Only cap lifetime of persistent cookies created client-side through document.cookie...
[WebKit-https.git] / Source / WebKit / UIProcess / WebsiteData / WebsiteDataStore.h
1 /*
2  * Copyright (C) 2014-2017 Apple Inc. All rights reserved.
3  *
4  * Redistribution and use in source and binary forms, with or without
5  * modification, are permitted provided that the following conditions
6  * are met:
7  * 1. Redistributions of source code must retain the above copyright
8  *    notice, this list of conditions and the following disclaimer.
9  * 2. Redistributions in binary form must reproduce the above copyright
10  *    notice, this list of conditions and the following disclaimer in the
11  *    documentation and/or other materials provided with the distribution.
12  *
13  * THIS SOFTWARE IS PROVIDED BY APPLE INC. AND ITS CONTRIBUTORS ``AS IS''
14  * AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO,
15  * THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
16  * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL APPLE INC. OR ITS CONTRIBUTORS
17  * BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR
18  * CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF
19  * SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS
20  * INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN
21  * CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
22  * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF
23  * THE POSSIBILITY OF SUCH DAMAGE.
24  */
25
26 #pragma once
27
28 #include "NetworkSessionCreationParameters.h"
29 #include "WebProcessLifetimeObserver.h"
30 #include <WebCore/Cookie.h>
31 #include <WebCore/SecurityOriginData.h>
32 #include <WebCore/SecurityOriginHash.h>
33 #include <pal/SessionID.h>
34 #include <wtf/Function.h>
35 #include <wtf/HashSet.h>
36 #include <wtf/Identified.h>
37 #include <wtf/OptionSet.h>
38 #include <wtf/RefCounted.h>
39 #include <wtf/RefPtr.h>
40 #include <wtf/UniqueRef.h>
41 #include <wtf/WeakPtr.h>
42 #include <wtf/WorkQueue.h>
43 #include <wtf/text/WTFString.h>
44
45 #if PLATFORM(COCOA)
46 #include <pal/spi/cf/CFNetworkSPI.h>
47 #endif
48
49 namespace WebCore {
50 class SecurityOrigin;
51 }
52
53 namespace WebKit {
54
55 class AuthenticatorManager;
56 class SecKeyProxyStore;
57 class StorageManager;
58 class DeviceIdHashSaltStorage;
59 class WebPageProxy;
60 class WebProcessPool;
61 class WebResourceLoadStatisticsStore;
62 enum class WebsiteDataFetchOption;
63 enum class WebsiteDataType;
64 struct MockWebAuthenticationConfiguration;
65 struct WebsiteDataRecord;
66 struct WebsiteDataStoreParameters;
67
68 #if ENABLE(RESOURCE_LOAD_STATISTICS)
69 enum class StorageAccessStatus;
70 enum class StorageAccessPromptStatus;
71 #endif
72
73 #if ENABLE(NETSCAPE_PLUGIN_API)
74 struct PluginModuleInfo;
75 #endif
76
77 enum class ShouldCapLifetimeForClientSideCookies { No, Yes };
78
79 class WebsiteDataStore : public RefCounted<WebsiteDataStore>, public WebProcessLifetimeObserver, public Identified<WebsiteDataStore>, public CanMakeWeakPtr<WebsiteDataStore>  {
80 public:
81     constexpr static uint64_t defaultCacheStoragePerOriginQuota = 50 * 1024 * 1024;
82
83     struct Configuration {
84         String cacheStorageDirectory;
85         uint64_t cacheStoragePerOriginQuota { defaultCacheStoragePerOriginQuota };
86         String networkCacheDirectory;
87         String applicationCacheDirectory;
88         String applicationCacheFlatFileSubdirectoryName;
89
90         String mediaCacheDirectory;
91         String indexedDBDatabaseDirectory;
92         String serviceWorkerRegistrationDirectory;
93         String webSQLDatabaseDirectory;
94         String localStorageDirectory;
95         String mediaKeysStorageDirectory;
96         String deviceIdHashSaltsStorageDirectory;
97         String resourceLoadStatisticsDirectory;
98         String javaScriptConfigurationDirectory;
99         String cookieStorageFile;
100         String sourceApplicationBundleIdentifier;
