Introduce Storage Access API (document parts) as an experimental feature
authorwilander@apple.com <wilander@apple.com@268f45cc-cd09-0410-ab3c-d52691b4dbfc>
Thu, 14 Sep 2017 03:12:17 +0000 (03:12 +0000)
committerwilander@apple.com <wilander@apple.com@268f45cc-cd09-0410-ab3c-d52691b4dbfc>
Thu, 14 Sep 2017 03:12:17 +0000 (03:12 +0000)
commit7fce79d342fab03ebd5180d9889b14f9d5a6f590
tree791b9a944fed55904674517b31cc0d0ebe975251
parent38d3262dfd6c55a76f87824edd981658f9df3f1c
Introduce Storage Access API (document parts) as an experimental feature
https://bugs.webkit.org/show_bug.cgi?id=175759
<rdar://problem/34414107>

Reviewed by Alex Christensen.

Source/WebCore:

Storage Access API is an experimental feature which allows cross-origin,
sandboxed iframes to request access to their first-party storage (as
opposed to partitioned storage). This might be restricted to cookies or
might cover all stateful mechanisms.

It introduces the following three developer-facing things:
- A new readonly attribute, document.hasStorageAccess.
- A new function, document.requestStorageAccess().
- A new iframe sandbox token, allow-storage-access-by-user-activation.

Tests: http/tests/storageAccess/request-and-deny-storage-access-cross-origin-iframe.html
       http/tests/storageAccess/request-and-deny-storage-access-cross-origin-sandboxed-iframe.html
       http/tests/storageAccess/request-and-grant-storage-access-cross-origin-iframe.html
       http/tests/storageAccess/request-and-grant-storage-access-cross-origin-sandboxed-iframe.html
       http/tests/storageAccess/request-storage-access-cross-origin-sandboxed-iframe-with-unique-origin.html
       http/tests/storageAccess/request-storage-access-cross-origin-sandboxed-iframe-without-allow-token.html
       http/tests/storageAccess/request-storage-access-same-origin-iframe.html
       http/tests/storageAccess/request-storage-access-same-origin-sandboxed-iframe-without-allow-token.html
       http/tests/storageAccess/request-storage-access-same-origin-sandboxed-iframe.html
       http/tests/storageAccess/request-storage-access-top-frame.html

* dom/Document.cpp:
(WebCore::Document::requestStorageAccess):
* dom/Document.h:
(WebCore::Document::hasStorageAccess const):
(WebCore::Document::setUserGrantsStorageAccessOverride):
    See comments on WebCore::Internals below.
* dom/Document.idl:
* dom/SecurityContext.cpp:
(WebCore::SecurityContext::isSupportedSandboxPolicy):
(WebCore::SecurityContext::parseSandboxPolicy):
    Support for allow-storage-access-by-user-activation.
* dom/SecurityContext.h:
* loader/ResourceLoadObserver.cpp:
(WebCore::ResourceLoadObserver::registerStorageAccess):
    Newly granted storage access is reported to
    WebCore::ResourceLoadObserver.
* loader/ResourceLoadObserver.h:
* loader/ResourceLoadStatistics.cpp:
(WebCore::encodeHashSet):
(WebCore::ResourceLoadStatistics::encode const):
(WebCore::decodeHashSet):
(WebCore::ResourceLoadStatistics::decode):
(WebCore::appendHashSet):
(WebCore::ResourceLoadStatistics::toString const):
(WebCore::mergeHashSet):
(WebCore::ResourceLoadStatistics::merge):
    Storage of the new type of data.
* loader/ResourceLoadStatistics.h:
* page/Settings.in:
* testing/Internals.cpp:
(WebCore::Internals::resetToConsistentState):
(WebCore::Internals::setUserGrantsStorageAccess):
* testing/Internals.h:
* testing/Internals.idl:
    Added setUserGrantsStorageAccess(). It is used to
    override the eventSender's keyboard input which
    always results in a cancel action on the confirm()
    dialog.

Source/WebKit:

Storage Access API is an experimental feature which allows cross-origin,
sandboxed iframes to request access to their first-party storage (as
opposed to partitioned storage). This might be restricted to cookies or
might cover all stateful mechanisms.

It introduces the following three developer-facing things:
- A new readonly attribute, document.hasStorageAccess.
- A new function, document.requestStorageAccess().
- A new iframe sandbox token, allow-storage-access-by-user-activation.

