->second.front());
*6777b538SAndroid Build Coastguard Worker    tasks_pending_for_key->second.pop_front();
*6777b538SAndroid Build Coastguard Worker    std::move(task).Run();
*6777b538SAndroid Build Coastguard Worker  }
*6777b538SAndroid Build Coastguard Worker
*6777b538SAndroid Build Coastguard Worker  tasks_pending_for_key_.erase(tasks_pending_for_key);
*6777b538SAndroid Build Coastguard Worker
*6777b538SAndroid Build Coastguard Worker  // This has to be done last, in case running a task queues a new task for the
*6777b538SAndroid Build Coastguard Worker  // key, to ensure tasks are run in the correct order.
*6777b538SAndroid Build Coastguard Worker  keys_loaded_.insert(key);
*6777b538SAndroid Build Coastguard Worker}
*6777b538SAndroid Build Coastguard Worker
*6777b538SAndroid Build Coastguard Workervoid CookieMonster::StoreLoadedCookies(
*6777b538SAndroid Build Coastguard Worker    std::vector<std::unique_ptr<CanonicalCookie>> cookies) {
*6777b538SAndroid Build Coastguard Worker  DCHECK_CALLED_ON_VALID_THREAD(thread_checker_);
*6777b538SAndroid Build Coastguard Worker
*6777b538SAndroid Build Coastguard Worker  // Even if a key is expired, insert it so it can be garbage collected,
*6777b538SAndroid Build Coastguard Worker  // removed, and sync'd.
*6777b538SAndroid Build Coastguard Worker  CookieItVector cookies_with_control_chars;
*6777b538SAndroid Build Coastguard Worker  std::vector<PartitionedCookieMapIterators>
*6777b538SAndroid Build Coastguard Worker      partitioned_cookies_with_control_chars;
*6777b538SAndroid Build Coastguard Worker
*6777b538SAndroid Build Coastguard Worker  for (auto& cookie : cookies) {
*6777b538SAndroid Build Coastguard Worker    CanonicalCookie* cookie_ptr = cookie.get();
*6777b538SAndroid Build Coastguard Worker    CookieAccessResult access_result;
*6777b538SAndroid Build Coastguard Worker    access_result.access_semantics = CookieAccessSemantics::UNKNOWN;
*6777b538SAndroid Build Coastguard Worker
*6777b538SAndroid Build Coastguard Worker    if (cookie_ptr->IsPartitioned()) {
*6777b538SAndroid Build Coastguard Worker      auto inserted = InternalInsertPartitionedCookie(
*6777b538SAndroid Build Coastguard Worker          GetKey(cookie_ptr->Domain()), std::move(cookie),
*6777b538SAndroid Build Coastguard Worker          false /* sync_to_store */, access_result,
*6777b538SAndroid Build Coastguard Worker          false /* dispatch_change */);
*6777b538SAndroid Build Coastguard Worker      if (ContainsControlCharacter(cookie_ptr->Name()) ||
*6777b538SAndroid Build Coastguard Worker          ContainsControlCharacter(cookie_ptr->Value())) {
*6777b538SAndroid Build Coastguard Worker        partitioned_cookies_with_control_chars.push_back(inserted);
*6777b538SAndroid Build Coastguard Worker      }
*6777b538SAndroid Build Coastguard Worker    } else {
*6777b538SAndroid Build Coastguard Worker      auto inserted =
*6777b538SAndroid Build Coastguard Worker          InternalInsertCookie(GetKey(cookie_ptr->Domain()), std::move(cookie),
*6777b538SAndroid Build Coastguard Worker                               false /* sync_to_store */, access_result,
*6777b538SAndroid Build Coastguard Worker                               false /* dispatch_change */);
*6777b538SAndroid Build Coastguard Worker
*6777b538SAndroid Build Coastguard Worker      if (ContainsControlCharacter(cookie_ptr->Name()) ||
*6777b538SAndroid Build Coastguard Worker          ContainsControlCharacter(cookie_ptr->Value())) {
*6777b538SAndroid Build Coastguard Worker        cookies_with_control_chars.push_back(inserted);
*6777b538SAndroid Build Coastguard Worker      }
*6777b538SAndroid Build Coastguard Worker    }
*6777b538SAndroid Build Coastguard Worker
*6777b538SAndroid Build Coastguard Worker    const Time cookie_access_time(cookie_ptr->LastAccessDate());
*6777b538SAndroid Build Coastguard Worker    if (earliest_access_time_.is_null() ||
*6777b538SAndroid Build Coastguard Worker        cookie_access_time < earliest_access_time_) {
*6777b538SAndroid Build Coastguard Worker      earliest_access_time_ = cookie_access_time;
*6777b538SAndroid Build Coastguard Worker    }
*6777b538SAndroid Build Coastguard Worker  }
*6777b538SAndroid Build Coastguard Worker
*6777b538SAndroid Build Coastguard Worker  // Any cookies that contain control characters that we have loaded from the
*6777b538SAndroid Build Coastguard Worker  // persistent store should be deleted. See http://crbug.com/238041.
*6777b538SAndroid Build Coastguard Worker  for (auto it = cookies_with_control_chars.begin();
*6777b538SAndroid Build Coastguard Worker       it != cookies_with_control_chars.end();) {
*6777b538SAndroid Build Coastguard Worker    auto curit = it;
*6777b538SAndroid Build Coastguard Worker    ++it;
*6777b538SAndroid Build Coastguard Worker    InternalDeleteCookie(*curit, true, DELETE_COOKIE_CONTROL_CHAR);
*6777b538SAndroid Build Coastguard Worker  }
*6777b538SAndroid Build Coastguard Worker  for (auto it = partitioned_cookies_with_control_chars.begin();
*6777b538SAndroid Build Coastguard Worker       it != partitioned_cookies_with_control_chars.end();) {
*6777b538SAndroid Build Coastguard Worker    // InternalDeletePartitionedCookie may invalidate the current iterator, so
*6777b538SAndroid Build Coastguard Worker    // we increment the iterator in the loop before calling the function.
*6777b538SAndroid Build Coastguard Worker    auto curit = it;
*6777b538SAndroid Build Coastguard Worker    ++it;
*6777b538SAndroid Build Coastguard Worker    InternalDeletePartitionedCookie(curit->first, curit->second, true,
*6777b538SAndroid Build Coastguard Worker                                    DELETE_COOKIE_CONTROL_CHAR);
*6777b538SAndroid Build Coastguard Worker  }
*6777b538SAndroid Build Coastguard Worker
*6777b538SAndroid Build Coastguard Worker  // After importing cookies from the PersistentCookieStore, verify that
*6777b538SAndroid Build Coastguard Worker  // none of our other constraints are violated.
*6777b538SAndroid Build Coastguard Worker  // In particular, the backing store might have given us duplicate cookies.
*6777b538SAndroid Build Coastguard Worker
*6777b538SAndroid Build Coastguard Worker  // This method could be called multiple times due to priority loading, thus
*6777b538SAndroid Build Coastguard Worker  // cookies loaded in previous runs will be validated again, but this is OK
*6777b538SAndroid Build Coastguard Worker  // since they are expected to be much fewer than total DB.
*6777b538SAndroid Build Coastguard Worker  EnsureCookiesMapIsValid();
*6777b538SAndroid Build Coastguard Worker}
*6777b538SAndroid Build Coastguard Worker
*6777b538SAndroid Build Coastguard Workervoid CookieMonster::InvokeQueue() {
*6777b538SAndroid Build Coastguard Worker  DCHECK_CALLED_ON_VALID_THREAD(thread_checker_);
*6777b538SAndroid Build Coastguard Worker
*6777b538SAndroid Build Coastguard Worker  // Move all per-key tasks into the global queue, if there are any.  This is
*6777b538SAndroid Build Coastguard Worker  // protection about a race where the store learns about all cookies loading
*6777b538SAndroid Build Coastguard Worker  // before it learned about the cookies for a key loading.
*6777b538SAndroid Build Coastguard Worker
*6777b538SAndroid Build Coastguard Worker  // Needed to prevent any recursively queued tasks from going back into the
*6777b538SAndroid Build Coastguard Worker  // per-key queues.
*6777b538SAndroid Build Coastguard Worker  seen_global_task_ = true;
*6777b538SAndroid Build Coastguard Worker  for (auto& tasks_for_key : tasks_pending_for_key_) {
*6777b538SAndroid Build Coastguard Worker    tasks_pending_.insert(tasks_pending_.begin(),
*6777b538SAndroid Build Coastguard Worker                          std::make_move_iterator(tasks_for_key.second.begin()),
*6777b538SAndroid Build Coastguard Worker                          std::make_move_iterator(tasks_for_key.second.end()));
*6777b538SAndroid Build Coastguard Worker  }
*6777b538SAndroid Build Coastguard Worker  tasks_pending_for_key_.clear();
*6777b538SAndroid Build Coastguard Worker
*6777b538SAndroid Build Coastguard Worker  while (!tasks_pending_.empty()) {
*6777b538SAndroid Build Coastguard Worker    base::OnceClosure request_task = std::move(tasks_pending_.front());
*6777b538SAndroid Build Coastguard Worker    tasks_pending_.pop_front();
*6777b538SAndroid Build Coastguard Worker    std::move(request_task).Run();
*6777b538SAndroid Build Coastguard Worker  }
*6777b538SAndroid Build Coastguard Worker
*6777b538SAndroid Build Coastguard Worker  DCHECK(tasks_pending_for_key_.empty());
*6777b538SAndroid Build Coastguard Worker
*6777b538SAndroid Build Coastguard Worker  finished_fetching_all_cookies_ = true;
*6777b538SAndroid Build Coastguard Worker  keys_loaded_.clear();
*6777b538SAndroid Build Coastguard Worker}
*6777b538SAndroid Build Coastguard Worker
*6777b538SAndroid Build Coastguard Workervoid CookieMonster::EnsureCookiesMapIsValid() {
*6777b538SAndroid Build Coastguard Worker  DCHECK_CALLED_ON_VALID_THREAD(thread_checker_);
*6777b538SAndroid Build Coastguard Worker
*6777b538SAndroid Build Coastguard Worker  // Iterate through all the of the cookies, grouped by host.
*6777b538SAndroid Build Coastguard Worker  for (auto next = cookies_.begin(); next != cookies_.end();) {
*6777b538SAndroid Build Coastguard Worker    auto cur_range_begin = next;
*6777b538SAndroid Build Coastguard Worker    const std::string key = cur_range_begin->first;  // Keep a copy.
*6777b538SAndroid Build Coastguard Worker    auto cur_range_end = cookies_.upper_bound(key);
*6777b538SAndroid Build Coastguard Worker    next = cur_range_end;
*6777b538SAndroid Build Coastguard Worker
*6777b538SAndroid Build Coastguard Worker    // Ensure no equivalent cookies for this host.
*6777b538SAndroid Build Coastguard Worker    TrimDuplicateCookiesForKey(key, cur_range_begin, cur_range_end,
*6777b538SAndroid Build Coastguard Worker                               std::nullopt);
*6777b538SAndroid Build Coastguard Worker  }
*6777b538SAndroid Build Coastguard Worker
*6777b538SAndroid Build Coastguard Worker  for (auto cookie_partition_it = partitioned_cookies_.begin();
*6777b538SAndroid Build Coastguard Worker       cookie_partition_it != partitioned_cookies_.end();) {
*6777b538SAndroid Build Coastguard Worker    auto cur_cookie_partition_it = cookie_partition_it;
*6777b538SAndroid Build Coastguard Worker    ++cookie_partition_it;
*6777b538SAndroid Build Coastguard Worker
*6777b538SAndroid Build Coastguard Worker    // Iterate through the cookies in this partition, grouped by host.
*6777b538SAndroid Build Coastguard Worker    CookieMap* cookie_partition = cur_cookie_partition_it->second.get();
*6777b538SAndroid Build Coastguard Worker    auto prev_range_end = cookie_partition->begin();
*6777b538SAndroid Build Coastguard Worker    while (prev_range_end != cookie_partition->end()) {
*6777b538SAndroid Build Coastguard Worker      auto cur_range_begin = prev_range_end;
*6777b538SAndroid Build Coastguard Worker      const std::string key = cur_range_begin->first;  // Keep a copy.
*6777b538SAndroid Build Coastguard Worker      auto cur_range_end = cookie_partition->upper_bound(key);
*6777b538SAndroid Build Coastguard Worker      prev_range_end = cur_range_end;
*6777b538SAndroid Build Coastguard Worker
*6777b538SAndroid Build Coastguard Worker      // Ensure no equivalent cookies for this host and cookie partition key.
*6777b538SAndroid Build Coastguard Worker      TrimDuplicateCookiesForKey(key, cur_range_begin, cur_range_end,
*6777b538SAndroid Build Coastguard Worker                                 std::make_optional(cur_cookie_partition_it));
*6777b538SAndroid Build Coastguard Worker    }
*6777b538SAndroid Build Coastguard Worker  }
*6777b538SAndroid Build Coastguard Worker}
*6777b538SAndroid Build Coastguard Worker
*6777b538SAndroid Build Coastguard Worker// Our strategy to find duplicates is:
*6777b538SAndroid Build Coastguard Worker// (1) Build a map from cookie unique key to
*6777b538SAndroid Build Coastguard Worker//     {list of cookies with this signature, sorted by creation time}.
*6777b538SAndroid Build Coastguard Worker// (2) For each list with more than 1 entry, keep the cookie having the
*6777b538SAndroid Build Coastguard Worker//     most recent creation time, and delete the others.
*6777b538SAndroid Build Coastguard Worker//
*6777b538SAndroid Build Coastguard Workervoid CookieMonster::TrimDuplicateCookiesForKey(
*6777b538SAndroid Build Coastguard Worker    const std::string& key,
*6777b538SAndroid Build Coastguard Worker    CookieMap::iterator begin,
*6777b538SAndroid Build Coastguard Worker    CookieMap::iterator end,
*6777b538SAndroid Build Coastguard Worker    std::optional<PartitionedCookieMap::iterator> cookie_partition_it) {
*6777b538SAndroid Build Coastguard Worker  DCHECK_CALLED_ON_VALID_THREAD(thread_checker_);
*6777b538SAndroid Build Coastguard Worker
*6777b538SAndroid Build Coastguard Worker  // Set of cookies ordered by creation time.
*6777b538SAndroid Build Coastguard Worker  typedef std::multiset<CookieMap::iterator, OrderByCreationTimeDesc> CookieSet;
*6777b538SAndroid Build Coastguard Worker
*6777b538SAndroid Build Coastguard Worker  // Helper map we populate to find the duplicates.
*6777b538SAndroid Build Coastguard Worker  typedef std::map<CanonicalCookie::UniqueCookieKey, CookieSet> EquivalenceMap;
*6777b538SAndroid Build Coastguard Worker  typedef std::map<CanonicalCookie::UniqueDomainCookieKey, CookieSet>
*6777b538SAndroid Build Coastguard Worker      DomainEquivalenceMap;
*6777b538SAndroid Build Coastguard Worker  EquivalenceMap equivalent_cookies;
*6777b538SAndroid Build Coastguard Worker  DomainEquivalenceMap equivalent_domain_cookies;
*6777b538SAndroid Build Coastguard Worker
*6777b538SAndroid Build Coastguard Worker  // The number of duplicate cookies that have been found.
*6777b538SAndroid Build Coastguard Worker  int num_duplicates = 0;
*6777b538SAndroid Build Coastguard Worker  int num_domain_duplicates = 0;
*6777b538SAndroid Build Coastguard Worker
*6777b538SAndroid Build Coastguard Worker  // Iterate through all of the cookies in our range, and insert them into
*6777b538SAndroid Build Coastguard Worker  // the equivalence map.
*6777b538SAndroid Build Coastguard Worker  for (auto it = begin; it != end; ++it) {
*6777b538SAndroid Build Coastguard Worker    DCHECK_EQ(key, it->first);
*6777b538SAndroid Build Coastguard Worker    CanonicalCookie* cookie = it->second.get();
*6777b538SAndroid Build Coastguard Worker
*6777b538SAndroid Build Coastguard Worker    if (cookie->IsHostCookie()) {
*6777b538SAndroid Build Coastguard Worker      CanonicalCookie::UniqueCookieKey signature(cookie->UniqueKey());
*6777b538SAndroid Build Coastguard Worker      CookieSet& set = equivalent_cookies[signature];
*6777b538SAndroid Build Coastguard Worker
*6777b538SAndroid Build Coastguard Worker      // We found a duplicate!
*6777b538SAndroid Build Coastguard Worker      if (!set.empty()) {
*6777b538SAndroid Build Coastguard Worker        num_duplicates++;
*6777b538SAndroid Build Coastguard Worker      }
*6777b538SAndroid Build Coastguard Worker
*6777b538SAndroid Build Coastguard Worker      // We save the iterator into |cookies_| rather than the actual cookie
*6777b538SAndroid Build Coastguard Worker      // pointer, since we may need to delete it later.
*6777b538SAndroid Build Coastguard Worker      set.insert(it);
*6777b538SAndroid Build Coastguard Worker    }
*6777b538SAndroid Build Coastguard Worker    // Is a domain cookie.
*6777b538SAndroid Build Coastguard Worker    else {
*6777b538SAndroid Build Coastguard Worker      CanonicalCookie::UniqueDomainCookieKey signature(
*6777b538SAndroid Build Coastguard Worker          cookie->UniqueDomainKey());
*6777b538SAndroid Build Coastguard Worker      CookieSet& domain_set = equivalent_domain_cookies[signature];
*6777b538SAndroid Build Coastguard Worker
*6777b538SAndroid Build Coastguard Worker      // We found a duplicate!
*6777b538SAndroid Build Coastguard Worker      if (!domain_set.empty()) {
*6777b538SAndroid Build Coastguard Worker        num_domain_duplicates++;
*6777b538SAndroid Build Coastguard Worker      }
*6777b538SAndroid Build Coastguard Worker
*6777b538SAndroid Build Coastguard Worker      // We save the iterator into |cookies_| rather than the actual cookie
*6777b538SAndroid Build Coastguard Worker      // pointer, since we may need to delete it later.
*6777b538SAndroid Build Coastguard Worker      domain_set.insert(it);
*6777b538SAndroid Build Coastguard Worker    }
*6777b538SAndroid Build Coastguard Worker  }
*6777b538SAndroid Build Coastguard Worker
*6777b538SAndroid Build Coastguard Worker  // If there were no duplicates, we are done!
*6777b538SAndroid Build Coastguard Worker  if (num_duplicates == 0 && num_domain_duplicates == 0) {
*6777b538SAndroid Build Coastguard Worker    return;
*6777b538SAndroid Build Coastguard Worker  }
*6777b538SAndroid Build Coastguard Worker
*6777b538SAndroid Build Coastguard Worker  // Make sure we find everything below that we did above.
*6777b538SAndroid Build Coastguard Worker  int num_duplicates_found = 0;
*6777b538SAndroid Build Coastguard Worker
*6777b538SAndroid Build Coastguard Worker  // Otherwise, delete all the duplicate host cookies, both from our in-memory
*6777b538SAndroid Build Coastguard Worker  // store and from the backing store.
*6777b538SAndroid Build Coastguard Worker  for (std::pair<const CanonicalCookie::UniqueCookieKey, CookieSet>&
*6777b538SAndroid Build Coastguard Worker           equivalent_cookie : equivalent_cookies) {
*6777b538SAndroid Build Coastguard Worker    const CanonicalCookie::UniqueCookieKey& signature = equivalent_cookie.first;
*6777b538SAndroid Build Coastguard Worker    CookieSet& dupes = equivalent_cookie.second;
*6777b538SAndroid Build Coastguard Worker
*6777b538SAndroid Build Coastguard Worker    if (dupes.size() <= 1) {
*6777b538SAndroid Build Coastguard Worker      continue;  // This cookiename/path has no duplicates.
*6777b538SAndroid Build Coastguard Worker    }
*6777b538SAndroid Build Coastguard Worker
*6777b538SAndroid Build Coastguard Worker    num_duplicates_found += dupes.size() - 1;
*6777b538SAndroid Build Coastguard Worker
*6777b538SAndroid Build Coastguard Worker    // Since |dupes| is sorted by creation time (descending), the first cookie
*6777b538SAndroid Build Coastguard Worker    // is the most recent one (or tied for it), so we will keep it. The rest are
*6777b538SAndroid Build Coastguard Worker    // duplicates.
*6777b538SAndroid Build Coastguard Worker    dupes.erase(dupes.begin());
*6777b538SAndroid Build Coastguard Worker
*6777b538SAndroid Build Coastguard Worker    // TODO(crbug.com/1225444) Include cookie partition key in this log
*6777b538SAndroid Build Coastguard Worker    // statement as well if needed.
