https://bugs.webkit.org/show_bug.cgi?id=181276
<rdar://problem/
36290463>
Reviewed by Alex Christensen.
Source/WebCore:
No new tests. Existing test expectations updated.
* dom/Document.cpp:
(WebCore::Document::requestStorageAccess):
LayoutTests:
Two test cases are deleted since the user has no way
to deny access through a prompt anymore. The rest
are updated to not expect a "CONFIRM:..." text output.
* http/tests/storageAccess/request-and-deny-storage-access-cross-origin-iframe-expected.txt: Removed.
* http/tests/storageAccess/request-and-deny-storage-access-cross-origin-iframe.html: Removed.
* http/tests/storageAccess/request-and-deny-storage-access-cross-origin-sandboxed-iframe-expected.txt: Removed.
* http/tests/storageAccess/request-and-deny-storage-access-cross-origin-sandboxed-iframe.html: Removed.
* http/tests/storageAccess/request-and-grant-access-then-detach-should-not-have-access-expected.txt:
* http/tests/storageAccess/request-and-grant-access-then-navigate-should-not-have-access-expected.txt:
* http/tests/storageAccess/request-and-grant-storage-access-cross-origin-non-sandboxed-iframe-expected.txt:
* http/tests/storageAccess/request-and-grant-storage-access-cross-origin-sandboxed-iframe-expected.txt:
* http/tests/storageAccess/request-and-grant-storage-access-cross-origin-sandboxed-iframe-from-prevalent-domain-with-non-recent-user-interaction-and-try-access-from-right-frame-expected.txt:
* http/tests/storageAccess/request-and-grant-storage-access-cross-origin-sandboxed-iframe-from-prevalent-domain-with-non-recent-user-interaction-but-try-access-from-wrong-frame-expected.txt:
* http/tests/storageAccess/request-and-grant-storage-access-cross-origin-sandboxed-iframe-from-prevalent-domain-with-recent-user-interaction-expected.txt:
* http/tests/storageAccess/request-and-grant-storage-access-cross-origin-sandboxed-iframe-from-prevalent-domain-without-user-interaction-expected.txt:
* platform/mac-wk2/TestExpectations:
Removed entries for the deleted test cases.
git-svn-id: https://svn.webkit.org/repository/webkit/trunk@226409
268f45cc-cd09-0410-ab3c-
d52691b4dbfc
+2018-01-04 John Wilander <wilander@apple.com>
+
+ Storage Access API: Remove JavaScript confirm() prompt from Document::requestStorageAccess()
+ https://bugs.webkit.org/show_bug.cgi?id=181276
+ <rdar://problem/36290463>
+
+ Reviewed by Alex Christensen.
+
+ Two test cases are deleted since the user has no way
+ to deny access through a prompt anymore. The rest
+ are updated to not expect a "CONFIRM:..." text output.
+
+ * http/tests/storageAccess/request-and-deny-storage-access-cross-origin-iframe-expected.txt: Removed.
+ * http/tests/storageAccess/request-and-deny-storage-access-cross-origin-iframe.html: Removed.
+ * http/tests/storageAccess/request-and-deny-storage-access-cross-origin-sandboxed-iframe-expected.txt: Removed.
+ * http/tests/storageAccess/request-and-deny-storage-access-cross-origin-sandboxed-iframe.html: Removed.
+ * http/tests/storageAccess/request-and-grant-access-then-detach-should-not-have-access-expected.txt:
+ * http/tests/storageAccess/request-and-grant-access-then-navigate-should-not-have-access-expected.txt:
+ * http/tests/storageAccess/request-and-grant-storage-access-cross-origin-non-sandboxed-iframe-expected.txt:
+ * http/tests/storageAccess/request-and-grant-storage-access-cross-origin-sandboxed-iframe-expected.txt:
+ * http/tests/storageAccess/request-and-grant-storage-access-cross-origin-sandboxed-iframe-from-prevalent-domain-with-non-recent-user-interaction-and-try-access-from-right-frame-expected.txt:
+ * http/tests/storageAccess/request-and-grant-storage-access-cross-origin-sandboxed-iframe-from-prevalent-domain-with-non-recent-user-interaction-but-try-access-from-wrong-frame-expected.txt:
+ * http/tests/storageAccess/request-and-grant-storage-access-cross-origin-sandboxed-iframe-from-prevalent-domain-with-recent-user-interaction-expected.txt:
+ * http/tests/storageAccess/request-and-grant-storage-access-cross-origin-sandboxed-iframe-from-prevalent-domain-without-user-interaction-expected.txt:
+ * platform/mac-wk2/TestExpectations:
+ Removed entries for the deleted test cases.