* Shared/WebCoreArgumentCoders.cpp:
(IPC::ArgumentCoder<ResourceLoadStatistics>::encode):
(IPC::ArgumentCoder<ResourceLoadStatistics>::decode):
    Storage handling of the new type of data.
* Shared/WebPreferencesDefinitions.h:
* UIProcess/API/C/WKPreferences.cpp:
(WKPreferencesSetStorageAccessAPIEnabled):
(WKPreferencesGetStorageAccessAPIEnabled):
* UIProcess/API/C/WKPreferencesRefPrivate.h:
* UIProcess/WebResourceLoadStatisticsStore.cpp:
    Bumped the model version from 9 to 10.
* WebProcess/WebPage/WebPage.cpp:
(WebKit::WebPage::updatePreferences):

Tools:

* WebKitTestRunner/TestController.cpp:
(WTR::TestController::resetPreferencesToConsistentValues):
    Turns the feature on for tests.

LayoutTests:

Storage Access API is an experimental feature which allows cross-origin,
sandboxed iframes to request access to their first-party storage (as
opposed to partitioned storage). This might be restricted to cookies or
might cover all stateful mechanisms.

It introduces the following three developer-facing things:
- A new readonly attribute, document.hasStorageAccess.
- A new function, document.requestStorageAccess().
- A new iframe sandbox token, allow-storage-access-by-user-activation.

* TestExpectations:
* http/tests/storageAccess: Added.
* http/tests/storageAccess/request-and-deny-storage-access-cross-origin-iframe-expected.txt: Added.
* http/tests/storageAccess/request-and-deny-storage-access-cross-origin-iframe.html: Added.
* http/tests/storageAccess/request-and-deny-storage-access-cross-origin-sandboxed-iframe-expected.txt: Added.
* http/tests/storageAccess/request-and-deny-storage-access-cross-origin-sandboxed-iframe.html: Added.
* http/tests/storageAccess/request-and-grant-storage-access-cross-origin-iframe-expected.txt: Added.
* http/tests/storageAccess/request-and-grant-storage-access-cross-origin-iframe.html: Added.
* http/tests/storageAccess/request-and-grant-storage-access-cross-origin-sandboxed-iframe-expected.txt: Added.
* http/tests/storageAccess/request-and-grant-storage-access-cross-origin-sandboxed-iframe.html: Added.
* http/tests/storageAccess/request-storage-access-cross-origin-sandboxed-iframe-with-unique-origin-expected.txt: Added.
* http/tests/storageAccess/request-storage-access-cross-origin-sandboxed-iframe-with-unique-origin.html: Added.
* http/tests/storageAccess/request-storage-access-cross-origin-sandboxed-iframe-without-allow-token-expected.txt: Added.
* http/tests/storageAccess/request-storage-access-cross-origin-sandboxed-iframe-without-allow-token.html: Added.
* http/tests/storageAccess/request-storage-access-same-origin-iframe-expected.txt: Added.
* http/tests/storageAccess/request-storage-access-same-origin-iframe.html: Added.
* http/tests/storageAccess/request-storage-access-same-origin-sandboxed-iframe-expected.txt: Added.
* http/tests/storageAccess/request-storage-access-same-origin-sandboxed-iframe-without-allow-token-expected.txt: Added.
* http/tests/storageAccess/request-storage-access-same-origin-sandboxed-iframe-without-allow-token.html: Added.
* http/tests/storageAccess/request-storage-access-same-origin-sandboxed-iframe.html: Added.
* http/tests/storageAccess/request-storage-access-top-frame-expected.txt: Added.
* http/tests/storageAccess/request-storage-access-top-frame.html: Added.
* http/tests/storageAccess/resources: Added.
* http/tests/storageAccess/resources/request-storage-access-iframe.html: Added.
* platform/mac-wk2/TestExpectations:
    New test cases that require a user gesture marked as [ Pass ].
    Also removed reference to (now closed) https://bugs.webkit.org/show_bug.cgi?id=175170.
* platform/wk2/TestExpectations:
    New test case request-storage-access-top-frame.html marked as [ Pass ].