*6777b538SAndroid Build Coastguard Worker    // TODO(crbug.com/1170548): Include source scheme and source port.
*6777b538SAndroid Build Coastguard Worker    LOG(ERROR) << base::StringPrintf(
*6777b538SAndroid Build Coastguard Worker        "Found %d duplicate cookies for key='%s', "
*6777b538SAndroid Build Coastguard Worker        "with {name='%s', domain='%s', path='%s'}",
*6777b538SAndroid Build Coastguard Worker        static_cast<int>(dupes.size()), key.c_str(),
*6777b538SAndroid Build Coastguard Worker        std::get<1>(signature).c_str(), std::get<2>(signature).c_str(),
*6777b538SAndroid Build Coastguard Worker        std::get<3>(signature).c_str());
*6777b538SAndroid Build Coastguard Worker
*6777b538SAndroid Build Coastguard Worker    // Remove all the cookies identified by |dupes|. It is valid to delete our
*6777b538SAndroid Build Coastguard Worker    // list of iterators one at a time, since |cookies_| is a multimap (they
*6777b538SAndroid Build Coastguard Worker    // don't invalidate existing iterators following deletion).
*6777b538SAndroid Build Coastguard Worker    for (const CookieMap::iterator& dupe : dupes) {
*6777b538SAndroid Build Coastguard Worker      if (cookie_partition_it) {
*6777b538SAndroid Build Coastguard Worker        InternalDeletePartitionedCookie(
*6777b538SAndroid Build Coastguard Worker            cookie_partition_it.value(), dupe, true,
*6777b538SAndroid Build Coastguard Worker            DELETE_COOKIE_DUPLICATE_IN_BACKING_STORE);
*6777b538SAndroid Build Coastguard Worker      } else {
*6777b538SAndroid Build Coastguard Worker        InternalDeleteCookie(dupe, true,
*6777b538SAndroid Build Coastguard Worker                             DELETE_COOKIE_DUPLICATE_IN_BACKING_STORE);
*6777b538SAndroid Build Coastguard Worker      }
*6777b538SAndroid Build Coastguard Worker    }
*6777b538SAndroid Build Coastguard Worker  }
*6777b538SAndroid Build Coastguard Worker  CHECK_EQ(num_duplicates, num_duplicates_found);
*6777b538SAndroid Build Coastguard Worker
*6777b538SAndroid Build Coastguard Worker  // Do the same again for domain cookies.
*6777b538SAndroid Build Coastguard Worker
*6777b538SAndroid Build Coastguard Worker  if (num_domain_duplicates == 0) {
*6777b538SAndroid Build Coastguard Worker    return;
*6777b538SAndroid Build Coastguard Worker  }
*6777b538SAndroid Build Coastguard Worker
*6777b538SAndroid Build Coastguard Worker  int num_domain_duplicates_found = 0;
*6777b538SAndroid Build Coastguard Worker
*6777b538SAndroid Build Coastguard Worker  for (std::pair<const CanonicalCookie::UniqueDomainCookieKey, CookieSet>&
*6777b538SAndroid Build Coastguard Worker           equivalent_domain_cookie : equivalent_domain_cookies) {
*6777b538SAndroid Build Coastguard Worker    const CanonicalCookie::UniqueDomainCookieKey& signature =
*6777b538SAndroid Build Coastguard Worker        equivalent_domain_cookie.first;
*6777b538SAndroid Build Coastguard Worker    CookieSet& dupes = equivalent_domain_cookie.second;
*6777b538SAndroid Build Coastguard Worker
*6777b538SAndroid Build Coastguard Worker    if (dupes.size() <= 1) {
*6777b538SAndroid Build Coastguard Worker      continue;
*6777b538SAndroid Build Coastguard Worker    }
*6777b538SAndroid Build Coastguard Worker
*6777b538SAndroid Build Coastguard Worker    num_domain_duplicates_found += dupes.size() - 1;
*6777b538SAndroid Build Coastguard Worker
*6777b538SAndroid Build Coastguard Worker    // Since |dupes| is sorted by creation time (descending), the first cookie
*6777b538SAndroid Build Coastguard Worker    // is the most recent one (or tied for it), so we will keep it. The rest are
*6777b538SAndroid Build Coastguard Worker    // duplicates.
*6777b538SAndroid Build Coastguard Worker    dupes.erase(dupes.begin());
*6777b538SAndroid Build Coastguard Worker
*6777b538SAndroid Build Coastguard Worker    // TODO(crbug.com/1225444) Include cookie partition key in this log
*6777b538SAndroid Build Coastguard Worker    // statement as well if needed.
*6777b538SAndroid Build Coastguard Worker    // TODO(crbug.com/1170548): Include source scheme and source port.
*6777b538SAndroid Build Coastguard Worker    LOG(ERROR) << base::StringPrintf(
*6777b538SAndroid Build Coastguard Worker        "Found %d duplicate domain cookies for key='%s', "
*6777b538SAndroid Build Coastguard Worker        "with {name='%s', domain='%s', path='%s'}",
*6777b538SAndroid Build Coastguard Worker        static_cast<int>(dupes.size()), key.c_str(),
*6777b538SAndroid Build Coastguard Worker        std::get<1>(signature).c_str(), std::get<2>(signature).c_str(),
*6777b538SAndroid Build Coastguard Worker        std::get<3>(signature).c_str());
*6777b538SAndroid Build Coastguard Worker
*6777b538SAndroid Build Coastguard Worker    // Remove all the cookies identified by |dupes|. It is valid to delete our
*6777b538SAndroid Build Coastguard Worker    // list of iterators one at a time, since |cookies_| is a multimap (they
*6777b538SAndroid Build Coastguard Worker    // don't invalidate existing iterators following deletion).
*6777b538SAndroid Build Coastguard Worker    for (const CookieMap::iterator& dupe : dupes) {
*6777b538SAndroid Build Coastguard Worker      if (cookie_partition_it) {
*6777b538SAndroid Build Coastguard Worker        InternalDeletePartitionedCookie(
*6777b538SAndroid Build Coastguard Worker            cookie_partition_it.value(), dupe, true,
*6777b538SAndroid Build Coastguard Worker            DELETE_COOKIE_DUPLICATE_IN_BACKING_STORE);
*6777b538SAndroid Build Coastguard Worker      } else {
*6777b538SAndroid Build Coastguard Worker        InternalDeleteCookie(dupe, true,
*6777b538SAndroid Build Coastguard Worker                             DELETE_COOKIE_DUPLICATE_IN_BACKING_STORE);
*6777b538SAndroid Build Coastguard Worker      }
*6777b538SAndroid Build Coastguard Worker    }
*6777b538SAndroid Build Coastguard Worker  }
*6777b538SAndroid Build Coastguard Worker
*6777b538SAndroid Build Coastguard Worker  CHECK_EQ(num_domain_duplicates, num_domain_duplicates_found);
*6777b538SAndroid Build Coastguard Worker}
*6777b538SAndroid Build Coastguard Worker
*6777b538SAndroid Build Coastguard Workerstd::vector<CanonicalCookie*>
*6777b538SAndroid Build Coastguard WorkerCookieMonster::FindCookiesForRegistryControlledHost(
*6777b538SAndroid Build Coastguard Worker    const GURL& url,
*6777b538SAndroid Build Coastguard Worker    CookieMap* cookie_map,
*6777b538SAndroid Build Coastguard Worker    CookieMonster::PartitionedCookieMap::iterator* partition_it) {
*6777b538SAndroid Build Coastguard Worker  DCHECK_CALLED_ON_VALID_THREAD(thread_checker_);
*6777b538SAndroid Build Coastguard Worker
*6777b538SAndroid Build Coastguard Worker  if (!cookie_map)
*6777b538SAndroid Build Coastguard Worker    cookie_map = &cookies_;
*6777b538SAndroid Build Coastguard Worker
*6777b538SAndroid Build Coastguard Worker  Time current_time = Time::Now();
*6777b538SAndroid Build Coastguard Worker
*6777b538SAndroid Build Coastguard Worker  // Retrieve all cookies for a given key
*6777b538SAndroid Build Coastguard Worker  const std::string key(GetKey(url.host_piece()));
*6777b538SAndroid Build Coastguard Worker
*6777b538SAndroid Build Coastguard Worker  std::vector<CanonicalCookie*> cookies;
*6777b538SAndroid Build Coastguard Worker  for (CookieMapItPair its = cookie_map->equal_range(key);
*6777b538SAndroid Build Coastguard Worker       its.first != its.second;) {
*6777b538SAndroid Build Coastguard Worker    auto curit = its.first;
*6777b538SAndroid Build Coastguard Worker    CanonicalCookie* cc = curit->second.get();
*6777b538SAndroid Build Coastguard Worker    ++its.first;
*6777b538SAndroid Build Coastguard Worker
*6777b538SAndroid Build Coastguard Worker    // If the cookie is expired, delete it.
*6777b538SAndroid Build Coastguard Worker    if (cc->IsExpired(current_time)) {
*6777b538SAndroid Build Coastguard Worker      if (cc->IsPartitioned()) {
*6777b538SAndroid Build Coastguard Worker        DCHECK(partition_it);
*6777b538SAndroid Build Coastguard Worker        DCHECK_EQ((*partition_it)->second.get(), cookie_map);
*6777b538SAndroid Build Coastguard Worker        InternalDeletePartitionedCookie(*partition_it, curit, true,
*6777b538SAndroid Build Coastguard Worker                                        DELETE_COOKIE_EXPIRED);
*6777b538SAndroid Build Coastguard Worker      } else {
*6777b538SAndroid Build Coastguard Worker        InternalDeleteCookie(curit, true, DELETE_COOKIE_EXPIRED);
*6777b538SAndroid Build Coastguard Worker      }
*6777b538SAndroid Build Coastguard Worker      continue;
*6777b538SAndroid Build Coastguard Worker    }
*6777b538SAndroid Build Coastguard Worker    cookies.push_back(cc);
*6777b538SAndroid Build Coastguard Worker  }
*6777b538SAndroid Build Coastguard Worker  return cookies;
*6777b538SAndroid Build Coastguard Worker}
*6777b538SAndroid Build Coastguard Worker
*6777b538SAndroid Build Coastguard Workerstd::vector<CanonicalCookie*>
*6777b538SAndroid Build Coastguard WorkerCookieMonster::FindPartitionedCookiesForRegistryControlledHost(
*6777b538SAndroid Build Coastguard Worker    const CookiePartitionKey& cookie_partition_key,
*6777b538SAndroid Build Coastguard Worker    const GURL& url) {
*6777b538SAndroid Build Coastguard Worker  DCHECK_CALLED_ON_VALID_THREAD(thread_checker_);
*6777b538SAndroid Build Coastguard Worker
*6777b538SAndroid Build Coastguard Worker  PartitionedCookieMap::iterator it =
*6777b538SAndroid Build Coastguard Worker      partitioned_cookies_.find(cookie_partition_key);
*6777b538SAndroid Build Coastguard Worker  if (it == partitioned_cookies_.end())
*6777b538SAndroid Build Coastguard Worker    return std::vector<CanonicalCookie*>();
*6777b538SAndroid Build Coastguard Worker
*6777b538SAndroid Build Coastguard Worker  return FindCookiesForRegistryControlledHost(url, it->second.get(), &it);
*6777b538SAndroid Build Coastguard Worker}
*6777b538SAndroid Build Coastguard Worker
*6777b538SAndroid Build Coastguard Workervoid CookieMonster::FilterCookiesWithOptions(
*6777b538SAndroid Build Coastguard Worker    const GURL url,
*6777b538SAndroid Build Coastguard Worker    const CookieOptions options,
*6777b538SAndroid Build Coastguard Worker    std::vector<CanonicalCookie*>* cookie_ptrs,
*6777b538SAndroid Build Coastguard Worker    CookieAccessResultList* included_cookies,
*6777b538SAndroid Build Coastguard Worker    CookieAccessResultList* excluded_cookies) {
*6777b538SAndroid Build Coastguard Worker  DCHECK_CALLED_ON_VALID_THREAD(thread_checker_);
*6777b538SAndroid Build Coastguard Worker
*6777b538SAndroid Build Coastguard Worker  // Probe to save statistics relatively frequently.  We do it here rather
*6777b538SAndroid Build Coastguard Worker  // than in the set path as many websites won't set cookies, and we
*6777b538SAndroid Build Coastguard Worker  // want to collect statistics whenever the browser's being used.
*6777b538SAndroid Build Coastguard Worker  Time current_time = Time::Now();
*6777b538SAndroid Build Coastguard Worker  RecordPeriodicStats(current_time);
*6777b538SAndroid Build Coastguard Worker
*6777b538SAndroid Build Coastguard Worker  bool delegate_treats_url_as_trustworthy =
*6777b538SAndroid Build Coastguard Worker      cookie_access_delegate() &&
*6777b538SAndroid Build Coastguard Worker      cookie_access_delegate()->ShouldTreatUrlAsTrustworthy(url);
*6777b538SAndroid Build Coastguard Worker
*6777b538SAndroid Build Coastguard Worker  std::vector<std::pair<CanonicalCookie*, CookieAccessResult>>
*6777b538SAndroid Build Coastguard Worker      cookies_and_access_results;
*6777b538SAndroid Build Coastguard Worker  cookies_and_access_results.reserve(cookie_ptrs->size());
*6777b538SAndroid Build Coastguard Worker  std::set<std::string> origin_cookie_names;
*6777b538SAndroid Build Coastguard Worker
*6777b538SAndroid Build Coastguard Worker  for (CanonicalCookie* cookie_ptr : *cookie_ptrs) {
*6777b538SAndroid Build Coastguard Worker    // Filter out cookies that should not be included for a request to the
*6777b538SAndroid Build Coastguard Worker    // given |url|. HTTP only cookies are filtered depending on the passed
*6777b538SAndroid Build Coastguard Worker    // cookie |options|.
*6777b538SAndroid Build Coastguard Worker    CookieAccessResult access_result = cookie_ptr->IncludeForRequestURL(
*6777b538SAndroid Build Coastguard Worker        url, options,
*6777b538SAndroid Build Coastguard Worker        CookieAccessParams{GetAccessSemanticsForCookie(*cookie_ptr),
*6777b538SAndroid Build Coastguard Worker                           delegate_treats_url_as_trustworthy});
*6777b538SAndroid Build Coastguard Worker    cookies_and_access_results.emplace_back(cookie_ptr, access_result);
*6777b538SAndroid Build Coastguard Worker
*6777b538SAndroid Build Coastguard Worker    // Record the names of all origin cookies that would be included if both
*6777b538SAndroid Build Coastguard Worker    // kEnablePortBoundCookies and kEnableSchemeBoundCookies are enabled.
*6777b538SAndroid Build Coastguard Worker    //
*6777b538SAndroid Build Coastguard Worker    // We DO want to record origin cookies that are being excluded for path
*6777b538SAndroid Build Coastguard Worker    // reasons, so we'll remove any potential path exclusions.
*6777b538SAndroid Build Coastguard Worker    CookieInclusionStatus status_copy = access_result.status;
*6777b538SAndroid Build Coastguard Worker    status_copy.RemoveExclusionReason(
*6777b538SAndroid Build Coastguard Worker        CookieInclusionStatus::EXCLUDE_NOT_ON_PATH);
*6777b538SAndroid Build Coastguard Worker
*6777b538SAndroid Build Coastguard Worker    bool exclusion_or_warning =
*6777b538SAndroid Build Coastguard Worker        !status_copy.IsInclude() ||
*6777b538SAndroid Build Coastguard Worker        status_copy.HasWarningReason(
*6777b538SAndroid Build Coastguard Worker            CookieInclusionStatus::WARN_SCHEME_MISMATCH) ||
*6777b538SAndroid Build Coastguard Worker        status_copy.HasWarningReason(CookieInclusionStatus::WARN_PORT_MISMATCH);
*6777b538SAndroid Build Coastguard Worker
*6777b538SAndroid Build Coastguard Worker    if (!exclusion_or_warning && cookie_ptr->IsHostCookie()) {
*6777b538SAndroid Build Coastguard Worker      origin_cookie_names.insert(cookie_ptr->Name());
*6777b538SAndroid Build Coastguard Worker    }
*6777b538SAndroid Build Coastguard Worker  }
*6777b538SAndroid Build Coastguard Worker
*6777b538SAndroid Build Coastguard Worker  for (auto& cookie_result : cookies_and_access_results) {
*6777b538SAndroid Build Coastguard Worker    CanonicalCookie* cookie_ptr = cookie_result.first;
*6777b538SAndroid Build Coastguard Worker    CookieAccessResult& access_result = cookie_result.second;
*6777b538SAndroid Build Coastguard Worker
*6777b538SAndroid Build Coastguard Worker    // We want to collect these metrics for cookies that would be included
*6777b538SAndroid Build Coastguard Worker    // without considering shadowing domain cookies.
*6777b538SAndroid Build Coastguard Worker    if (access_result.status.IsInclude()) {
*6777b538SAndroid Build Coastguard Worker      int destination_port = url.EffectiveIntPort();
*6777b538SAndroid Build Coastguard Worker
*6777b538SAndroid Build Coastguard Worker      if (IsLocalhost(url)) {
*6777b538SAndroid Build Coastguard Worker        UMA_HISTOGRAM_ENUMERATION(
*6777b538SAndroid Build Coastguard Worker            "Cookie.Port.Read.Localhost",
*6777b538SAndroid Build Coastguard Worker            ReducePortRangeForCookieHistogram(destination_port));
*6777b538SAndroid Build Coastguard Worker        UMA_HISTOGRAM_ENUMERATION(
*6777b538SAndroid Build Coastguard Worker            "Cookie.Port.ReadDiffersFromSet.Localhost",
*6777b538SAndroid Build Coastguard Worker            IsCookieSentToSamePortThatSetIt(url, cookie_ptr->SourcePort(),
*6777b538SAndroid Build Coastguard Worker                                            cookie_ptr->SourceScheme()));
*6777b538SAndroid Build Coastguard Worker      } else {
*6777b538SAndroid Build Coastguard Worker        UMA_HISTOGRAM_ENUMERATION(
*6777b538SAndroid Build Coastguard Worker            "Cookie.Port.Read.RemoteHost",
*6777b538SAndroid Build Coastguard Worker            ReducePortRangeForCookieHistogram(destination_port));
*6777b538SAndroid Build Coastguard Worker        UMA_HISTOGRAM_ENUMERATION(
*6777b538SAndroid Build Coastguard Worker            "Cookie.Port.ReadDiffersFromSet.RemoteHost",
*6777b538SAndroid Build Coastguard Worker            IsCookieSentToSamePortThatSetIt(url, cookie_ptr->SourcePort(),
*6777b538SAndroid Build Coastguard Worker                                            cookie_ptr->SourceScheme()));
*6777b538SAndroid Build Coastguard Worker      }
*6777b538SAndroid Build Coastguard Worker
*6777b538SAndroid Build Coastguard Worker      if (cookie_ptr->IsDomainCookie()) {
*6777b538SAndroid Build Coastguard Worker        UMA_HISTOGRAM_ENUMERATION(
*6777b538SAndroid Build Coastguard Worker            "Cookie.Port.ReadDiffersFromSet.DomainSet",
*6777b538SAndroid Build Coastguard Worker            IsCookieSentToSamePortThatSetIt(url, cookie_ptr->SourcePort(),
*6777b538SAndroid Build Coastguard Worker                                            cookie_ptr->SourceScheme()));
*6777b538SAndroid Build Coastguard Worker      }
*6777b538SAndroid Build Coastguard Worker    }
*6777b538SAndroid Build Coastguard Worker
*6777b538SAndroid Build Coastguard Worker    // Filter out any domain `cookie_ptr` which are shadowing origin cookies.
*6777b538SAndroid Build Coastguard Worker    // Don't apply domain shadowing exclusion/warning reason if `cookie_ptr` is
*6777b538SAndroid Build Coastguard Worker    // already being excluded/warned for scheme matching reasons (Note, domain
*6777b538SAndroid Build Coastguard Worker    // cookies match every port so they'll never get excluded/warned for port
*6777b538SAndroid Build Coastguard Worker    // reasons).
