Deny third-party cookie creation for prevalent resources without interaction
authorbfulgham@apple.com <bfulgham@apple.com@268f45cc-cd09-0410-ab3c-d52691b4dbfc>
Wed, 6 Sep 2017 17:30:50 +0000 (17:30 +0000)
committerbfulgham@apple.com <bfulgham@apple.com@268f45cc-cd09-0410-ab3c-d52691b4dbfc>
Wed, 6 Sep 2017 17:30:50 +0000 (17:30 +0000)
commite7002257fc601b8254e8c9fd371da5dd7fa7dedc
treed96b5cc29263de674bc47991ece1ebec9d92938a
parent114f174f3d0e33036291cf5573d9e88a07afd892
Deny third-party cookie creation for prevalent resources without interaction
https://bugs.webkit.org/show_bug.cgi?id=175232
<rdar://problem/33709386>

Reviewed by Alex Christensen.

Source/WebCore:

Prior to Intelligent Tracking Prevention, WebKit would deny the ability to create a third party cookie if the user's
settings prohibited it. Due to the internal mechanics of cookie partitioning, we now accept the third party cookie,
but destroy it at some arbitrary moment which is difficult for websites to work with.

This patch revises WebKit so that attempts to set third party cookies without user interaction fails immediately,
which is what sites are expecting from Safari.

Tests: http/tests/loading/resourceLoadStatistics/third-party-cookie-with-and-without-user-interaction.html

* platform/network/NetworkStorageSession.h:
* platform/network/cf/NetworkStorageSessionCFNet.cpp:
(WebCore::NetworkStorageSession::shouldPartitionCookies const): Revise for new naming.
(WebCore::NetworkStorageSession::shouldAllowThirdPartyCookies const): Allow third party cookies when the
user interaction property applies.
(WebCore::NetworkStorageSession::shouldBlockCookies const): Deny cookies for origins that are not allowed by
user interaction, and that are not being partitioned.
(WebCore::NetworkStorageSession::setPrevalentDomainsWithAndWithoutInteraction): Revise for new naming, and
to track prevalent origins with and without user interaction.
(WebCore::NetworkStorageSession::setShouldPartitionCookiesForHosts): Renamed to setPrevalentDomainsWithAndWithoutInteraction.
(WebCore::NetworkStorageSession::removePrevalentDomains): New helper function for testing.

Source/WebKit:

Prior to Intelligent Tracking Prevention, WebKit would deny the ability to create a third party cookie if the user's
settings prohibited it. Due to the internal mechanics of cookie partitioning, we now accept the third party cookie,
but destroy it at some arbitrary moment which is difficult for websites to work with.

This patch revises WebKit so that attempts to set third party cookies without user interaction fails immediately,
which is what sites are expecting from Safari.

* NetworkProcess/NetworkProcess.cpp:
(WebKit::NetworkProcess::updatePrevalentDomainsWithAndWithoutInteraction):
(WebKit::NetworkProcess::updateCookiePartitioningForTopPrivatelyOwnedDomains): Renamed to updatePrevalentDomainsWithAndWithoutInteraction.
* NetworkProcess/NetworkProcess.h:
* NetworkProcess/NetworkProcess.messages.in: Renamed the UpdateCookiePartitioningForTopPrivatelyOwnedDomains message
to UpdatePrevalentDomainsWithAndWithoutInteraction.
* NetworkProcess/cocoa/NetworkDataTaskCocoa.mm:
(WebKit::NetworkDataTaskCocoa::NetworkDataTaskCocoa): Recognize cases where a network session should block cookies, and
use the stateless session so we fail immediately when attempting an invalid cookie set operation.
* UIProcess/API/Cocoa/WKWebsiteDataStore.mm:
(WebKit::WKWebsiteDataStore::_resourceLoadStatisticsSetShouldPartitionCookies): Use new helper function to clear partitioning state.
* UIProcess/WebResourceLoadStatisticsStore.cpp:
(WebKit::WebResourceLoadStatisticsStore::WebResourceLoadStatisticsStore): Update for revised naming.
(WebKit::WebResourceLoadStatisticsStore::updateCookiePartitioning): Track domains with and without interaction so that we can recognize
domains that should be immediately blocked from setting cookies.
(WebKit::WebResourceLoadStatisticsStore::updateCookiePartitioningForDomains): Update for revised naming.
(WebKit::WebResourceLoadStatisticsStore::scheduleClearPartitioningStateForDomains): Added helper function for testing.
* UIProcess/WebResourceLoadStatisticsStore.h:
* UIProcess/WebsiteData/WebsiteDataStore.cpp:
(WebKit::WebsiteDataStore::updatePrevalentDomainsWithAndWithoutInteraction): Update for revised naming.
(WebKit::WebsiteDataStore::enableResourceLoadStatisticsAndSetTestingCallback): Ditto.
(WebKit::WebsiteDataStore::updateCookiePartitioningForTopPrivatelyOwnedDomains): Renamed to updatePrevalentDomainsWithAndWithoutInteraction.
* UIProcess/WebsiteData/WebsiteDataStore.h:

LayoutTests:

* http/tests/loading/resourceLoadStatistics/third-party-cookie-with-and-without-user-interaction-expected.txt: Added.
* http/tests/loading/resourceLoadStatistics/third-party-cookie-with-and-without-user-interaction.html: Added.
* platform/mac-highsierra-wk2/TestExpectations: Add new test expectation.

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@221683 268f45cc-cd09-0410-ab3c-d52691b4dbfc
17 files changed:
LayoutTests/ChangeLog
LayoutTests/http/tests/loading/resourceLoadStatistics/third-party-cookie-with-and-without-user-interaction-expected.txt [new file with mode: 0644]
LayoutTests/http/tests/loading/resourceLoadStatistics/third-party-cookie-with-and-without-user-interaction.html [new file with mode: 0644]
LayoutTests/platform/mac-highsierra-wk2/TestExpectations
Source/WebCore/ChangeLog
Source/WebCore/platform/network/NetworkStorageSession.h
Source/WebCore/platform/network/cf/NetworkStorageSessionCFNet.cpp
Source/WebKit/ChangeLog
Source/WebKit/NetworkProcess/NetworkProcess.cpp
Source/WebKit/NetworkProcess/NetworkProcess.h
Source/WebKit/NetworkProcess/NetworkProcess.messages.in
Source/WebKit/NetworkProcess/cocoa/NetworkDataTaskCocoa.mm
Source/WebKit/UIProcess/API/Cocoa/WKWebsiteDataStore.mm
Source/WebKit/UIProcess/WebResourceLoadStatisticsStore.cpp
Source/WebKit/UIProcess/WebResourceLoadStatisticsStore.h
Source/WebKit/UIProcess/WebsiteData/WebsiteDataStore.cpp
Source/WebKit/UIProcess/WebsiteData/WebsiteDataStore.h