Storage Access API: Make document.hasStorageAccess a function and always allow access for same-origin iframes
https://bugs.webkit.org/show_bug.cgi?id=176944
<rdar://problem/
34440658>
Reviewed by Brent Fulgham.
Source/WebCore:
Test: http/tests/storageAccess/request-storage-access-cross-origin-sandboxed-iframe-without-user-gesture.html
This change introduces document.hasStorageAccess() as a function which
returns a promise instead of being a property. Since cookie access can
be due to both a granted request and recent user interaction as first
party, the WebKit::WebResourceLoadStatisticsStore needs to be consulted.
* dom/Document.cpp:
(WebCore::Document::hasStorageAccess):
(WebCore::Document::requestStorageAccess):
Removed check of the previous m_hasStorageAccess member.
Same-origin check done earlier. This was a request/suggestion
from Mozilla.
* dom/Document.h:
(WebCore::Document::hasStorageAccess const): Deleted.
Now uses a promise.
* dom/Document.idl:
* page/ChromeClient.h:
Source/WebKit:
This change introduces document.hasStorageAccess() as a function which
returns a promise instead of being a property. Since cookie access can
be due to both a granted request and recent user interaction as first
party, the WebKit::WebResourceLoadStatisticsStore needs to be consulted.
* UIProcess/WebPageProxy.cpp:
(WebKit::WebPageProxy::hasStorageAccess):
* UIProcess/WebPageProxy.h:
* UIProcess/WebPageProxy.messages.in:
* UIProcess/WebResourceLoadStatisticsStore.cpp:
(WebKit::WebResourceLoadStatisticsStore::hasStorageAccess):
(WebKit::WebResourceLoadStatisticsStore::requestStorageAccess):
Now adds an entry for granted access. A bug found through testing.
Switched from WTF::Function to WTF::CompletionHandler.
* UIProcess/WebResourceLoadStatisticsStore.h:
* UIProcess/WebsiteData/WebsiteDataStore.cpp:
(WebKit::WebsiteDataStore::hasStorageAccess):
(WebKit::WebsiteDataStore::requestStorageAccess):
Switched from WTF::Function to WTF::CompletionHandler.
* UIProcess/WebsiteData/WebsiteDataStore.h:
* WebProcess/WebCoreSupport/WebChromeClient.cpp:
(WebKit::WebChromeClient::hasStorageAccess):
(WebKit::WebChromeClient::requestStorageAccess):
Switched from WTF::Function to WTF::CompletionHandler.
* WebProcess/WebCoreSupport/WebChromeClient.h:
* WebProcess/WebPage/WebPage.cpp:
(WebKit::WebPage::hasStorageAccess):
(WebKit::WebPage::requestStorageAccess):
Switched from WTF::Function to WTF::CompletionHandler.
* WebProcess/WebPage/WebPage.h:
LayoutTests:
These tests now use the new document.hasStorageAccess() function
instead of the previous document.hasStorageAccess property.
The added test is a break out of the negative case of an iframe
calling the API when no user gesture is processed.
* http/tests/storageAccess/request-and-deny-storage-access-cross-origin-iframe-expected.txt:
* http/tests/storageAccess/request-and-deny-storage-access-cross-origin-iframe.html:
* http/tests/storageAccess/request-and-deny-storage-access-cross-origin-sandboxed-iframe-expected.txt:
* http/tests/storageAccess/request-and-deny-storage-access-cross-origin-sandboxed-iframe.html:
* http/tests/storageAccess/request-and-grant-storage-access-cross-origin-non-sandboxed-iframe-expected.txt:
* http/tests/storageAccess/request-and-grant-storage-access-cross-origin-non-sandboxed-iframe.html:
* http/tests/storageAccess/request-and-grant-storage-access-cross-origin-sandboxed-iframe-expected.txt:
* http/tests/storageAccess/request-and-grant-storage-access-cross-origin-sandboxed-iframe-from-prevalent-domain-with-non-recent-user-interaction-expected.txt:
* http/tests/storageAccess/request-and-grant-storage-access-cross-origin-sandboxed-iframe-from-prevalent-domain-with-non-recent-user-interaction.html:
* http/tests/storageAccess/request-and-grant-storage-access-cross-origin-sandboxed-iframe-from-prevalent-domain-with-recent-user-interaction-expected.txt:
* http/tests/storageAccess/request-and-grant-storage-access-cross-origin-sandboxed-iframe-from-prevalent-domain-without-user-interaction-expected.txt:
* http/tests/storageAccess/request-and-grant-storage-access-cross-origin-sandboxed-nested-iframe-expected.txt:
* http/tests/storageAccess/request-and-grant-storage-access-cross-origin-sandboxed-nested-iframe.html:
* http/tests/storageAccess/request-storage-access-cross-origin-sandboxed-iframe-with-unique-origin-expected.txt:
* http/tests/storageAccess/request-storage-access-cross-origin-sandboxed-iframe-without-allow-token-expected.txt:
* http/tests/storageAccess/request-storage-access-cross-origin-sandboxed-iframe-without-allow-token.html:
* http/tests/storageAccess/request-storage-access-cross-origin-sandboxed-iframe-without-user-gesture-expected.txt: Added.
* http/tests/storageAccess/request-storage-access-cross-origin-sandboxed-iframe-without-user-gesture.html: Added.
* http/tests/storageAccess/request-storage-access-same-origin-iframe-expected.txt:
* http/tests/storageAccess/request-storage-access-same-origin-iframe.html:
* http/tests/storageAccess/request-storage-access-same-origin-sandboxed-iframe-expected.txt:
* http/tests/storageAccess/request-storage-access-same-origin-sandboxed-iframe-without-allow-token-expected.txt:
* http/tests/storageAccess/request-storage-access-same-origin-sandboxed-iframe-without-allow-token.html:
* http/tests/storageAccess/request-storage-access-top-frame-expected.txt:
* http/tests/storageAccess/request-storage-access-top-frame.html:
* http/tests/storageAccess/resources/request-storage-access-iframe.html:
* http/tests/storageAccess/resources/request-storage-access-without-user-gesture-iframe.html: Added.
* platform/mac-wk2/TestExpectations:
Marked the new test case as [ Pass ]
git-svn-id: https://svn.webkit.org/repository/webkit/trunk@225583
268f45cc-cd09-0410-ab3c-
d52691b4dbfc
git://git.webkit.org / WebKit-https.git / commit