6506f1077065a4d21f7980192f3d7507ebc23a9e
[WebKit.git] / Source / WebCore / platform / network / NetworkStorageSession.h
1 /*
2  * Copyright (C) 2012-2018 Apple Inc. All rights reserved.
3  *
4  * Redistribution and use in source and binary forms, with or without
5  * modification, are permitted provided that the following conditions
6  * are met:
7  * 1. Redistributions of source code must retain the above copyright
8  *    notice, this list of conditions and the following disclaimer.
9  * 2. Redistributions in binary form must reproduce the above copyright
10  *    notice, this list of conditions and the following disclaimer in the
11  *    documentation and/or other materials provided with the distribution.
12  *
13  * THIS SOFTWARE IS PROVIDED BY APPLE INC. AND ITS CONTRIBUTORS ``AS IS''
14  * AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO,
15  * THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
16  * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL APPLE INC. OR ITS CONTRIBUTORS
17  * BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR
18  * CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF
19  * SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS
20  * INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN
21  * CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
22  * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF
23  * THE POSSIBILITY OF SUCH DAMAGE.
24  */
25
26 #pragma once
27
28 #include "CredentialStorage.h"
29 #include "FrameIdentifier.h"
30 #include "PageIdentifier.h"
31 #include "RegistrableDomain.h"
32 #include <pal/SessionID.h>
33 #include <wtf/CompletionHandler.h>
34 #include <wtf/Function.h>
35 #include <wtf/HashMap.h>
36 #include <wtf/HashSet.h>
37 #include <wtf/WallTime.h>
38 #include <wtf/text/WTFString.h>
39
40 #if PLATFORM(COCOA) || USE(CFURLCONNECTION)
41 #include <pal/spi/cf/CFNetworkSPI.h>
42 #include <wtf/RetainPtr.h>
43 #endif
44
45 #if USE(SOUP)
46 #include <wtf/Function.h>
47 #include <wtf/glib/GRefPtr.h>
48 typedef struct _SoupCookieJar SoupCookieJar;
49 #endif
50
51 #if USE(CURL)
52 #include "CookieJarCurl.h"
53 #include "CookieJarDB.h"
54 #include <wtf/UniqueRef.h>
55 #endif
56
57 #ifdef __OBJC__
58 #include <objc/objc.h>
59 #endif
60
61 #if PLATFORM(COCOA)
62 #include "CookieStorageObserver.h"
63 #endif
64
65 namespace WebCore {
66
67 class CurlProxySettings;
68 class NetworkingContext;
69 class ResourceRequest;
70
71 struct Cookie;
72 struct CookieRequestHeaderFieldProxy;
73 struct SameSiteInfo;
74
75 enum class HTTPCookieAcceptPolicy : uint8_t;
76 enum class IncludeSecureCookies : bool;
77 enum class IncludeHttpOnlyCookies : bool;
78 enum class ThirdPartyCookieBlockingMode : uint8_t { All, AllOnSitesWithoutUserInteraction, OnlyAccordingToPerDomainPolicy };
79 enum class FirstPartyWebsiteDataRemovalMode : uint8_t { AllButCookies, None, AllButCookiesLiveOnTestingTimeout, AllButCookiesReproTestingTimeout };
80 enum class ShouldAskITP : bool { No, Yes };
81
82 class NetworkStorageSession {
83     WTF_MAKE_NONCOPYABLE(NetworkStorageSession); WTF_MAKE_FAST_ALLOCATED;
84 public:
85     WEBCORE_EXPORT static void permitProcessToUseCookieAPI(bool);
86     WEBCORE_EXPORT static bool processMayUseCookieAPI();
87
88     PAL::SessionID sessionID() const { return m_sessionID; }
89     CredentialStorage& credentialStorage() { return m_credentialStorage; }
90
91 #ifdef __OBJC__
92     WEBCORE_EXPORT NSHTTPCookieStorage *nsCookieStorage() const;
93 #endif
94
95 #if PLATFORM(COCOA) || USE(CFURLCONNECTION)
96     WEBCORE_EXPORT static RetainPtr<CFURLStorageSessionRef> createCFStorageSessionForIdentifier(CFStringRef identifier);
97     WEBCORE_EXPORT NetworkStorageSession(PAL::SessionID, RetainPtr<CFURLStorageSessionRef>&&, RetainPtr<CFHTTPCookieStorageRef>&&);
98     WEBCORE_EXPORT explicit NetworkStorageSession(PAL::SessionID);
99
100     // May be null, in which case a Foundation default should be used.
