Diff
Modified: trunk/LayoutTests/ChangeLog (250430 => 250431)
--- trunk/LayoutTests/ChangeLog 2019-09-27 16:56:58 UTC (rev 250430)
+++ trunk/LayoutTests/ChangeLog 2019-09-27 17:14:20 UTC (rev 250431)
@@ -1,3 +1,21 @@
+2019-09-27 John Wilander <wilan...@apple.com>
+
+ Storage Access API: document.hasStorageAccess() should return false by default
+ https://bugs.webkit.org/show_bug.cgi?id=202281
+ <rdar://problem/55718526>
+
+ Reviewed by Alex Christensen.
+
+ document.hasStorageAccess() should return false by default so that it only
+ returns true if the context has asked for and been granted storage access.
+
+ * http/tests/storageAccess/has-storage-access-false-by-default-expected.txt: Added.
+ * http/tests/storageAccess/has-storage-access-false-by-default.html: Added.
+ * platform/ios/TestExpectations:
+ The new test is marked as [ Pass ].
+ * platform/mac-wk2/TestExpectations:
+ The new test is marked as [ Pass ].
+
2019-09-27 Chris Dumez <cdu...@apple.com>
IDBRequest should not prevent a page from entering the back/forward cache
Added: trunk/LayoutTests/http/tests/storageAccess/has-storage-access-false-by-default-expected.txt (0 => 250431)
--- trunk/LayoutTests/http/tests/storageAccess/has-storage-access-false-by-default-expected.txt (rev 0)
+++ trunk/LayoutTests/http/tests/storageAccess/has-storage-access-false-by-default-expected.txt 2019-09-27 17:14:20 UTC (rev 250431)
@@ -0,0 +1,10 @@
+Tests that document.hasStorageAccess() returns false for a 3rd-party iframe by default.
+
+On success, you will see a series of "PASS" messages, followed by "TEST COMPLETE".
+
+
+PASS No storage access. document.cookie == , cookies seen server-side == "No cookies"
+PASS successfullyParsed is true
+
+TEST COMPLETE
+
Added: trunk/LayoutTests/http/tests/storageAccess/has-storage-access-false-by-default.html (0 => 250431)
--- trunk/LayoutTests/http/tests/storageAccess/has-storage-access-false-by-default.html (rev 0)
+++ trunk/LayoutTests/http/tests/storageAccess/has-storage-access-false-by-default.html 2019-09-27 17:14:20 UTC (rev 250431)
@@ -0,0 +1,37 @@
+<!DOCTYPE html>
+<html>
+<head>
+ <script src=""
+ <script src=""
+ <script>
+ description("Tests that document.hasStorageAccess() returns false for a 3rd-party iframe by default.");
+ jsTestIsAsync = true;
+
+ window.addEventListener("message", receiveMessage, false);
+
+ function receiveMessage(event) {
+ if (event.origin === "http://localhost:8000") {
+ if (event.data.indexOf("PASS") !== -1)
+ testPassed(event.data.replace("PASS ", ""));
+ else
+ testFailed(event.data.replace("FAIL ", ""));
+ } else
+ testFailed("Received a message from an unexpected origin: " + event.origin);
+ setEnableFeature(false, finishJSTest);
+ }
+
+ const hostUnderTest = "localhost:8000";
+ const statisticsUrl = "http://" + hostUnderTest + "/temp";
+ function runTest() {
+ setEnableFeature(true, function() {
+ let iframeElement = document.createElement("iframe");
+ iframeElement.id = "TheIframeThatRequestsStorageAccess";
+ iframeElement.src = ""
+ document.body.appendChild(iframeElement);
+ });
+ }
+ </script>
+</head>
+<body _onload_="runTest()">
+</body>
+</html>
Modified: trunk/LayoutTests/platform/ios/TestExpectations (250430 => 250431)
--- trunk/LayoutTests/platform/ios/TestExpectations 2019-09-27 16:56:58 UTC (rev 250430)
+++ trunk/LayoutTests/platform/ios/TestExpectations 2019-09-27 17:14:20 UTC (rev 250431)
@@ -2798,7 +2798,9 @@
http/tests/storageAccess/deny-storage-access-under-opener.html [ Pass ]
http/tests/storageAccess/deny-storage-access-under-opener-if-auto-dismiss.html [ Pass ]
http/tests/resourceLoadStatistics/cap-cache-max-age-for-prevalent-resource.html [ Pass ]
+http/tests/storageAccess/has-storage-access-false-by-default.html [ Pass ]
