Add a "block-cookies" rule to the user content filter.
authorbeidson@apple.com <beidson@apple.com@268f45cc-cd09-0410-ab3c-d52691b4dbfc>
Fri, 27 Feb 2015 22:50:03 +0000 (22:50 +0000)
committerbeidson@apple.com <beidson@apple.com@268f45cc-cd09-0410-ab3c-d52691b4dbfc>
Fri, 27 Feb 2015 22:50:03 +0000 (22:50 +0000)
https://bugs.webkit.org/show_bug.cgi?id=142105

Reviewed by Alex Christensen.

Source/WebCore:

Tests: http/tests/usercontentfilter/block-cookies-basic.html
       http/tests/usercontentfilter/block-cookies-send.html

* contentextensions/ContentExtensionRule.h:

* contentextensions/ContentExtensionsBackend.cpp:
(WebCore::ContentExtensions::ContentExtensionsBackend::actionForURL):
(WebCore::ContentExtensions::ContentExtensionsBackend::shouldBlockURL): Deleted.
* contentextensions/ContentExtensionsBackend.h:

* contentextensions/ContentExtensionsManager.cpp:
(WebCore::ContentExtensions::ExtensionsManager::loadAction):

* loader/cache/CachedResourceLoader.cpp:
(WebCore::CachedResourceLoader::requestResource):

* page/UserContentController.cpp:
(WebCore::UserContentController::actionForURL):
(WebCore::UserContentController::contentFilterBlocksURL): Deleted.
* page/UserContentController.h:

LayoutTests:

* http/tests/cookies/resources/echo-cookies.php: Added.
* http/tests/usercontentfilter/block-cookies-basic-expected.txt: Added.
* http/tests/usercontentfilter/block-cookies-basic.html: Added.
* http/tests/usercontentfilter/block-cookies-basic.html.json: Added.
* http/tests/usercontentfilter/block-cookies-send-expected.txt: Added.
* http/tests/usercontentfilter/block-cookies-send.html: Added.
* http/tests/usercontentfilter/block-cookies-send.html.json: Added.

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@180783 268f45cc-cd09-0410-ab3c-d52691b4dbfc

16 files changed:
LayoutTests/ChangeLog
LayoutTests/http/tests/cookies/resources/echo-cookies.php [new file with mode: 0644]
LayoutTests/http/tests/usercontentfilter/block-cookies-basic-expected.txt [new file with mode: 0644]
LayoutTests/http/tests/usercontentfilter/block-cookies-basic.html [new file with mode: 0644]
LayoutTests/http/tests/usercontentfilter/block-cookies-basic.html.json [new file with mode: 0644]
LayoutTests/http/tests/usercontentfilter/block-cookies-send-expected.txt [new file with mode: 0644]
LayoutTests/http/tests/usercontentfilter/block-cookies-send.html [new file with mode: 0644]
LayoutTests/http/tests/usercontentfilter/block-cookies-send.html.json [new file with mode: 0644]
Source/WebCore/ChangeLog
Source/WebCore/contentextensions/ContentExtensionRule.h
Source/WebCore/contentextensions/ContentExtensionsBackend.cpp
Source/WebCore/contentextensions/ContentExtensionsBackend.h
Source/WebCore/contentextensions/ContentExtensionsManager.cpp
Source/WebCore/loader/cache/CachedResourceLoader.cpp
Source/WebCore/page/UserContentController.cpp
Source/WebCore/page/UserContentController.h

index c6cef64..781c365 100644 (file)
@@ -1,3 +1,18 @@
+2015-02-27  Brady Eidson  <beidson@apple.com>
+
+        Add a "block-cookies" rule to the user content filter.
+        https://bugs.webkit.org/show_bug.cgi?id=142105
+
+        Reviewed by Alex Christensen.
+
+        * http/tests/cookies/resources/echo-cookies.php: Added.
+        * http/tests/usercontentfilter/block-cookies-basic-expected.txt: Added.
+        * http/tests/usercontentfilter/block-cookies-basic.html: Added.
+        * http/tests/usercontentfilter/block-cookies-basic.html.json: Added.
+        * http/tests/usercontentfilter/block-cookies-send-expected.txt: Added.
+        * http/tests/usercontentfilter/block-cookies-send.html: Added.
+        * http/tests/usercontentfilter/block-cookies-send.html.json: Added.
+
 2015-02-27  Ryosuke Niwa  <rniwa@webkit.org>
 