101     CFURLStorageSessionRef platformSession() { return m_platformSession.get(); }
102     WEBCORE_EXPORT RetainPtr<CFHTTPCookieStorageRef> cookieStorage() const;
103     WEBCORE_EXPORT static void setStorageAccessAPIEnabled(bool);
104 #elif USE(SOUP)
105     WEBCORE_EXPORT explicit NetworkStorageSession(PAL::SessionID);
106     ~NetworkStorageSession();
107
108     SoupCookieJar* cookieStorage() const { return m_cookieStorage.get(); }
109     void setCookieStorage(GRefPtr<SoupCookieJar>&&);
110     void setCookieObserverHandler(Function<void ()>&&);
111     void getCredentialFromPersistentStorage(const ProtectionSpace&, GCancellable*, Function<void (Credential&&)>&& completionHandler);
112     void saveCredentialToPersistentStorage(const ProtectionSpace&, const Credential&);
113 #elif USE(CURL)
114     WEBCORE_EXPORT NetworkStorageSession(PAL::SessionID);
115     ~NetworkStorageSession();
116
117     const CookieJarCurl& cookieStorage() const { return m_cookieStorage; };
118     CookieJarDB& cookieDatabase() const;
119     WEBCORE_EXPORT void setCookieDatabase(UniqueRef<CookieJarDB>&&);
120
121     WEBCORE_EXPORT void setProxySettings(CurlProxySettings&&);
122 #else
123     WEBCORE_EXPORT NetworkStorageSession(PAL::SessionID, NetworkingContext*);
124     ~NetworkStorageSession();
125
126     NetworkingContext* context() const;
127 #endif
128
129     WEBCORE_EXPORT HTTPCookieAcceptPolicy cookieAcceptPolicy() const;
130     WEBCORE_EXPORT void setCookie(const Cookie&);
131     WEBCORE_EXPORT void setCookies(const Vector<Cookie>&, const URL&, const URL& mainDocumentURL);
132     WEBCORE_EXPORT void setCookiesFromDOM(const URL& firstParty, const SameSiteInfo&, const URL&, Optional<FrameIdentifier>, Optional<PageIdentifier>, ShouldAskITP, const String&) const;
133     WEBCORE_EXPORT void deleteCookie(const Cookie&);
134     WEBCORE_EXPORT void deleteCookie(const URL&, const String&) const;
135     WEBCORE_EXPORT void deleteAllCookies();
136     WEBCORE_EXPORT void deleteAllCookiesModifiedSince(WallTime);
137     WEBCORE_EXPORT void deleteCookiesForHostnames(const Vector<String>& cookieHostNames);
138     WEBCORE_EXPORT void deleteCookiesForHostnames(const Vector<String>& cookieHostNames, IncludeHttpOnlyCookies);
139     WEBCORE_EXPORT Vector<Cookie> getAllCookies();
140     WEBCORE_EXPORT Vector<Cookie> getCookies(const URL&);
141     WEBCORE_EXPORT void hasCookies(const RegistrableDomain&, CompletionHandler<void(bool)>&&) const;
142     WEBCORE_EXPORT bool getRawCookies(const URL& firstParty, const SameSiteInfo&, const URL&, Optional<FrameIdentifier>, Optional<PageIdentifier>, ShouldAskITP, Vector<Cookie>&) const;
143     WEBCORE_EXPORT void flushCookieStore();
144     WEBCORE_EXPORT void getHostnamesWithCookies(HashSet<String>& hostnames);
145     WEBCORE_EXPORT std::pair<String, bool> cookiesForDOM(const URL& firstParty, const SameSiteInfo&, const URL&, Optional<FrameIdentifier>, Optional<PageIdentifier>, IncludeSecureCookies, ShouldAskITP) const;