*6777b538SAndroid Build Coastguard Worker    bool scheme_mismatch =
*6777b538SAndroid Build Coastguard Worker        access_result.status.HasExclusionReason(
*6777b538SAndroid Build Coastguard Worker            CookieInclusionStatus::EXCLUDE_SCHEME_MISMATCH) ||
*6777b538SAndroid Build Coastguard Worker        access_result.status.HasWarningReason(
*6777b538SAndroid Build Coastguard Worker            CookieInclusionStatus::WARN_SCHEME_MISMATCH);
*6777b538SAndroid Build Coastguard Worker
*6777b538SAndroid Build Coastguard Worker    if (cookie_ptr->IsDomainCookie() && !scheme_mismatch &&
*6777b538SAndroid Build Coastguard Worker        origin_cookie_names.count(cookie_ptr->Name())) {
*6777b538SAndroid Build Coastguard Worker      if (cookie_util::IsSchemeBoundCookiesEnabled()) {
*6777b538SAndroid Build Coastguard Worker        access_result.status.AddExclusionReason(
*6777b538SAndroid Build Coastguard Worker            CookieInclusionStatus::EXCLUDE_SHADOWING_DOMAIN);
*6777b538SAndroid Build Coastguard Worker      } else {
*6777b538SAndroid Build Coastguard Worker        access_result.status.AddWarningReason(
*6777b538SAndroid Build Coastguard Worker            CookieInclusionStatus::WARN_SHADOWING_DOMAIN);
*6777b538SAndroid Build Coastguard Worker      }
*6777b538SAndroid Build Coastguard Worker    }
*6777b538SAndroid Build Coastguard Worker
*6777b538SAndroid Build Coastguard Worker    if (!access_result.status.IsInclude()) {
*6777b538SAndroid Build Coastguard Worker      if (options.return_excluded_cookies()) {
*6777b538SAndroid Build Coastguard Worker        excluded_cookies->push_back({*cookie_ptr, access_result});
*6777b538SAndroid Build Coastguard Worker      }
*6777b538SAndroid Build Coastguard Worker      continue;
*6777b538SAndroid Build Coastguard Worker    }
*6777b538SAndroid Build Coastguard Worker
*6777b538SAndroid Build Coastguard Worker    if (options.update_access_time()) {
*6777b538SAndroid Build Coastguard Worker      InternalUpdateCookieAccessTime(cookie_ptr, current_time);
*6777b538SAndroid Build Coastguard Worker    }
*6777b538SAndroid Build Coastguard Worker
*6777b538SAndroid Build Coastguard Worker    included_cookies->push_back({*cookie_ptr, access_result});
*6777b538SAndroid Build Coastguard Worker  }
*6777b538SAndroid Build Coastguard Worker}
*6777b538SAndroid Build Coastguard Worker
*6777b538SAndroid Build Coastguard Workervoid CookieMonster::MaybeDeleteEquivalentCookieAndUpdateStatus(
*6777b538SAndroid Build Coastguard Worker    const std::string& key,
*6777b538SAndroid Build Coastguard Worker    const CanonicalCookie& cookie_being_set,
*6777b538SAndroid Build Coastguard Worker    bool allowed_to_set_secure_cookie,
*6777b538SAndroid Build Coastguard Worker    bool skip_httponly,
*6777b538SAndroid Build Coastguard Worker    bool already_expired,
*6777b538SAndroid Build Coastguard Worker    base::Time* creation_date_to_inherit,
*6777b538SAndroid Build Coastguard Worker    CookieInclusionStatus* status,
*6777b538SAndroid Build Coastguard Worker    std::optional<PartitionedCookieMap::iterator> cookie_partition_it) {
*6777b538SAndroid Build Coastguard Worker  DCHECK_CALLED_ON_VALID_THREAD(thread_checker_);
*6777b538SAndroid Build Coastguard Worker  DCHECK(!status->HasExclusionReason(
*6777b538SAndroid Build Coastguard Worker      CookieInclusionStatus::EXCLUDE_OVERWRITE_SECURE));
*6777b538SAndroid Build Coastguard Worker  DCHECK(!status->HasExclusionReason(
*6777b538SAndroid Build Coastguard Worker      CookieInclusionStatus::EXCLUDE_OVERWRITE_HTTP_ONLY));
*6777b538SAndroid Build Coastguard Worker
*6777b538SAndroid Build Coastguard Worker  CookieMap* cookie_map = &cookies_;
*6777b538SAndroid Build Coastguard Worker  if (cookie_partition_it) {
*6777b538SAndroid Build Coastguard Worker    cookie_map = cookie_partition_it.value()->second.get();
*6777b538SAndroid Build Coastguard Worker  }
*6777b538SAndroid Build Coastguard Worker
*6777b538SAndroid Build Coastguard Worker  bool found_equivalent_cookie = false;
*6777b538SAndroid Build Coastguard Worker  CookieMap::iterator deletion_candidate_it = cookie_map->end();
*6777b538SAndroid Build Coastguard Worker  CanonicalCookie* skipped_secure_cookie = nullptr;
*6777b538SAndroid Build Coastguard Worker
*6777b538SAndroid Build Coastguard Worker  // Check every cookie matching this domain key for equivalence.
*6777b538SAndroid Build Coastguard Worker  CookieMapItPair range_its = cookie_map->equal_range(key);
*6777b538SAndroid Build Coastguard Worker  for (auto cur_it = range_its.first; cur_it != range_its.second; ++cur_it) {
*6777b538SAndroid Build Coastguard Worker    CanonicalCookie* cur_existing_cookie = cur_it->second.get();
*6777b538SAndroid Build Coastguard Worker
*6777b538SAndroid Build Coastguard Worker    // Evaluate "Leave Secure Cookies Alone":
*6777b538SAndroid Build Coastguard Worker    // If the cookie is being set from an insecure source, then if an
*6777b538SAndroid Build Coastguard Worker    // "equivalent" Secure cookie already exists, then the cookie should *not*
*6777b538SAndroid Build Coastguard Worker    // be updated.
*6777b538SAndroid Build Coastguard Worker    //
*6777b538SAndroid Build Coastguard Worker    // "Equivalent" means they are the same by
*6777b538SAndroid Build Coastguard Worker    // IsEquivalentForSecureCookieMatching(). See the comment there for
*6777b538SAndroid Build Coastguard Worker    // details. (Note this is not a symmetric comparison.) This notion of
*6777b538SAndroid Build Coastguard Worker    // equivalence is slightly more inclusive than the usual IsEquivalent() one.
*6777b538SAndroid Build Coastguard Worker    //
*6777b538SAndroid Build Coastguard Worker    // See: https://tools.ietf.org/html/draft-ietf-httpbis-cookie-alone
*6777b538SAndroid Build Coastguard Worker    if (cur_existing_cookie->SecureAttribute() &&
*6777b538SAndroid Build Coastguard Worker        !allowed_to_set_secure_cookie &&
*6777b538SAndroid Build Coastguard Worker        cookie_being_set.IsEquivalentForSecureCookieMatching(
*6777b538SAndroid Build Coastguard Worker            *cur_existing_cookie)) {
*6777b538SAndroid Build Coastguard Worker      // Hold onto this for additional Netlogging later if we end up preserving
*6777b538SAndroid Build Coastguard Worker      // a would-have-been-deleted cookie because of this.
*6777b538SAndroid Build Coastguard Worker      skipped_secure_cookie = cur_existing_cookie;
*6777b538SAndroid Build Coastguard Worker      net_log_.AddEvent(NetLogEventType::COOKIE_STORE_COOKIE_REJECTED_SECURE,
*6777b538SAndroid Build Coastguard Worker                        [&](NetLogCaptureMode capture_mode) {
*6777b538SAndroid Build Coastguard Worker                          return NetLogCookieMonsterCookieRejectedSecure(
*6777b538SAndroid Build Coastguard Worker                              skipped_secure_cookie, &cookie_being_set,
*6777b538SAndroid Build Coastguard Worker                              capture_mode);
*6777b538SAndroid Build Coastguard Worker                        });
*6777b538SAndroid Build Coastguard Worker      status->AddExclusionReason(
*6777b538SAndroid Build Coastguard Worker          CookieInclusionStatus::EXCLUDE_OVERWRITE_SECURE);
*6777b538SAndroid Build Coastguard Worker    }
*6777b538SAndroid Build Coastguard Worker
*6777b538SAndroid Build Coastguard Worker    if (cookie_being_set.IsEquivalent(*cur_existing_cookie)) {
*6777b538SAndroid Build Coastguard Worker      // We should never have more than one equivalent cookie, since they should
*6777b538SAndroid Build Coastguard Worker      // overwrite each other.
*6777b538SAndroid Build Coastguard Worker      CHECK(!found_equivalent_cookie)
*6777b538SAndroid Build Coastguard Worker          << "Duplicate equivalent cookies found, cookie store is corrupted.";
*6777b538SAndroid Build Coastguard Worker      DCHECK(deletion_candidate_it == cookie_map->end());
*6777b538SAndroid Build Coastguard Worker      found_equivalent_cookie = true;
*6777b538SAndroid Build Coastguard Worker
*6777b538SAndroid Build Coastguard Worker      // The |cookie_being_set| is rejected for trying to overwrite an httponly
*6777b538SAndroid Build Coastguard Worker      // cookie when it should not be able to.
*6777b538SAndroid Build Coastguard Worker      if (skip_httponly && cur_existing_cookie->IsHttpOnly()) {
*6777b538SAndroid Build Coastguard Worker        net_log_.AddEvent(
*6777b538SAndroid Build Coastguard Worker            NetLogEventType::COOKIE_STORE_COOKIE_REJECTED_HTTPONLY,
*6777b538SAndroid Build Coastguard Worker            [&](NetLogCaptureMode capture_mode) {
*6777b538SAndroid Build Coastguard Worker              return NetLogCookieMonsterCookieRejectedHttponly(
*6777b538SAndroid Build Coastguard Worker                  cur_existing_cookie, &cookie_being_set, capture_mode);
*6777b538SAndroid Build Coastguard Worker            });
*6777b538SAndroid Build Coastguard Worker        status->AddExclusionReason(
*6777b538SAndroid Build Coastguard Worker            CookieInclusionStatus::EXCLUDE_OVERWRITE_HTTP_ONLY);
*6777b538SAndroid Build Coastguard Worker      } else {
*6777b538SAndroid Build Coastguard Worker        deletion_candidate_it = cur_it;
*6777b538SAndroid Build Coastguard Worker      }
*6777b538SAndroid Build Coastguard Worker    }
*6777b538SAndroid Build Coastguard Worker  }
*6777b538SAndroid Build Coastguard Worker
*6777b538SAndroid Build Coastguard Worker  if (deletion_candidate_it != cookie_map->end()) {
*6777b538SAndroid Build Coastguard Worker    CanonicalCookie* deletion_candidate = deletion_candidate_it->second.get();
*6777b538SAndroid Build Coastguard Worker    if (deletion_candidate->Value() == cookie_being_set.Value())
*6777b538SAndroid Build Coastguard Worker      *creation_date_to_inherit = deletion_candidate->CreationDate();
*6777b538SAndroid Build Coastguard Worker    if (status->IsInclude()) {
*6777b538SAndroid Build Coastguard Worker      if (cookie_being_set.IsPartitioned()) {
*6777b538SAndroid Build Coastguard Worker        InternalDeletePartitionedCookie(
*6777b538SAndroid Build Coastguard Worker            cookie_partition_it.value(), deletion_candidate_it,
*6777b538SAndroid Build Coastguard Worker            true /* sync_to_store */,
*6777b538SAndroid Build Coastguard Worker            already_expired ? DELETE_COOKIE_EXPIRED_OVERWRITE
*6777b538SAndroid Build Coastguard Worker                            : DELETE_COOKIE_OVERWRITE);
*6777b538SAndroid Build Coastguard Worker      } else {
*6777b538SAndroid Build Coastguard Worker        InternalDeleteCookie(deletion_candidate_it, true /* sync_to_store */,
*6777b538SAndroid Build Coastguard Worker                             already_expired ? DELETE_COOKIE_EXPIRED_OVERWRITE
*6777b538SAndroid Build Coastguard Worker                                             : DELETE_COOKIE_OVERWRITE);
*6777b538SAndroid Build Coastguard Worker      }
*6777b538SAndroid Build Coastguard Worker    } else if (status->HasExclusionReason(
*6777b538SAndroid Build Coastguard Worker                   CookieInclusionStatus::EXCLUDE_OVERWRITE_SECURE)) {
*6777b538SAndroid Build Coastguard Worker      // Log that we preserved a cookie that would have been deleted due to
*6777b538SAndroid Build Coastguard Worker      // Leave Secure Cookies Alone. This arbitrarily only logs the last
*6777b538SAndroid Build Coastguard Worker      // |skipped_secure_cookie| that we were left with after the for loop, even
*6777b538SAndroid Build Coastguard Worker      // if there were multiple matching Secure cookies that were left alone.
*6777b538SAndroid Build Coastguard Worker      DCHECK(skipped_secure_cookie);
*6777b538SAndroid Build Coastguard Worker      net_log_.AddEvent(
*6777b538SAndroid Build Coastguard Worker          NetLogEventType::COOKIE_STORE_COOKIE_PRESERVED_SKIPPED_SECURE,
*6777b538SAndroid Build Coastguard Worker          [&](NetLogCaptureMode capture_mode) {
*6777b538SAndroid Build Coastguard Worker            return NetLogCookieMonsterCookiePreservedSkippedSecure(
*6777b538SAndroid Build Coastguard Worker                skipped_secure_cookie, deletion_candidate, &cookie_being_set,
*6777b538SAndroid Build Coastguard Worker                capture_mode);
*6777b538SAndroid Build Coastguard Worker          });
*6777b538SAndroid Build Coastguard Worker    }
*6777b538SAndroid Build Coastguard Worker  }
*6777b538SAndroid Build Coastguard Worker}
*6777b538SAndroid Build Coastguard Worker
*6777b538SAndroid Build Coastguard WorkerCookieMonster::CookieMap::iterator CookieMonster::InternalInsertCookie(
*6777b538SAndroid Build Coastguard Worker    const std::string& key,
*6777b538SAndroid Build Coastguard Worker    std::unique_ptr<CanonicalCookie> cc,
*6777b538SAndroid Build Coastguard Worker    bool sync_to_store,
*6777b538SAndroid Build Coastguard Worker    const CookieAccessResult& access_result,
*6777b538SAndroid Build Coastguard Worker    bool dispatch_change) {
*6777b538SAndroid Build Coastguard Worker  DCHECK_CALLED_ON_VALID_THREAD(thread_checker_);
*6777b538SAndroid Build Coastguard Worker  CanonicalCookie* cc_ptr = cc.get();
*6777b538SAndroid Build Coastguard Worker
*6777b538SAndroid Build Coastguard Worker  net_log_.AddEvent(NetLogEventType::COOKIE_STORE_COOKIE_ADDED,
*6777b538SAndroid Build Coastguard Worker                    [&](NetLogCaptureMode capture_mode) {
*6777b538SAndroid Build Coastguard Worker                      return NetLogCookieMonsterCookieAdded(
*6777b538SAndroid Build Coastguard Worker                          cc.get(), sync_to_store, capture_mode);
*6777b538SAndroid Build Coastguard Worker                    });
*6777b538SAndroid Build Coastguard Worker  if (ShouldUpdatePersistentStore(cc_ptr) && sync_to_store)
*6777b538SAndroid Build Coastguard Worker    store_->AddCookie(*cc_ptr);
*6777b538SAndroid Build Coastguard Worker
*6777b538SAndroid Build Coastguard Worker  auto inserted = cookies_.insert(CookieMap::value_type(key, std::move(cc)));
*6777b538SAndroid Build Coastguard Worker
*6777b538SAndroid Build Coastguard Worker  LogStoredCookieToUMA(*cc_ptr, access_result);
*6777b538SAndroid Build Coastguard Worker
*6777b538SAndroid Build Coastguard Worker  DCHECK(access_result.status.IsInclude());
*6777b538SAndroid Build Coastguard Worker  if (dispatch_change) {
*6777b538SAndroid Build Coastguard Worker    change_dispatcher_.DispatchChange(
*6777b538SAndroid Build Coastguard Worker        CookieChangeInfo(*cc_ptr, access_result, CookieChangeCause::INSERTED),
*6777b538SAndroid Build Coastguard Worker        true);
*6777b538SAndroid Build Coastguard Worker  }
*6777b538SAndroid Build Coastguard Worker
*6777b538SAndroid Build Coastguard Worker  // If this is the first cookie in |cookies_| with this key, increment the
*6777b538SAndroid Build Coastguard Worker  // |num_keys_| counter.
*6777b538SAndroid Build Coastguard Worker  bool different_prev =
*6777b538SAndroid Build Coastguard Worker      inserted == cookies_.begin() || std::prev(inserted)->first != key;
*6777b538SAndroid Build Coastguard Worker  // According to std::multiqueue documentation:
*6777b538SAndroid Build Coastguard Worker  // "If the container has elements with equivalent key, inserts at the upper
*6777b538SAndroid Build Coastguard Worker  // bound of that range. (since C++11)"
*6777b538SAndroid Build Coastguard Worker  // This means that "inserted" iterator either points to the last element in
*6777b538SAndroid Build Coastguard Worker  // the map, or the element succeeding it has to have different key.
*6777b538SAndroid Build Coastguard Worker  DCHECK(std::next(inserted) == cookies_.end() ||
*6777b538SAndroid Build Coastguard Worker         std::next(inserted)->first != key);
*6777b538SAndroid Build Coastguard Worker  if (different_prev)
*6777b538SAndroid Build Coastguard Worker    ++num_keys_;
*6777b538SAndroid Build Coastguard Worker
*6777b538SAndroid Build Coastguard Worker  return inserted;
*6777b538SAndroid Build Coastguard Worker}
*6777b538SAndroid Build Coastguard Worker
*6777b538SAndroid Build Coastguard Workerbool CookieMonster::ShouldUpdatePersistentStore(CanonicalCookie* cc) {
*6777b538SAndroid Build Coastguard Worker  return (cc->IsPersistent() || persist_session_cookies_) && store_.get();
*6777b538SAndroid Build Coastguard Worker}
*6777b538SAndroid Build Coastguard Worker
*6777b538SAndroid Build Coastguard WorkerCookieMonster::PartitionedCookieMapIterators
*6777b538SAndroid Build Coastguard WorkerCookieMonster::InternalInsertPartitionedCookie(
*6777b538SAndroid Build Coastguard Worker    std::string key,
*6777b538SAndroid Build Coastguard Worker    std::unique_ptr<CanonicalCookie> cc,
*6777b538SAndroid Build Coastguard Worker    bool sync_to_store,
*6777b538SAndroid Build Coastguard Worker    const CookieAccessResult& access_result,
*6777b538SAndroid Build Coastguard Worker    bool dispatch_change) {
*6777b538SAndroid Build Coastguard Worker  DCHECK(cc->IsPartitioned());
*6777b538SAndroid Build Coastguard Worker  DCHECK_CALLED_ON_VALID_THREAD(thread_checker_);
*6777b538SAndroid Build Coastguard Worker  CanonicalCookie* cc_ptr = cc.get();
*6777b538SAndroid Build Coastguard Worker
*6777b538SAndroid Build Coastguard Worker  net_log_.AddEvent(NetLogEventType::COOKIE_STORE_COOKIE_ADDED,
*6777b538SAndroid Build Coastguard Worker                    [&](NetLogCaptureMode capture_mode) {
*6777b538SAndroid Build Coastguard Worker                      return NetLogCookieMonsterCookieAdded(
*6777b538SAndroid Build Coastguard Worker                          cc.get(), sync_to_store, capture_mode);
*6777b538SAndroid Build Coastguard Worker                    });
*6777b538SAndroid Build Coastguard Worker  if (ShouldUpdatePersistentStore(cc_ptr) && sync_to_store)
*6777b538SAndroid Build Coastguard Worker    store_->AddCookie(*cc_ptr);
*6777b538SAndroid Build Coastguard Worker
*6777b538SAndroid Build Coastguard Worker  CookiePartitionKey partition_key(cc->PartitionKey().value());
*6777b538SAndroid Build Coastguard Worker
*6777b538SAndroid Build Coastguard Worker  size_t n_bytes = NameValueSizeBytes(*cc);
*6777b538SAndroid Build Coastguard Worker  num_partitioned_cookies_bytes_ += n_bytes;
*6777b538SAndroid Build Coastguard Worker  bytes_per_cookie_partition_[partition_key] += n_bytes;
*6777b538SAndroid Build Coastguard Worker  if (partition_key.nonce()) {
*6777b538SAndroid Build Coastguard Worker    num_nonced_partitioned_cookie_bytes_ += n_bytes;
*6777b538SAndroid Build Coastguard Worker  }
*6777b538SAndroid Build Coastguard Worker
*6777b538SAndroid Build Coastguard Worker  PartitionedCookieMap::iterator partition_it =
*6777b538SAndroid Build Coastguard Worker      partitioned_cookies_.find(partition_key);
*6777b538SAndroid Build Coastguard Worker  if (partition_it == partitioned_cookies_.end()) {
*6777b538SAndroid Build Coastguard Worker    partition_it =
*6777b538SAndroid Build Coastguard Worker        partitioned_cookies_
*6777b538SAndroid Build Coastguard Worker            .insert(PartitionedCookieMap::value_type(
*6777b538SAndroid Build Coastguard Worker                std::move(partition_key), std::make_unique<CookieMap>()))
*6777b538SAndroid Build Coastguard Worker            .first;
*6777b538SAndroid Build Coastguard Worker  }
*6777b538SAndroid Build Coastguard Worker
*6777b538SAndroid Build Coastguard Worker  CookieMap::iterator cookie_it = partition_it->second->insert(
*6777b538SAndroid Build Coastguard Worker      CookieMap::value_type(std::move(key), std::move(cc)));
*6777b538SAndroid Build Coastguard Worker  ++num_partitioned_cookies_;
*6777b538SAndroid Build Coastguard Worker  if (partition_it->first.nonce()) {
*6777b538SAndroid Build Coastguard Worker    ++num_nonced_partitioned_cookies_;
*6777b538SAndroid Build Coastguard Worker  }
*6777b538SAndroid Build Coastguard Worker  CHECK_GE(num_partitioned_cookies_, num_nonced_partitioned_cookies_);
*6777b538SAndroid Build Coastguard Worker
*6777b538SAndroid Build Coastguard Worker  LogStoredCookieToUMA(*cc_ptr, access_result);
*6777b538SAndroid Build Coastguard Worker
*6777b538SAndroid Build Coastguard Worker  DCHECK(access_result.status.IsInclude());
*6777b538SAndroid Build Coastguard Worker  if (dispatch_change) {
*6777b538SAndroid Build Coastguard Worker    change_dispatcher_.DispatchChange(
*6777b538SAndroid Build Coastguard Worker        CookieChangeInfo(*cc_ptr, access_result, CookieChangeCause::INSERTED),
*6777b538SAndroid Build Coastguard Worker        true);
*6777b538SAndroid Build Coastguard Worker  }
*6777b538SAndroid Build Coastguard Worker
*6777b538SAndroid Build Coastguard Worker  return std::pair(partition_it, cookie_it);
*6777b538SAndroid Build Coastguard Worker}
*6777b538SAndroid Build Coastguard Worker
*6777b538SAndroid Build Coastguard Workervoid CookieMonster::SetCanonicalCookie(
*6777b538SAndroid Build Coastguard Worker    std::unique_ptr<CanonicalCookie> cc,
*6777b538SAndroid Build Coastguard Worker    const GURL& source_url,
*6777b538SAndroid Build Coastguard Worker    const CookieOptions& options,
*6777b538SAndroid Build Coastguard Worker    SetCookiesCallback callback,
*6777b538SAndroid Build Coastguard Worker    std::optional<CookieAccessResult> cookie_access_result) {
*6777b538SAndroid Build Coastguard Worker  DCHECK_CALLED_ON_VALID_THREAD(thread_checker_);
*6777b538SAndroid Build Coastguard Worker// TODO(crbug.com/1482799): Fix macos specific issue with CHECK_IS_TEST crashing
*6777b538SAndroid Build Coastguard Worker// network service process.