         iOS, GTK, and EFL rebaselines after r180726.
diff --git a/LayoutTests/http/tests/cookies/resources/echo-cookies.php b/LayoutTests/http/tests/cookies/resources/echo-cookies.php
new file mode 100644 (file)
index 0000000..97870f1
--- /dev/null
@@ -0,0 +1,11 @@
+<?php
+
+function echoCookie($value, $name)
+{
+    echo "$name = $value\n";
+}
+
+echo "Cookies are:\n";
+array_walk($_COOKIE, echoCookie);    
+
+?>
diff --git a/LayoutTests/http/tests/usercontentfilter/block-cookies-basic-expected.txt b/LayoutTests/http/tests/usercontentfilter/block-cookies-basic-expected.txt
new file mode 100644 (file)
index 0000000..c22c353
--- /dev/null
@@ -0,0 +1,4 @@
+This image resource sets a cookie. But based on the content rules, setting cookie should be blocked.
+document.cookie should be empty, and its value is ''
+
+
diff --git a/LayoutTests/http/tests/usercontentfilter/block-cookies-basic.html b/LayoutTests/http/tests/usercontentfilter/block-cookies-basic.html
new file mode 100644 (file)
index 0000000..6e17fa3
--- /dev/null
@@ -0,0 +1,18 @@
+<script>
+if (window.testRunner) {
+       testRunner.dumpAsText();
+       testRunner.waitUntilDone();
+}
+
+function loaded()
+{
+       document.getElementById("logger").innerHTML += "document.cookie should be empty, and its value is '" + document.cookie + "'";
+       
+       if (window.testRunner)
+               testRunner.notifyDone();
+}
+</script>
+
+This image resource sets a cookie. But based on the content rules, setting cookie should be blocked.<br>
+<div id="logger"></div><br>
+<img src="http://127.0.0.1:8000/cookies/resources/cookie-utility.php?queryfunction=setFooCookie" onerror="loaded()">
diff --git a/LayoutTests/http/tests/usercontentfilter/block-cookies-basic.html.json b/LayoutTests/http/tests/usercontentfilter/block-cookies-basic.html.json
new file mode 100644 (file)
index 0000000..14e93e8
--- /dev/null
@@ -0,0 +1,10 @@
+[
+    {
+        "action": {
+            "type": "block-cookies"
+        },
+        "trigger": {
+            "url-filter": "http://127.0.0.1:8000/cookies/resources/cookie-utility.php"
+        }
+    }
+]
\ No newline at end of file
diff --git a/LayoutTests/http/tests/usercontentfilter/block-cookies-send-expected.txt b/LayoutTests/http/tests/usercontentfilter/block-cookies-send-expected.txt
new file mode 100644 (file)
index 0000000..6bf129e
--- /dev/null
@@ -0,0 +1,9 @@
+This test loads a resource that sets a cookie, then verifies that the cookie is not sent out when it should be blocked.
+After the image, document.cookie is 'foo=awesomevalue'
+After the iframe, document.cookie is 'foo=awesomevalue'
+
+--------
+Frame: 'iframe'
+--------
+Cookies are:
diff --git a/LayoutTests/http/tests/usercontentfilter/block-cookies-send.html b/LayoutTests/http/tests/usercontentfilter/block-cookies-send.html
new file mode 100644 (file)
index 0000000..807e420
--- /dev/null
@@ -0,0 +1,29 @@
+<script>
+if (window.testRunner) {
+       testRunner.dumpAsText();
+       testRunner.dumpChildFramesAsText();
+       testRunner.waitUntilDone();
+}
+
+function iframeDone()
+{
+       document.getElementById("logger").innerHTML += "After the iframe, document.cookie is '" + document.cookie + "'<br>";
+
+       if (window.testRunner)
+               testRunner.notifyDone();
+}
+
+function imageDone()
+{
+       document.getElementById("logger").innerHTML += "After the image, document.cookie is '" + document.cookie + "'<br>";
+       document.getElementById("iframe").onload = iframeDone;
+       document.getElementById("iframe").src = "http://127.0.0.1:8000/cookies/resources/echo-cookies.php";
+}
+
+
+</script>
+
+This test loads a resource that sets a cookie, then verifies that the cookie is not sent out when it should be blocked.<br>
+<div id="logger"></div>
+<img src="http://127.0.0.1:8000/cookies/resources/cookie-utility.php?queryfunction=setFooCookie" onerror="imageDone();">
+<iframe id="iframe"></iframe>
diff --git a/LayoutTests/http/tests/usercontentfilter/block-cookies-send.html.json b/LayoutTests/http/tests/usercontentfilter/block-cookies-send.html.json
new file mode 100644 (file)
index 0000000..cdde90e
--- /dev/null
@@ -0,0 +1,10 @@
+[
+    {
+        "action": {
+            "type": "block-cookies"
+        },
+        "trigger": {
+            "url-filter": "http://127.0.0.1:8000/cookies/resources/echo-cookies"
+        }
+    }
+]
\ No newline at end of file
index d0631ab..b1ad67a 100644 (file)
@@ -1,3 +1,31 @@
+2015-02-27  Brady Eidson  <beidson@apple.com>
+
+        Add a "block-cookies" rule to the user content filter.
+        https://bugs.webkit.org/show_bug.cgi?id=142105
+
+        Reviewed by Alex Christensen.
+
+        Tests: http/tests/usercontentfilter/block-cookies-basic.html
+               http/tests/usercontentfilter/block-cookies-send.html
+
+        * contentextensions/ContentExtensionRule.h:
+
+        * contentextensions/ContentExtensionsBackend.cpp:
+        (WebCore::ContentExtensions::ContentExtensionsBackend::actionForURL):
+        (WebCore::ContentExtensions::ContentExtensionsBackend::shouldBlockURL): Deleted.
+        * contentextensions/ContentExtensionsBackend.h:
+
+        * contentextensions/ContentExtensionsManager.cpp:
+        (WebCore::ContentExtensions::ExtensionsManager::loadAction):
+
+        * loader/cache/CachedResourceLoader.cpp:
+        (WebCore::CachedResourceLoader::requestResource):
+
+        * page/UserContentController.cpp:
+        (WebCore::UserContentController::actionForURL):
+        (WebCore::UserContentController::contentFilterBlocksURL): Deleted.
+        * page/UserContentController.h:
+
 2015-02-27  Alex Christensen  <achristensen@webkit.org>
 
