@MediumTest
@Feature({"AndroidWebView", "Privacy"})
public void testThirdPartyCookie() throws Throwable {
TestWebServer webServer = null;
try {
// In theory we need two servers to test this, one server ('the first party')
// which returns a response with a link to a second server ('the third party')
// at different origin. This second server attempts to set a cookie which should
// fail if AcceptThirdPartyCookie() is false.
// Strictly according to the letter of RFC6454 it should be possible to set this
// situation up with two TestServers on different ports (these count as having
// different origins) but Chrome is not strict about this and does not check the
// port. Instead we cheat making some of the urls come from localhost and some
// from 127.0.0.1 which count (both in theory and pratice) as having different
// origins.
webServer = new TestWebServer(false);
// Turn global allow on.
mCookieManager.setAcceptCookie(true);
assertTrue(mCookieManager.acceptCookie());
// When third party cookies are disabled...
mAwContents.getSettings().setAcceptThirdPartyCookies(false);
assertFalse(mAwContents.getSettings().getAcceptThirdPartyCookies());
// ...we can't set third party cookies.
// First on the third party server we create a url which tries to set a cookie.
String cookieUrl =
toThirdPartyUrl(makeCookieUrl(webServer, "/cookie_1.js", "test1", "value1"));
// Then we create a url on the first party server which links to the first url.
String url = makeScriptLinkUrl(webServer, "/content_1.html", cookieUrl);
loadUrlSync(mAwContents, mContentsClient.getOnPageFinishedHelper(), url);
assertNull(mCookieManager.getCookie(cookieUrl));
// When third party cookies are enabled...
mAwContents.getSettings().setAcceptThirdPartyCookies(true);
assertTrue(mAwContents.getSettings().getAcceptThirdPartyCookies());
// ...we can set third party cookies.
cookieUrl = toThirdPartyUrl(makeCookieUrl(webServer, "/cookie_2.js", "test2", "value2"));
url = makeScriptLinkUrl(webServer, "/content_2.html", cookieUrl);
loadUrlSync(mAwContents, mContentsClient.getOnPageFinishedHelper(), url);
waitForCookie(cookieUrl);
String cookie = mCookieManager.getCookie(cookieUrl);
assertNotNull(cookie);
validateCookies(cookie, "test2");
} finally {
if (webServer != null) webServer.shutdown();
}
}
private boolean fileURLCanSetCookie(String suffix) throws Throwable {
String value = "value" + suffix;
String url = "file:///android_asset/cookie_test.html?value=" + value;
loadUrlSync(mAwContents, mContentsClient.getOnPageFinishedHelper(), url);
String cookie = mCookieManager.getCookie(url);
return cookie != null && cookie.contains("test=" + value);
}
@MediumTest
@Feature({"AndroidWebView", "Privacy"})
public void testRemoveSessionCookiesNullCallback() throws Throwable {
final String url = "http://www.example.com";
final String sessionCookie = "cookie1=peter";
final String normalCookie = "cookie2=sue";
mCookieManager.setCookie(url, sessionCookie);
mCookieManager.setCookie(url, makeExpiringCookie(normalCookie, 600));
String allCookies = mCookieManager.getCookie(url);
assertTrue(allCookies.contains(sessionCookie));
assertTrue(allCookies.contains(normalCookie));
mCookieManager.removeSessionCookies(null);
// Eventually the session cookie is removed.
poll(
new Callable<Boolean>() {
@Override
public Boolean call() throws Exception {
String c = mCookieManager.getCookie(url);
return !c.contains(sessionCookie) && c.contains(normalCookie);
}
});
}
@MediumTest
@Feature({"AndroidWebView", "Privacy"})
public void testRemoveSessionCookiesCallback() throws Throwable {
final String url = "http://www.example.com";
final String sessionCookie = "cookie1=peter";
final String normalCookie = "cookie2=sue";
TestValueCallback<Boolean> callback = new TestValueCallback<Boolean>();
int callCount = callback.getOnReceiveValueHelper().getCallCount();
mCookieManager.setCookie(url, sessionCookie);
mCookieManager.setCookie(url, makeExpiringCookie(normalCookie, 600));
// When there is a session cookie then it is removed.
removeSessionCookiesOnUiThread(callback);
callback.getOnReceiveValueHelper().waitForCallback(callCount);
assertTrue(callback.getValue());
String allCookies = mCookieManager.getCookie(url);
assertTrue(!allCookies.contains(sessionCookie));
assertTrue(allCookies.contains(normalCookie));
callCount = callback.getOnReceiveValueHelper().getCallCount();
// If there are no session cookies then none are removed.
