Storage Access API: Remove JavaScript confirm() prompt from Document::requestStorageA...
authorwilander@apple.com <wilander@apple.com@268f45cc-cd09-0410-ab3c-d52691b4dbfc>
Thu, 4 Jan 2018 17:56:55 +0000 (17:56 +0000)
committerwilander@apple.com <wilander@apple.com@268f45cc-cd09-0410-ab3c-d52691b4dbfc>
Thu, 4 Jan 2018 17:56:55 +0000 (17:56 +0000)
https://bugs.webkit.org/show_bug.cgi?id=181276
<rdar://problem/36290463>

Reviewed by Alex Christensen.

Source/WebCore:

No new tests. Existing test expectations updated.

* dom/Document.cpp:
(WebCore::Document::requestStorageAccess):

LayoutTests:

Two test cases are deleted since the user has no way
to deny access through a prompt anymore. The rest
are updated to not expect a "CONFIRM:..." text output.

* http/tests/storageAccess/request-and-deny-storage-access-cross-origin-iframe-expected.txt: Removed.
* http/tests/storageAccess/request-and-deny-storage-access-cross-origin-iframe.html: Removed.
* http/tests/storageAccess/request-and-deny-storage-access-cross-origin-sandboxed-iframe-expected.txt: Removed.
* http/tests/storageAccess/request-and-deny-storage-access-cross-origin-sandboxed-iframe.html: Removed.
* http/tests/storageAccess/request-and-grant-access-then-detach-should-not-have-access-expected.txt:
* http/tests/storageAccess/request-and-grant-access-then-navigate-should-not-have-access-expected.txt:
* http/tests/storageAccess/request-and-grant-storage-access-cross-origin-non-sandboxed-iframe-expected.txt:
* http/tests/storageAccess/request-and-grant-storage-access-cross-origin-sandboxed-iframe-expected.txt:
* http/tests/storageAccess/request-and-grant-storage-access-cross-origin-sandboxed-iframe-from-prevalent-domain-with-non-recent-user-interaction-and-try-access-from-right-frame-expected.txt:
* http/tests/storageAccess/request-and-grant-storage-access-cross-origin-sandboxed-iframe-from-prevalent-domain-with-non-recent-user-interaction-but-try-access-from-wrong-frame-expected.txt:
* http/tests/storageAccess/request-and-grant-storage-access-cross-origin-sandboxed-iframe-from-prevalent-domain-with-recent-user-interaction-expected.txt:
* http/tests/storageAccess/request-and-grant-storage-access-cross-origin-sandboxed-iframe-from-prevalent-domain-without-user-interaction-expected.txt:
* platform/mac-wk2/TestExpectations:
    Removed entries for the deleted test cases.

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@226409 268f45cc-cd09-0410-ab3c-d52691b4dbfc

16 files changed:
LayoutTests/ChangeLog
LayoutTests/http/tests/storageAccess/request-and-deny-storage-access-cross-origin-iframe-expected.txt [deleted file]
LayoutTests/http/tests/storageAccess/request-and-deny-storage-access-cross-origin-iframe.html [deleted file]
LayoutTests/http/tests/storageAccess/request-and-deny-storage-access-cross-origin-sandboxed-iframe-expected.txt [deleted file]
LayoutTests/http/tests/storageAccess/request-and-deny-storage-access-cross-origin-sandboxed-iframe.html [deleted file]
LayoutTests/http/tests/storageAccess/request-and-grant-access-then-detach-should-not-have-access-expected.txt
LayoutTests/http/tests/storageAccess/request-and-grant-access-then-navigate-should-not-have-access-expected.txt
LayoutTests/http/tests/storageAccess/request-and-grant-storage-access-cross-origin-non-sandboxed-iframe-expected.txt
LayoutTests/http/tests/storageAccess/request-and-grant-storage-access-cross-origin-sandboxed-iframe-expected.txt
LayoutTests/http/tests/storageAccess/request-and-grant-storage-access-cross-origin-sandboxed-iframe-from-prevalent-domain-with-non-recent-user-interaction-and-try-access-from-right-frame-expected.txt
LayoutTests/http/tests/storageAccess/request-and-grant-storage-access-cross-origin-sandboxed-iframe-from-prevalent-domain-with-non-recent-user-interaction-but-try-access-from-wrong-frame-expected.txt
LayoutTests/http/tests/storageAccess/request-and-grant-storage-access-cross-origin-sandboxed-iframe-from-prevalent-domain-with-recent-user-interaction-expected.txt
LayoutTests/http/tests/storageAccess/request-and-grant-storage-access-cross-origin-sandboxed-iframe-from-prevalent-domain-without-user-interaction-expected.txt
LayoutTests/platform/mac-wk2/TestExpectations
Source/WebCore/ChangeLog
Source/WebCore/dom/Document.cpp

