Diff
Modified: trunk/LayoutTests/ChangeLog (274086 => 274087)
--- trunk/LayoutTests/ChangeLog 2021-03-08 19:36:48 UTC (rev 274086)
+++ trunk/LayoutTests/ChangeLog 2021-03-08 19:51:56 UTC (rev 274087)
@@ -1,3 +1,20 @@
+2021-03-08 John Wilander <wilan...@apple.com>
+
+ PCM: Align fraud prevention token naming with issue 73 in the Privacy CG repo
+ https://bugs.webkit.org/show_bug.cgi?id=222838
+ <rdar://75115427>
+
+ Reviewed by Brent Fulgham.
+
+ This patch doesn't change functionality and only aligns naming to this W3C Privacy CG issue:
+ https://github.com/privacycg/private-click-measurement/issues/73
+
+ * http/tests/privateClickMeasurement/resources/fraudPreventionTestURL.php: Renamed from LayoutTests/http/tests/privateClickMeasurement/resources/signToken.php.
+ The way this PHP file is used goes beyond signing tokens so it now has a generic name.
+ * http/tests/privateClickMeasurement/store-private-click-measurement-with-source-nonce-expected.txt:
+ Re-baselined to reflect the new naming.
+ * http/tests/privateClickMeasurement/store-private-click-measurement-with-source-nonce.html:
+
2021-03-06 Ryan Haddad <ryanhad...@apple.com>
REGRESSION (r269627?): ASSERTION FAILED: &layoutState().establishedFormattingState(layoutBox.formattingContextRoot()) == this in WebCore::Layout::FormattingState::boxGeometry
Copied: trunk/LayoutTests/http/tests/privateClickMeasurement/resources/fraudPreventionTestURL.php (from rev 274085, trunk/LayoutTests/http/tests/privateClickMeasurement/resources/signToken.php) (0 => 274087)
--- trunk/LayoutTests/http/tests/privateClickMeasurement/resources/fraudPreventionTestURL.php (rev 0)
+++ trunk/LayoutTests/http/tests/privateClickMeasurement/resources/fraudPreventionTestURL.php 2021-03-08 19:51:56 UTC (rev 274087)
@@ -0,0 +1,59 @@
+<?php
+require_once "tokenSigningFilePath.php";
+
+$tokenSigningFile = fopen($tokenSigningFilePath . ".tmp", 'a');
+$httpHeaders = $_SERVER;
+$cookiesFound = false;
+// This php will respond to four consecutive server requests.
+// It will only complete the transaction when the last request finishes.
+$isLastRequest = false;
+
+if ($value = $httpHeaders["REQUEST_METHOD"]) {
+ fwrite($tokenSigningFile, "REQUEST_METHOD: $value\n");
+}
+
+if ($value = $httpHeaders["HTTP_HOST"]) {
+ fwrite($tokenSigningFile, "HTTP_HOST: $value\n");
+}
+
+if ($value = $httpHeaders["HTTP_COOKIE"]) {
+ fwrite($tokenSigningFile, "Cookies in token signing request: $value\n");
+ $cookiesFound = true;
+}
+
+if ($value = $httpHeaders["CONTENT_TYPE"]) {
+ fwrite($tokenSigningFile, "Content type: $value\n");
+}
+
+if ($value = $httpHeaders["REQUEST_URI"]) {
+ $value = $httpHeaders["REQUEST_URI"];
+ $positionOfDummy = strpos($value, "?dummy=");
+ if ($positionOfDummy === false)
+ $outputURL = $value;
+ else
+ $outputURL = substr($value, 0, $positionOfDummy);
+ fwrite($tokenSigningFile, "REQUEST_URI: $outputURL\n");
+
+ $positionOfDummy = strpos($value, "&last=");
+ if ($positionOfDummy != false)
+ $isLastRequest = true;
+}
+
+if (!$cookiesFound) {
+ fwrite($tokenSigningFile, "No cookies in token signing request.\n");
+}
+
+$requestBody = file_get_contents("php://input");
+fwrite($tokenSigningFile, "Request body:\n$requestBody\n");
+
+fclose($tokenSigningFile);
+// Complete the transaction.
