feat: add support for net requests to use the session cookie store (#22808)

* chore: refactor all the net specs to be async with better error handling (#22731)

* chore: fix net specs when rerunning locally (#22745)

* feat: add support for net requests to use the session cookie store (#22704)

* fix: allow net requests to use Same-Site cookies (#22788)

* build: fix merge conflict

* Update extensions-spec.ts

* chore: fix tsc compilation

* spec: set-cookie will not work until Electron 8 for samesite net module requests

docs/api/client-request.md

@@ -22,6 +22,9 @@ which the request is associated.
   with which the request is associated. Defaults to the empty string. The
 `session` option prevails on `partition`. Thus if a `session` is explicitly
 specified, `partition` is ignored.
+  * `useSessionCookies` Boolean (optional) - Whether to send cookies with this
+    request from the provided session.  This will make the `net` request's
+    cookie behavior match a `fetch` request. Default is `false`.
   * `protocol` String (optional) - The protocol scheme in the form 'scheme:'.
 Currently supported values are 'http:' or 'https:'. Defaults to 'http:'.
   * `host` String (optional) - The server host provided as a concatenation of

lib/browser/api/net.js

@@ -234,7 +234,8 @@ function parseOptions (options) {
     method: method,
     url: urlStr,
     redirectPolicy,
-    extraHeaders: options.headers || {}
+    extraHeaders: options.headers || {},
+    useSessionCookies: options.useSessionCookies || false
   };
   for (const [name, value] of Object.entries(urlLoaderOptions.extraHeaders)) {
     if (!_isValidHeaderName(name)) {

shell/browser/api/atom_api_url_loader.cc

@@ -19,6 +19,7 @@
 #include "mojo/public/cpp/system/data_pipe_producer.h"
 #include "native_mate/dictionary.h"
 #include "native_mate/handle.h"
+#include "net/base/load_flags.h"
 #include "services/network/public/cpp/resource_request.h"
 #include "services/network/public/cpp/simple_url_loader.h"
 #include "services/network/public/mojom/chunked_data_pipe_getter.mojom.h"
@@ -345,6 +346,7 @@ mate::WrappableBase* SimpleURLLoaderWrapper::New(mate::Arguments* args) {
     return nullptr;
   }
   auto request = std::make_unique<network::ResourceRequest>();
+  request->attach_same_site_cookies = true;
   opts.Get("method", &request->method);
   opts.Get("url", &request->url);
   std::map<std::string, std::string> extra_headers;
@@ -359,6 +361,12 @@ mate::WrappableBase* SimpleURLLoaderWrapper::New(mate::Arguments* args) {
     }
   }
 
+  bool use_session_cookies = false;
+  opts.Get("useSessionCookies", &use_session_cookies);
+  if (!use_session_cookies) {
+    request->load_flags |= net::LOAD_DO_NOT_SEND_COOKIES;
+  }
+
   // Chromium filters headers using browser rules, while for net module we have
   // every header passed.
   request->report_raw_headers = true;

spec-main/extensions-spec.ts

@@ -31,12 +31,12 @@ ifdescribe(process.electronBinding('features').isExtensionsEnabled())('chrome ex
     // extension in an in-memory session results in it being installed in the
     // default session.
     const customSession = session.fromPartition(`persist:${require('uuid').v4()}`);
-    (customSession as any).loadChromeExtension(path.join(fixtures, 'extensions', 'red-bg'))
+    (customSession as any).loadChromeExtension(path.join(fixtures, 'extensions', 'red-bg'));
     const w = new BrowserWindow({show: false, webPreferences: {session: customSession}})
-    await w.loadURL(url)
-    const bg = await w.webContents.executeJavaScript('document.documentElement.style.backgroundColor')
-    expect(bg).to.equal('red')
-  })
+    await w.loadURL(url);
+    const bg = await w.webContents.executeJavaScript('document.documentElement.style.backgroundColor');
+    expect(bg).to.equal('red');
+  });
 
   it('confines an extension to the session it was loaded in', async () => {
     const customSession = session.fromPartition(`persist:${require('uuid').v4()}`);