         [WinCairo] Unreviewed build fix.
index aa97ef1..ef2113b 100644 (file)
@@ -36,6 +36,7 @@ namespace ContentExtensions {
 
 enum class ExtensionActionType {
     BlockLoad,
+    BlockCookies,
     IgnorePreviousRules
 };
 
index 9b87066..fe78fc3 100644 (file)
@@ -117,7 +117,7 @@ void ContentExtensionsBackend::removeAllRuleLists()
     m_ruleLists.clear();
 }
 
-bool ContentExtensionsBackend::shouldBlockURL(const URL& url)
+ContentFilterAction ContentExtensionsBackend::actionForURL(const URL& url)
 {
     const String& urlString = url.string();
     ASSERT_WITH_MESSAGE(urlString.containsOnlyASCII(), "A decoded URL should only contain ASCII characters. The matching algorithm assumes the input is ASCII.");
@@ -133,12 +133,16 @@ bool ContentExtensionsBackend::shouldBlockURL(const URL& url)
             copyToVector(triggeredActions, sortedActions);
             std::sort(sortedActions.begin(), sortedActions.end());
             size_t lastAction = static_cast<size_t>(sortedActions.last());
-            if (compiledContentExtension.ruleList[lastAction].action().type == ExtensionActionType::BlockLoad)
-                return true;
+            ExtensionActionType type = compiledContentExtension.ruleList[lastAction].action().type;
+
+            if (type == ExtensionActionType::BlockLoad)
+                return ContentFilterAction::Block;
+            if (type == ExtensionActionType::BlockCookies)
+                return ContentFilterAction::BlockCookies;
         }
     }
 