removeSessionCookiesOnUiThread(callback);
callback.getOnReceiveValueHelper().waitForCallback(callCount);
assertFalse(callback.getValue());
}
@MediumTest
@Feature({"AndroidWebView", "Privacy"})
public void testAcceptCookie() throws Throwable {
TestWebServer webServer = null;
try {
webServer = new TestWebServer(false);
String path = "/cookie_test.html";
String responseStr = "<html><head><title>TEST!</title></head><body>HELLO!</body></html>";
String url = webServer.setResponse(path, responseStr, null);
mCookieManager.setAcceptCookie(false);
assertFalse(mCookieManager.acceptCookie());
loadUrlSync(mAwContents, mContentsClient.getOnPageFinishedHelper(), url);
setCookieWithJavaScript("test1", "value1");
assertNull(mCookieManager.getCookie(url));
List<Pair<String, String>> responseHeaders = new ArrayList<Pair<String, String>>();
responseHeaders.add(Pair.create("Set-Cookie", "header-test1=header-value1; path=" + path));
url = webServer.setResponse(path, responseStr, responseHeaders);
loadUrlSync(mAwContents, mContentsClient.getOnPageFinishedHelper(), url);
assertNull(mCookieManager.getCookie(url));
mCookieManager.setAcceptCookie(true);
assertTrue(mCookieManager.acceptCookie());
url = webServer.setResponse(path, responseStr, null);
loadUrlSync(mAwContents, mContentsClient.getOnPageFinishedHelper(), url);
setCookieWithJavaScript("test2", "value2");
waitForCookie(url);
String cookie = mCookieManager.getCookie(url);
assertNotNull(cookie);
validateCookies(cookie, "test2");
responseHeaders = new ArrayList<Pair<String, String>>();
responseHeaders.add(Pair.create("Set-Cookie", "header-test2=header-value2 path=" + path));
url = webServer.setResponse(path, responseStr, responseHeaders);
loadUrlSync(mAwContents, mContentsClient.getOnPageFinishedHelper(), url);
waitForCookie(url);
cookie = mCookieManager.getCookie(url);
assertNotNull(cookie);
validateCookies(cookie, "test2", "header-test2");
} finally {
if (webServer != null) webServer.shutdown();
}
}
@MediumTest
@Feature({"AndroidWebView", "Privacy"})
public void testSetCookie() throws Throwable {
String url = "http://www.example.com";
String cookie = "name=test";
mCookieManager.setCookie(url, cookie);
assertEquals(cookie, mCookieManager.getCookie(url));
}
@MediumTest
@Feature({"AndroidWebView", "Privacy"})
public void testExpiredCookiesAreNotSet() throws Exception {
final String url = "http://www.example.com";
final String cookie = "cookie1=peter";
mCookieManager.setCookie(url, makeExpiringCookie(cookie, -1));
assertNull(mCookieManager.getCookie(url));
}
@MediumTest
@Feature({"AndroidWebView", "Privacy"})
public void testCookieExpiration() throws Exception {
final String url = "http://www.example.com";
final String sessionCookie = "cookie1=peter";
final String longCookie = "cookie2=marc";
mCookieManager.setCookie(url, sessionCookie);
mCookieManager.setCookie(url, makeExpiringCookie(longCookie, 600));
String allCookies = mCookieManager.getCookie(url);
assertTrue(allCookies.contains(sessionCookie));
assertTrue(allCookies.contains(longCookie));
// Removing expired cookies doesn't have an observable effect but since people will still
// be calling it for a while it shouldn't break anything either.
mCookieManager.removeExpiredCookies();
allCookies = mCookieManager.getCookie(url);
assertTrue(allCookies.contains(sessionCookie));
assertTrue(allCookies.contains(longCookie));
}
@MediumTest
@Feature({"AndroidWebView", "Privacy"})
public void testSetCookieCallback() throws Throwable {
final String url = "http://www.example.com";
final String cookie = "name=test";
final String brokenUrl = "foo";
final TestValueCallback<Boolean> callback = new TestValueCallback<Boolean>();
int callCount = callback.getOnReceiveValueHelper().getCallCount();
setCookieOnUiThread(url, cookie, callback);
callback.getOnReceiveValueHelper().waitForCallback(callCount);
assertTrue(callback.getValue());
assertEquals(cookie, mCookieManager.getCookie(url));
callCount = callback.getOnReceiveValueHelper().getCallCount();
setCookieOnUiThread(brokenUrl, cookie, callback);
callback.getOnReceiveValueHelper().waitForCallback(callCount);
assertFalse(callback.getValue());
assertEquals(null, mCookieManager.getCookie(brokenUrl));
}
@MediumTest
@Feature({"AndroidWebView", "Privacy"})
public void testRemoveSessionCookies() throws Exception {
final String url = "http://www.example.com";
final String sessionCookie = "cookie1=peter";
final String normalCookie = "cookie2=sue";
mCookieManager.setCookie(url, sessionCookie);
mCookieManager.setCookie(url, makeExpiringCookie(normalCookie, 600));
mCookieManager.removeSessionCookies();
String allCookies = mCookieManager.getCookie(url);
assertFalse(allCookies.contains(sessionCookie));
assertTrue(allCookies.contains(normalCookie));
}