index 5fbb981..f2ede13 100644 (file)
@@ -1,3 +1,30 @@
+2018-01-04  John Wilander  <wilander@apple.com>
+
+        Storage Access API: Remove JavaScript confirm() prompt from Document::requestStorageAccess()
+        https://bugs.webkit.org/show_bug.cgi?id=181276
+        <rdar://problem/36290463>
+
+        Reviewed by Alex Christensen.
+
+        Two test cases are deleted since the user has no way
+        to deny access through a prompt anymore. The rest
+        are updated to not expect a "CONFIRM:..." text output.
+
+        * http/tests/storageAccess/request-and-deny-storage-access-cross-origin-iframe-expected.txt: Removed.
+        * http/tests/storageAccess/request-and-deny-storage-access-cross-origin-iframe.html: Removed.
+        * http/tests/storageAccess/request-and-deny-storage-access-cross-origin-sandboxed-iframe-expected.txt: Removed.
+        * http/tests/storageAccess/request-and-deny-storage-access-cross-origin-sandboxed-iframe.html: Removed.
+        * http/tests/storageAccess/request-and-grant-access-then-detach-should-not-have-access-expected.txt:
+        * http/tests/storageAccess/request-and-grant-access-then-navigate-should-not-have-access-expected.txt:
+        * http/tests/storageAccess/request-and-grant-storage-access-cross-origin-non-sandboxed-iframe-expected.txt:
+        * http/tests/storageAccess/request-and-grant-storage-access-cross-origin-sandboxed-iframe-expected.txt:
+        * http/tests/storageAccess/request-and-grant-storage-access-cross-origin-sandboxed-iframe-from-prevalent-domain-with-non-recent-user-interaction-and-try-access-from-right-frame-expected.txt:
+        * http/tests/storageAccess/request-and-grant-storage-access-cross-origin-sandboxed-iframe-from-prevalent-domain-with-non-recent-user-interaction-but-try-access-from-wrong-frame-expected.txt:
+        * http/tests/storageAccess/request-and-grant-storage-access-cross-origin-sandboxed-iframe-from-prevalent-domain-with-recent-user-interaction-expected.txt:
+        * http/tests/storageAccess/request-and-grant-storage-access-cross-origin-sandboxed-iframe-from-prevalent-domain-without-user-interaction-expected.txt:
+        * platform/mac-wk2/TestExpectations:
+            Removed entries for the deleted test cases.
+
 2018-01-04  Carlos Garcia Campos  <cgarcia@igalia.com>
 