-    return false;
+    return ContentFilterAction::Load;
 }
 
 } // namespace ContentExtensions
index 4df4c4c..e97d9a4 100644 (file)
@@ -31,6 +31,7 @@
 #include "ContentExtensionRule.h"
 #include "DFA.h"
 #include "DFABytecode.h"
+#include "UserContentController.h"
 #include <wtf/HashMap.h>
 #include <wtf/text/StringHash.h>
 #include <wtf/text/WTFString.h>
@@ -57,7 +58,7 @@ public:
     void removeAllRuleLists();
 
     // - Internal WebCore Interface.
-    bool shouldBlockURL(const URL&);
+    ContentFilterAction actionForURL(const URL&);
 
 private:
     struct CompiledContentExtension {
index 68da919..f962138 100644 (file)
@@ -96,6 +96,8 @@ static bool loadAction(ExecState& exec, JSObject& ruleObject, ContentExtensionRu
         action.type = ExtensionActionType::BlockLoad;
     else if (actionType == "ignore-previous-rules")
         action.type = ExtensionActionType::IgnorePreviousRules;
+    else if (actionType == "block-cookies")
+        action.type = ExtensionActionType::BlockCookies;
     else if (actionType != "block" && actionType != "") {
         WTFLogAlways("Unrecognized action: \"%s\"", actionType.utf8().data());
         return false;
index 33e5977..b68f708 100644 (file)
@@ -464,8 +464,16 @@ CachedResourceHandle<CachedResource> CachedResourceLoader::requestResource(Cache
         return nullptr;
 
 #if ENABLE(CONTENT_EXTENSIONS)
-    if (frame() && frame()->page() && frame()->page()->userContentController() && frame()->page()->userContentController()->contentFilterBlocksURL(url))
-        return nullptr;
+    ContentFilterAction action = ContentFilterAction::Load;
+
+    if (frame() && frame()->page() && frame()->page()->userContentController()) {
+        action = frame()->page()->userContentController()->actionForURL(url);
+        if (action == ContentFilterAction::Block)
+            return nullptr;
+    }
+
+    if (action == ContentFilterAction::BlockCookies)
+        request.mutableResourceRequest().setAllowCookies(false);
 #endif
 
     auto& memoryCache = MemoryCache::singleton();
index f1b5a55..32cfdd7 100644 (file)
@@ -203,12 +203,12 @@ void UserContentController::removeAllUserContentFilters()
     m_contentExtensionBackend->removeAllRuleLists();
 }
 
-bool UserContentController::contentFilterBlocksURL(const URL& url)
+ContentFilterAction UserContentController::actionForURL(const URL& url)
 {
     if (!m_contentExtensionBackend)
-        return false;
+        return ContentFilterAction::Load;
 
-    return m_contentExtensionBackend->shouldBlockURL(url);
+    return m_contentExtensionBackend->actionForURL(url);
 }
 
 #endif
index 3dca718..451929f 100644 (file)
@@ -49,6 +49,12 @@ namespace ContentExtensions {
 class ContentExtensionsBackend;
 }
 
+enum class ContentFilterAction {
+    Load,
+    Block,
+    BlockCookies
+};
+
 class UserContentController : public RefCounted<UserContentController> {
 public:
     WEBCORE_EXPORT static RefPtr<UserContentController> create();
@@ -85,7 +91,7 @@ public:
     WEBCORE_EXPORT void removeAllUserContentFilters();
     
     // FIXME: Consider putting this (and other future content filter predicates) in its own class.
-    bool contentFilterBlocksURL(const URL&);
+    ContentFilterAction actionForURL(const URL&);
 #endif
 
 private: