Reinstate cookie filter API

Expose API to block cookies for specific domains, or third party cookies
in general.

Task-number: QTBUG-62897
Change-Id: I7f0e3f346368a2ef2fbd77f3197ee2dea50d57ce
Reviewed-by: Peter Varga <pvarga@inf.u-szeged.hu>

5 files changed, 115 insertions, 4 deletions

diff --git a/src/core/api/core_api.pro b/src/core/api/core_api.pro
index 93eebbc45..0fea312f4 100644
--- a/src/core/api/core_api.pro
+++ b/src/core/api/core_api.pro
@@ -24,7 +24,9 @@ DEFINES += \
 
 CHROMIUM_SRC_DIR = $$QTWEBENGINE_ROOT/$$getChromiumSrcDir()
 INCLUDEPATH += $$QTWEBENGINE_ROOT/src/core \
-               $$CHROMIUM_SRC_DIR
+               $$CHROMIUM_SRC_DIR \
+               $$CHROMIUM_SRC_DIR/third_party/skia/include/core \
+               $$CHROMIUM_SRC_DIR/third_party/skia/include/config
 
 linux-g++*: QMAKE_CXXFLAGS += -Wno-unused-parameter
 
diff --git a/src/core/api/qwebenginecallback_p.h b/src/core/api/qwebenginecallback_p.h
index fdaf84d21..24b4495df 100644
--- a/src/core/api/qwebenginecallback_p.h
+++ b/src/core/api/qwebenginecallback_p.h
@@ -114,9 +114,15 @@ public:
 #undef DEFINE_INVOKE_FOR_TYPE
 
     template <typename A>
-    void invokeDirectly(const QWebEngineCallback<A> &callback, const A &argument)
+    void invokeDirectly(const QWebEngineCallback<typename std::remove_reference<A>::type &> &callback, A &argument)
     {
-        return callback.d.data()->operator()(std::forward<const A&>(argument));
+        return callback.d.data()->operator()(argument);
+    }
+
+    template <typename A>
+    void invokeDirectly(const QWebEngineCallback<typename std::remove_reference<A>::type> &callback, const A &argument)
+    {
+        return callback.d.data()->operator()(std::forward<const A &>(argument));
     }
 
 private:
diff --git a/src/core/api/qwebenginecookiestore.cpp b/src/core/api/qwebenginecookiestore.cpp
index 031eb8d3d..e034e08ea 100644
--- a/src/core/api/qwebenginecookiestore.cpp
+++ b/src/core/api/qwebenginecookiestore.cpp
@@ -40,7 +40,10 @@
 #include "qwebenginecookiestore.h"
 #include "qwebenginecookiestore_p.h"
 
-#include <cookie_monster_delegate_qt.h>
+#include "net/base/registry_controlled_domains/registry_controlled_domain.h"
+
+#include "cookie_monster_delegate_qt.h"
+#include "type_conversion.h"
 
 #include <QByteArray>
 #include <QUrl>
@@ -179,6 +182,21 @@ void QWebEngineCookieStorePrivate::onCookieChanged(const QNetworkCookie &cookie,
         Q_EMIT q->cookieAdded(cookie);
 }
 
+bool QWebEngineCookieStorePrivate::canAccessCookies(const QUrl &firstPartyUrl, const QUrl &url)
+{
+    if (!filterCallback)
+        return true;
+
+    bool thirdParty =
+            !net::registry_controlled_domains::SameDomainOrHost(toGurl(url),
+                                                                toGurl(firstPartyUrl),
+                                                                net::registry_controlled_domains::INCLUDE_PRIVATE_REGISTRIES);
+
+    QWebEngineCookieStore::FilterRequest request = { true, thirdParty, firstPartyUrl, url };
+    callbackDirectory.invokeDirectly<QWebEngineCookieStore::FilterRequest&>(filterCallback, request);
+    return request.accepted;
+}
+
 /*!
     \class QWebEngineCookieStore
     \inmodule QtWebEngineCore
@@ -314,4 +332,74 @@ void QWebEngineCookieStore::deleteAllCookies()
     d->deleteAllCookies();
 }
 
