Resource Load Statistics: Immediately forward cookie access for domains with previous...
authorwilander@apple.com <wilander@apple.com@268f45cc-cd09-0410-ab3c-d52691b4dbfc>
Wed, 14 Mar 2018 05:17:57 +0000 (05:17 +0000)
committerwilander@apple.com <wilander@apple.com@268f45cc-cd09-0410-ab3c-d52691b4dbfc>
Wed, 14 Mar 2018 05:17:57 +0000 (05:17 +0000)
commitd74edab8413402a1d3caaed21c2007dcac66d265
treeb8e0b6546ecca702df6274cb734bc104125ddf1a
parenta41247ac66031c7e2d108af18dd35e86fc205d58
Resource Load Statistics: Immediately forward cookie access for domains with previous user interaction when there's an opener document
https://bugs.webkit.org/show_bug.cgi?id=183620
<rdar://problem/38431469>

Reviewed by Brent Fulgham.

Source/WebCore:

Tests: http/tests/storageAccess/deny-storage-access-under-opener.html
       http/tests/storageAccess/grant-storage-access-under-opener.html

It turns out the fix in https://bugs.webkit.org/show_bug.cgi?id=183577
wasn't enough to address the compatibility issues with popups. Some of
them just detect their unpartitioned cookies, auto-dismiss themselves,
and expect their unpartitioned cookies to be available under the opener
afterwards. We should grant them access if the popup's domain has had
user interaction _previously_.

Note that we still need https://bugs.webkit.org/show_bug.cgi?id=183577
because if the popup's domain has not received user interaction
previously, we will not grant it storage access on just the window open.

* dom/Document.cpp:
(WebCore::Document::hasRequestedPageSpecificStorageAccessWithUserInteraction):
(WebCore::Document::setHasRequestedPageSpecificStorageAccessWithUserInteraction):
(WebCore::Document::hasGrantedPageSpecificStorageAccess): Deleted.
(WebCore::Document::setHasGrantedPageSpecificStorageAccess): Deleted.
    Renamed from *Granted* to *Requested* since there is now a case
    where access will not be granted, i.e. when the popup domain has
    not had user interaction previously.
* dom/Document.h:
* loader/ResourceLoadObserver.cpp:
(WebCore::ResourceLoadObserver::setRequestStorageAccessUnderOpenerCallback):
    Renamed *Grant* to *Request*.
(WebCore::ResourceLoadObserver::logUserInteractionWithReducedTimeResolution):
(WebCore::ResourceLoadObserver::logWindowCreation):
    New function called from DOMWindow::createWindow().
(WebCore::ResourceLoadObserver::requestStorageAccessUnderOpener):
    New convenience function.
(WebCore::ResourceLoadObserver::setGrantStorageAccessUnderOpenerCallback): Deleted.
    Renamed *Grant* to *Request*.
* loader/ResourceLoadObserver.h:
* page/DOMWindow.cpp:
(WebCore::DOMWindow::createWindow):
    Now calls ResourceLoadObserver::logWindowCreation() if a window
    was created and the opener has a document and a page ID.

Source/WebKit:

It turns out the fix in https://bugs.webkit.org/show_bug.cgi?id=183577
wasn't enough to address the compatibility issues with popups. Some of
them just detect their unpartitioned cookies, auto-dismiss themselves,
and expect their unpartitioned cookies to be available under the opener
afterwards. We should grant them access if the popup's domain has had
user interaction _previously_.

Note that we still need https://bugs.webkit.org/show_bug.cgi?id=183577
because if the popup's domain has not received user interaction
previously, we will not grant it storage access on just the window open.

* UIProcess/WebResourceLoadStatisticsStore.cpp:
(WebKit::WebResourceLoadStatisticsStore::requestStorageAccessUnderOpener):
(WebKit::WebResourceLoadStatisticsStore::grantStorageAccessUnderOpener): Deleted.
    Renamed WebResourceLoadStatisticsStore::grantStorageAccessUnderOpener()
    to WebResourceLoadStatisticsStore::requestStorageAccessUnderOpener()
    since there is now a case where access will not be granted, i.e. when
    the popup domain has not had user interaction previously.
* UIProcess/WebResourceLoadStatisticsStore.h:
* UIProcess/WebResourceLoadStatisticsStore.messages.in:
     Similar renaming.
* WebProcess/WebProcess.cpp:
(WebProcess::WebProcess):
     Similar renaming.

LayoutTests:

* http/tests/storageAccess/deny-storage-access-under-opener-expected.txt: Added.
* http/tests/storageAccess/deny-storage-access-under-opener.html: Added.
* http/tests/storageAccess/grant-storage-access-under-opener-expected.txt: Added.
* http/tests/storageAccess/grant-storage-access-under-opener.html: Added.
* http/tests/storageAccess/resources/set-cookie-and-report-back.html: Added.
* platform/ios/TestExpectations:
    New tests marked as [ Pass ].
* platform/mac-wk2/TestExpectations:
    New tests marked as [ Pass ].

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@229597 268f45cc-cd09-0410-ab3c-d52691b4dbfc
19 files changed:
LayoutTests/ChangeLog
LayoutTests/http/tests/storageAccess/deny-storage-access-under-opener-expected.txt [new file with mode: 0644]
LayoutTests/http/tests/storageAccess/deny-storage-access-under-opener.html [new file with mode: 0644]
LayoutTests/http/tests/storageAccess/grant-storage-access-under-opener-expected.txt [new file with mode: 0644]
LayoutTests/http/tests/storageAccess/grant-storage-access-under-opener.html [new file with mode: 0644]
LayoutTests/http/tests/storageAccess/resources/set-cookie-and-report-back.html [new file with mode: 0644]
LayoutTests/platform/ios/TestExpectations
LayoutTests/platform/mac-wk2/TestExpectations
Source/WebCore/ChangeLog
Source/WebCore/dom/Document.cpp
Source/WebCore/dom/Document.h
Source/WebCore/loader/ResourceLoadObserver.cpp
Source/WebCore/loader/ResourceLoadObserver.h
Source/WebCore/page/DOMWindow.cpp
Source/WebKit/ChangeLog
Source/WebKit/UIProcess/WebResourceLoadStatisticsStore.cpp
Source/WebKit/UIProcess/WebResourceLoadStatisticsStore.h
Source/WebKit/UIProcess/WebResourceLoadStatisticsStore.messages.in
Source/WebKit/WebProcess/WebProcess.cpp