         [GTK] Issues with Ahem's ex / x-height
diff --git a/LayoutTests/http/tests/storageAccess/request-and-deny-storage-access-cross-origin-iframe-expected.txt b/LayoutTests/http/tests/storageAccess/request-and-deny-storage-access-cross-origin-iframe-expected.txt
deleted file mode 100644 (file)
index 55f6743..0000000
+++ /dev/null
@@ -1,11 +0,0 @@
-CONFIRM: Do you want to use your localhost ID on 127.0.0.1?
-Tests that cross-origin iframe storage access is denied if the iframe is not sandboxed and the user declines.
-
-On success, you will see a series of "PASS" messages, followed by "TEST COMPLETE".
-
-
-PASS Storage access was denied. document.cookie == , cookies seen server-side == "No cookies"
-PASS successfullyParsed is true
-
-TEST COMPLETE
-
diff --git a/LayoutTests/http/tests/storageAccess/request-and-deny-storage-access-cross-origin-iframe.html b/LayoutTests/http/tests/storageAccess/request-and-deny-storage-access-cross-origin-iframe.html
deleted file mode 100644 (file)
index 117df29..0000000
+++ /dev/null
@@ -1,75 +0,0 @@
-<!DOCTYPE html>
-<html>
-<head>
-    <script src="/js-test-resources/js-test.js"></script>
-    <script src="/js-test-resources/ui-helper.js"></script>
-    <script>
-        description("Tests that cross-origin iframe storage access is denied if the iframe is not sandboxed and the user declines.");
-        jsTestIsAsync = true;
-
-        const hostUnderTest = "localhost:8000";
-        const statisticsUrl = "http://" + hostUnderTest + "/temp";
-
-        window.addEventListener("message", receiveMessage, false);
-
-        function setEnableFeature(enable) {
-            if (!enable)
-                testRunner.statisticsResetToConsistentState();
-            internals.setResourceLoadStatisticsEnabled(enable);
-            testRunner.setCookieStoragePartitioningEnabled(enable);
-            testRunner.setStorageAccessAPIEnabled(enable);
-        }
-
-        function receiveMessage(event) {
-            if (event.origin === "http://localhost:8000") {
-                if (event.data.indexOf("PASS") !== -1)
-                    testPassed(event.data.replace("PASS ", ""));
-                else
-                    testFailed(event.data.replace("FAIL ", ""));
-            } else
-                testFailed("Received a message from an unexpected origin: " + event.origin);
-            setEnableFeature(false);
-            finishJSTest();
-        }
-
-        function activateElement(elementId) {
-            var element = document.getElementById(elementId);
-            var centerX = element.offsetLeft + element.offsetWidth / 2;
-            var centerY = element.offsetTop + element.offsetHeight / 2;
-            UIHelper.activateAt(centerX, centerY).then(
-                function () {
-                    if (window.eventSender)
-                        eventSender.keyDown("escape");
-                    else {
-                        testFailed("No eventSender.");
-                        setEnableFeature(false);
-                        finishJSTest();
-                    }
-                },
-                function () {
-                    testFailed("Promise rejected.");
-                    setEnableFeature(false);
-                    finishJSTest();
-                }
-            );
-        }
-
-        function runTest() {
-            setEnableFeature(true);
-
-            testRunner.setStatisticsPrevalentResource(statisticsUrl, true);
-            if (!testRunner.isStatisticsPrevalentResource(statisticsUrl))
-                testFailed("Host did not get set as prevalent resource.");
-            testRunner.setStatisticsHasHadNonRecentUserInteraction(statisticsUrl);
-            if (!testRunner.isStatisticsHasHadUserInteraction(statisticsUrl))
-                testFailed("Host did not get logged for user interaction.");
-            testRunner.statisticsUpdateCookiePartitioning();
-
-            activateElement("theIframe");
-        }
-    </script>
-</head>
-<body>
-    <iframe onload="runTest()" id="theIframe" src="http://localhost:8000/storageAccess/resources/request-storage-access-iframe.html#userShouldDenyAccess,userShouldBeConsulted,policyShouldGrantAccess,isNotSameOriginIframe"></iframe>
-</body>
-</html>
\ No newline at end of file
diff --git a/LayoutTests/http/tests/storageAccess/request-and-deny-storage-access-cross-origin-sandboxed-iframe-expected.txt b/LayoutTests/http/tests/storageAccess/request-and-deny-storage-access-cross-origin-sandboxed-iframe-expected.txt
deleted file mode 100644 (file)
index 90c6168..0000000
+++ /dev/null
@@ -1,11 +0,0 @@
-CONFIRM: Do you want to use your localhost ID on 127.0.0.1?
-Tests that cross-origin iframe storage access is denied if the iframe is sandboxed, has the allow token, but the user opts out.
-
-On success, you will see a series of "PASS" messages, followed by "TEST COMPLETE".
-
-
-PASS Storage access was denied. document.cookie == , cookies seen server-side == "No cookies"
-PASS successfullyParsed is true
-
-TEST COMPLETE
-
diff --git a/LayoutTests/http/tests/storageAccess/request-and-deny-storage-access-cross-origin-sandboxed-iframe.html b/LayoutTests/http/tests/storageAccess/request-and-deny-storage-access-cross-origin-sandboxed-iframe.html
deleted file mode 100644 (file)
index 54d0165..0000000
+++ /dev/null
@@ -1,75 +0,0 @@
-<!DOCTYPE html>
-<html>
-<head>
-    <script src="/js-test-resources/js-test.js"></script>
-    <script src="/js-test-resources/ui-helper.js"></script>
-    <script>
-        description("Tests that cross-origin iframe storage access is denied if the iframe is sandboxed, has the allow token, but the user opts out.");
-        jsTestIsAsync = true;
-
-        const hostUnderTest = "localhost:8000";
-        const statisticsUrl = "http://" + hostUnderTest + "/temp";
-
-        window.addEventListener("message", receiveMessage, false);
-
-        function setEnableFeature(enable) {
-            if (!enable)
-                testRunner.statisticsResetToConsistentState();
-            internals.setResourceLoadStatisticsEnabled(enable);
-            testRunner.setCookieStoragePartitioningEnabled(enable);
-            testRunner.setStorageAccessAPIEnabled(enable);
-        }
-
-        function receiveMessage(event) {
-            if (event.origin === "http://localhost:8000") {
-                if (event.data.indexOf("PASS") !== -1)
-                    testPassed(event.data.replace("PASS ", ""));
-                else
-                    testFailed(event.data.replace("FAIL ", ""));
-            } else
-                testFailed("Received a message from an unexpected origin: " + event.origin);
-            finishJSTest();
-            setEnableFeature(false);
-        }
-
-        function activateElement(elementId) {
-            var element = document.getElementById(elementId);
-            var centerX = element.offsetLeft + element.offsetWidth / 2;
-            var centerY = element.offsetTop + element.offsetHeight / 2;
-            UIHelper.activateAt(centerX, centerY).then(
-                function () {
-                    if (window.eventSender)
-                        eventSender.keyDown("escape");
-                    else {
-                        testFailed("No eventSender.");
-                        finishJSTest();
-                        setEnableFeature(false);
-                    }
-                },
-                function () {
-                    testFailed("Promise rejected.");
-                    finishJSTest();
-                    setEnableFeature(false);
-                }
-            );
-        }
-
-        function runTest() {
-            setEnableFeature(true);
-
-            testRunner.setStatisticsPrevalentResource(statisticsUrl, true);
-            if (!testRunner.isStatisticsPrevalentResource(statisticsUrl))
-                testFailed("Host did not get set as prevalent resource.");
-            testRunner.setStatisticsHasHadNonRecentUserInteraction(statisticsUrl);
-            if (!testRunner.isStatisticsHasHadUserInteraction(statisticsUrl))
-                testFailed("Host did not get logged for user interaction.");
-            testRunner.statisticsUpdateCookiePartitioning();
-
-            activateElement("theIframe");
-        }
-    </script>
-</head>
-<body>
-    <iframe sandbox="allow-storage-access-by-user-activation allow-scripts allow-same-origin allow-modals" onload="runTest()" id="theIframe" src="http://localhost:8000/storageAccess/resources/request-storage-access-iframe.html#userShouldDenyAccess,userShouldBeConsulted,policyShouldGrantAccess,isNotSameOriginIframe"></iframe>
-</body>
-</html>
\ No newline at end of file
index 48866a4..7379163 100644 (file)
@@ -1,4 +1,3 @@
-CONFIRM: Do you want to use your localhost ID on 127.0.0.1?
 Tests that a cross-origin iframe from a prevalent domain that is granted storage access and then is detached from the DOM does not have storage access.
 
 On success, you will see a series of "PASS" messages, followed by "TEST COMPLETE".
index 0c00b95..409a252 100644 (file)
@@ -1,4 +1,3 @@
-CONFIRM: Do you want to use your localhost ID on 127.0.0.1?
 Tests that a cross-origin iframe from a prevalent domain that is granted storage access and then navigates itself does not have storage access.
 
 On success, you will see a series of "PASS" messages, followed by "TEST COMPLETE".
index 44585d9..9df537b 100644 (file)
@@ -1,4 +1,3 @@
-CONFIRM: Do you want to use your localhost ID on 127.0.0.1?
 Tests that cross-origin iframe storage access is granted if the iframe is not sandboxed and the user accepts.
 
 On success, you will see a series of "PASS" messages, followed by "TEST COMPLETE".
index 2e80230..6c75e67 100644 (file)
@@ -1,4 +1,3 @@
-CONFIRM: Do you want to use your localhost ID on 127.0.0.1?
 Tests that cross-origin iframe storage access is granted if the iframe is sandboxed, has the allow token, and the user opts in.
 
 On success, you will see a series of "PASS" messages, followed by "TEST COMPLETE".
index 393cb53..80f024a 100644 (file)
@@ -1,4 +1,3 @@
-CONFIRM: Do you want to use your localhost ID on 127.0.0.1?
 Tests that cross-origin iframe storage access is granted if the iframe is sandboxed, has the allow token, the iframe origin is a prevalent resource, the iframe origin has had recent user interaction, and the user opts in.
 
 On success, you will see a series of "PASS" messages, followed by "TEST COMPLETE".
index 0470d0a..640f6c8 100644 (file)
@@ -1,4 +1,3 @@
-CONFIRM: Do you want to use your localhost ID on 127.0.0.1?
 Tests that cross-origin iframe storage access is denied if the iframe is sandboxed, has the allow token, the iframe origin is a prevalent resource, the iframe origin has not had user interaction, and the user opts in.
 