*6777b538SAndroid Build Coastguard Worker#if !BUILDFLAG(IS_MAC)
*6777b538SAndroid Build Coastguard Worker  // Only tests should be adding new cookies with source type kUnknown. If this
*6777b538SAndroid Build Coastguard Worker  // line causes a fatal track down the callsite and have it correctly set the
*6777b538SAndroid Build Coastguard Worker  // source type to kOther (or kHTTP/kScript where applicable). See
*6777b538SAndroid Build Coastguard Worker  // CookieSourceType in net/cookies/cookie_constants.h for more.
*6777b538SAndroid Build Coastguard Worker  if (cc->SourceType() == CookieSourceType::kUnknown) {
*6777b538SAndroid Build Coastguard Worker    CHECK_IS_TEST(base::NotFatalUntil::M126);
*6777b538SAndroid Build Coastguard Worker  }
*6777b538SAndroid Build Coastguard Worker#endif
*6777b538SAndroid Build Coastguard Worker
*6777b538SAndroid Build Coastguard Worker  bool delegate_treats_url_as_trustworthy =
*6777b538SAndroid Build Coastguard Worker      cookie_access_delegate() &&
*6777b538SAndroid Build Coastguard Worker      cookie_access_delegate()->ShouldTreatUrlAsTrustworthy(source_url);
*6777b538SAndroid Build Coastguard Worker
*6777b538SAndroid Build Coastguard Worker  CookieAccessResult access_result = cc->IsSetPermittedInContext(
*6777b538SAndroid Build Coastguard Worker      source_url, options,
*6777b538SAndroid Build Coastguard Worker      CookieAccessParams(GetAccessSemanticsForCookie(*cc),
*6777b538SAndroid Build Coastguard Worker                         delegate_treats_url_as_trustworthy),
*6777b538SAndroid Build Coastguard Worker      cookieable_schemes_, cookie_access_result);
*6777b538SAndroid Build Coastguard Worker
*6777b538SAndroid Build Coastguard Worker  const std::string key(GetKey(cc->Domain()));
*6777b538SAndroid Build Coastguard Worker
*6777b538SAndroid Build Coastguard Worker  base::Time creation_date = cc->CreationDate();
*6777b538SAndroid Build Coastguard Worker  if (creation_date.is_null()) {
*6777b538SAndroid Build Coastguard Worker    creation_date = Time::Now();
*6777b538SAndroid Build Coastguard Worker    cc->SetCreationDate(creation_date);
*6777b538SAndroid Build Coastguard Worker  }
*6777b538SAndroid Build Coastguard Worker  bool already_expired = cc->IsExpired(creation_date);
*6777b538SAndroid Build Coastguard Worker
*6777b538SAndroid Build Coastguard Worker  base::Time creation_date_to_inherit;
*6777b538SAndroid Build Coastguard Worker
*6777b538SAndroid Build Coastguard Worker  std::optional<PartitionedCookieMap::iterator> cookie_partition_it;
*6777b538SAndroid Build Coastguard Worker  bool should_try_to_delete_duplicates = true;
*6777b538SAndroid Build Coastguard Worker
*6777b538SAndroid Build Coastguard Worker  if (cc->IsPartitioned()) {
*6777b538SAndroid Build Coastguard Worker    auto it = partitioned_cookies_.find(cc->PartitionKey().value());
*6777b538SAndroid Build Coastguard Worker    if (it == partitioned_cookies_.end()) {
*6777b538SAndroid Build Coastguard Worker      // This is the first cookie in its partition, so it won't have any
*6777b538SAndroid Build Coastguard Worker      // duplicates.
*6777b538SAndroid Build Coastguard Worker      should_try_to_delete_duplicates = false;
*6777b538SAndroid Build Coastguard Worker    } else {
*6777b538SAndroid Build Coastguard Worker      cookie_partition_it = std::make_optional(it);
*6777b538SAndroid Build Coastguard Worker    }
*6777b538SAndroid Build Coastguard Worker  }
*6777b538SAndroid Build Coastguard Worker
*6777b538SAndroid Build Coastguard Worker  // Iterates through existing cookies for the same eTLD+1, and potentially
*6777b538SAndroid Build Coastguard Worker  // deletes an existing cookie, so any ExclusionReasons in |status| that would
*6777b538SAndroid Build Coastguard Worker  // prevent such deletion should be finalized beforehand.
*6777b538SAndroid Build Coastguard Worker  if (should_try_to_delete_duplicates) {
*6777b538SAndroid Build Coastguard Worker    MaybeDeleteEquivalentCookieAndUpdateStatus(
*6777b538SAndroid Build Coastguard Worker        key, *cc, access_result.is_allowed_to_access_secure_cookies,
*6777b538SAndroid Build Coastguard Worker        options.exclude_httponly(), already_expired, &creation_date_to_inherit,
*6777b538SAndroid Build Coastguard Worker        &access_result.status, cookie_partition_it);
*6777b538SAndroid Build Coastguard Worker  }
*6777b538SAndroid Build Coastguard Worker
*6777b538SAndroid Build Coastguard Worker  if (access_result.status.HasExclusionReason(
*6777b538SAndroid Build Coastguard Worker          CookieInclusionStatus::EXCLUDE_OVERWRITE_SECURE) ||
*6777b538SAndroid Build Coastguard Worker      access_result.status.HasExclusionReason(
*6777b538SAndroid Build Coastguard Worker          CookieInclusionStatus::EXCLUDE_OVERWRITE_HTTP_ONLY)) {
*6777b538SAndroid Build Coastguard Worker    DVLOG(net::cookie_util::kVlogSetCookies)
*6777b538SAndroid Build Coastguard Worker        << "SetCookie() not clobbering httponly cookie or secure cookie for "
*6777b538SAndroid Build Coastguard Worker           "insecure scheme";
*6777b538SAndroid Build Coastguard Worker  }
*6777b538SAndroid Build Coastguard Worker
*6777b538SAndroid Build Coastguard Worker  if (access_result.status.IsInclude()) {
*6777b538SAndroid Build Coastguard Worker    DVLOG(net::cookie_util::kVlogSetCookies)
*6777b538SAndroid Build Coastguard Worker        << "SetCookie() key: " << key << " cc: " << cc->DebugString();
*6777b538SAndroid Build Coastguard Worker
*6777b538SAndroid Build Coastguard Worker    if (cc->IsEffectivelySameSiteNone()) {
*6777b538SAndroid Build Coastguard Worker      size_t cookie_size = NameValueSizeBytes(*cc);
*6777b538SAndroid Build Coastguard Worker      UMA_HISTOGRAM_COUNTS_10000("Cookie.SameSiteNoneSizeBytes", cookie_size);
*6777b538SAndroid Build Coastguard Worker      if (cc->IsPartitioned()) {
*6777b538SAndroid Build Coastguard Worker        UMA_HISTOGRAM_COUNTS_10000("Cookie.SameSiteNoneSizeBytes.Partitioned",
*6777b538SAndroid Build Coastguard Worker                                   cookie_size);
*6777b538SAndroid Build Coastguard Worker      } else {
*6777b538SAndroid Build Coastguard Worker        UMA_HISTOGRAM_COUNTS_10000("Cookie.SameSiteNoneSizeBytes.Unpartitioned",
*6777b538SAndroid Build Coastguard Worker                                   cookie_size);
*6777b538SAndroid Build Coastguard Worker      }
*6777b538SAndroid Build Coastguard Worker    }
*6777b538SAndroid Build Coastguard Worker
*6777b538SAndroid Build Coastguard Worker    std::optional<CookiePartitionKey> cookie_partition_key = cc->PartitionKey();
*6777b538SAndroid Build Coastguard Worker    CHECK_EQ(cc->IsPartitioned(), cookie_partition_key.has_value());
*6777b538SAndroid Build Coastguard Worker
*6777b538SAndroid Build Coastguard Worker    // Realize that we might be setting an expired cookie, and the only point
*6777b538SAndroid Build Coastguard Worker    // was to delete the cookie which we've already done.
*6777b538SAndroid Build Coastguard Worker    if (!already_expired) {
*6777b538SAndroid Build Coastguard Worker      HistogramExpirationDuration(*cc, creation_date);
*6777b538SAndroid Build Coastguard Worker
*6777b538SAndroid Build Coastguard Worker      // Histogram the type of scheme used on URLs that set cookies. This
*6777b538SAndroid Build Coastguard Worker      // intentionally includes cookies that are set or overwritten by
*6777b538SAndroid Build Coastguard Worker      // http:// URLs, but not cookies that are cleared by http:// URLs, to
*6777b538SAndroid Build Coastguard Worker      // understand if the former behavior can be deprecated for Secure
*6777b538SAndroid Build Coastguard Worker      // cookies.
*6777b538SAndroid Build Coastguard Worker      // TODO(crbug.com/993120): Consider removing this histogram. The decision
*6777b538SAndroid Build Coastguard Worker      // it was added to evaluate has been implemented and standardized.
*6777b538SAndroid Build Coastguard Worker      CookieSource cookie_source_sample =
*6777b538SAndroid Build Coastguard Worker          (source_url.SchemeIsCryptographic()
*6777b538SAndroid Build Coastguard Worker               ? (cc->SecureAttribute()
*6777b538SAndroid Build Coastguard Worker                      ? CookieSource::kSecureCookieCryptographicScheme
*6777b538SAndroid Build Coastguard Worker                      : CookieSource::kNonsecureCookieCryptographicScheme)
*6777b538SAndroid Build Coastguard Worker               : (cc->SecureAttribute()
*6777b538SAndroid Build Coastguard Worker                      ? CookieSource::kSecureCookieNoncryptographicScheme
*6777b538SAndroid Build Coastguard Worker                      : CookieSource::kNonsecureCookieNoncryptographicScheme));
*6777b538SAndroid Build Coastguard Worker      UMA_HISTOGRAM_ENUMERATION("Cookie.CookieSourceScheme",
*6777b538SAndroid Build Coastguard Worker                                cookie_source_sample);
*6777b538SAndroid Build Coastguard Worker
*6777b538SAndroid Build Coastguard Worker      UMA_HISTOGRAM_BOOLEAN("Cookie.DomainSet", cc->IsDomainCookie());
*6777b538SAndroid Build Coastguard Worker
*6777b538SAndroid Build Coastguard Worker      if (!creation_date_to_inherit.is_null()) {
*6777b538SAndroid Build Coastguard Worker        cc->SetCreationDate(creation_date_to_inherit);
*6777b538SAndroid Build Coastguard Worker      }
*6777b538SAndroid Build Coastguard Worker
*6777b538SAndroid Build Coastguard Worker      if (cookie_partition_key.has_value()) {
*6777b538SAndroid Build Coastguard Worker        InternalInsertPartitionedCookie(key, std::move(cc), true,
*6777b538SAndroid Build Coastguard Worker                                        access_result);
*6777b538SAndroid Build Coastguard Worker      } else {
*6777b538SAndroid Build Coastguard Worker        InternalInsertCookie(key, std::move(cc), true, access_result);
*6777b538SAndroid Build Coastguard Worker      }
*6777b538SAndroid Build Coastguard Worker    } else {
*6777b538SAndroid Build Coastguard Worker      DVLOG(net::cookie_util::kVlogSetCookies)
*6777b538SAndroid Build Coastguard Worker          << "SetCookie() not storing already expired cookie.";
*6777b538SAndroid Build Coastguard Worker    }
*6777b538SAndroid Build Coastguard Worker
*6777b538SAndroid Build Coastguard Worker    // We assume that hopefully setting a cookie will be less common than
*6777b538SAndroid Build Coastguard Worker    // querying a cookie.  Since setting a cookie can put us over our limits,
*6777b538SAndroid Build Coastguard Worker    // make sure that we garbage collect...  We can also make the assumption
*6777b538SAndroid Build Coastguard Worker    // that if a cookie was set, in the common case it will be used soon after,
*6777b538SAndroid Build Coastguard Worker    // and we will purge the expired cookies in GetCookies().
*6777b538SAndroid Build Coastguard Worker    if (cookie_partition_key.has_value()) {
*6777b538SAndroid Build Coastguard Worker      GarbageCollectPartitionedCookies(creation_date,
*6777b538SAndroid Build Coastguard Worker                                       cookie_partition_key.value(), key);
*6777b538SAndroid Build Coastguard Worker    } else {
*6777b538SAndroid Build Coastguard Worker      GarbageCollect(creation_date, key);
*6777b538SAndroid Build Coastguard Worker    }
*6777b538SAndroid Build Coastguard Worker
*6777b538SAndroid Build Coastguard Worker    if (IsLocalhost(source_url)) {
*6777b538SAndroid Build Coastguard Worker      UMA_HISTOGRAM_ENUMERATION(
*6777b538SAndroid Build Coastguard Worker          "Cookie.Port.Set.Localhost",
*6777b538SAndroid Build Coastguard Worker          ReducePortRangeForCookieHistogram(source_url.EffectiveIntPort()));
*6777b538SAndroid Build Coastguard Worker    } else {
*6777b538SAndroid Build Coastguard Worker      UMA_HISTOGRAM_ENUMERATION(
*6777b538SAndroid Build Coastguard Worker          "Cookie.Port.Set.RemoteHost",
*6777b538SAndroid Build Coastguard Worker          ReducePortRangeForCookieHistogram(source_url.EffectiveIntPort()));
*6777b538SAndroid Build Coastguard Worker    }
*6777b538SAndroid Build Coastguard Worker
*6777b538SAndroid Build Coastguard Worker    UMA_HISTOGRAM_ENUMERATION("Cookie.CookieSourceSchemeName",
*6777b538SAndroid Build Coastguard Worker                              GetSchemeNameEnum(source_url));
*6777b538SAndroid Build Coastguard Worker  } else {
*6777b538SAndroid Build Coastguard Worker    // If the cookie would be excluded, don't bother warning about the 3p cookie
*6777b538SAndroid Build Coastguard Worker    // phaseout.
*6777b538SAndroid Build Coastguard Worker    access_result.status.RemoveWarningReason(
*6777b538SAndroid Build Coastguard Worker        net::CookieInclusionStatus::WARN_THIRD_PARTY_PHASEOUT);
*6777b538SAndroid Build Coastguard Worker  }
*6777b538SAndroid Build Coastguard Worker
*6777b538SAndroid Build Coastguard Worker  // TODO(chlily): Log metrics.
*6777b538SAndroid Build Coastguard Worker  MaybeRunCookieCallback(std::move(callback), access_result);
*6777b538SAndroid Build Coastguard Worker}
*6777b538SAndroid Build Coastguard Worker
*6777b538SAndroid Build Coastguard Workervoid CookieMonster::SetAllCookies(CookieList list,
*6777b538SAndroid Build Coastguard Worker                                  SetCookiesCallback callback) {
*6777b538SAndroid Build Coastguard Worker  DCHECK_CALLED_ON_VALID_THREAD(thread_checker_);
*6777b538SAndroid Build Coastguard Worker
*6777b538SAndroid Build Coastguard Worker  // Nuke the existing store.
*6777b538SAndroid Build Coastguard Worker  while (!cookies_.empty()) {
*6777b538SAndroid Build Coastguard Worker    // TODO(rdsmith): The CANONICAL is a lie.
*6777b538SAndroid Build Coastguard Worker    InternalDeleteCookie(cookies_.begin(), true, DELETE_COOKIE_EXPLICIT);
*6777b538SAndroid Build Coastguard Worker  }
*6777b538SAndroid Build Coastguard Worker
*6777b538SAndroid Build Coastguard Worker  // Set all passed in cookies.
*6777b538SAndroid Build Coastguard Worker  for (const auto& cookie : list) {
*6777b538SAndroid Build Coastguard Worker    const std::string key(GetKey(cookie.Domain()));
*6777b538SAndroid Build Coastguard Worker    Time creation_time = cookie.CreationDate();
*6777b538SAndroid Build Coastguard Worker    if (cookie.IsExpired(creation_time))
*6777b538SAndroid Build Coastguard Worker      continue;
*6777b538SAndroid Build Coastguard Worker
*6777b538SAndroid Build Coastguard Worker    HistogramExpirationDuration(cookie, creation_time);
*6777b538SAndroid Build Coastguard Worker
*6777b538SAndroid Build Coastguard Worker    CookieAccessResult access_result;
*6777b538SAndroid Build Coastguard Worker    access_result.access_semantics = GetAccessSemanticsForCookie(cookie);
*6777b538SAndroid Build Coastguard Worker
*6777b538SAndroid Build Coastguard Worker    if (cookie.IsPartitioned()) {
*6777b538SAndroid Build Coastguard Worker      InternalInsertPartitionedCookie(
*6777b538SAndroid Build Coastguard Worker          key, std::make_unique<CanonicalCookie>(cookie), true, access_result);
*6777b538SAndroid Build Coastguard Worker      GarbageCollectPartitionedCookies(creation_time,
*6777b538SAndroid Build Coastguard Worker                                       cookie.PartitionKey().value(), key);
*6777b538SAndroid Build Coastguard Worker    } else {
*6777b538SAndroid Build Coastguard Worker      InternalInsertCookie(key, std::make_unique<CanonicalCookie>(cookie), true,
*6777b538SAndroid Build Coastguard Worker                           access_result);
*6777b538SAndroid Build Coastguard Worker      GarbageCollect(creation_time, key);
*6777b538SAndroid Build Coastguard Worker    }
*6777b538SAndroid Build Coastguard Worker  }
*6777b538SAndroid Build Coastguard Worker
*6777b538SAndroid Build Coastguard Worker  // TODO(rdsmith): If this function always returns the same value, it
*6777b538SAndroid Build Coastguard Worker  // shouldn't have a return value.  But it should also be deleted (see
*6777b538SAndroid Build Coastguard Worker  // https://codereview.chromium.org/2882063002/#msg64), which would
*6777b538SAndroid Build Coastguard Worker  // solve the return value problem.