101         String sourceApplicationSecondaryIdentifier;
102
103         explicit Configuration();
104     };
105     static Ref<WebsiteDataStore> createNonPersistent();
106     static Ref<WebsiteDataStore> create(Configuration, PAL::SessionID);
107     virtual ~WebsiteDataStore();
108
109     static WebsiteDataStore* existingNonDefaultDataStoreForSessionID(PAL::SessionID);
110
111     bool isPersistent() const { return !m_sessionID.isEphemeral(); }
112     PAL::SessionID sessionID() const { return m_sessionID; }
113
114     bool resourceLoadStatisticsEnabled() const;
115     void setResourceLoadStatisticsEnabled(bool);
116     bool resourceLoadStatisticsDebugMode() const;
117     void setResourceLoadStatisticsDebugMode(bool);
118     void setResourceLoadStatisticsDebugMode(bool, CompletionHandler<void()>&&);
119
120     uint64_t cacheStoragePerOriginQuota() const { return m_resolvedConfiguration.cacheStoragePerOriginQuota; }
121     void setCacheStoragePerOriginQuota(uint64_t quota) { m_resolvedConfiguration.cacheStoragePerOriginQuota = quota; }
122     const String& cacheStorageDirectory() const { return m_resolvedConfiguration.cacheStorageDirectory; }
123     void setCacheStorageDirectory(String&& directory) { m_resolvedConfiguration.cacheStorageDirectory = WTFMove(directory); }
124     const String& serviceWorkerRegistrationDirectory() const { return m_resolvedConfiguration.serviceWorkerRegistrationDirectory; }
125     void setServiceWorkerRegistrationDirectory(String&& directory) { m_resolvedConfiguration.serviceWorkerRegistrationDirectory = WTFMove(directory); }
126
127     WebResourceLoadStatisticsStore* resourceLoadStatistics() const { return m_resourceLoadStatistics.get(); }
128     void clearResourceLoadStatisticsInWebProcesses(CompletionHandler<void()>&&);
129
130     static void cloneSessionData(WebPageProxy& sourcePage, WebPageProxy& newPage);
131
132     void fetchData(OptionSet<WebsiteDataType>, OptionSet<WebsiteDataFetchOption>, Function<void(Vector<WebsiteDataRecord>)>&& completionHandler);
133     void fetchDataForTopPrivatelyControlledDomains(OptionSet<WebsiteDataType>, OptionSet<WebsiteDataFetchOption>, const Vector<String>& topPrivatelyControlledDomains, Function<void(Vector<WebsiteDataRecord>&&, HashSet<String>&&)>&& completionHandler);
134     void topPrivatelyControlledDomainsWithWebsiteData(OptionSet<WebsiteDataType> dataTypes, OptionSet<WebsiteDataFetchOption> fetchOptions, Function<void(HashSet<String>&&)>&& completionHandler);
135     void removeData(OptionSet<WebsiteDataType>, WallTime modifiedSince, Function<void()>&& completionHandler);
136     void removeData(OptionSet<WebsiteDataType>, const Vector<WebsiteDataRecord>&, Function<void()>&& completionHandler);
137     void removeDataForTopPrivatelyControlledDomains(OptionSet<WebsiteDataType>, OptionSet<WebsiteDataFetchOption>, const Vector<String>& topPrivatelyControlledDomains, Function<void(HashSet<String>&&)>&& completionHandler);
138
139 #if ENABLE(RESOURCE_LOAD_STATISTICS)
140     void updatePrevalentDomainsToBlockCookiesFor(const Vector<String>& domainsToBlock, CompletionHandler<void()>&&);
141     void setShouldCapLifetimeForClientSideCookies(ShouldCapLifetimeForClientSideCookies, CompletionHandler<void()>&&);
142     void hasStorageAccessForFrameHandler(const String& resourceDomain, const String& firstPartyDomain, uint64_t frameID, uint64_t pageID, CompletionHandler<void(bool hasAccess)>&&);
143     void getAllStorageAccessEntries(uint64_t pageID, CompletionHandler<void(Vector<String>&& domains)>&&);
144     void grantStorageAccessHandler(const String& resourceDomain, const String& firstPartyDomain, std::optional<uint64_t> frameID, uint64_t pageID, CompletionHandler<void(bool wasGranted)>&&);
145     void removeAllStorageAccessHandler(CompletionHandler<void()>&&);
146     void removePrevalentDomains(const Vector<String>& domains);