+/*!
+    \fn void QWebEngineCookieStore::setCookieFilter(FunctorOrLambda filterCallback)
+    \since 5.11
+
+    Installs a cookie filter that can prevent sites and resources from using cookies.
+    The \a filterCallback must be a lambda or functor taking a FilterRequest structure. If the
+    cookie is to be rejected, the filter can set FilterRequest::accepted to \c false.
+
+    The callback should not be used to execute heavy tasks since it is running on the
+    IO thread and therefore blocks the Chromium networking.
+
+    \sa deleteAllCookies(), loadAllCookies()
+*/
+void QWebEngineCookieStore::setCookieFilter(const QWebEngineCallback<QWebEngineCookieStore::FilterRequest&> &filter)
+{
+    Q_D(QWebEngineCookieStore);
+    d->filterCallback = filter;
+}
+
+/*!
+    \class QWebEngineCookieStore::FilterRequest
+    \inmodule QtWebEngineCore
+    \since 5.11
+
+    \brief This struct is used in conjunction with QWebEngineCookieStore::setCookieFilter() and is
+    the type \a filterCallback operates on.
+
+    \sa QWebEngineCookieStore::setCookieFilter()
+*/
+
+/*!
+    \variable QWebEngineCookieStore::FilterRequest::accepted
+    \brief Whether the cookie access should be accepted or not. Defaults to \c true.
+
+    Can be set to \c false by the filter to block the cookie access.
+*/
+
+/*!
+    \variable QWebEngineCookieStore::FilterRequest::firstPartyUrl
+    \brief The URL that was navigated to.
+
+    The site that would be showing in the location bar if the application has one.
+
+    Can be used to white-list or black-list cookie access or third-party cookie access
+    for specific sites visited.
+
+    \sa origin, thirdParty
+*/
+
+/*!
+    \variable QWebEngineCookieStore::FilterRequest::origin
+    \brief The URL of the script or content accessing a cookie
+
+    Can be used to white-list or black-list third-party cookie access
+    for specific services.
+
+    \sa firstPartyUrl, thirdParty
+*/
+
+/*!
+    \variable QWebEngineCookieStore::FilterRequest::thirdParty
+    \brief Whether this is considered a third-party access
+
+    This is calculated by comparing FilterRequest::origin and FilterRequest::firstPartyUrl and
+    checking if they share a common origin that is not a top-domain (like .com or .co.uk),
+    or a known hosting site with independently owned subdomains.
+
+    \sa firstPartyUrl, origin
+*/
+
 QT_END_NAMESPACE
diff --git a/src/core/api/qwebenginecookiestore.h b/src/core/api/qwebenginecookiestore.h
index c05a72cf1..d3feacefe 100644
--- a/src/core/api/qwebenginecookiestore.h
+++ b/src/core/api/qwebenginecookiestore.h
@@ -60,8 +60,20 @@ class QWEBENGINE_EXPORT QWebEngineCookieStore : public QObject {
     Q_OBJECT
 
 public:
+    struct FilterRequest {
+        bool accepted;
+        const bool thirdParty;
+
+        const QUrl firstPartyUrl;
+        const QUrl origin;
+    };
     virtual ~QWebEngineCookieStore();
 
+#ifdef Q_QDOC
+    void setCookieFilter(FunctorOrLambda filterCallback);
+#else
+    void setCookieFilter(const QWebEngineCallback<FilterRequest&> &filterCallback);
+#endif
     void setCookie(const QNetworkCookie &cookie, const QUrl &origin = QUrl());
     void deleteCookie(const QNetworkCookie &cookie, const QUrl &origin = QUrl());
     void deleteSessionCookies();
diff --git a/src/core/api/qwebenginecookiestore_p.h b/src/core/api/qwebenginecookiestore_p.h
index 582c0712a..809aa39b0 100644
--- a/src/core/api/qwebenginecookiestore_p.h
+++ b/src/core/api/qwebenginecookiestore_p.h
@@ -78,6 +78,7 @@ class QWEBENGINE_PRIVATE_EXPORT QWebEngineCookieStorePrivate
     QWebEngineCookieStore *q_ptr;
 public:
     QtWebEngineCore::CallbackDirectory callbackDirectory;
+    QWebEngineCallback<QWebEngineCookieStore::FilterRequest&> filterCallback;
     QVector<CookieData> m_pendingUserCookies;
     quint64 m_nextCallbackId;
     bool m_deleteSessionCookiesPending;
@@ -96,6 +97,8 @@ public:
     void deleteAllCookies();
     void getAllCookies();
 
+    bool canAccessCookies(const QUrl &firstPartyUrl, const QUrl &url);
+
     void onGetAllCallbackResult(qint64 callbackId, const QByteArray &cookieList);
     void onSetCallbackResult(qint64 callbackId, bool success);
     void onDeleteCallbackResult(qint64 callbackId, int numCookies);