*6777b538SAndroid Build Coastguard Worker  MaybeRunCookieCallback(std::move(callback), CookieAccessResult());
*6777b538SAndroid Build Coastguard Worker}
*6777b538SAndroid Build Coastguard Worker
*6777b538SAndroid Build Coastguard Workervoid CookieMonster::InternalUpdateCookieAccessTime(CanonicalCookie* cc,
*6777b538SAndroid Build Coastguard Worker                                                   const Time& current) {
*6777b538SAndroid Build Coastguard Worker  DCHECK_CALLED_ON_VALID_THREAD(thread_checker_);
*6777b538SAndroid Build Coastguard Worker
*6777b538SAndroid Build Coastguard Worker  // Based off the Mozilla code.  When a cookie has been accessed recently,
*6777b538SAndroid Build Coastguard Worker  // don't bother updating its access time again.  This reduces the number of
*6777b538SAndroid Build Coastguard Worker  // updates we do during pageload, which in turn reduces the chance our storage
*6777b538SAndroid Build Coastguard Worker  // backend will hit its batch thresholds and be forced to update.
*6777b538SAndroid Build Coastguard Worker  if ((current - cc->LastAccessDate()) < last_access_threshold_)
*6777b538SAndroid Build Coastguard Worker    return;
*6777b538SAndroid Build Coastguard Worker
*6777b538SAndroid Build Coastguard Worker  cc->SetLastAccessDate(current);
*6777b538SAndroid Build Coastguard Worker  if (ShouldUpdatePersistentStore(cc))
*6777b538SAndroid Build Coastguard Worker    store_->UpdateCookieAccessTime(*cc);
*6777b538SAndroid Build Coastguard Worker}
*6777b538SAndroid Build Coastguard Worker
*6777b538SAndroid Build Coastguard Worker// InternalDeleteCookies must not invalidate iterators other than the one being
*6777b538SAndroid Build Coastguard Worker// deleted.
*6777b538SAndroid Build Coastguard Workervoid CookieMonster::InternalDeleteCookie(CookieMap::iterator it,
*6777b538SAndroid Build Coastguard Worker                                         bool sync_to_store,
*6777b538SAndroid Build Coastguard Worker                                         DeletionCause deletion_cause) {
*6777b538SAndroid Build Coastguard Worker  DCHECK_CALLED_ON_VALID_THREAD(thread_checker_);
*6777b538SAndroid Build Coastguard Worker
*6777b538SAndroid Build Coastguard Worker  // Ideally, this would be asserted up where we define kChangeCauseMapping,
*6777b538SAndroid Build Coastguard Worker  // but DeletionCause's visibility (or lack thereof) forces us to make
*6777b538SAndroid Build Coastguard Worker  // this check here.
*6777b538SAndroid Build Coastguard Worker  static_assert(std::size(kChangeCauseMapping) == DELETE_COOKIE_LAST_ENTRY + 1,
*6777b538SAndroid Build Coastguard Worker                "kChangeCauseMapping size should match DeletionCause size");
*6777b538SAndroid Build Coastguard Worker
*6777b538SAndroid Build Coastguard Worker  CanonicalCookie* cc = it->second.get();
*6777b538SAndroid Build Coastguard Worker  DVLOG(net::cookie_util::kVlogSetCookies)
*6777b538SAndroid Build Coastguard Worker      << "InternalDeleteCookie()"
*6777b538SAndroid Build Coastguard Worker      << ", cause:" << deletion_cause << ", cc: " << cc->DebugString();
*6777b538SAndroid Build Coastguard Worker
*6777b538SAndroid Build Coastguard Worker  ChangeCausePair mapping = kChangeCauseMapping[deletion_cause];
*6777b538SAndroid Build Coastguard Worker  if (deletion_cause != DELETE_COOKIE_DONT_RECORD) {
*6777b538SAndroid Build Coastguard Worker    net_log_.AddEvent(NetLogEventType::COOKIE_STORE_COOKIE_DELETED,
*6777b538SAndroid Build Coastguard Worker                      [&](NetLogCaptureMode capture_mode) {
*6777b538SAndroid Build Coastguard Worker                        return NetLogCookieMonsterCookieDeleted(
*6777b538SAndroid Build Coastguard Worker                            cc, mapping.cause, sync_to_store, capture_mode);
*6777b538SAndroid Build Coastguard Worker                      });
*6777b538SAndroid Build Coastguard Worker  }
*6777b538SAndroid Build Coastguard Worker
*6777b538SAndroid Build Coastguard Worker  if (ShouldUpdatePersistentStore(cc) && sync_to_store)
*6777b538SAndroid Build Coastguard Worker    store_->DeleteCookie(*cc);
*6777b538SAndroid Build Coastguard Worker
*6777b538SAndroid Build Coastguard Worker  change_dispatcher_.DispatchChange(
*6777b538SAndroid Build Coastguard Worker      CookieChangeInfo(
*6777b538SAndroid Build Coastguard Worker          *cc,
*6777b538SAndroid Build Coastguard Worker          CookieAccessResult(CookieEffectiveSameSite::UNDEFINED,
*6777b538SAndroid Build Coastguard Worker                             CookieInclusionStatus(),
*6777b538SAndroid Build Coastguard Worker                             GetAccessSemanticsForCookie(*cc),
*6777b538SAndroid Build Coastguard Worker                             true /* is_allowed_to_access_secure_cookies */),
*6777b538SAndroid Build Coastguard Worker          mapping.cause),
*6777b538SAndroid Build Coastguard Worker      mapping.notify);
*6777b538SAndroid Build Coastguard Worker
*6777b538SAndroid Build Coastguard Worker  // If this is the last cookie in |cookies_| with this key, decrement the
*6777b538SAndroid Build Coastguard Worker  // |num_keys_| counter.
*6777b538SAndroid Build Coastguard Worker  bool different_prev =
*6777b538SAndroid Build Coastguard Worker      it == cookies_.begin() || std::prev(it)->first != it->first;
*6777b538SAndroid Build Coastguard Worker  bool different_next =
*6777b538SAndroid Build Coastguard Worker      std::next(it) == cookies_.end() || std::next(it)->first != it->first;
*6777b538SAndroid Build Coastguard Worker  if (different_prev && different_next)
*6777b538SAndroid Build Coastguard Worker    --num_keys_;
*6777b538SAndroid Build Coastguard Worker
*6777b538SAndroid Build Coastguard Worker  DCHECK(cookies_.find(it->first) != cookies_.end())
*6777b538SAndroid Build Coastguard Worker      << "Called erase with an iterator not in the cookie map";
*6777b538SAndroid Build Coastguard Worker  cookies_.erase(it);
*6777b538SAndroid Build Coastguard Worker}
*6777b538SAndroid Build Coastguard Worker
*6777b538SAndroid Build Coastguard Workervoid CookieMonster::InternalDeletePartitionedCookie(
*6777b538SAndroid Build Coastguard Worker    PartitionedCookieMap::iterator partition_it,
*6777b538SAndroid Build Coastguard Worker    CookieMap::iterator cookie_it,
*6777b538SAndroid Build Coastguard Worker    bool sync_to_store,
*6777b538SAndroid Build Coastguard Worker    DeletionCause deletion_cause) {
*6777b538SAndroid Build Coastguard Worker  DCHECK_CALLED_ON_VALID_THREAD(thread_checker_);
*6777b538SAndroid Build Coastguard Worker
*6777b538SAndroid Build Coastguard Worker  // Ideally, this would be asserted up where we define kChangeCauseMapping,
*6777b538SAndroid Build Coastguard Worker  // but DeletionCause's visibility (or lack thereof) forces us to make
*6777b538SAndroid Build Coastguard Worker  // this check here.
*6777b538SAndroid Build Coastguard Worker  static_assert(std::size(kChangeCauseMapping) == DELETE_COOKIE_LAST_ENTRY + 1,
*6777b538SAndroid Build Coastguard Worker                "kChangeCauseMapping size should match DeletionCause size");
*6777b538SAndroid Build Coastguard Worker
*6777b538SAndroid Build Coastguard Worker  CanonicalCookie* cc = cookie_it->second.get();
*6777b538SAndroid Build Coastguard Worker  DCHECK(cc->IsPartitioned());
*6777b538SAndroid Build Coastguard Worker  DVLOG(net::cookie_util::kVlogSetCookies)
*6777b538SAndroid Build Coastguard Worker      << "InternalDeletePartitionedCookie()"
*6777b538SAndroid Build Coastguard Worker      << ", cause:" << deletion_cause << ", cc: " << cc->DebugString();
*6777b538SAndroid Build Coastguard Worker
*6777b538SAndroid Build Coastguard Worker  ChangeCausePair mapping = kChangeCauseMapping[deletion_cause];
*6777b538SAndroid Build Coastguard Worker  if (deletion_cause != DELETE_COOKIE_DONT_RECORD) {
*6777b538SAndroid Build Coastguard Worker    net_log_.AddEvent(NetLogEventType::COOKIE_STORE_COOKIE_DELETED,
*6777b538SAndroid Build Coastguard Worker                      [&](NetLogCaptureMode capture_mode) {
*6777b538SAndroid Build Coastguard Worker                        return NetLogCookieMonsterCookieDeleted(
*6777b538SAndroid Build Coastguard Worker                            cc, mapping.cause, sync_to_store, capture_mode);
*6777b538SAndroid Build Coastguard Worker                      });
*6777b538SAndroid Build Coastguard Worker  }
*6777b538SAndroid Build Coastguard Worker
*6777b538SAndroid Build Coastguard Worker  if (ShouldUpdatePersistentStore(cc) && sync_to_store)
*6777b538SAndroid Build Coastguard Worker    store_->DeleteCookie(*cc);
*6777b538SAndroid Build Coastguard Worker
*6777b538SAndroid Build Coastguard Worker  change_dispatcher_.DispatchChange(
*6777b538SAndroid Build Coastguard Worker      CookieChangeInfo(
*6777b538SAndroid Build Coastguard Worker          *cc,
*6777b538SAndroid Build Coastguard Worker          CookieAccessResult(CookieEffectiveSameSite::UNDEFINED,
*6777b538SAndroid Build Coastguard Worker                             CookieInclusionStatus(),
*6777b538SAndroid Build Coastguard Worker                             GetAccessSemanticsForCookie(*cc),
*6777b538SAndroid Build Coastguard Worker                             true /* is_allowed_to_access_secure_cookies */),
*6777b538SAndroid Build Coastguard Worker          mapping.cause),
*6777b538SAndroid Build Coastguard Worker      mapping.notify);
*6777b538SAndroid Build Coastguard Worker
*6777b538SAndroid Build Coastguard Worker  size_t n_bytes = NameValueSizeBytes(*cc);
*6777b538SAndroid Build Coastguard Worker  num_partitioned_cookies_bytes_ -= n_bytes;
*6777b538SAndroid Build Coastguard Worker  bytes_per_cookie_partition_[*cc->PartitionKey()] -= n_bytes;
*6777b538SAndroid Build Coastguard Worker  if (CookiePartitionKey::HasNonce(cc->PartitionKey())) {
*6777b538SAndroid Build Coastguard Worker    num_nonced_partitioned_cookie_bytes_ -= n_bytes;
*6777b538SAndroid Build Coastguard Worker  }
*6777b538SAndroid Build Coastguard Worker
*6777b538SAndroid Build Coastguard Worker  DCHECK(partition_it->second->find(cookie_it->first) !=
*6777b538SAndroid Build Coastguard Worker         partition_it->second->end())
*6777b538SAndroid Build Coastguard Worker      << "Called erase with an iterator not in this partitioned cookie map";
*6777b538SAndroid Build Coastguard Worker  partition_it->second->erase(cookie_it);
*6777b538SAndroid Build Coastguard Worker  --num_partitioned_cookies_;
*6777b538SAndroid Build Coastguard Worker  if (partition_it->first.nonce()) {
*6777b538SAndroid Build Coastguard Worker    --num_nonced_partitioned_cookies_;
*6777b538SAndroid Build Coastguard Worker  }
*6777b538SAndroid Build Coastguard Worker  CHECK_GE(num_partitioned_cookies_, num_nonced_partitioned_cookies_);
*6777b538SAndroid Build Coastguard Worker
*6777b538SAndroid Build Coastguard Worker  if (partition_it->second->empty())
*6777b538SAndroid Build Coastguard Worker    partitioned_cookies_.erase(partition_it);
*6777b538SAndroid Build Coastguard Worker}
*6777b538SAndroid Build Coastguard Worker
*6777b538SAndroid Build Coastguard Worker// Domain expiry behavior is unchanged by key/expiry scheme (the
*6777b538SAndroid Build Coastguard Worker// meaning of the key is different, but that's not visible to this routine).
*6777b538SAndroid Build Coastguard Workersize_t CookieMonster::GarbageCollect(const Time& current,
*6777b538SAndroid Build Coastguard Worker                                     const std::string& key) {
*6777b538SAndroid Build Coastguard Worker  DCHECK_CALLED_ON_VALID_THREAD(thread_checker_);
*6777b538SAndroid Build Coastguard Worker
*6777b538SAndroid Build Coastguard Worker  size_t num_deleted = 0;
*6777b538SAndroid Build Coastguard Worker  const Time safe_date(Time::Now() - base::Days(kSafeFromGlobalPurgeDays));
*6777b538SAndroid Build Coastguard Worker
*6777b538SAndroid Build Coastguard Worker  const bool obc_behavior_enabled =
*6777b538SAndroid Build Coastguard Worker      cookie_util::IsOriginBoundCookiesPartiallyEnabled();
*6777b538SAndroid Build Coastguard Worker
*6777b538SAndroid Build Coastguard Worker  // Collect garbage for this key, minding cookie priorities.
*6777b538SAndroid Build Coastguard Worker  if (cookies_.count(key) > kDomainMaxCookies) {
*6777b538SAndroid Build Coastguard Worker    DVLOG(net::cookie_util::kVlogGarbageCollection)
*6777b538SAndroid Build Coastguard Worker        << "GarbageCollect() key: " << key;
*6777b538SAndroid Build Coastguard Worker
*6777b538SAndroid Build Coastguard Worker    CookieItVector* cookie_its;
*6777b538SAndroid Build Coastguard Worker
*6777b538SAndroid Build Coastguard Worker    CookieItVector non_expired_cookie_its;
*6777b538SAndroid Build Coastguard Worker    cookie_its = &non_expired_cookie_its;
*6777b538SAndroid Build Coastguard Worker    num_deleted +=
*6777b538SAndroid Build Coastguard Worker        GarbageCollectExpired(current, cookies_.equal_range(key), cookie_its);
*6777b538SAndroid Build Coastguard Worker
*6777b538SAndroid Build Coastguard Worker    if (cookie_its->size() > kDomainMaxCookies) {
*6777b538SAndroid Build Coastguard Worker      DVLOG(net::cookie_util::kVlogGarbageCollection)
*6777b538SAndroid Build Coastguard Worker          << "Deep Garbage Collect domain.";
*6777b538SAndroid Build Coastguard Worker
*6777b538SAndroid Build Coastguard Worker      if (domain_purged_keys_.size() < kMaxDomainPurgedKeys)
*6777b538SAndroid Build Coastguard Worker        domain_purged_keys_.insert(key);
*6777b538SAndroid Build Coastguard Worker
*6777b538SAndroid Build Coastguard Worker      size_t purge_goal =
*6777b538SAndroid Build Coastguard Worker          cookie_its->size() - (kDomainMaxCookies - kDomainPurgeCookies);
*6777b538SAndroid Build Coastguard Worker      DCHECK(purge_goal > kDomainPurgeCookies);
*6777b538SAndroid Build Coastguard Worker
*6777b538SAndroid Build Coastguard Worker      // Sort the cookies by access date, from least-recent to most-recent.
*6777b538SAndroid Build Coastguard Worker      std::sort(cookie_its->begin(), cookie_its->end(), LRACookieSorter);
*6777b538SAndroid Build Coastguard Worker
*6777b538SAndroid Build Coastguard Worker      CookieItList cookie_it_list;
*6777b538SAndroid Build Coastguard Worker      if (obc_behavior_enabled) {
*6777b538SAndroid Build Coastguard Worker        cookie_it_list = CookieItList(cookie_its->begin(), cookie_its->end());
*6777b538SAndroid Build Coastguard Worker      }
*6777b538SAndroid Build Coastguard Worker
*6777b538SAndroid Build Coastguard Worker      // Remove all but the kDomainCookiesQuotaLow most-recently accessed
*6777b538SAndroid Build Coastguard Worker      // cookies with low-priority. Then, if cookies still need to be removed,
*6777b538SAndroid Build Coastguard Worker      // bump the quota and remove low- and medium-priority. Then, if cookies
*6777b538SAndroid Build Coastguard Worker      // _still_ need to be removed, bump the quota and remove cookies with
*6777b538SAndroid Build Coastguard Worker      // any priority.
*6777b538SAndroid Build Coastguard Worker      //
*6777b538SAndroid Build Coastguard Worker      // 1.  Low-priority non-secure cookies.
*6777b538SAndroid Build Coastguard Worker      // 2.  Low-priority secure cookies.
*6777b538SAndroid Build Coastguard Worker      // 3.  Medium-priority non-secure cookies.
*6777b538SAndroid Build Coastguard Worker      // 4.  High-priority non-secure cookies.
*6777b538SAndroid Build Coastguard Worker      // 5.  Medium-priority secure cookies.
*6777b538SAndroid Build Coastguard Worker      // 6.  High-priority secure cookies.
*6777b538SAndroid Build Coastguard Worker      constexpr struct {
*6777b538SAndroid Build Coastguard Worker        CookiePriority priority;
*6777b538SAndroid Build Coastguard Worker        bool protect_secure_cookies;
*6777b538SAndroid Build Coastguard Worker      } kPurgeRounds[] = {
*6777b538SAndroid Build Coastguard Worker          // 1.  Low-priority non-secure cookies.
*6777b538SAndroid Build Coastguard Worker          {COOKIE_PRIORITY_LOW, true},
*6777b538SAndroid Build Coastguard Worker          // 2.  Low-priority secure cookies.
*6777b538SAndroid Build Coastguard Worker          {COOKIE_PRIORITY_LOW, false},
*6777b538SAndroid Build Coastguard Worker          // 3.  Medium-priority non-secure cookies.
*6777b538SAndroid Build Coastguard Worker          {COOKIE_PRIORITY_MEDIUM, true},
*6777b538SAndroid Build Coastguard Worker          // 4.  High-priority non-secure cookies.
*6777b538SAndroid Build Coastguard Worker          {COOKIE_PRIORITY_HIGH, true},
*6777b538SAndroid Build Coastguard Worker          // 5.  Medium-priority secure cookies.
*6777b538SAndroid Build Coastguard Worker          {COOKIE_PRIORITY_MEDIUM, false},
*6777b538SAndroid Build Coastguard Worker          // 6.  High-priority secure cookies.
*6777b538SAndroid Build Coastguard Worker          {COOKIE_PRIORITY_HIGH, false},
*6777b538SAndroid Build Coastguard Worker      };
*6777b538SAndroid Build Coastguard Worker
*6777b538SAndroid Build Coastguard Worker      size_t quota = 0;
*6777b538SAndroid Build Coastguard Worker      for (const auto& purge_round : kPurgeRounds) {
*6777b538SAndroid Build Coastguard Worker        // Adjust quota according to the priority of cookies. Each round should
*6777b538SAndroid Build Coastguard Worker        // protect certain number of cookies in order to avoid starvation.
*6777b538SAndroid Build Coastguard Worker        // For example, when each round starts to remove cookies, the number of
*6777b538SAndroid Build Coastguard Worker        // cookies of that priority are counted and a decision whether they
*6777b538SAndroid Build Coastguard Worker        // should be deleted or not is made. If yes, some number of cookies of
*6777b538SAndroid Build Coastguard Worker        // that priority are deleted considering the quota.
*6777b538SAndroid Build Coastguard Worker        switch (purge_round.priority) {
*6777b538SAndroid Build Coastguard Worker          case COOKIE_PRIORITY_LOW:
*6777b538SAndroid Build Coastguard Worker            quota = kDomainCookiesQuotaLow;
*6777b538SAndroid Build Coastguard Worker            break;
*6777b538SAndroid Build Coastguard Worker          case COOKIE_PRIORITY_MEDIUM:
*6777b538SAndroid Build Coastguard Worker            quota = kDomainCookiesQuotaMedium;
*6777b538SAndroid Build Coastguard Worker            break;
*6777b538SAndroid Build Coastguard Worker          case COOKIE_PRIORITY_HIGH:
*6777b538SAndroid Build Coastguard Worker            quota = kDomainCookiesQuotaHigh;
*6777b538SAndroid Build Coastguard Worker            break;
*6777b538SAndroid Build Coastguard Worker        }
*6777b538SAndroid Build Coastguard Worker        size_t just_deleted = 0u;
*6777b538SAndroid Build Coastguard Worker        // Purge up to |purge_goal| for all cookies at the given priority.  This
*6777b538SAndroid Build Coastguard Worker        // path will be taken only if the initial non-secure purge did not evict
*6777b538SAndroid Build Coastguard Worker        // enough cookies.
