[rSAFor] Require CORS for TopLevelStorageAccess grants eligibility
TopLevelStorageAccess grants should only be considered when the
request mode is 'cors'. To perform this check, add enum CookieSettingOverride::kTopLevelStorageAccessGrantEligible to
url_request.cookie_setting_overrides_ when the request mode is cors,
and only allow cross-site cookie granted by TopLevelStorageAccess
if this require enum exists.
Bug: 1401091
Change-Id: I41a74f530882e38c8051a53013e8a3bf149f1b02
Reviewed-on: https://chromium-review.googlesource.com/c/chromium/src/+/4144296
Reviewed-by: Maks Orlovich <[email protected]>
Reviewed-by: Chris Fredrickson <[email protected]>
Commit-Queue: Shuran Huang <[email protected]>
Reviewed-by: Takashi Toyoshima <[email protected]>
Reviewed-by: Balazs Engedy <[email protected]>
Cr-Commit-Position: refs/heads/main@{#1096976}
diff --git a/chrome/browser/net/storage_test_utils.h b/chrome/browser/net/storage_test_utils.h
index b54023e..94b462e 100644
--- a/chrome/browser/net/storage_test_utils.h
+++ b/chrome/browser/net/storage_test_utils.h
@@ -7,6 +7,8 @@
#include <string>
+class GURL;
+
namespace content {
class RenderFrameHost;
} // namespace content
@@ -45,6 +47,13 @@
// value of true; false otherwise.
bool HasStorageAccessForFrame(content::RenderFrameHost* frame);
+// Helper to see if a credentialed fetch has cookies access via top-level
+// storage access grants. Returns the content of the response if the promise
+// resolves. `cors_enabled` sets fetch RequestMode to be "cors" or "no-cors".
+std::string FetchWithCredentials(content::RenderFrameHost* frame,
+ const GURL& url,
+ const bool cors_enabled);
+
} // namespace test
} // namespace storage
#endif // CHROME_BROWSER_NET_STORAGE_TEST_UTILS_H_