147     void hasStorageAccess(String&& subFrameHost, String&& topFrameHost, uint64_t frameID, uint64_t pageID, CompletionHandler<void(bool)>&&);
148     void requestStorageAccess(String&& subFrameHost, String&& topFrameHost, uint64_t frameID, uint64_t pageID, bool promptEnabled, CompletionHandler<void(StorageAccessStatus)>&&);
149     void grantStorageAccess(String&& subFrameHost, String&& topFrameHost, uint64_t frameID, uint64_t pageID, bool userWasPrompted, CompletionHandler<void(bool)>&&);
150 #endif
151     void setCacheMaxAgeCapForPrevalentResources(Seconds, CompletionHandler<void()>&&);
152     void resetCacheMaxAgeCapForPrevalentResources(CompletionHandler<void()>&&);
153     void resolveDirectoriesIfNecessary();
154     const String& resolvedApplicationCacheDirectory() const { return m_resolvedConfiguration.applicationCacheDirectory; }
155     const String& resolvedMediaCacheDirectory() const { return m_resolvedConfiguration.mediaCacheDirectory; }
156     const String& resolvedMediaKeysDirectory() const { return m_resolvedConfiguration.mediaKeysStorageDirectory; }
157     const String& resolvedDatabaseDirectory() const { return m_resolvedConfiguration.webSQLDatabaseDirectory; }
158     const String& resolvedJavaScriptConfigurationDirectory() const { return m_resolvedConfiguration.javaScriptConfigurationDirectory; }
159     const String& resolvedCookieStorageFile() const { return m_resolvedConfiguration.cookieStorageFile; }
160     const String& resolvedIndexedDatabaseDirectory() const { return m_resolvedConfiguration.indexedDBDatabaseDirectory; }
161     const String& resolvedServiceWorkerRegistrationDirectory() const { return m_resolvedConfiguration.serviceWorkerRegistrationDirectory; }
162     const String& resolvedResourceLoadStatisticsDirectory() const { return m_resolvedConfiguration.resourceLoadStatisticsDirectory; }
163
164     StorageManager* storageManager() { return m_storageManager.get(); }
165
166     DeviceIdHashSaltStorage* deviceIdHashSaltStorage() { return m_deviceIdHashSaltStorage.get(); }
167
168     WebProcessPool* processPoolForCookieStorageOperations();
169     bool isAssociatedProcessPool(WebProcessPool&) const;
170
171     WebsiteDataStoreParameters parameters();
172
173     Vector<WebCore::Cookie> pendingCookies() const;
174     void addPendingCookie(const WebCore::Cookie&);
175     void removePendingCookie(const WebCore::Cookie&);
176     void clearPendingCookies();
177
178     void enableResourceLoadStatisticsAndSetTestingCallback(Function<void (const String&)>&& callback);
179
180     void setBoundInterfaceIdentifier(String&& identifier) { m_boundInterfaceIdentifier = WTFMove(identifier); }
181     const String& boundInterfaceIdentifier() { return m_boundInterfaceIdentifier; }
182     
183     void setAllowsCellularAccess(AllowsCellularAccess allows) { m_allowsCellularAccess = allows; }
184     AllowsCellularAccess allowsCellularAccess() { return m_allowsCellularAccess; }
185
186 #if PLATFORM(COCOA)
187     void setProxyConfiguration(CFDictionaryRef configuration) { m_proxyConfiguration = configuration; }
188     CFDictionaryRef proxyConfiguration() { return m_proxyConfiguration.get(); }
189 #endif
190     
191     static void allowWebsiteDataRecordsForAllOrigins();
192
193 #if HAVE(SEC_KEY_PROXY)
194     void addSecKeyProxyStore(Ref<SecKeyProxyStore>&&);
195 #endif
196
197 #if ENABLE(WEB_AUTHN)
198     AuthenticatorManager& authenticatorManager() { return m_authenticatorManager.get(); }
199     void setMockWebAuthenticationConfiguration(MockWebAuthenticationConfiguration&&);
200 #endif
201
202     void didCreateNetworkProcess();
203
204 private:
205     explicit WebsiteDataStore(PAL::SessionID);
206     explicit WebsiteDataStore(Configuration, PAL::SessionID);
207
208     void fetchDataAndApply(OptionSet<WebsiteDataType>, OptionSet<WebsiteDataFetchOption>, RefPtr<WorkQueue>&&, Function<void(Vector<WebsiteDataRecord>)>&& apply);
209
210     // WebProcessLifetimeObserver.