*6777b538SAndroid Build Coastguard Worker        if (purge_goal > 0) {
*6777b538SAndroid Build Coastguard Worker          if (obc_behavior_enabled) {
*6777b538SAndroid Build Coastguard Worker            just_deleted = PurgeLeastRecentMatchesForOBC(
*6777b538SAndroid Build Coastguard Worker                &cookie_it_list, purge_round.priority, quota, purge_goal,
*6777b538SAndroid Build Coastguard Worker                !purge_round.protect_secure_cookies);
*6777b538SAndroid Build Coastguard Worker          } else {
*6777b538SAndroid Build Coastguard Worker            just_deleted = PurgeLeastRecentMatches(
*6777b538SAndroid Build Coastguard Worker                cookie_its, purge_round.priority, quota, purge_goal,
*6777b538SAndroid Build Coastguard Worker                purge_round.protect_secure_cookies);
*6777b538SAndroid Build Coastguard Worker          }
*6777b538SAndroid Build Coastguard Worker          DCHECK_LE(just_deleted, purge_goal);
*6777b538SAndroid Build Coastguard Worker          purge_goal -= just_deleted;
*6777b538SAndroid Build Coastguard Worker          num_deleted += just_deleted;
*6777b538SAndroid Build Coastguard Worker        }
*6777b538SAndroid Build Coastguard Worker      }
*6777b538SAndroid Build Coastguard Worker
*6777b538SAndroid Build Coastguard Worker      DCHECK_EQ(0u, purge_goal);
*6777b538SAndroid Build Coastguard Worker    }
*6777b538SAndroid Build Coastguard Worker  }
*6777b538SAndroid Build Coastguard Worker
*6777b538SAndroid Build Coastguard Worker  // Collect garbage for everything. With firefox style we want to preserve
*6777b538SAndroid Build Coastguard Worker  // cookies accessed in kSafeFromGlobalPurgeDays, otherwise evict.
*6777b538SAndroid Build Coastguard Worker  if (cookies_.size() > kMaxCookies && earliest_access_time_ < safe_date) {
*6777b538SAndroid Build Coastguard Worker    DVLOG(net::cookie_util::kVlogGarbageCollection)
*6777b538SAndroid Build Coastguard Worker        << "GarbageCollect() everything";
*6777b538SAndroid Build Coastguard Worker    CookieItVector cookie_its;
*6777b538SAndroid Build Coastguard Worker
*6777b538SAndroid Build Coastguard Worker    num_deleted += GarbageCollectExpired(
*6777b538SAndroid Build Coastguard Worker        current, CookieMapItPair(cookies_.begin(), cookies_.end()),
*6777b538SAndroid Build Coastguard Worker        &cookie_its);
*6777b538SAndroid Build Coastguard Worker
*6777b538SAndroid Build Coastguard Worker    if (cookie_its.size() > kMaxCookies) {
*6777b538SAndroid Build Coastguard Worker      DVLOG(net::cookie_util::kVlogGarbageCollection)
*6777b538SAndroid Build Coastguard Worker          << "Deep Garbage Collect everything.";
*6777b538SAndroid Build Coastguard Worker      size_t purge_goal = cookie_its.size() - (kMaxCookies - kPurgeCookies);
*6777b538SAndroid Build Coastguard Worker      DCHECK(purge_goal > kPurgeCookies);
*6777b538SAndroid Build Coastguard Worker
*6777b538SAndroid Build Coastguard Worker      CookieItVector secure_cookie_its;
*6777b538SAndroid Build Coastguard Worker      CookieItVector non_secure_cookie_its;
*6777b538SAndroid Build Coastguard Worker      SplitCookieVectorIntoSecureAndNonSecure(cookie_its, &secure_cookie_its,
*6777b538SAndroid Build Coastguard Worker                                              &non_secure_cookie_its);
*6777b538SAndroid Build Coastguard Worker      size_t non_secure_purge_goal =
*6777b538SAndroid Build Coastguard Worker          std::min<size_t>(purge_goal, non_secure_cookie_its.size());
*6777b538SAndroid Build Coastguard Worker
*6777b538SAndroid Build Coastguard Worker      base::Time earliest_non_secure_access_time;
*6777b538SAndroid Build Coastguard Worker      size_t just_deleted = GarbageCollectLeastRecentlyAccessed(
*6777b538SAndroid Build Coastguard Worker          current, safe_date, non_secure_purge_goal, non_secure_cookie_its,
*6777b538SAndroid Build Coastguard Worker          &earliest_non_secure_access_time);
*6777b538SAndroid Build Coastguard Worker      num_deleted += just_deleted;
*6777b538SAndroid Build Coastguard Worker
*6777b538SAndroid Build Coastguard Worker      if (secure_cookie_its.size() == 0) {
*6777b538SAndroid Build Coastguard Worker        // This case is unlikely, but should still update
*6777b538SAndroid Build Coastguard Worker        // |earliest_access_time_| if only have non-secure cookies.
*6777b538SAndroid Build Coastguard Worker        earliest_access_time_ = earliest_non_secure_access_time;
*6777b538SAndroid Build Coastguard Worker        // Garbage collection can't delete all cookies.
*6777b538SAndroid Build Coastguard Worker        DCHECK(!earliest_access_time_.is_null());
*6777b538SAndroid Build Coastguard Worker      } else if (just_deleted < purge_goal) {
*6777b538SAndroid Build Coastguard Worker        size_t secure_purge_goal = std::min<size_t>(purge_goal - just_deleted,
*6777b538SAndroid Build Coastguard Worker                                                    secure_cookie_its.size());
*6777b538SAndroid Build Coastguard Worker        base::Time earliest_secure_access_time;
*6777b538SAndroid Build Coastguard Worker        num_deleted += GarbageCollectLeastRecentlyAccessed(
*6777b538SAndroid Build Coastguard Worker            current, safe_date, secure_purge_goal, secure_cookie_its,
*6777b538SAndroid Build Coastguard Worker            &earliest_secure_access_time);
*6777b538SAndroid Build Coastguard Worker
*6777b538SAndroid Build Coastguard Worker        if (!earliest_non_secure_access_time.is_null() &&
*6777b538SAndroid Build Coastguard Worker            earliest_non_secure_access_time < earliest_secure_access_time) {
*6777b538SAndroid Build Coastguard Worker          earliest_access_time_ = earliest_non_secure_access_time;
*6777b538SAndroid Build Coastguard Worker        } else {
*6777b538SAndroid Build Coastguard Worker          earliest_access_time_ = earliest_secure_access_time;
*6777b538SAndroid Build Coastguard Worker        }
*6777b538SAndroid Build Coastguard Worker
*6777b538SAndroid Build Coastguard Worker        // Garbage collection can't delete all cookies.
*6777b538SAndroid Build Coastguard Worker        DCHECK(!earliest_access_time_.is_null());
*6777b538SAndroid Build Coastguard Worker      }
*6777b538SAndroid Build Coastguard Worker
*6777b538SAndroid Build Coastguard Worker      // If there are secure cookies, but deleting non-secure cookies was enough
*6777b538SAndroid Build Coastguard Worker      // to meet the purge goal, secure cookies are never examined, so
*6777b538SAndroid Build Coastguard Worker      // |earliest_access_time_| can't be determined. Leaving it alone will mean
*6777b538SAndroid Build Coastguard Worker      // it's no later than the real earliest last access time, so this won't
*6777b538SAndroid Build Coastguard Worker      // lead to any problems.
*6777b538SAndroid Build Coastguard Worker    }
*6777b538SAndroid Build Coastguard Worker  }
*6777b538SAndroid Build Coastguard Worker
*6777b538SAndroid Build Coastguard Worker  return num_deleted;
*6777b538SAndroid Build Coastguard Worker}
*6777b538SAndroid Build Coastguard Worker
*6777b538SAndroid Build Coastguard Workersize_t CookieMonster::GarbageCollectPartitionedCookies(
*6777b538SAndroid Build Coastguard Worker    const base::Time& current,
*6777b538SAndroid Build Coastguard Worker    const CookiePartitionKey& cookie_partition_key,
*6777b538SAndroid Build Coastguard Worker    const std::string& key) {
*6777b538SAndroid Build Coastguard Worker  DCHECK_CALLED_ON_VALID_THREAD(thread_checker_);
*6777b538SAndroid Build Coastguard Worker
*6777b538SAndroid Build Coastguard Worker  size_t num_deleted = 0;
*6777b538SAndroid Build Coastguard Worker  PartitionedCookieMap::iterator cookie_partition_it =
*6777b538SAndroid Build Coastguard Worker      partitioned_cookies_.find(cookie_partition_key);
*6777b538SAndroid Build Coastguard Worker
*6777b538SAndroid Build Coastguard Worker  if (cookie_partition_it == partitioned_cookies_.end())
*6777b538SAndroid Build Coastguard Worker    return num_deleted;
*6777b538SAndroid Build Coastguard Worker
*6777b538SAndroid Build Coastguard Worker  if (NumBytesInCookieMapForKey(*cookie_partition_it->second.get(), key) >
*6777b538SAndroid Build Coastguard Worker          kPerPartitionDomainMaxCookieBytes ||
*6777b538SAndroid Build Coastguard Worker      cookie_partition_it->second->count(key) > kPerPartitionDomainMaxCookies) {
*6777b538SAndroid Build Coastguard Worker    // TODO(crbug.com/1225444): Log garbage collection for partitioned cookies.
*6777b538SAndroid Build Coastguard Worker
*6777b538SAndroid Build Coastguard Worker    CookieItVector non_expired_cookie_its;
*6777b538SAndroid Build Coastguard Worker    num_deleted += GarbageCollectExpiredPartitionedCookies(
*6777b538SAndroid Build Coastguard Worker        current, cookie_partition_it,
*6777b538SAndroid Build Coastguard Worker        cookie_partition_it->second->equal_range(key), &non_expired_cookie_its);
*6777b538SAndroid Build Coastguard Worker
*6777b538SAndroid Build Coastguard Worker    size_t bytes_used = NumBytesInCookieItVector(non_expired_cookie_its);
*6777b538SAndroid Build Coastguard Worker
*6777b538SAndroid Build Coastguard Worker    if (bytes_used > kPerPartitionDomainMaxCookieBytes ||
*6777b538SAndroid Build Coastguard Worker        non_expired_cookie_its.size() > kPerPartitionDomainMaxCookies) {
*6777b538SAndroid Build Coastguard Worker      // TODO(crbug.com/1225444): Log deep garbage collection for partitioned
*6777b538SAndroid Build Coastguard Worker      // cookies.
*6777b538SAndroid Build Coastguard Worker      std::sort(non_expired_cookie_its.begin(), non_expired_cookie_its.end(),
*6777b538SAndroid Build Coastguard Worker                LRACookieSorter);
*6777b538SAndroid Build Coastguard Worker
*6777b538SAndroid Build Coastguard Worker      for (size_t i = 0;
*6777b538SAndroid Build Coastguard Worker           bytes_used > kPerPartitionDomainMaxCookieBytes ||
*6777b538SAndroid Build Coastguard Worker           non_expired_cookie_its.size() - i > kPerPartitionDomainMaxCookies;
*6777b538SAndroid Build Coastguard Worker           ++i) {
*6777b538SAndroid Build Coastguard Worker        bytes_used -= NameValueSizeBytes(*non_expired_cookie_its[i]->second);
*6777b538SAndroid Build Coastguard Worker        InternalDeletePartitionedCookie(
*6777b538SAndroid Build Coastguard Worker            cookie_partition_it, non_expired_cookie_its[i], true,
*6777b538SAndroid Build Coastguard Worker            DELETE_COOKIE_EVICTED_PER_PARTITION_DOMAIN);
*6777b538SAndroid Build Coastguard Worker        ++num_deleted;
*6777b538SAndroid Build Coastguard Worker      }
*6777b538SAndroid Build Coastguard Worker    }
*6777b538SAndroid Build Coastguard Worker  }
*6777b538SAndroid Build Coastguard Worker
*6777b538SAndroid Build Coastguard Worker  // TODO(crbug.com/1225444): Enforce global limit on partitioned cookies.
*6777b538SAndroid Build Coastguard Worker
*6777b538SAndroid Build Coastguard Worker  return num_deleted;
*6777b538SAndroid Build Coastguard Worker}
*6777b538SAndroid Build Coastguard Worker
*6777b538SAndroid Build Coastguard Workersize_t CookieMonster::PurgeLeastRecentMatches(CookieItVector* cookies,
*6777b538SAndroid Build Coastguard Worker                                              CookiePriority priority,
*6777b538SAndroid Build Coastguard Worker                                              size_t to_protect,
*6777b538SAndroid Build Coastguard Worker                                              size_t purge_goal,
*6777b538SAndroid Build Coastguard Worker                                              bool protect_secure_cookies) {
*6777b538SAndroid Build Coastguard Worker  DCHECK_CALLED_ON_VALID_THREAD(thread_checker_);
*6777b538SAndroid Build Coastguard Worker
*6777b538SAndroid Build Coastguard Worker  // 1. Count number of the cookies at |priority|
*6777b538SAndroid Build Coastguard Worker  size_t cookies_count_possibly_to_be_deleted = CountCookiesForPossibleDeletion(
*6777b538SAndroid Build Coastguard Worker      priority, cookies, false /* count all cookies */);
*6777b538SAndroid Build Coastguard Worker
*6777b538SAndroid Build Coastguard Worker  // 2. If |cookies_count_possibly_to_be_deleted| at |priority| is less than or
*6777b538SAndroid Build Coastguard Worker  // equal |to_protect|, skip round in order to preserve the quota. This
*6777b538SAndroid Build Coastguard Worker  // involves secure and non-secure cookies at |priority|.
*6777b538SAndroid Build Coastguard Worker  if (cookies_count_possibly_to_be_deleted <= to_protect)
*6777b538SAndroid Build Coastguard Worker    return 0u;
*6777b538SAndroid Build Coastguard Worker
*6777b538SAndroid Build Coastguard Worker  // 3. Calculate number of secure cookies at |priority|
*6777b538SAndroid Build Coastguard Worker  // and number of cookies at |priority| that can possibly be deleted.
*6777b538SAndroid Build Coastguard Worker  // It is guaranteed we do not delete more than |purge_goal| even if
*6777b538SAndroid Build Coastguard Worker  // |cookies_count_possibly_to_be_deleted| is higher.
*6777b538SAndroid Build Coastguard Worker  size_t secure_cookies = 0u;
*6777b538SAndroid Build Coastguard Worker  if (protect_secure_cookies) {
*6777b538SAndroid Build Coastguard Worker    secure_cookies = CountCookiesForPossibleDeletion(
*6777b538SAndroid Build Coastguard Worker        priority, cookies, protect_secure_cookies /* count secure cookies */);
*6777b538SAndroid Build Coastguard Worker    cookies_count_possibly_to_be_deleted -=
*6777b538SAndroid Build Coastguard Worker        std::max(secure_cookies, to_protect);
*6777b538SAndroid Build Coastguard Worker  } else {
*6777b538SAndroid Build Coastguard Worker    cookies_count_possibly_to_be_deleted -= to_protect;
*6777b538SAndroid Build Coastguard Worker  }
*6777b538SAndroid Build Coastguard Worker
*6777b538SAndroid Build Coastguard Worker  size_t removed = 0u;
*6777b538SAndroid Build Coastguard Worker  size_t current = 0u;
*6777b538SAndroid Build Coastguard Worker  while ((removed < purge_goal && current < cookies->size()) &&
*6777b538SAndroid Build Coastguard Worker         cookies_count_possibly_to_be_deleted > 0) {
*6777b538SAndroid Build Coastguard Worker    const CanonicalCookie* current_cookie = cookies->at(current)->second.get();
*6777b538SAndroid Build Coastguard Worker    // Only delete the current cookie if the priority is equal to
*6777b538SAndroid Build Coastguard Worker    // the current level.
*6777b538SAndroid Build Coastguard Worker    if (IsCookieEligibleForEviction(priority, protect_secure_cookies,
*6777b538SAndroid Build Coastguard Worker                                    current_cookie)) {
*6777b538SAndroid Build Coastguard Worker      InternalDeleteCookie(cookies->at(current), true,
*6777b538SAndroid Build Coastguard Worker                           DELETE_COOKIE_EVICTED_DOMAIN);
*6777b538SAndroid Build Coastguard Worker      cookies->erase(cookies->begin() + current);
*6777b538SAndroid Build Coastguard Worker      removed++;
*6777b538SAndroid Build Coastguard Worker      cookies_count_possibly_to_be_deleted--;
*6777b538SAndroid Build Coastguard Worker    } else {
*6777b538SAndroid Build Coastguard Worker      current++;
*6777b538SAndroid Build Coastguard Worker    }
*6777b538SAndroid Build Coastguard Worker  }
*6777b538SAndroid Build Coastguard Worker  return removed;
*6777b538SAndroid Build Coastguard Worker}
*6777b538SAndroid Build Coastguard Worker
*6777b538SAndroid Build Coastguard Workersize_t CookieMonster::PurgeLeastRecentMatchesForOBC(
*6777b538SAndroid Build Coastguard Worker    CookieItList* cookies,
*6777b538SAndroid Build Coastguard Worker    CookiePriority priority,
*6777b538SAndroid Build Coastguard Worker    size_t to_protect,
*6777b538SAndroid Build Coastguard Worker    size_t purge_goal,
*6777b538SAndroid Build Coastguard Worker    bool delete_secure_cookies) {
*6777b538SAndroid Build Coastguard Worker  DCHECK_CALLED_ON_VALID_THREAD(thread_checker_);
*6777b538SAndroid Build Coastguard Worker
*6777b538SAndroid Build Coastguard Worker  // 1. Count number of the cookies at `priority`. Includes both secure and
*6777b538SAndroid Build Coastguard Worker  // non-secure cookies.
*6777b538SAndroid Build Coastguard Worker  DeletionCookieLists could_be_deleted;
*6777b538SAndroid Build Coastguard Worker  size_t total_could_be_deleted_for_priority =
*6777b538SAndroid Build Coastguard Worker      CountCookiesAndGenerateListsForPossibleDeletion(
*6777b538SAndroid Build Coastguard Worker          priority, could_be_deleted, cookies, delete_secure_cookies);
*6777b538SAndroid Build Coastguard Worker
*6777b538SAndroid Build Coastguard Worker  // 2. If we have fewer cookies at this priority than we intend to keep/protect
*6777b538SAndroid Build Coastguard Worker  // then just skip this round entirely.
*6777b538SAndroid Build Coastguard Worker  if (total_could_be_deleted_for_priority <= to_protect) {
*6777b538SAndroid Build Coastguard Worker    return 0u;
*6777b538SAndroid Build Coastguard Worker  }
*6777b538SAndroid Build Coastguard Worker
*6777b538SAndroid Build Coastguard Worker  // 3. Calculate the number of cookies that could be deleted for this round.
*6777b538SAndroid Build Coastguard Worker  // This number is the lesser of either: The number of cookies that exist at
*6777b538SAndroid Build Coastguard Worker  // this {priority, secureness} tuple, or the number of cookies at this
*6777b538SAndroid Build Coastguard Worker  // priority less the number to protect. We won't exceed the `purge_goal` even
*6777b538SAndroid Build Coastguard Worker  // if this resulting value is larger.
*6777b538SAndroid Build Coastguard Worker  size_t total_deletable = could_be_deleted.host_cookies.size() +
*6777b538SAndroid Build Coastguard Worker                           could_be_deleted.domain_cookies.size();
*6777b538SAndroid Build Coastguard Worker  size_t max_cookies_to_delete_this_round = std::min(
*6777b538SAndroid Build Coastguard Worker      total_deletable, total_could_be_deleted_for_priority - to_protect);
*6777b538SAndroid Build Coastguard Worker
*6777b538SAndroid Build Coastguard Worker  // 4. Remove domain cookies. As per "Origin-Bound Cookies" behavior, domain
*6777b538SAndroid Build Coastguard Worker  // cookies should always be deleted before host cookies.
*6777b538SAndroid Build Coastguard Worker  size_t removed = 0u;
*6777b538SAndroid Build Coastguard Worker  // At this point we have 3 layers of iterators to consider:
*6777b538SAndroid Build Coastguard Worker  // * The `could_be_deleted` list's iterator, which points to...
*6777b538SAndroid Build Coastguard Worker  // * The `cookies` list's iterator, which points to...
*6777b538SAndroid Build Coastguard Worker  // * The CookieMap's iterator which is used to delete the actual cookie from
*6777b538SAndroid Build Coastguard Worker  // the backend.