+
2018-01-04 Carlos Garcia Campos <cgarcia@igalia.com>
[GTK] Issues with Ahem's ex / x-height
+++ /dev/null
-CONFIRM: Do you want to use your localhost ID on 127.0.0.1?
-Tests that cross-origin iframe storage access is denied if the iframe is not sandboxed and the user declines.
-
-On success, you will see a series of "PASS" messages, followed by "TEST COMPLETE".
-
-
-PASS Storage access was denied. document.cookie == , cookies seen server-side == "No cookies"
-PASS successfullyParsed is true
-
-TEST COMPLETE
-
+++ /dev/null
-<!DOCTYPE html>
-<html>
-<head>
- <script src="/js-test-resources/js-test.js"></script>
- <script src="/js-test-resources/ui-helper.js"></script>
- <script>
- description("Tests that cross-origin iframe storage access is denied if the iframe is not sandboxed and the user declines.");
- jsTestIsAsync = true;
-
- const hostUnderTest = "localhost:8000";
- const statisticsUrl = "http://" + hostUnderTest + "/temp";
-
- window.addEventListener("message", receiveMessage, false);
-
- function setEnableFeature(enable) {
- if (!enable)
- testRunner.statisticsResetToConsistentState();
- internals.setResourceLoadStatisticsEnabled(enable);
- testRunner.setCookieStoragePartitioningEnabled(enable);
- testRunner.setStorageAccessAPIEnabled(enable);
- }
-
- function receiveMessage(event) {
- if (event.origin === "http://localhost:8000") {
- if (event.data.indexOf("PASS") !== -1)
- testPassed(event.data.replace("PASS ", ""));
- else
- testFailed(event.data.replace("FAIL ", ""));
- } else
- testFailed("Received a message from an unexpected origin: " + event.origin);
- setEnableFeature(false);
- finishJSTest();
- }
-
- function activateElement(elementId) {
- var element = document.getElementById(elementId);
- var centerX = element.offsetLeft + element.offsetWidth / 2;
- var centerY = element.offsetTop + element.offsetHeight / 2;
- UIHelper.activateAt(centerX, centerY).then(
- function () {
- if (window.eventSender)
- eventSender.keyDown("escape");
- else {
- testFailed("No eventSender.");
- setEnableFeature(false);
- finishJSTest();
- }
- },
- function () {
- testFailed("Promise rejected.");
- setEnableFeature(false);
- finishJSTest();
- }
- );
- }
-
- function runTest() {
- setEnableFeature(true);
-
- testRunner.setStatisticsPrevalentResource(statisticsUrl, true);
- if (!testRunner.isStatisticsPrevalentResource(statisticsUrl))
- testFailed("Host did not get set as prevalent resource.");
- testRunner.setStatisticsHasHadNonRecentUserInteraction(statisticsUrl);
- if (!testRunner.isStatisticsHasHadUserInteraction(statisticsUrl))
- testFailed("Host did not get logged for user interaction.");
- testRunner.statisticsUpdateCookiePartitioning();
-
- activateElement("theIframe");
- }
- </script>
-</head>
-<body>
- <iframe onload="runTest()" id="theIframe" src="http://localhost:8000/storageAccess/resources/request-storage-access-iframe.html#userShouldDenyAccess,userShouldBeConsulted,policyShouldGrantAccess,isNotSameOriginIframe"></iframe>
-</body>
-</html>
\ No newline at end of file
+++ /dev/null
-CONFIRM: Do you want to use your localhost ID on 127.0.0.1?
-Tests that cross-origin iframe storage access is denied if the iframe is sandboxed, has the allow token, but the user opts out.
-
-On success, you will see a series of "PASS" messages, followed by "TEST COMPLETE".
