Resource Load Statistics: Further restrict client-side cookie persistence after cross...
authorwilander@apple.com <wilander@apple.com@268f45cc-cd09-0410-ab3c-d52691b4dbfc>
Fri, 1 Mar 2019 22:11:33 +0000 (22:11 +0000)
committerwilander@apple.com <wilander@apple.com@268f45cc-cd09-0410-ab3c-d52691b4dbfc>
Fri, 1 Mar 2019 22:11:33 +0000 (22:11 +0000)
commit28ad7ce242d0d622931dd00f7fdd4486394cd897
tree0e71c0fda00f22c19a293f05d149dd840cf721e4
parenta699dd711fd8fda96f232862a00998ac17a75d20
Resource Load Statistics: Further restrict client-side cookie persistence after cross-site navigations with link decoration
https://bugs.webkit.org/show_bug.cgi?id=195196
<rdar://problem/48006419>

Reviewed by Brent Fulgham.

Source/WebCore:

Tests: http/tests/resourceLoadStatistics/capped-lifetime-for-cookie-set-in-js-with-link-decoration-same-site.html
       http/tests/resourceLoadStatistics/capped-lifetime-for-cookie-set-in-js-with-link-fragment-from-prevalent-resource.html
       http/tests/resourceLoadStatistics/capped-lifetime-for-cookie-set-in-js-with-link-query-and-fragment-from-prevalent-resource.html
       http/tests/resourceLoadStatistics/capped-lifetime-for-cookie-set-in-js-with-link-query-from-prevalent-resource.html
       http/tests/resourceLoadStatistics/capped-lifetime-for-cookie-set-in-js-without-link-decoration-from-prevalent-resource.html

Trackers abuse link query parameters to transport user identifiers cross-site.
This patch detects such navigations and applies further restrictions to
client-site cookies on the destination page.

* platform/network/NetworkStorageSession.cpp:
(WebCore::NetworkStorageSession::setAgeCapForClientSideCookies):
    Now sets the regular 7-day cap and a reduced 1-day cap.
(WebCore::NetworkStorageSession::clearPageSpecificDataForResourceLoadStatistics):
    Renamed NetworkStorageSession::removeStorageAccessForAllFramesOnPage() to
    NetworkStorageSession::clearPageSpecificDataForResourceLoadStatistics since
    it now clears out two types of page-specific data.
(WebCore::NetworkStorageSession::committedCrossSiteLoadWithLinkDecoration):
    This function receives a cross-site navigation and checks if the originating
    site is a prevalent resource. If so, it marks the page or stricter cookie
    rules.
(WebCore::NetworkStorageSession::resetCrossSiteLoadsWithLinkDecorationForTesting):
    Test infrastructure. This sets a state that overrides the regular per-page
    clear of data. The reason is that the double clear was racy and caused test
    failures.
(WebCore::NetworkStorageSession::clientSideCookieCap const):
    New function that returns the current cookie lifetime cap.
(WebCore::NetworkStorageSession::removeStorageAccessForAllFramesOnPage): Deleted.
    Renamed to NetworkStorageSession::clearPageSpecificDataForResourceLoadStatistics().
* platform/network/NetworkStorageSession.h:
* platform/network/cocoa/NetworkStorageSessionCocoa.mm:
(WebCore::NetworkStorageSession::setCookiesFromDOM const):
    Now calls NetworkStorageSession::clientSideCookieCap() to set the cap.

Source/WebKit:

Trackers abuse link query parameters to transport user identifiers cross-site.
This patch detects such navigations and applies further restrictions to
client-site cookies on the destination page.

* NetworkProcess/NetworkConnectionToWebProcess.cpp:
(WebKit::NetworkConnectionToWebProcess::clearPageSpecificDataForResourceLoadStatistics):
(WebKit::NetworkConnectionToWebProcess::removeStorageAccessForAllFramesOnPage): Deleted.
    Renamed NetworkConnectionToWebProcess::clearPageSpecificDataForResourceLoadStatistics().
* NetworkProcess/NetworkConnectionToWebProcess.h:
* NetworkProcess/NetworkConnectionToWebProcess.messages.in:
* NetworkProcess/NetworkProcess.cpp:
(WebKit::NetworkProcess::committedCrossSiteLoadWithLinkDecoration):
    Reporting IPC message when a link decorated cross-site navigation happens.
(WebKit::NetworkProcess::resetCrossSiteLoadsWithLinkDecorationForTesting):
* NetworkProcess/NetworkProcess.h:
* NetworkProcess/NetworkProcess.messages.in:
* UIProcess/API/C/WKWebsiteDataStoreRef.cpp:
(WKWebsiteDataStoreStatisticsResetToConsistentState):
    Added clearing of the new state between test runs.
* UIProcess/Network/NetworkProcessProxy.cpp:
(WebKit::NetworkProcessProxy::resetCrossSiteLoadsWithLinkDecorationForTesting):
    Test infrastructure.
* UIProcess/Network/NetworkProcessProxy.h:
* UIProcess/WebPageProxy.cpp:
(WebKit::isNonUniqueNavigationWithLinkDecoration):
    Convenience function.
(WebKit::WebPageProxy::didCommitLoadForFrame):
    This function now reports to the network process when a link decorated
    cross-site navigation happens.
* UIProcess/WebsiteData/WebsiteDataStore.cpp:
(WebKit::WebsiteDataStore::resetCrossSiteLoadsWithLinkDecorationForTesting):
    Test infrastructure.
* UIProcess/WebsiteData/WebsiteDataStore.h:
* WebProcess/WebPage/WebPage.cpp:
(WebKit::WebPage::close):
    Name change of function called.