+if ($isLastRequest)
+ rename($tokenSigningFilePath . ".tmp", $tokenSigningFilePath);
+
+header("HTTP/1.1 201 Created");
+header("unlinkable_token_public_key: ABCD");
+header("secret_token_signature: ABCD");
+setcookie("cookieSetInTokenSigningResponse", "1", 0, "/");
+
+?>
Deleted: trunk/LayoutTests/http/tests/privateClickMeasurement/resources/signToken.php (274086 => 274087)
--- trunk/LayoutTests/http/tests/privateClickMeasurement/resources/signToken.php 2021-03-08 19:36:48 UTC (rev 274086)
+++ trunk/LayoutTests/http/tests/privateClickMeasurement/resources/signToken.php 2021-03-08 19:51:56 UTC (rev 274087)
@@ -1,59 +0,0 @@
-<?php
-require_once "tokenSigningFilePath.php";
-
-$tokenSigningFile = fopen($tokenSigningFilePath . ".tmp", 'a');
-$httpHeaders = $_SERVER;
-$cookiesFound = false;
-// This php will respond to four consecutive server requests.
-// It will only complete the transaction when the last request finishes.
-$isLastRequest = false;
-
-if ($value = $httpHeaders["REQUEST_METHOD"]) {
- fwrite($tokenSigningFile, "REQUEST_METHOD: $value\n");
-}
-
-if ($value = $httpHeaders["HTTP_HOST"]) {
- fwrite($tokenSigningFile, "HTTP_HOST: $value\n");
-}
-
-if ($value = $httpHeaders["HTTP_COOKIE"]) {
- fwrite($tokenSigningFile, "Cookies in token signing request: $value\n");
- $cookiesFound = true;
-}
-
-if ($value = $httpHeaders["CONTENT_TYPE"]) {
- fwrite($tokenSigningFile, "Content type: $value\n");
-}
-
-if ($value = $httpHeaders["REQUEST_URI"]) {
- $value = $httpHeaders["REQUEST_URI"];
- $positionOfDummy = strpos($value, "?dummy=");
- if ($positionOfDummy === false)
- $outputURL = $value;
- else
- $outputURL = substr($value, 0, $positionOfDummy);
- fwrite($tokenSigningFile, "REQUEST_URI: $outputURL\n");
-
- $positionOfDummy = strpos($value, "&last=");
- if ($positionOfDummy != false)
- $isLastRequest = true;
-}
-
-if (!$cookiesFound) {
- fwrite($tokenSigningFile, "No cookies in token signing request.\n");
-}
-
-$requestBody = file_get_contents("php://input");
-fwrite($tokenSigningFile, "Request body:\n$requestBody\n");
-
-fclose($tokenSigningFile);
-// Complete the transaction.
-if ($isLastRequest)
- rename($tokenSigningFilePath . ".tmp", $tokenSigningFilePath);
-
-header("HTTP/1.1 201 Created");
-header("unlinkable_token_public_key: ABCD");
-header("secret_token_signature: ABCD");
-setcookie("cookieSetInTokenSigningResponse", "1", 0, "/");
-
-?>
Modified: trunk/LayoutTests/http/tests/privateClickMeasurement/store-private-click-measurement-with-source-nonce-expected.txt (274086 => 274087)
--- trunk/LayoutTests/http/tests/privateClickMeasurement/store-private-click-measurement-with-source-nonce-expected.txt 2021-03-08 19:36:48 UTC (rev 274086)
+++ trunk/LayoutTests/http/tests/privateClickMeasurement/store-private-click-measurement-with-source-nonce-expected.txt 2021-03-08 19:51:56 UTC (rev 274087)
@@ -8,7 +8,7 @@
Token signing request received.
REQUEST_METHOD: GET
HTTP_HOST: 127.0.0.1:8000
-REQUEST_URI: /privateClickMeasurement/resources/signToken.php
+REQUEST_URI: /privateClickMeasurement/resources/fraudPreventionTestURL.php
No cookies in token signing request.