-
-
-PASS Storage access was denied. document.cookie == , cookies seen server-side == "No cookies"
-PASS successfullyParsed is true
-
-TEST COMPLETE
-
+++ /dev/null
-<!DOCTYPE html>
-<html>
-<head>
- <script src="/js-test-resources/js-test.js"></script>
- <script src="/js-test-resources/ui-helper.js"></script>
- <script>
- description("Tests that cross-origin iframe storage access is denied if the iframe is sandboxed, has the allow token, but the user opts out.");
- jsTestIsAsync = true;
-
- const hostUnderTest = "localhost:8000";
- const statisticsUrl = "http://" + hostUnderTest + "/temp";
-
- window.addEventListener("message", receiveMessage, false);
-
- function setEnableFeature(enable) {
- if (!enable)
- testRunner.statisticsResetToConsistentState();
- internals.setResourceLoadStatisticsEnabled(enable);
- testRunner.setCookieStoragePartitioningEnabled(enable);
- testRunner.setStorageAccessAPIEnabled(enable);
- }
-
- function receiveMessage(event) {
- if (event.origin === "http://localhost:8000") {
- if (event.data.indexOf("PASS") !== -1)
- testPassed(event.data.replace("PASS ", ""));
- else
- testFailed(event.data.replace("FAIL ", ""));
- } else
- testFailed("Received a message from an unexpected origin: " + event.origin);
- finishJSTest();
- setEnableFeature(false);
- }
-
- function activateElement(elementId) {
- var element = document.getElementById(elementId);
- var centerX = element.offsetLeft + element.offsetWidth / 2;
- var centerY = element.offsetTop + element.offsetHeight / 2;
- UIHelper.activateAt(centerX, centerY).then(
- function () {
- if (window.eventSender)
- eventSender.keyDown("escape");
- else {
- testFailed("No eventSender.");
- finishJSTest();
- setEnableFeature(false);
- }
- },
- function () {
- testFailed("Promise rejected.");
- finishJSTest();
- setEnableFeature(false);
- }
- );
- }
-
- function runTest() {
- setEnableFeature(true);
-
- testRunner.setStatisticsPrevalentResource(statisticsUrl, true);
- if (!testRunner.isStatisticsPrevalentResource(statisticsUrl))
- testFailed("Host did not get set as prevalent resource.");
- testRunner.setStatisticsHasHadNonRecentUserInteraction(statisticsUrl);
- if (!testRunner.isStatisticsHasHadUserInteraction(statisticsUrl))
- testFailed("Host did not get logged for user interaction.");
- testRunner.statisticsUpdateCookiePartitioning();
-
- activateElement("theIframe");
- }
- </script>
-</head>
-<body>
- <iframe sandbox="allow-storage-access-by-user-activation allow-scripts allow-same-origin allow-modals" onload="runTest()" id="theIframe" src="http://localhost:8000/storageAccess/resources/request-storage-access-iframe.html#userShouldDenyAccess,userShouldBeConsulted,policyShouldGrantAccess,isNotSameOriginIframe"></iframe>
-</body>
-</html>
\ No newline at end of file
-CONFIRM: Do you want to use your localhost ID on 127.0.0.1?
Tests that a cross-origin iframe from a prevalent domain that is granted storage access and then is detached from the DOM does not have storage access.
On success, you will see a series of "PASS" messages, followed by "TEST COMPLETE".
-CONFIRM: Do you want to use your localhost ID on 127.0.0.1?
Tests that a cross-origin iframe from a prevalent domain that is granted storage access and then navigates itself does not have storage access.
On success, you will see a series of "PASS" messages, followed by "TEST COMPLETE".
-CONFIRM: Do you want to use your localhost ID on 127.0.0.1?
Tests that cross-origin iframe storage access is granted if the iframe is not sandboxed and the user accepts.
On success, you will see a series of "PASS" messages, followed by "TEST COMPLETE".
-CONFIRM: Do you want to use your localhost ID on 127.0.0.1?
Tests that cross-origin iframe storage access is granted if the iframe is sandboxed, has the allow token, and the user opts in.
On success, you will see a series of "PASS" messages, followed by "TEST COMPLETE".
-CONFIRM: Do you want to use your localhost ID on 127.0.0.1?
Tests that cross-origin iframe storage access is granted if the iframe is sandboxed, has the allow token, the iframe origin is a prevalent resource, the iframe origin has had user interaction, the user opts in, and the frame is the one with access.
On success, you will see a series of "PASS" messages, followed by "TEST COMPLETE".
-CONFIRM: Do you want to use your localhost ID on 127.0.0.1?
Tests that cross-origin iframe storage access is denied if the iframe is sandboxed, has the allow token, the iframe origin is a prevalent resource, the iframe origin has had user interaction, the user opts in, but the frame is not the one with access.
On success, you will see a series of "PASS" messages, followed by "TEST COMPLETE".