211     void webPageWasAdded(WebPageProxy&) override;
212     void webPageWasInvalidated(WebPageProxy&) override;
213     void webProcessWillOpenConnection(WebProcessProxy&, IPC::Connection&) override;
214     void webPageWillOpenConnection(WebPageProxy&, IPC::Connection&) override;
215     void webPageDidCloseConnection(WebPageProxy&, IPC::Connection&) override;
216     void webProcessDidCloseConnection(WebProcessProxy&, IPC::Connection&) override;
217
218     void platformInitialize();
219     void platformDestroy();
220     static void platformRemoveRecentSearches(WallTime);
221
222     void registerWebResourceLoadStatisticsStoreAsMessageReceiver();
223     void unregisterWebResourceLoadStatisticsStoreAsMessageReceiver();
224
225     HashSet<RefPtr<WebProcessPool>> processPools(size_t count = std::numeric_limits<size_t>::max(), bool ensureAPoolExists = true) const;
226
227 #if ENABLE(NETSCAPE_PLUGIN_API)
228     Vector<PluginModuleInfo> plugins() const;
229 #endif
230
231     static Vector<WebCore::SecurityOriginData> mediaKeyOrigins(const String& mediaKeysStorageDirectory);
232     static void removeMediaKeys(const String& mediaKeysStorageDirectory, WallTime modifiedSince);
233     static void removeMediaKeys(const String& mediaKeysStorageDirectory, const HashSet<WebCore::SecurityOriginData>&);
234
235     void maybeRegisterWithSessionIDMap();
236
237     const PAL::SessionID m_sessionID;
238
239     const Configuration m_configuration;
240     Configuration m_resolvedConfiguration;
241     bool m_hasResolvedDirectories { false };
242
243     const RefPtr<StorageManager> m_storageManager;
244     const RefPtr<DeviceIdHashSaltStorage> m_deviceIdHashSaltStorage;
245     RefPtr<WebResourceLoadStatisticsStore> m_resourceLoadStatistics;
246     bool m_resourceLoadStatisticsDebugMode { false };
247
248     Ref<WorkQueue> m_queue;
249
250 #if PLATFORM(COCOA)
251     Vector<uint8_t> m_uiProcessCookieStorageIdentifier;
252     RetainPtr<CFHTTPCookieStorageRef> m_cfCookieStorage;
253     RetainPtr<CFDictionaryRef> m_proxyConfiguration;
254 #endif
255     HashSet<WebCore::Cookie> m_pendingCookies;
256     
257     String m_boundInterfaceIdentifier;
258     AllowsCellularAccess m_allowsCellularAccess { AllowsCellularAccess::Yes };
259
260 #if HAVE(SEC_KEY_PROXY)
261     Vector<Ref<SecKeyProxyStore>> m_secKeyProxyStores;
262 #endif
263
264 #if ENABLE(WEB_AUTHN)
265     UniqueRef<AuthenticatorManager> m_authenticatorManager;
266 #endif
267 };
268
269 }