Request body:
@@ -15,13 +15,13 @@
REQUEST_METHOD: POST
HTTP_HOST: 127.0.0.1:8000
Content type: application/json
-REQUEST_URI: /privateClickMeasurement/resources/signToken.php
+REQUEST_URI: /privateClickMeasurement/resources/fraudPreventionTestURL.php
No cookies in token signing request.
Request body:
-{"source_engagement_type":"click","source_nonce":"ABCDEFabcdef0123456789","source_secret_token":"secretToken","version":2}
+{"source_engagement_type":"click","source_nonce":"ABCDEFabcdef0123456789","source_unlinkable_token":"unlinkableToken","version":2}
REQUEST_METHOD: GET
HTTP_HOST: 127.0.0.1:8000
-REQUEST_URI: /privateClickMeasurement/resources/signToken.php
+REQUEST_URI: /privateClickMeasurement/resources/fraudPreventionTestURL.php
No cookies in token signing request.
Request body:
@@ -28,10 +28,10 @@
REQUEST_METHOD: POST
HTTP_HOST: 127.0.0.1:8000
Content type: application/json
-REQUEST_URI: /privateClickMeasurement/resources/signToken.php
+REQUEST_URI: /privateClickMeasurement/resources/fraudPreventionTestURL.php
No cookies in token signing request.
Request body:
-{"source_engagement_type":"click","source_site":"127.0.0.1","source_id":3,"attributed_on_site":"localhost","trigger_data":12,"version":2,"source_unlinkable_token":"unlinkableToken","source_unlinkable_token_signature":"signature"}
+{"source_engagement_type":"click","source_site":"127.0.0.1","source_id":3,"attributed_on_site":"localhost","trigger_data":12,"version":2,"source_secret_token":"secretToken","source_secret_token_signature":"signature"}
No stored Private Click Measurement data.
Modified: trunk/LayoutTests/http/tests/privateClickMeasurement/store-private-click-measurement-with-source-nonce.html (274086 => 274087)
--- trunk/LayoutTests/http/tests/privateClickMeasurement/store-private-click-measurement-with-source-nonce.html 2021-03-08 19:36:48 UTC (rev 274086)
+++ trunk/LayoutTests/http/tests/privateClickMeasurement/store-private-click-measurement-with-source-nonce.html 2021-03-08 19:51:56 UTC (rev 274087)
@@ -51,11 +51,11 @@
function runTest() {
if (window.testRunner) {
if (!window.location.search) {
- testRunner.setPrivateClickMeasurementTokenPublicKeyURLForTesting("http://127.0.0.1:8000/privateClickMeasurement/resources/signToken.php?dummy=" + dummy);
- testRunner.setPrivateClickMeasurementTokenSignatureURLForTesting("http://127.0.0.1:8000/privateClickMeasurement/resources/signToken.php?dummy=" + dummy);
- testRunner.setPrivateClickMeasurementAttributionReportURLForTesting("http://127.0.0.1:8000/privateClickMeasurement/resources/signToken.php?dummy=" + dummy + "&last=true");
+ testRunner.setPrivateClickMeasurementTokenPublicKeyURLForTesting("http://127.0.0.1:8000/privateClickMeasurement/resources/fraudPreventionTestURL.php?dummy=" + dummy);
+ testRunner.setPrivateClickMeasurementTokenSignatureURLForTesting("http://127.0.0.1:8000/privateClickMeasurement/resources/fraudPreventionTestURL.php?dummy=" + dummy);
+ testRunner.setPrivateClickMeasurementAttributionReportURLForTesting("http://127.0.0.1:8000/privateClickMeasurement/resources/fraudPreventionTestURL.php?dummy=" + dummy + "&last=true");
testRunner.setPrivateClickMeasurementOverrideTimerForTesting(true);
- testRunner.setFraudPreventionValuesForTesting("secretToken", "unlinkableToken", "signature", "WF3Ugg");
+ testRunner.setPrivateClickMeasurementFraudPreventionValuesForTesting("unlinkableToken", "secretToken", "signature", "WF3Ugg");
targetLink.href = "" + dummy;
activateElement("targetLink");
Modified: trunk/Source/WebCore/ChangeLog (274086 => 274087)
--- trunk/Source/WebCore/ChangeLog 2021-03-08 19:36:48 UTC (rev 274086)
+++ trunk/Source/WebCore/ChangeLog 2021-03-08 19:51:56 UTC (rev 274087)
@@ -1,3 +1,43 @@
+2021-03-08 John Wilander <wilan...@apple.com>
+
+ PCM: Align fraud prevention token naming with issue 73 in the Privacy CG repo
+ https://bugs.webkit.org/show_bug.cgi?id=222838
+ <rdar://75115427>
+
+ Reviewed by Brent Fulgham.