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@222006 268f45cc-cd09-0410-ab3c-d52691b4dbfc
48 files changed:
LayoutTests/ChangeLog
LayoutTests/TestExpectations
LayoutTests/http/tests/storageAccess/request-and-deny-storage-access-cross-origin-iframe-expected.txt [new file with mode: 0644]
LayoutTests/http/tests/storageAccess/request-and-deny-storage-access-cross-origin-iframe.html [new file with mode: 0644]
LayoutTests/http/tests/storageAccess/request-and-deny-storage-access-cross-origin-sandboxed-iframe-expected.txt [new file with mode: 0644]
LayoutTests/http/tests/storageAccess/request-and-deny-storage-access-cross-origin-sandboxed-iframe.html [new file with mode: 0644]
LayoutTests/http/tests/storageAccess/request-and-grant-storage-access-cross-origin-iframe-expected.txt [new file with mode: 0644]
LayoutTests/http/tests/storageAccess/request-and-grant-storage-access-cross-origin-iframe.html [new file with mode: 0644]
LayoutTests/http/tests/storageAccess/request-and-grant-storage-access-cross-origin-sandboxed-iframe-expected.txt [new file with mode: 0644]
LayoutTests/http/tests/storageAccess/request-and-grant-storage-access-cross-origin-sandboxed-iframe.html [new file with mode: 0644]
LayoutTests/http/tests/storageAccess/request-storage-access-cross-origin-sandboxed-iframe-with-unique-origin-expected.txt [new file with mode: 0644]
LayoutTests/http/tests/storageAccess/request-storage-access-cross-origin-sandboxed-iframe-with-unique-origin.html [new file with mode: 0644]
LayoutTests/http/tests/storageAccess/request-storage-access-cross-origin-sandboxed-iframe-without-allow-token-expected.txt [new file with mode: 0644]
LayoutTests/http/tests/storageAccess/request-storage-access-cross-origin-sandboxed-iframe-without-allow-token.html [new file with mode: 0644]
LayoutTests/http/tests/storageAccess/request-storage-access-same-origin-iframe-expected.txt [new file with mode: 0644]
LayoutTests/http/tests/storageAccess/request-storage-access-same-origin-iframe.html [new file with mode: 0644]
LayoutTests/http/tests/storageAccess/request-storage-access-same-origin-sandboxed-iframe-expected.txt [new file with mode: 0644]
LayoutTests/http/tests/storageAccess/request-storage-access-same-origin-sandboxed-iframe-without-allow-token-expected.txt [new file with mode: 0644]
LayoutTests/http/tests/storageAccess/request-storage-access-same-origin-sandboxed-iframe-without-allow-token.html [new file with mode: 0644]
LayoutTests/http/tests/storageAccess/request-storage-access-same-origin-sandboxed-iframe.html [new file with mode: 0644]
LayoutTests/http/tests/storageAccess/request-storage-access-top-frame-expected.txt [new file with mode: 0644]
LayoutTests/http/tests/storageAccess/request-storage-access-top-frame.html [new file with mode: 0644]
LayoutTests/http/tests/storageAccess/resources/request-storage-access-iframe.html [new file with mode: 0644]
LayoutTests/platform/mac-wk2/TestExpectations
LayoutTests/platform/wk2/TestExpectations
Source/WebCore/ChangeLog
Source/WebCore/dom/Document.cpp
Source/WebCore/dom/Document.h
Source/WebCore/dom/Document.idl
Source/WebCore/dom/SecurityContext.cpp
Source/WebCore/dom/SecurityContext.h
Source/WebCore/loader/ResourceLoadObserver.cpp
Source/WebCore/loader/ResourceLoadObserver.h
Source/WebCore/loader/ResourceLoadStatistics.cpp
Source/WebCore/loader/ResourceLoadStatistics.h
Source/WebCore/page/Settings.in
Source/WebCore/testing/Internals.cpp
Source/WebCore/testing/Internals.h
Source/WebCore/testing/Internals.idl
Source/WebKit/ChangeLog
Source/WebKit/Shared/WebCoreArgumentCoders.cpp
Source/WebKit/Shared/WebPreferencesDefinitions.h
Source/WebKit/UIProcess/API/C/WKPreferences.cpp
Source/WebKit/UIProcess/API/C/WKPreferencesRefPrivate.h
Source/WebKit/UIProcess/WebResourceLoadStatisticsStore.cpp
Source/WebKit/WebProcess/WebPage/WebPage.cpp
Tools/ChangeLog
Tools/WebKitTestRunner/TestController.cpp