*6777b538SAndroid Build Coastguard Worker  // For each cookie deleted all three of these will need to erased, in a bottom
*6777b538SAndroid Build Coastguard Worker  // up approach.
*6777b538SAndroid Build Coastguard Worker  for (auto domain_list_it = could_be_deleted.domain_cookies.begin();
*6777b538SAndroid Build Coastguard Worker       domain_list_it != could_be_deleted.domain_cookies.end() &&
*6777b538SAndroid Build Coastguard Worker       removed < purge_goal && max_cookies_to_delete_this_round > 0;) {
*6777b538SAndroid Build Coastguard Worker    auto cookies_list_it = *domain_list_it;
*6777b538SAndroid Build Coastguard Worker    auto cookie_map_it = *cookies_list_it;
*6777b538SAndroid Build Coastguard Worker    // Delete from the cookie store.
*6777b538SAndroid Build Coastguard Worker    InternalDeleteCookie(cookie_map_it, /*sync_to_store=*/true,
*6777b538SAndroid Build Coastguard Worker                         DELETE_COOKIE_EVICTED_DOMAIN);
*6777b538SAndroid Build Coastguard Worker    // Delete from `cookies`.
*6777b538SAndroid Build Coastguard Worker    cookies->erase(cookies_list_it);
*6777b538SAndroid Build Coastguard Worker    // Delete from `could_be_deleted`.
*6777b538SAndroid Build Coastguard Worker    domain_list_it = could_be_deleted.domain_cookies.erase(domain_list_it);
*6777b538SAndroid Build Coastguard Worker
*6777b538SAndroid Build Coastguard Worker    max_cookies_to_delete_this_round--;
*6777b538SAndroid Build Coastguard Worker    removed++;
*6777b538SAndroid Build Coastguard Worker  }
*6777b538SAndroid Build Coastguard Worker
*6777b538SAndroid Build Coastguard Worker  // 5. Remove host cookies
*6777b538SAndroid Build Coastguard Worker  for (auto host_list_it = could_be_deleted.host_cookies.begin();
*6777b538SAndroid Build Coastguard Worker       host_list_it != could_be_deleted.host_cookies.end() &&
*6777b538SAndroid Build Coastguard Worker       removed < purge_goal && max_cookies_to_delete_this_round > 0;) {
*6777b538SAndroid Build Coastguard Worker    auto cookies_list_it = *host_list_it;
*6777b538SAndroid Build Coastguard Worker    auto cookie_map_it = *cookies_list_it;
*6777b538SAndroid Build Coastguard Worker    // Delete from the cookie store.
*6777b538SAndroid Build Coastguard Worker    InternalDeleteCookie(cookie_map_it, /*sync_to_store=*/true,
*6777b538SAndroid Build Coastguard Worker                         DELETE_COOKIE_EVICTED_DOMAIN);
*6777b538SAndroid Build Coastguard Worker    // Delete from `cookies`.
*6777b538SAndroid Build Coastguard Worker    cookies->erase(cookies_list_it);
*6777b538SAndroid Build Coastguard Worker    // Delete from `could_be_deleted`.
*6777b538SAndroid Build Coastguard Worker    host_list_it = could_be_deleted.host_cookies.erase(host_list_it);
*6777b538SAndroid Build Coastguard Worker
*6777b538SAndroid Build Coastguard Worker    max_cookies_to_delete_this_round--;
*6777b538SAndroid Build Coastguard Worker    removed++;
*6777b538SAndroid Build Coastguard Worker  }
*6777b538SAndroid Build Coastguard Worker  return removed;
*6777b538SAndroid Build Coastguard Worker}
*6777b538SAndroid Build Coastguard Worker
*6777b538SAndroid Build Coastguard Workersize_t CookieMonster::GarbageCollectExpired(const Time& current,
*6777b538SAndroid Build Coastguard Worker                                            const CookieMapItPair& itpair,
*6777b538SAndroid Build Coastguard Worker                                            CookieItVector* cookie_its) {
*6777b538SAndroid Build Coastguard Worker  DCHECK_CALLED_ON_VALID_THREAD(thread_checker_);
*6777b538SAndroid Build Coastguard Worker
*6777b538SAndroid Build Coastguard Worker  int num_deleted = 0;
*6777b538SAndroid Build Coastguard Worker  for (CookieMap::iterator it = itpair.first, end = itpair.second; it != end;) {
*6777b538SAndroid Build Coastguard Worker    auto curit = it;
*6777b538SAndroid Build Coastguard Worker    ++it;
*6777b538SAndroid Build Coastguard Worker
*6777b538SAndroid Build Coastguard Worker    if (curit->second->IsExpired(current)) {
*6777b538SAndroid Build Coastguard Worker      InternalDeleteCookie(curit, true, DELETE_COOKIE_EXPIRED);
*6777b538SAndroid Build Coastguard Worker      ++num_deleted;
*6777b538SAndroid Build Coastguard Worker    } else if (cookie_its) {
*6777b538SAndroid Build Coastguard Worker      cookie_its->push_back(curit);
*6777b538SAndroid Build Coastguard Worker    }
*6777b538SAndroid Build Coastguard Worker  }
*6777b538SAndroid Build Coastguard Worker
*6777b538SAndroid Build Coastguard Worker  return num_deleted;
*6777b538SAndroid Build Coastguard Worker}
*6777b538SAndroid Build Coastguard Worker
*6777b538SAndroid Build Coastguard Workersize_t CookieMonster::GarbageCollectExpiredPartitionedCookies(
*6777b538SAndroid Build Coastguard Worker    const Time& current,
*6777b538SAndroid Build Coastguard Worker    const PartitionedCookieMap::iterator& cookie_partition_it,
*6777b538SAndroid Build Coastguard Worker    const CookieMapItPair& itpair,
*6777b538SAndroid Build Coastguard Worker    CookieItVector* cookie_its) {
*6777b538SAndroid Build Coastguard Worker  DCHECK_CALLED_ON_VALID_THREAD(thread_checker_);
*6777b538SAndroid Build Coastguard Worker
*6777b538SAndroid Build Coastguard Worker  int num_deleted = 0;
*6777b538SAndroid Build Coastguard Worker  for (CookieMap::iterator it = itpair.first, end = itpair.second; it != end;) {
*6777b538SAndroid Build Coastguard Worker    auto curit = it;
*6777b538SAndroid Build Coastguard Worker    ++it;
*6777b538SAndroid Build Coastguard Worker
*6777b538SAndroid Build Coastguard Worker    if (curit->second->IsExpired(current)) {
*6777b538SAndroid Build Coastguard Worker      InternalDeletePartitionedCookie(cookie_partition_it, curit, true,
*6777b538SAndroid Build Coastguard Worker                                      DELETE_COOKIE_EXPIRED);
*6777b538SAndroid Build Coastguard Worker      ++num_deleted;
*6777b538SAndroid Build Coastguard Worker    } else if (cookie_its) {
*6777b538SAndroid Build Coastguard Worker      cookie_its->push_back(curit);
*6777b538SAndroid Build Coastguard Worker    }
*6777b538SAndroid Build Coastguard Worker  }
*6777b538SAndroid Build Coastguard Worker
*6777b538SAndroid Build Coastguard Worker  return num_deleted;
*6777b538SAndroid Build Coastguard Worker}
*6777b538SAndroid Build Coastguard Worker
*6777b538SAndroid Build Coastguard Workervoid CookieMonster::GarbageCollectAllExpiredPartitionedCookies(
*6777b538SAndroid Build Coastguard Worker    const Time& current) {
*6777b538SAndroid Build Coastguard Worker  DCHECK_CALLED_ON_VALID_THREAD(thread_checker_);
*6777b538SAndroid Build Coastguard Worker  for (auto it = partitioned_cookies_.begin();
*6777b538SAndroid Build Coastguard Worker       it != partitioned_cookies_.end();) {
*6777b538SAndroid Build Coastguard Worker    // GarbageCollectExpiredPartitionedCookies calls
*6777b538SAndroid Build Coastguard Worker    // InternalDeletePartitionedCookie which may invalidate
*6777b538SAndroid Build Coastguard Worker    // |cur_cookie_partition_it|.
*6777b538SAndroid Build Coastguard Worker    auto cur_cookie_partition_it = it;
*6777b538SAndroid Build Coastguard Worker    ++it;
*6777b538SAndroid Build Coastguard Worker    GarbageCollectExpiredPartitionedCookies(
*6777b538SAndroid Build Coastguard Worker        current, cur_cookie_partition_it,
*6777b538SAndroid Build Coastguard Worker        CookieMapItPair(cur_cookie_partition_it->second->begin(),
*6777b538SAndroid Build Coastguard Worker                        cur_cookie_partition_it->second->end()),
*6777b538SAndroid Build Coastguard Worker        nullptr /*cookie_its*/);
*6777b538SAndroid Build Coastguard Worker  }
*6777b538SAndroid Build Coastguard Worker}
*6777b538SAndroid Build Coastguard Worker
*6777b538SAndroid Build Coastguard Workersize_t CookieMonster::GarbageCollectDeleteRange(
*6777b538SAndroid Build Coastguard Worker    const Time& current,
*6777b538SAndroid Build Coastguard Worker    DeletionCause cause,
*6777b538SAndroid Build Coastguard Worker    CookieItVector::iterator it_begin,
*6777b538SAndroid Build Coastguard Worker    CookieItVector::iterator it_end) {
*6777b538SAndroid Build Coastguard Worker  DCHECK_CALLED_ON_VALID_THREAD(thread_checker_);
*6777b538SAndroid Build Coastguard Worker
*6777b538SAndroid Build Coastguard Worker  for (auto it = it_begin; it != it_end; it++) {
*6777b538SAndroid Build Coastguard Worker    InternalDeleteCookie((*it), true, cause);
*6777b538SAndroid Build Coastguard Worker  }
*6777b538SAndroid Build Coastguard Worker  return it_end - it_begin;
*6777b538SAndroid Build Coastguard Worker}
*6777b538SAndroid Build Coastguard Worker
*6777b538SAndroid Build Coastguard Workersize_t CookieMonster::GarbageCollectLeastRecentlyAccessed(
*6777b538SAndroid Build Coastguard Worker    const base::Time& current,
*6777b538SAndroid Build Coastguard Worker    const base::Time& safe_date,
*6777b538SAndroid Build Coastguard Worker    size_t purge_goal,
*6777b538SAndroid Build Coastguard Worker    CookieItVector cookie_its,
*6777b538SAndroid Build Coastguard Worker    base::Time* earliest_time) {
*6777b538SAndroid Build Coastguard Worker  DCHECK_LE(purge_goal, cookie_its.size());
*6777b538SAndroid Build Coastguard Worker  DCHECK_CALLED_ON_VALID_THREAD(thread_checker_);
*6777b538SAndroid Build Coastguard Worker
*6777b538SAndroid Build Coastguard Worker  // Sorts up to *and including* |cookie_its[purge_goal]| (if it exists), so
*6777b538SAndroid Build Coastguard Worker  // |earliest_time| will be properly assigned even if
*6777b538SAndroid Build Coastguard Worker  // |global_purge_it| == |cookie_its.begin() + purge_goal|.
*6777b538SAndroid Build Coastguard Worker  SortLeastRecentlyAccessed(
*6777b538SAndroid Build Coastguard Worker      cookie_its.begin(), cookie_its.end(),
*6777b538SAndroid Build Coastguard Worker      cookie_its.size() < purge_goal ? purge_goal + 1 : purge_goal);
*6777b538SAndroid Build Coastguard Worker  // Find boundary to cookies older than safe_date.
*6777b538SAndroid Build Coastguard Worker  auto global_purge_it = LowerBoundAccessDate(
*6777b538SAndroid Build Coastguard Worker      cookie_its.begin(), cookie_its.begin() + purge_goal, safe_date);
*6777b538SAndroid Build Coastguard Worker  // Only delete the old cookies and delete non-secure ones first.
*6777b538SAndroid Build Coastguard Worker  size_t num_deleted =
*6777b538SAndroid Build Coastguard Worker      GarbageCollectDeleteRange(current, DELETE_COOKIE_EVICTED_GLOBAL,
*6777b538SAndroid Build Coastguard Worker                                cookie_its.begin(), global_purge_it);
*6777b538SAndroid Build Coastguard Worker  if (global_purge_it != cookie_its.end())
*6777b538SAndroid Build Coastguard Worker    *earliest_time = (*global_purge_it)->second->LastAccessDate();
*6777b538SAndroid Build Coastguard Worker  return num_deleted;
*6777b538SAndroid Build Coastguard Worker}
*6777b538SAndroid Build Coastguard Worker
*6777b538SAndroid Build Coastguard Worker// A wrapper around registry_controlled_domains::GetDomainAndRegistry
*6777b538SAndroid Build Coastguard Worker// to make clear we're creating a key for our local map or for the persistent
*6777b538SAndroid Build Coastguard Worker// store's use. Here and in FindCookiesForRegistryControlledHost() are the only
*6777b538SAndroid Build Coastguard Worker// two places where we need to conditionalize based on key type.
*6777b538SAndroid Build Coastguard Worker//
*6777b538SAndroid Build Coastguard Worker// Note that this key algorithm explicitly ignores the scheme.  This is
*6777b538SAndroid Build Coastguard Worker// because when we're entering cookies into the map from the backing store,
*6777b538SAndroid Build Coastguard Worker// we in general won't have the scheme at that point.
*6777b538SAndroid Build Coastguard Worker// In practical terms, this means that file cookies will be stored
*6777b538SAndroid Build Coastguard Worker// in the map either by an empty string or by UNC name (and will be
*6777b538SAndroid Build Coastguard Worker// limited by kMaxCookiesPerHost), and extension cookies will be stored
*6777b538SAndroid Build Coastguard Worker// based on the single extension id, as the extension id won't have the
*6777b538SAndroid Build Coastguard Worker// form of a DNS host and hence GetKey() will return it unchanged.
*6777b538SAndroid Build Coastguard Worker//
*6777b538SAndroid Build Coastguard Worker// Arguably the right thing to do here is to make the key
*6777b538SAndroid Build Coastguard Worker// algorithm dependent on the scheme, and make sure that the scheme is
*6777b538SAndroid Build Coastguard Worker// available everywhere the key must be obtained (specfically at backing
*6777b538SAndroid Build Coastguard Worker// store load time).  This would require either changing the backing store
*6777b538SAndroid Build Coastguard Worker// database schema to include the scheme (far more trouble than it's worth), or
*6777b538SAndroid Build Coastguard Worker// separating out file cookies into their own CookieMonster instance and
*6777b538SAndroid Build Coastguard Worker// thus restricting each scheme to a single cookie monster (which might
*6777b538SAndroid Build Coastguard Worker// be worth it, but is still too much trouble to solve what is currently a
*6777b538SAndroid Build Coastguard Worker// non-problem).
*6777b538SAndroid Build Coastguard Worker//
*6777b538SAndroid Build Coastguard Worker// static
*6777b538SAndroid Build Coastguard Workerstd::string CookieMonster::GetKey(std::string_view domain) {
*6777b538SAndroid Build Coastguard Worker  std::string effective_domain(
*6777b538SAndroid Build Coastguard Worker      registry_controlled_domains::GetDomainAndRegistry(
*6777b538SAndroid Build Coastguard Worker          domain, registry_controlled_domains::INCLUDE_PRIVATE_REGISTRIES));
*6777b538SAndroid Build Coastguard Worker  if (effective_domain.empty())
*6777b538SAndroid Build Coastguard Worker    effective_domain = std::string(domain);
*6777b538SAndroid Build Coastguard Worker
*6777b538SAndroid Build Coastguard Worker  return cookie_util::CookieDomainAsHost(effective_domain);
*6777b538SAndroid Build Coastguard Worker}
*6777b538SAndroid Build Coastguard Worker
*6777b538SAndroid Build Coastguard Workerbool CookieMonster::HasCookieableScheme(const GURL& url) {
*6777b538SAndroid Build Coastguard Worker  DCHECK_CALLED_ON_VALID_THREAD(thread_checker_);
*6777b538SAndroid Build Coastguard Worker
*6777b538SAndroid Build Coastguard Worker  // Make sure the request is on a cookie-able url scheme.
*6777b538SAndroid Build Coastguard Worker  bool is_cookieable = base::ranges::any_of(
*6777b538SAndroid Build Coastguard Worker      cookieable_schemes_, [&url](const std::string& cookieable_scheme) {
*6777b538SAndroid Build Coastguard Worker        return url.SchemeIs(cookieable_scheme.c_str());
*6777b538SAndroid Build Coastguard Worker      });
*6777b538SAndroid Build Coastguard Worker
*6777b538SAndroid Build Coastguard Worker  if (!is_cookieable) {
*6777b538SAndroid Build Coastguard Worker    // The scheme didn't match any in our allowed list.
*6777b538SAndroid Build Coastguard Worker    DVLOG(net::cookie_util::kVlogPerCookieMonster)
*6777b538SAndroid Build Coastguard Worker        << "WARNING: Unsupported cookie scheme: " << url.scheme();
*6777b538SAndroid Build Coastguard Worker  }
*6777b538SAndroid Build Coastguard Worker  return is_cookieable;
*6777b538SAndroid Build Coastguard Worker}
*6777b538SAndroid Build Coastguard Worker
*6777b538SAndroid Build Coastguard WorkerCookieAccessSemantics CookieMonster::GetAccessSemanticsForCookie(
*6777b538SAndroid Build Coastguard Worker    const CanonicalCookie& cookie) const {
*6777b538SAndroid Build Coastguard Worker  if (cookie_access_delegate())
*6777b538SAndroid Build Coastguard Worker    return cookie_access_delegate()->GetAccessSemantics(cookie);
*6777b538SAndroid Build Coastguard Worker  return CookieAccessSemantics::UNKNOWN;
*6777b538SAndroid Build Coastguard Worker}
*6777b538SAndroid Build Coastguard Worker
*6777b538SAndroid Build Coastguard Worker// Test to see if stats should be recorded, and record them if so.
*6777b538SAndroid Build Coastguard Worker// The goal here is to get sampling for the average browser-hour of
*6777b538SAndroid Build Coastguard Worker// activity.  We won't take samples when the web isn't being surfed,
*6777b538SAndroid Build Coastguard Worker// and when the web is being surfed, we'll take samples about every
*6777b538SAndroid Build Coastguard Worker// kRecordStatisticsIntervalSeconds.
*6777b538SAndroid Build Coastguard Worker// last_statistic_record_time_ is initialized to Now() rather than null
*6777b538SAndroid Build Coastguard Worker// in the constructor so that we won't take statistics right after
*6777b538SAndroid Build Coastguard Worker// startup, to avoid bias from browsers that are started but not used.
*6777b538SAndroid Build Coastguard Workervoid CookieMonster::RecordPeriodicStats(const base::Time& current_time) {
*6777b538SAndroid Build Coastguard Worker  DCHECK_CALLED_ON_VALID_THREAD(thread_checker_);
*6777b538SAndroid Build Coastguard Worker
*6777b538SAndroid Build Coastguard Worker  const base::TimeDelta kRecordStatisticsIntervalTime(
*6777b538SAndroid Build Coastguard Worker      base::Seconds(kRecordStatisticsIntervalSeconds));
*6777b538SAndroid Build Coastguard Worker
*6777b538SAndroid Build Coastguard Worker  // If we've taken statistics recently, return.
*6777b538SAndroid Build Coastguard Worker  if (current_time - last_statistic_record_time_ <=
*6777b538SAndroid Build Coastguard Worker      kRecordStatisticsIntervalTime) {
*6777b538SAndroid Build Coastguard Worker    return;
*6777b538SAndroid Build Coastguard Worker  }
*6777b538SAndroid Build Coastguard Worker
*6777b538SAndroid Build Coastguard Worker  if (DoRecordPeriodicStats())
*6777b538SAndroid Build Coastguard Worker    last_statistic_record_time_ = current_time;
*6777b538SAndroid Build Coastguard Worker}
*6777b538SAndroid Build Coastguard Worker
*6777b538SAndroid Build Coastguard Workerbool CookieMonster::DoRecordPeriodicStats() {
*6777b538SAndroid Build Coastguard Worker  DCHECK_CALLED_ON_VALID_THREAD(thread_checker_);
*6777b538SAndroid Build Coastguard Worker
*6777b538SAndroid Build Coastguard Worker  SCOPED_UMA_HISTOGRAM_TIMER("Cookie.TimeToRecordPeriodicStats");
*6777b538SAndroid Build Coastguard Worker
*6777b538SAndroid Build Coastguard Worker  // These values are all bogus if we have only partially loaded the cookies.