146     WEBCORE_EXPORT std::pair<String, bool> cookieRequestHeaderFieldValue(const URL& firstParty, const SameSiteInfo&, const URL&, Optional<FrameIdentifier>, Optional<PageIdentifier>, IncludeSecureCookies, ShouldAskITP) const;
147     WEBCORE_EXPORT std::pair<String, bool> cookieRequestHeaderFieldValue(const CookieRequestHeaderFieldProxy&) const;
148
149 #if ENABLE(RESOURCE_LOAD_STATISTICS)
150     void setResourceLoadStatisticsEnabled(bool enabled) { m_isResourceLoadStatisticsEnabled = enabled; }
151     WEBCORE_EXPORT bool shouldBlockCookies(const ResourceRequest&, Optional<FrameIdentifier>, Optional<PageIdentifier>) const;
152     WEBCORE_EXPORT bool shouldBlockCookies(const URL& firstPartyForCookies, const URL& resource, Optional<FrameIdentifier>, Optional<PageIdentifier>) const;
153     WEBCORE_EXPORT bool shouldBlockThirdPartyCookies(const RegistrableDomain&) const;
154     WEBCORE_EXPORT bool shouldBlockThirdPartyCookiesButKeepFirstPartyCookiesFor(const RegistrableDomain&) const;
155     WEBCORE_EXPORT bool hasHadUserInteractionAsFirstParty(const RegistrableDomain&) const;
156     WEBCORE_EXPORT void setPrevalentDomainsToBlockAndDeleteCookiesFor(const Vector<RegistrableDomain>&);
157     WEBCORE_EXPORT void setPrevalentDomainsToBlockButKeepCookiesFor(const Vector<RegistrableDomain>&);
158     WEBCORE_EXPORT void setDomainsWithUserInteractionAsFirstParty(const Vector<RegistrableDomain>&);
159     WEBCORE_EXPORT void setAgeCapForClientSideCookies(Optional<Seconds>);
160     WEBCORE_EXPORT void removePrevalentDomains(const Vector<RegistrableDomain>& domains);
161     WEBCORE_EXPORT bool hasStorageAccess(const RegistrableDomain& resourceDomain, const RegistrableDomain& firstPartyDomain, Optional<FrameIdentifier>, PageIdentifier) const;
162     WEBCORE_EXPORT Vector<String> getAllStorageAccessEntries() const;
163     WEBCORE_EXPORT void grantStorageAccess(const RegistrableDomain& resourceDomain, const RegistrableDomain& firstPartyDomain, Optional<FrameIdentifier>, PageIdentifier);
164     WEBCORE_EXPORT void removeStorageAccessForFrame(FrameIdentifier, PageIdentifier);
165     WEBCORE_EXPORT void clearPageSpecificDataForResourceLoadStatistics(PageIdentifier);
166     WEBCORE_EXPORT void removeAllStorageAccess();
167     WEBCORE_EXPORT void setCacheMaxAgeCapForPrevalentResources(Seconds);
168     WEBCORE_EXPORT void resetCacheMaxAgeCapForPrevalentResources();
169     WEBCORE_EXPORT Optional<Seconds> maxAgeCacheCap(const ResourceRequest&);
170     WEBCORE_EXPORT void didCommitCrossSiteLoadWithDataTransferFromPrevalentResource(const RegistrableDomain& toDomain, PageIdentifier);
171     WEBCORE_EXPORT void resetCrossSiteLoadsWithLinkDecorationForTesting();
172     WEBCORE_EXPORT void setThirdPartyCookieBlockingMode(ThirdPartyCookieBlockingMode);
173 #endif
174
175 private:
176     PAL::SessionID m_sessionID;
177
178 #if PLATFORM(COCOA) || USE(CFURLCONNECTION)
179     RetainPtr<CFURLStorageSessionRef> m_platformSession;
