1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
|
// Copyright 2022 The Chromium Authors
// Use of this source code is governed by a BSD-style license that can be
// found in the LICENSE file.
#ifndef NET_COOKIES_COOKIE_SETTING_OVERRIDE_H_
#define NET_COOKIES_COOKIE_SETTING_OVERRIDE_H_
#include "base/containers/enum_set.h"
namespace net {
// An enum of possible overrides for cookie setting checks.
// Use CookieSettingOverrides below for specifying any number of overrides
// together. The notion of no overrides is conveyable via an empty set.
enum class CookieSettingOverride {
kMinValue = 0,
// When specified, third-party cookies may be allowed based on existence of
// TopLevelStorageAccess grants.
kTopLevelStorageAccessGrantEligible = kMinValue,
// When present, the caller may use an existing Storage Access API grant (if
// a matching grant exists) to access third-party cookies. This "opt-in"
// signal is from script execution, i.e. `document.requestStorageAccess()`.
kStorageAccessGrantEligible = 1,
// Allows TPCD mitigations to be skipped when checking if third party cookies
// are allowed, meaning cookies will be blocked despite the presence of any of
// these grants/heuristics.
kSkipTPCDHeuristicsGrant = 2,
kSkipTPCDMetadataGrant = 3,
// Corresponds to skipping checks on the TPCD_TRIAL content setting, which
// backs 3PC accesses granted via 3PC deprecation trial.
kSkipTPCDTrial = 4,
// Corresponds to skipping checks on the TOP_LEVEL_TPCD_TRIAL content setting,
// which backs 3PC accesses granted via top-level 3PC deprecation trial.
kSkipTopLevelTPCDTrial = 5,
// When specified, third party cookies should be forced disabled.
// Other cookie exceptions like the storage access API could result in
// third party cookies still being used when this is forced disabled. This
// override takes precedence over `kForceEnableThirdPartyCookies`.
kForceDisableThirdPartyCookies = 6,
// When present, the caller may use an existing Storage Access API grant to
// access third-party cookies. Note that some integrations which have more
// stringent requirements, such as the FedCM/SAA integration (which requires
// the `identity-credentials-get` policy), are not in scope for this variant.
kStorageAccessGrantEligibleViaHeader = 7,
// When present, third-party cookies may be allowed through mitigations.
kForceEnableThirdPartyCookieMitigations = 8,
// When present, the context is sandboxed in a frame that is same-site
// with the top-level up its entire ancestor chain. SameSite=None
// cookies should be included in same-site requests from sandboxed contexts
// that have the 'allow-same-site-none-cookies' value.
kAllowSameSiteNoneCookiesInSandbox = 9,
// When specified, third-party cookies should behave as they would when no
// setting or OT exists to restrict them. This override is secondary to
// `kForceDisableThirdPartyCookies` and will not have any effect if both
// exist.
kForceEnableThirdPartyCookies = 10,
kMaxValue = kForceEnableThirdPartyCookies,
};
using CookieSettingOverrides = base::EnumSet<CookieSettingOverride,
CookieSettingOverride::kMinValue,
CookieSettingOverride::kMaxValue>;
} // namespace net
#endif // NET_COOKIES_COOKIE_SETTING_OVERRIDE_H_
|