 On success, you will see a series of "PASS" messages, followed by "TEST COMPLETE".
index 4961b12..d42959c 100644 (file)
@@ -749,8 +749,6 @@ webkit.org/b/172397 [ Debug ] animations/needs-layout.html [ Pass ImageOnlyFailu
 http/tests/resourceLoadStatistics/user-interaction-in-cross-origin-sub-frame.html [ Pass ]
 http/tests/resourceLoadStatistics/user-interaction-only-reported-once-within-short-period-of-time.html [ Pass ]
 http/tests/resourceLoadStatistics/user-interaction-reported-after-website-data-removal.html [ Pass ]
-[ HighSierra+ ] http/tests/storageAccess/request-and-deny-storage-access-cross-origin-iframe.html [ Pass ]
-[ HighSierra+ ] http/tests/storageAccess/request-and-deny-storage-access-cross-origin-sandboxed-iframe.html [ Pass ]
 [ HighSierra+ ] http/tests/storageAccess/request-and-grant-storage-access-cross-origin-non-sandboxed-iframe.html [ Pass ]
 [ HighSierra+ ] http/tests/storageAccess/request-and-grant-storage-access-cross-origin-sandboxed-iframe.html [ Pass ]
 [ HighSierra+ ] http/tests/storageAccess/request-storage-access-cross-origin-sandboxed-iframe-with-unique-origin.html [ Pass ]
index 5ee9651..ecb94aa 100644 (file)
@@ -1,3 +1,16 @@
+2018-01-04  John Wilander  <wilander@apple.com>
+
+        Storage Access API: Remove JavaScript confirm() prompt from Document::requestStorageAccess()
+        https://bugs.webkit.org/show_bug.cgi?id=181276
+        <rdar://problem/36290463>
+
+        Reviewed by Alex Christensen.
+
+        No new tests. Existing test expectations updated.
+
+        * dom/Document.cpp:
+        (WebCore::Document::requestStorageAccess):
+
 2018-01-04  Carlos Garcia Campos  <cgarcia@igalia.com>
 
         [GTK] Issues with Ahem's ex / x-height
index 8430a6d..0e6c6b0 100644 (file)
@@ -7526,40 +7526,29 @@ void Document::requestStorageAccess(Ref<DeferredPromise>&& promise)
     
     auto iframeHost = securityOrigin.host();
     auto topHost = topSecurityOrigin.host();
-    StringBuilder builder;
-    builder.appendLiteral("Do you want to use your ");
-    builder.append(iframeHost);
-    builder.appendLiteral(" ID on ");
-    builder.append(topHost);
-    builder.appendLiteral("?");
-    Page* page = this->page();
 
-    ASSERT(m_frame);
+    Page* page = this->page();
     auto frameID = m_frame->loader().client().frameID();
     auto pageID = m_frame->loader().client().pageID();
-    if (!frameID || !pageID) {
+    if (!page || !frameID || !pageID) {
         promise->reject();
         return;
     }
 
-    // FIXME: Don't use runJavaScriptConfirm because it responds synchronously.
-    if ((page && page->chrome().runJavaScriptConfirm(*m_frame, builder.toString())) || m_grantStorageAccessOverride) {
-        page->chrome().client().requestStorageAccess(WTFMove(iframeHost), WTFMove(topHost), frameID.value(), pageID.value(), [documentReference = m_weakFactory.createWeakPtr(*this), promise = WTFMove(promise)] (bool wasGranted) {
-            Document* document = documentReference.get();
-            if (!document)
-                return;
-
-            if (wasGranted) {
-                document->setHasFrameSpecificStorageAccess(true);
-                promise->resolve();
-            } else
-                promise->reject();
-        });
-        return;
-    }
-#endif
-
+    page->chrome().client().requestStorageAccess(WTFMove(iframeHost), WTFMove(topHost), frameID.value(), pageID.value(), [documentReference = m_weakFactory.createWeakPtr(*this), promise = WTFMove(promise)] (bool wasGranted) {
+        Document* document = documentReference.get();
+        if (!document)
+            return;
+        
+        if (wasGranted) {
+            document->setHasFrameSpecificStorageAccess(true);
+            promise->resolve();
+        } else
+            promise->reject();
+    });
+#else
     promise->reject();
+#endif
 }
 
 #if HAVE(CFNETWORK_STORAGE_PARTITIONING)