180     RetainPtr<CFHTTPCookieStorageRef> m_platformCookieStorage;
181 #elif USE(SOUP)
182     static void cookiesDidChange(NetworkStorageSession*);
183
184     GRefPtr<SoupCookieJar> m_cookieStorage;
185     Function<void ()> m_cookieObserverHandler;
186 #elif USE(CURL)
187     UniqueRef<CookieJarCurl> m_cookieStorage;
188     mutable UniqueRef<CookieJarDB> m_cookieDatabase;
189 #else
190     RefPtr<NetworkingContext> m_context;
191 #endif
192
193     CredentialStorage m_credentialStorage;
194
195 #if ENABLE(RESOURCE_LOAD_STATISTICS)
196     bool m_isResourceLoadStatisticsEnabled = false;
197     Optional<Seconds> clientSideCookieCap(const RegistrableDomain& firstParty, Optional<PageIdentifier>) const;
198     HashSet<RegistrableDomain> m_registrableDomainsToBlockAndDeleteCookiesFor;
199     HashSet<RegistrableDomain> m_registrableDomainsToBlockButKeepCookiesFor;
200     HashSet<RegistrableDomain> m_registrableDomainsWithUserInteractionAsFirstParty;
201     HashMap<PageIdentifier, HashMap<FrameIdentifier, RegistrableDomain>> m_framesGrantedStorageAccess;
202     HashMap<PageIdentifier, HashMap<RegistrableDomain, RegistrableDomain>> m_pagesGrantedStorageAccess;
203     Optional<Seconds> m_cacheMaxAgeCapForPrevalentResources { };
204     Optional<Seconds> m_ageCapForClientSideCookies { };
205     Optional<Seconds> m_ageCapForClientSideCookiesShort { };
206     HashMap<WebCore::PageIdentifier, RegistrableDomain> m_navigatedToWithLinkDecorationByPrevalentResource;
207     bool m_navigationWithLinkDecorationTestMode = false;
208     ThirdPartyCookieBlockingMode m_thirdPartyCookieBlockingMode { ThirdPartyCookieBlockingMode::All };
209 #endif
210
211 #if PLATFORM(COCOA)
212 public:
213     CookieStorageObserver& cookieStorageObserver() const;
214
215 private:
216     mutable std::unique_ptr<CookieStorageObserver> m_cookieStorageObserver;
217 #endif
218     static bool m_processMayUseCookieAPI;
219 };
220
221 #if PLATFORM(COCOA) || USE(CFURLCONNECTION)
222 WEBCORE_EXPORT CFURLStorageSessionRef createPrivateStorageSession(CFStringRef identifier);
223 #endif
224
225 }
226
227 namespace WTF {
228
229 template<> struct EnumTraits<WebCore::ThirdPartyCookieBlockingMode> {
230     using values = EnumValues<
231         WebCore::ThirdPartyCookieBlockingMode,
232         WebCore::ThirdPartyCookieBlockingMode::All,
233         WebCore::ThirdPartyCookieBlockingMode::AllOnSitesWithoutUserInteraction,
234         WebCore::ThirdPartyCookieBlockingMode::OnlyAccordingToPerDomainPolicy
235     >;
236 };
237
238 template<> struct EnumTraits<WebCore::FirstPartyWebsiteDataRemovalMode> {
239     using values = EnumValues<
240         WebCore::FirstPartyWebsiteDataRemovalMode,
241         WebCore::FirstPartyWebsiteDataRemovalMode::AllButCookies,
242         WebCore::FirstPartyWebsiteDataRemovalMode::None,
243         WebCore::FirstPartyWebsiteDataRemovalMode::AllButCookiesLiveOnTestingTimeout,
244         WebCore::FirstPartyWebsiteDataRemovalMode::AllButCookiesReproTestingTimeout
245     >;
246 };
247
248 }