+
# Skipped in general expectations since they only work on iOS and Mac, WK2.
http/tests/security/strip-referrer-to-origin-for-third-party-redirects-in-private-mode.html [ Pass ]
http/tests/security/strip-referrer-to-origin-for-third-party-requests-in-private-mode.html [ Pass ]
Modified: trunk/LayoutTests/platform/mac-wk2/TestExpectations (250430 => 250431)
--- trunk/LayoutTests/platform/mac-wk2/TestExpectations 2019-09-27 16:56:58 UTC (rev 250430)
+++ trunk/LayoutTests/platform/mac-wk2/TestExpectations 2019-09-27 17:14:20 UTC (rev 250431)
@@ -712,6 +712,7 @@
[ HighSierra+ ] http/tests/storageAccess/deny-with-prompt-does-not-preserve-gesture.html [ Skip ]
[ HighSierra+ ] http/tests/storageAccess/deny-without-prompt-preserves-gesture.html [ Pass ]
[ HighSierra+ ] http/tests/storageAccess/has-storage-access-true-if-feature-off.html [ Pass ]
+[ HighSierra+ ] http/tests/storageAccess/has-storage-access-false-by-default.html [ Pass ]
# As of https://trac.webkit.org/changeset/227762 the timestampResolution is just 5 seconds which makes this test flaky
http/tests/resourceLoadStatistics/user-interaction-only-reported-once-within-short-period-of-time.html [ Skip ]
Modified: trunk/Source/WebKit/ChangeLog (250430 => 250431)
--- trunk/Source/WebKit/ChangeLog 2019-09-27 16:56:58 UTC (rev 250430)
+++ trunk/Source/WebKit/ChangeLog 2019-09-27 17:14:20 UTC (rev 250431)
@@ -1,3 +1,19 @@
+2019-09-27 John Wilander <wilan...@apple.com>
+
+ Storage Access API: document.hasStorageAccess() should return false by default
+ https://bugs.webkit.org/show_bug.cgi?id=202281
+ <rdar://problem/55718526>
+
+ Reviewed by Alex Christensen.
+
+ document.hasStorageAccess() should return false by default so that it only
+ returns true if the context has asked for and been granted storage access.
+
+ * NetworkProcess/Classifier/ResourceLoadStatisticsDatabaseStore.cpp:
+ (WebKit::ResourceLoadStatisticsDatabaseStore::hasStorageAccess):
+ * NetworkProcess/Classifier/ResourceLoadStatisticsMemoryStore.cpp:
+ (WebKit::ResourceLoadStatisticsMemoryStore::hasStorageAccess):
+
2019-09-27 Jer Noble <jer.no...@apple.com>
[iOS] Lock screen controls can fail to play web content
Modified: trunk/Source/WebKit/NetworkProcess/Classifier/ResourceLoadStatisticsDatabaseStore.cpp (250430 => 250431)
--- trunk/Source/WebKit/NetworkProcess/Classifier/ResourceLoadStatisticsDatabaseStore.cpp 2019-09-27 16:56:58 UTC (rev 250430)
+++ trunk/Source/WebKit/NetworkProcess/Classifier/ResourceLoadStatisticsDatabaseStore.cpp 2019-09-27 17:14:20 UTC (rev 250431)
@@ -748,11 +748,12 @@
case CookieTreatmentResult::BlockAndPurge:
completionHandler(false);
return;
+ case CookieTreatmentResult::Allow:
+ // We should only return true if the context has asked for and been granted access.
+ completionHandler(false);
+ return;
case CookieTreatmentResult::BlockAndKeep:
- completionHandler(true);
- return;
- case CookieTreatmentResult::Allow:
- // Do nothing
+ // Do nothing. The below dispatch will complete the task.
break;
};
Modified: trunk/Source/WebKit/NetworkProcess/Classifier/ResourceLoadStatisticsMemoryStore.cpp (250430 => 250431)
--- trunk/Source/WebKit/NetworkProcess/Classifier/ResourceLoadStatisticsMemoryStore.cpp 2019-09-27 16:56:58 UTC (rev 250430)
+++ trunk/Source/WebKit/NetworkProcess/Classifier/ResourceLoadStatisticsMemoryStore.cpp 2019-09-27 17:14:20 UTC (rev 250431)
@@ -216,16 +216,12 @@
ASSERT(!RunLoop::isMain());
auto& subFrameStatistic = ensureResourceStatisticsForRegistrableDomain(subFrameDomain);
- if (shouldBlockAndPurgeCookies(subFrameStatistic)) {
+ // Return false if this domain cannot ask for storage access.
+ if (shouldBlockAndPurgeCookies(subFrameStatistic) || !shouldBlockAndKeepCookies(subFrameStatistic)) {
completionHandler(false);
return;
}
- if (!shouldBlockAndKeepCookies(subFrameStatistic)) {
- completionHandler(true);
- return;
- }
-
RunLoop::main().dispatch([store = makeRef(store()), subFrameDomain = subFrameDomain.isolatedCopy(), topFrameDomain = topFrameDomain.isolatedCopy(), frameID, pageID, completionHandler = WTFMove(completionHandler)]() mutable {
store->callHasStorageAccessForFrameHandler(subFrameDomain, topFrameDomain, frameID.value(), pageID, [store = store.copyRef(), completionHandler = WTFMove(completionHandler)](bool result) mutable {
store->statisticsQueue().dispatch([completionHandler = WTFMove(completionHandler), result] () mutable {