LayoutTests:

* http/tests/resourceLoadStatistics/capped-lifetime-for-cookie-set-in-js-with-link-decoration-same-site-expected.txt: Added.
* http/tests/resourceLoadStatistics/capped-lifetime-for-cookie-set-in-js-with-link-decoration-same-site.html: Added.
* http/tests/resourceLoadStatistics/capped-lifetime-for-cookie-set-in-js-with-link-fragment-from-prevalent-resource-expected.txt: Added.
* http/tests/resourceLoadStatistics/capped-lifetime-for-cookie-set-in-js-with-link-fragment-from-prevalent-resource.html: Added.
* http/tests/resourceLoadStatistics/capped-lifetime-for-cookie-set-in-js-with-link-query-and-fragment-from-prevalent-resource-expected.txt: Added.
* http/tests/resourceLoadStatistics/capped-lifetime-for-cookie-set-in-js-with-link-query-and-fragment-from-prevalent-resource.html: Added.
* http/tests/resourceLoadStatistics/capped-lifetime-for-cookie-set-in-js-with-link-query-from-prevalent-resource-expected.txt: Added.
* http/tests/resourceLoadStatistics/capped-lifetime-for-cookie-set-in-js-with-link-query-from-prevalent-resource.html: Added.
* http/tests/resourceLoadStatistics/capped-lifetime-for-cookie-set-in-js-without-link-decoration-from-prevalent-resource-expected.txt: Added.
* http/tests/resourceLoadStatistics/capped-lifetime-for-cookie-set-in-js-without-link-decoration-from-prevalent-resource.html: Added.
* http/tests/resourceLoadStatistics/capped-lifetime-for-cookie-set-in-js.html:
    Now clears cookies after the test.

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@242288 268f45cc-cd09-0410-ab3c-d52691b4dbfc
30 files changed:
LayoutTests/ChangeLog
LayoutTests/http/tests/resourceLoadStatistics/capped-lifetime-for-cookie-set-in-js-with-link-decoration-same-site-expected.txt [new file with mode: 0644]
LayoutTests/http/tests/resourceLoadStatistics/capped-lifetime-for-cookie-set-in-js-with-link-decoration-same-site.html [new file with mode: 0644]
LayoutTests/http/tests/resourceLoadStatistics/capped-lifetime-for-cookie-set-in-js-with-link-fragment-from-prevalent-resource-expected.txt [new file with mode: 0644]
LayoutTests/http/tests/resourceLoadStatistics/capped-lifetime-for-cookie-set-in-js-with-link-fragment-from-prevalent-resource.html [new file with mode: 0644]
LayoutTests/http/tests/resourceLoadStatistics/capped-lifetime-for-cookie-set-in-js-with-link-query-and-fragment-from-prevalent-resource-expected.txt [new file with mode: 0644]
LayoutTests/http/tests/resourceLoadStatistics/capped-lifetime-for-cookie-set-in-js-with-link-query-and-fragment-from-prevalent-resource.html [new file with mode: 0644]
LayoutTests/http/tests/resourceLoadStatistics/capped-lifetime-for-cookie-set-in-js-with-link-query-from-prevalent-resource-expected.txt [new file with mode: 0644]
LayoutTests/http/tests/resourceLoadStatistics/capped-lifetime-for-cookie-set-in-js-with-link-query-from-prevalent-resource.html [new file with mode: 0644]
LayoutTests/http/tests/resourceLoadStatistics/capped-lifetime-for-cookie-set-in-js-without-link-decoration-from-prevalent-resource-expected.txt [new file with mode: 0644]
LayoutTests/http/tests/resourceLoadStatistics/capped-lifetime-for-cookie-set-in-js-without-link-decoration-from-prevalent-resource.html [new file with mode: 0644]
LayoutTests/http/tests/resourceLoadStatistics/capped-lifetime-for-cookie-set-in-js.html
Source/WebCore/ChangeLog
Source/WebCore/platform/network/NetworkStorageSession.cpp
Source/WebCore/platform/network/NetworkStorageSession.h
Source/WebCore/platform/network/cocoa/NetworkStorageSessionCocoa.mm
Source/WebKit/ChangeLog
Source/WebKit/NetworkProcess/NetworkConnectionToWebProcess.cpp
Source/WebKit/NetworkProcess/NetworkConnectionToWebProcess.h
Source/WebKit/NetworkProcess/NetworkConnectionToWebProcess.messages.in
Source/WebKit/NetworkProcess/NetworkProcess.cpp
Source/WebKit/NetworkProcess/NetworkProcess.h
Source/WebKit/NetworkProcess/NetworkProcess.messages.in
Source/WebKit/UIProcess/API/C/WKWebsiteDataStoreRef.cpp
Source/WebKit/UIProcess/Network/NetworkProcessProxy.cpp
Source/WebKit/UIProcess/Network/NetworkProcessProxy.h
Source/WebKit/UIProcess/WebPageProxy.cpp
Source/WebKit/UIProcess/WebsiteData/WebsiteDataStore.cpp
Source/WebKit/UIProcess/WebsiteData/WebsiteDataStore.h
Source/WebKit/WebProcess/WebPage/WebPage.cpp