-CONFIRM: Do you want to use your localhost ID on 127.0.0.1?
Tests that cross-origin iframe storage access is granted if the iframe is sandboxed, has the allow token, the iframe origin is a prevalent resource, the iframe origin has had recent user interaction, and the user opts in.
On success, you will see a series of "PASS" messages, followed by "TEST COMPLETE".
-CONFIRM: Do you want to use your localhost ID on 127.0.0.1?
Tests that cross-origin iframe storage access is denied if the iframe is sandboxed, has the allow token, the iframe origin is a prevalent resource, the iframe origin has not had user interaction, and the user opts in.
On success, you will see a series of "PASS" messages, followed by "TEST COMPLETE".
http/tests/resourceLoadStatistics/user-interaction-in-cross-origin-sub-frame.html [ Pass ]
http/tests/resourceLoadStatistics/user-interaction-only-reported-once-within-short-period-of-time.html [ Pass ]
http/tests/resourceLoadStatistics/user-interaction-reported-after-website-data-removal.html [ Pass ]
-[ HighSierra+ ] http/tests/storageAccess/request-and-deny-storage-access-cross-origin-iframe.html [ Pass ]
-[ HighSierra+ ] http/tests/storageAccess/request-and-deny-storage-access-cross-origin-sandboxed-iframe.html [ Pass ]
[ HighSierra+ ] http/tests/storageAccess/request-and-grant-storage-access-cross-origin-non-sandboxed-iframe.html [ Pass ]
[ HighSierra+ ] http/tests/storageAccess/request-and-grant-storage-access-cross-origin-sandboxed-iframe.html [ Pass ]
[ HighSierra+ ] http/tests/storageAccess/request-storage-access-cross-origin-sandboxed-iframe-with-unique-origin.html [ Pass ]
+2018-01-04 John Wilander <wilander@apple.com>
+
+ Storage Access API: Remove JavaScript confirm() prompt from Document::requestStorageAccess()
+ https://bugs.webkit.org/show_bug.cgi?id=181276
+ <rdar://problem/36290463>
+
+ Reviewed by Alex Christensen.
+
+ No new tests. Existing test expectations updated.
+
+ * dom/Document.cpp:
+ (WebCore::Document::requestStorageAccess):
+
2018-01-04 Carlos Garcia Campos <cgarcia@igalia.com>
[GTK] Issues with Ahem's ex / x-height
auto iframeHost = securityOrigin.host();
auto topHost = topSecurityOrigin.host();
- StringBuilder builder;
- builder.appendLiteral("Do you want to use your ");
- builder.append(iframeHost);
- builder.appendLiteral(" ID on ");
- builder.append(topHost);
- builder.appendLiteral("?");
- Page* page = this->page();
- ASSERT(m_frame);
+ Page* page = this->page();
auto frameID = m_frame->loader().client().frameID();
auto pageID = m_frame->loader().client().pageID();
- if (!frameID || !pageID) {
+ if (!page || !frameID || !pageID) {
promise->reject();
return;
}
- // FIXME: Don't use runJavaScriptConfirm because it responds synchronously.
- if ((page && page->chrome().runJavaScriptConfirm(*m_frame, builder.toString())) || m_grantStorageAccessOverride) {
- page->chrome().client().requestStorageAccess(WTFMove(iframeHost), WTFMove(topHost), frameID.value(), pageID.value(), [documentReference = m_weakFactory.createWeakPtr(*this), promise = WTFMove(promise)] (bool wasGranted) {
- Document* document = documentReference.get();
- if (!document)
- return;
-
- if (wasGranted) {
- document->setHasFrameSpecificStorageAccess(true);
- promise->resolve();
- } else
- promise->reject();
- });
- return;
- }
-#endif
-
+ page->chrome().client().requestStorageAccess(WTFMove(iframeHost), WTFMove(topHost), frameID.value(), pageID.value(), [documentReference = m_weakFactory.createWeakPtr(*this), promise = WTFMove(promise)] (bool wasGranted) {
+ Document* document = documentReference.get();
+ if (!document)
+ return;
+
+ if (wasGranted) {
+ document->setHasFrameSpecificStorageAccess(true);
+ promise->resolve();
+ } else
+ promise->reject();
+ });
+#else
promise->reject();
+#endif
}
#if HAVE(CFNETWORK_STORAGE_PARTITIONING)
git://git.webkit.org / WebKit-https.git / commitdiff