*6777b538SAndroid Build Coastguard Worker  if (started_fetching_all_cookies_ && !finished_fetching_all_cookies_)
*6777b538SAndroid Build Coastguard Worker    return false;
*6777b538SAndroid Build Coastguard Worker
*6777b538SAndroid Build Coastguard Worker  base::UmaHistogramCounts100000("Cookie.Count2", cookies_.size());
*6777b538SAndroid Build Coastguard Worker
*6777b538SAndroid Build Coastguard Worker  if (cookie_access_delegate()) {
*6777b538SAndroid Build Coastguard Worker    std::vector<SchemefulSite> sites;
*6777b538SAndroid Build Coastguard Worker    for (const auto& entry : cookies_) {
*6777b538SAndroid Build Coastguard Worker      sites.emplace_back(
*6777b538SAndroid Build Coastguard Worker          GURL(base::StrCat({url::kHttpsScheme, "://", entry.first})));
*6777b538SAndroid Build Coastguard Worker    }
*6777b538SAndroid Build Coastguard Worker    for (const auto& [partition_key, cookie_map] : partitioned_cookies_) {
*6777b538SAndroid Build Coastguard Worker      for (const auto& [domain, unused_cookie] : *cookie_map) {
*6777b538SAndroid Build Coastguard Worker        sites.emplace_back(
*6777b538SAndroid Build Coastguard Worker            GURL(base::StrCat({url::kHttpsScheme, "://", domain})));
*6777b538SAndroid Build Coastguard Worker      }
*6777b538SAndroid Build Coastguard Worker    }
*6777b538SAndroid Build Coastguard Worker    std::optional<base::flat_map<SchemefulSite, FirstPartySetEntry>>
*6777b538SAndroid Build Coastguard Worker        maybe_sets = cookie_access_delegate()->FindFirstPartySetEntries(
*6777b538SAndroid Build Coastguard Worker            sites,
*6777b538SAndroid Build Coastguard Worker            base::BindOnce(&CookieMonster::RecordPeriodicFirstPartySetsStats,
*6777b538SAndroid Build Coastguard Worker                           weak_ptr_factory_.GetWeakPtr()));
*6777b538SAndroid Build Coastguard Worker    if (maybe_sets.has_value())
*6777b538SAndroid Build Coastguard Worker      RecordPeriodicFirstPartySetsStats(maybe_sets.value());
*6777b538SAndroid Build Coastguard Worker  }
*6777b538SAndroid Build Coastguard Worker
*6777b538SAndroid Build Coastguard Worker  // Can be up to kMaxCookies.
*6777b538SAndroid Build Coastguard Worker  UMA_HISTOGRAM_COUNTS_10000("Cookie.NumKeys", num_keys_);
*6777b538SAndroid Build Coastguard Worker
*6777b538SAndroid Build Coastguard Worker  std::map<std::string, size_t> n_same_site_none_cookies;
*6777b538SAndroid Build Coastguard Worker  size_t n_bytes = 0;
*6777b538SAndroid Build Coastguard Worker  std::map<std::string, size_t> n_bytes_per_key;
*6777b538SAndroid Build Coastguard Worker
*6777b538SAndroid Build Coastguard Worker  for (const auto& [host_key, host_cookie] : cookies_) {
*6777b538SAndroid Build Coastguard Worker    size_t cookie_n_bytes = NameValueSizeBytes(*host_cookie);
*6777b538SAndroid Build Coastguard Worker    n_bytes += cookie_n_bytes;
*6777b538SAndroid Build Coastguard Worker    n_bytes_per_key[host_key] += cookie_n_bytes;
*6777b538SAndroid Build Coastguard Worker
*6777b538SAndroid Build Coastguard Worker    if (!host_cookie || !host_cookie->IsEffectivelySameSiteNone())
*6777b538SAndroid Build Coastguard Worker      continue;
*6777b538SAndroid Build Coastguard Worker    n_same_site_none_cookies[host_key]++;
*6777b538SAndroid Build Coastguard Worker  }
*6777b538SAndroid Build Coastguard Worker
*6777b538SAndroid Build Coastguard Worker  size_t max_n_cookies = 0;
*6777b538SAndroid Build Coastguard Worker  for (const auto& entry : n_same_site_none_cookies) {
*6777b538SAndroid Build Coastguard Worker    max_n_cookies = std::max(max_n_cookies, entry.second);
*6777b538SAndroid Build Coastguard Worker  }
*6777b538SAndroid Build Coastguard Worker  size_t max_n_bytes = 0;
*6777b538SAndroid Build Coastguard Worker  for (const auto& entry : n_bytes_per_key) {
*6777b538SAndroid Build Coastguard Worker    max_n_bytes = std::max(max_n_bytes, entry.second);
*6777b538SAndroid Build Coastguard Worker  }
*6777b538SAndroid Build Coastguard Worker
*6777b538SAndroid Build Coastguard Worker  // Can be up to 180 cookies, the max per-domain.
*6777b538SAndroid Build Coastguard Worker  base::UmaHistogramCounts1000("Cookie.MaxSameSiteNoneCookiesPerKey",
*6777b538SAndroid Build Coastguard Worker                               max_n_cookies);
*6777b538SAndroid Build Coastguard Worker  base::UmaHistogramCounts100000("Cookie.CookieJarSize", n_bytes >> 10);
*6777b538SAndroid Build Coastguard Worker  base::UmaHistogramCounts100000(
*6777b538SAndroid Build Coastguard Worker      "Cookie.AvgCookieJarSizePerKey",
*6777b538SAndroid Build Coastguard Worker      (n_bytes >> 10) / std::max(num_keys_, static_cast<size_t>(1)));
*6777b538SAndroid Build Coastguard Worker  base::UmaHistogramCounts100000("Cookie.MaxCookieJarSizePerKey",
*6777b538SAndroid Build Coastguard Worker                                 max_n_bytes >> 10);
*6777b538SAndroid Build Coastguard Worker
*6777b538SAndroid Build Coastguard Worker  // Collect stats for partitioned cookies.
*6777b538SAndroid Build Coastguard Worker  base::UmaHistogramCounts1000("Cookie.PartitionCount",
*6777b538SAndroid Build Coastguard Worker                               partitioned_cookies_.size());
*6777b538SAndroid Build Coastguard Worker  base::UmaHistogramCounts100000("Cookie.PartitionedCookieCount",
*6777b538SAndroid Build Coastguard Worker                                 num_partitioned_cookies_);
*6777b538SAndroid Build Coastguard Worker  base::UmaHistogramCounts100000("Cookie.PartitionedCookieCount.Nonced",
*6777b538SAndroid Build Coastguard Worker                                 num_nonced_partitioned_cookies_);
*6777b538SAndroid Build Coastguard Worker  base::UmaHistogramCounts100000(
*6777b538SAndroid Build Coastguard Worker      "Cookie.PartitionedCookieCount.Unnonced",
*6777b538SAndroid Build Coastguard Worker      num_partitioned_cookies_ - num_nonced_partitioned_cookies_);
*6777b538SAndroid Build Coastguard Worker  base::UmaHistogramCounts100000("Cookie.PartitionedCookieJarSizeKibibytes",
*6777b538SAndroid Build Coastguard Worker                                 num_partitioned_cookies_bytes_ >> 10);
*6777b538SAndroid Build Coastguard Worker  base::UmaHistogramCounts100000(
*6777b538SAndroid Build Coastguard Worker      "Cookie.PartitionedCookieJarSizeKibibytes.Nonced",
*6777b538SAndroid Build Coastguard Worker      num_nonced_partitioned_cookie_bytes_ >> 10);
*6777b538SAndroid Build Coastguard Worker  base::UmaHistogramCounts100000(
*6777b538SAndroid Build Coastguard Worker      "Cookie.PartitionedCookieJarSizeKibibytes.Unnonced",
*6777b538SAndroid Build Coastguard Worker      (num_partitioned_cookies_bytes_ - num_nonced_partitioned_cookie_bytes_) >>
*6777b538SAndroid Build Coastguard Worker          10);
*6777b538SAndroid Build Coastguard Worker
*6777b538SAndroid Build Coastguard Worker  for (const auto& it : bytes_per_cookie_partition_) {
*6777b538SAndroid Build Coastguard Worker    base::UmaHistogramCounts100000("Cookie.CookiePartitionSizeKibibytes",
*6777b538SAndroid Build Coastguard Worker                                   it.second >> 10);
*6777b538SAndroid Build Coastguard Worker  }
*6777b538SAndroid Build Coastguard Worker
*6777b538SAndroid Build Coastguard Worker  return true;
*6777b538SAndroid Build Coastguard Worker}
*6777b538SAndroid Build Coastguard Worker
*6777b538SAndroid Build Coastguard Workervoid CookieMonster::RecordPeriodicFirstPartySetsStats(
*6777b538SAndroid Build Coastguard Worker    base::flat_map<SchemefulSite, FirstPartySetEntry> sets) const {
*6777b538SAndroid Build Coastguard Worker  base::flat_map<SchemefulSite, std::set<SchemefulSite>> grouped_by_owner;
*6777b538SAndroid Build Coastguard Worker  for (const auto& [site, entry] : sets) {
*6777b538SAndroid Build Coastguard Worker    grouped_by_owner[entry.primary()].insert(site);
*6777b538SAndroid Build Coastguard Worker  }
*6777b538SAndroid Build Coastguard Worker  for (const auto& set : grouped_by_owner) {
*6777b538SAndroid Build Coastguard Worker    int sample = std::accumulate(
*6777b538SAndroid Build Coastguard Worker        set.second.begin(), set.second.end(), 0,
*6777b538SAndroid Build Coastguard Worker        [this](int acc, const net::SchemefulSite& site) -> int {
*6777b538SAndroid Build Coastguard Worker          DCHECK_CALLED_ON_VALID_THREAD(thread_checker_);
*6777b538SAndroid Build Coastguard Worker          if (!site.has_registrable_domain_or_host())
*6777b538SAndroid Build Coastguard Worker            return acc;
*6777b538SAndroid Build Coastguard Worker          return acc + cookies_.count(GetKey(site.GetURL().host()));
*6777b538SAndroid Build Coastguard Worker        });
*6777b538SAndroid Build Coastguard Worker    base::UmaHistogramCustomCounts("Cookie.PerFirstPartySetCount", sample, 0,
*6777b538SAndroid Build Coastguard Worker                                   4000, 50);
*6777b538SAndroid Build Coastguard Worker  }
*6777b538SAndroid Build Coastguard Worker}
*6777b538SAndroid Build Coastguard Worker
*6777b538SAndroid Build Coastguard Workervoid CookieMonster::DoCookieCallback(base::OnceClosure callback) {
*6777b538SAndroid Build Coastguard Worker  DCHECK_CALLED_ON_VALID_THREAD(thread_checker_);
*6777b538SAndroid Build Coastguard Worker
*6777b538SAndroid Build Coastguard Worker  MarkCookieStoreAsInitialized();
*6777b538SAndroid Build Coastguard Worker  FetchAllCookiesIfNecessary();
*6777b538SAndroid Build Coastguard Worker  seen_global_task_ = true;
*6777b538SAndroid Build Coastguard Worker
*6777b538SAndroid Build Coastguard Worker  if (!finished_fetching_all_cookies_ && store_.get()) {
*6777b538SAndroid Build Coastguard Worker    tasks_pending_.push_back(std::move(callback));
*6777b538SAndroid Build Coastguard Worker    return;
*6777b538SAndroid Build Coastguard Worker  }
*6777b538SAndroid Build Coastguard Worker
*6777b538SAndroid Build Coastguard Worker  std::move(callback).Run();
*6777b538SAndroid Build Coastguard Worker}
*6777b538SAndroid Build Coastguard Worker
*6777b538SAndroid Build Coastguard Workervoid CookieMonster::DoCookieCallbackForURL(base::OnceClosure callback,
*6777b538SAndroid Build Coastguard Worker                                           const GURL& url) {
*6777b538SAndroid Build Coastguard Worker  DoCookieCallbackForHostOrDomain(std::move(callback), url.host_piece());
*6777b538SAndroid Build Coastguard Worker}
*6777b538SAndroid Build Coastguard Worker
*6777b538SAndroid Build Coastguard Workervoid CookieMonster::DoCookieCallbackForHostOrDomain(
*6777b538SAndroid Build Coastguard Worker    base::OnceClosure callback,
*6777b538SAndroid Build Coastguard Worker    std::string_view host_or_domain) {
*6777b538SAndroid Build Coastguard Worker  DCHECK_CALLED_ON_VALID_THREAD(thread_checker_);
*6777b538SAndroid Build Coastguard Worker  MarkCookieStoreAsInitialized();
*6777b538SAndroid Build Coastguard Worker  FetchAllCookiesIfNecessary();
*6777b538SAndroid Build Coastguard Worker
*6777b538SAndroid Build Coastguard Worker  // If cookies for the requested domain key (eTLD+1) have been loaded from DB
*6777b538SAndroid Build Coastguard Worker  // then run the task, otherwise load from DB.
*6777b538SAndroid Build Coastguard Worker  if (!finished_fetching_all_cookies_ && store_.get()) {
*6777b538SAndroid Build Coastguard Worker    // If a global task has been previously seen, queue the task as a global
*6777b538SAndroid Build Coastguard Worker    // task. Note that the CookieMonster may be in the middle of executing
*6777b538SAndroid Build Coastguard Worker    // the global queue, |tasks_pending_| may be empty, which is why another
*6777b538SAndroid Build Coastguard Worker    // bool is needed.
*6777b538SAndroid Build Coastguard Worker    if (seen_global_task_) {
*6777b538SAndroid Build Coastguard Worker      tasks_pending_.push_back(std::move(callback));
*6777b538SAndroid Build Coastguard Worker      return;
*6777b538SAndroid Build Coastguard Worker    }
*6777b538SAndroid Build Coastguard Worker
*6777b538SAndroid Build Coastguard Worker    // Checks if the domain key has been loaded.
*6777b538SAndroid Build Coastguard Worker    std::string key = GetKey(host_or_domain);
*6777b538SAndroid Build Coastguard Worker    if (keys_loaded_.find(key) == keys_loaded_.end()) {
*6777b538SAndroid Build Coastguard Worker      auto it = tasks_pending_for_key_.find(key);
*6777b538SAndroid Build Coastguard Worker      if (it == tasks_pending_for_key_.end()) {
*6777b538SAndroid Build Coastguard Worker        store_->LoadCookiesForKey(
*6777b538SAndroid Build Coastguard Worker            key, base::BindOnce(&CookieMonster::OnKeyLoaded,
*6777b538SAndroid Build Coastguard Worker                                weak_ptr_factory_.GetWeakPtr(), key));
*6777b538SAndroid Build Coastguard Worker        it = tasks_pending_for_key_
*6777b538SAndroid Build Coastguard Worker                 .emplace(key, base::circular_deque<base::OnceClosure>())
*6777b538SAndroid Build Coastguard Worker                 .first;
*6777b538SAndroid Build Coastguard Worker      }
*6777b538SAndroid Build Coastguard Worker      it->second.push_back(std::move(callback));
*6777b538SAndroid Build Coastguard Worker      return;
*6777b538SAndroid Build Coastguard Worker    }
*6777b538SAndroid Build Coastguard Worker  }
*6777b538SAndroid Build Coastguard Worker
*6777b538SAndroid Build Coastguard Worker  std::move(callback).Run();
*6777b538SAndroid Build Coastguard Worker}
*6777b538SAndroid Build Coastguard Worker
*6777b538SAndroid Build Coastguard WorkerCookieMonster::CookieSentToSamePort
*6777b538SAndroid Build Coastguard WorkerCookieMonster::IsCookieSentToSamePortThatSetIt(
*6777b538SAndroid Build Coastguard Worker    const GURL& destination,
*6777b538SAndroid Build Coastguard Worker    int source_port,
*6777b538SAndroid Build Coastguard Worker    CookieSourceScheme source_scheme) {
*6777b538SAndroid Build Coastguard Worker  if (source_port == url::PORT_UNSPECIFIED)
*6777b538SAndroid Build Coastguard Worker    return CookieSentToSamePort::kSourcePortUnspecified;
*6777b538SAndroid Build Coastguard Worker
*6777b538SAndroid Build Coastguard Worker  if (source_port == url::PORT_INVALID)
*6777b538SAndroid Build Coastguard Worker    return CookieSentToSamePort::kInvalid;
*6777b538SAndroid Build Coastguard Worker
*6777b538SAndroid Build Coastguard Worker  int destination_port = destination.EffectiveIntPort();
*6777b538SAndroid Build Coastguard Worker  if (source_port == destination_port)
*6777b538SAndroid Build Coastguard Worker    return CookieSentToSamePort::kYes;
*6777b538SAndroid Build Coastguard Worker
*6777b538SAndroid Build Coastguard Worker  const std::string& destination_scheme = destination.scheme();
*6777b538SAndroid Build Coastguard Worker  bool destination_port_is_default =
*6777b538SAndroid Build Coastguard Worker      url::DefaultPortForScheme(destination_scheme.c_str(),
*6777b538SAndroid Build Coastguard Worker                                destination_scheme.length()) ==
*6777b538SAndroid Build Coastguard Worker      destination_port;
*6777b538SAndroid Build Coastguard Worker
*6777b538SAndroid Build Coastguard Worker  // Since the source port has to be specified if we got to this point, that
*6777b538SAndroid Build Coastguard Worker  // means this is a newer cookie that therefore has its scheme set as well.
*6777b538SAndroid Build Coastguard Worker  DCHECK(source_scheme != CookieSourceScheme::kUnset);
*6777b538SAndroid Build Coastguard Worker  std::string source_scheme_string =
*6777b538SAndroid Build Coastguard Worker      source_scheme == CookieSourceScheme::kSecure
*6777b538SAndroid Build Coastguard Worker          ? url::kHttpsScheme
*6777b538SAndroid Build Coastguard Worker          : url::kHttpScheme;  // wss/ws have the same default port values as
*6777b538SAndroid Build Coastguard Worker                               // https/http, so it's ok that we use these.
*6777b538SAndroid Build Coastguard Worker
*6777b538SAndroid Build Coastguard Worker  bool source_port_is_default =
*6777b538SAndroid Build Coastguard Worker      url::DefaultPortForScheme(source_scheme_string.c_str(),
*6777b538SAndroid Build Coastguard Worker                                source_scheme_string.length()) == source_port;
*6777b538SAndroid Build Coastguard Worker
*6777b538SAndroid Build Coastguard Worker  if (destination_port_is_default && source_port_is_default)
*6777b538SAndroid Build Coastguard Worker    return CookieSentToSamePort::kNoButDefault;
*6777b538SAndroid Build Coastguard Worker
*6777b538SAndroid Build Coastguard Worker  return CookieSentToSamePort::kNo;
*6777b538SAndroid Build Coastguard Worker}
*6777b538SAndroid Build Coastguard Worker
*6777b538SAndroid Build Coastguard Workerstd::optional<bool> CookieMonster::SiteHasCookieInOtherPartition(
*6777b538SAndroid Build Coastguard Worker    const net::SchemefulSite& site,
*6777b538SAndroid Build Coastguard Worker    const std::optional<CookiePartitionKey>& partition_key) const {
*6777b538SAndroid Build Coastguard Worker  DCHECK_CALLED_ON_VALID_THREAD(thread_checker_);
*6777b538SAndroid Build Coastguard Worker  // If the partition key is null, it implies the partitioned cookies feature is
*6777b538SAndroid Build Coastguard Worker  // not enabled.
*6777b538SAndroid Build Coastguard Worker  if (!partition_key)
*6777b538SAndroid Build Coastguard Worker    return std::nullopt;
*6777b538SAndroid Build Coastguard Worker
*6777b538SAndroid Build Coastguard Worker  std::string domain = site.GetURL().host();
*6777b538SAndroid Build Coastguard Worker  if (store_ && !finished_fetching_all_cookies_ &&
*6777b538SAndroid Build Coastguard Worker      !keys_loaded_.count(domain)) {
*6777b538SAndroid Build Coastguard Worker    return std::nullopt;
*6777b538SAndroid Build Coastguard Worker  }
*6777b538SAndroid Build Coastguard Worker
*6777b538SAndroid Build Coastguard Worker  for (const auto& it : partitioned_cookies_) {
*6777b538SAndroid Build Coastguard Worker    if (it.first == partition_key || CookiePartitionKey::HasNonce(it.first))
*6777b538SAndroid Build Coastguard Worker      continue;
*6777b538SAndroid Build Coastguard Worker    if (it.second->find(domain) != it.second->end()) {
*6777b538SAndroid Build Coastguard Worker      return true;
*6777b538SAndroid Build Coastguard Worker    }
*6777b538SAndroid Build Coastguard Worker  }
*6777b538SAndroid Build Coastguard Worker  return false;
*6777b538SAndroid Build Coastguard Worker}
*6777b538SAndroid Build Coastguard Worker
*6777b538SAndroid Build Coastguard Worker}  // namespace net