+
+ This patch doesn't change functionality and only aligns naming to this W3C Privacy CG issue:
+ https://github.com/privacycg/private-click-measurement/issues/73
+
+ Naming for PCM fraud prevention is updated like this:
+
+ /.well-known/private-click-measurement/sign-secret-token/ changed to
+ /.well-known/private-click-measurement/sign-unlinkable-token/
+
+ /.well-known/private-click-measurement/get-unlinkable-token-public-key/ changed to
+ /.well-known/private-click-measurement/get-token-public-key/
+
+ source_secret_token in requests for token signature changed to source_unlinkable_token
+
+ source_unlinkable_token in attribution reports changed to source_secret_token
+
+ Variable, member, and function names are being renamed similarly.
+
+ * loader/PrivateClickMeasurement.cpp:
+ (WebCore::PrivateClickMeasurement::attributionReportJSON const):
+ (WebCore::PrivateClickMeasurement::tokenSignatureJSON const):
+ (WebCore::PrivateClickMeasurement::setSourceSecretToken):
+ (WebCore::PrivateClickMeasurement::SourceSecretToken::isValid const):
+ (WebCore::PrivateClickMeasurement::setSourceUnlinkableToken): Deleted.
+ (WebCore::PrivateClickMeasurement::SourceUnlinkableToken::isValid const): Deleted.
+ * loader/PrivateClickMeasurement.h:
+ (WebCore::PrivateClickMeasurement::setSourceUnlinkableTokenValue):
+ (WebCore::PrivateClickMeasurement::sourceUnlinkableToken const):
+ (WebCore::PrivateClickMeasurement::setSourceSecretTokenValue): Deleted.
+ * loader/cocoa/PrivateClickMeasurementCocoa.mm:
+ (WebCore::PrivateClickMeasurement::calculateAndUpdateSourceUnlinkableToken):
+ (WebCore::PrivateClickMeasurement::calculateAndUpdateSourceSecretToken):
+
2021-03-08 Peng Liu <peng.l...@apple.com>
[GPUP] Some media tests related to canvas fail when media in GPU Process is enabled
Modified: trunk/Source/WebCore/loader/PrivateClickMeasurement.cpp (274086 => 274087)
--- trunk/Source/WebCore/loader/PrivateClickMeasurement.cpp 2021-03-08 19:36:48 UTC (rev 274086)
+++ trunk/Source/WebCore/loader/PrivateClickMeasurement.cpp 2021-03-08 19:51:56 UTC (rev 274087)
@@ -37,8 +37,8 @@
namespace WebCore {
static const char privateClickMeasurementTriggerAttributionPath[] = "/.well-known/private-click-measurement/trigger-attribution/";
-static const char privateClickMeasurementTokenSignaturePath[] = "/.well-known/private-click-measurement/sign-secret-token/";
-static const char privateClickMeasurementTokenPublicKeyPath[] = "/.well-known/private-click-measurement/get-unlinkable-token-public-key/";
+static const char privateClickMeasurementTokenSignaturePath[] = "/.well-known/private-click-measurement/sign-unlinkable-token/";
+static const char privateClickMeasurementTokenPublicKeyPath[] = "/.well-known/private-click-measurement/get-token-public-key/";
static const char privateClickMeasurementReportAttributionPath[] = "/.well-known/private-click-measurement/report-attribution/";
const size_t privateClickMeasurementAttributionTriggerDataPathSegmentSize = 2;
const size_t privateClickMeasurementPriorityPathSegmentSize = 2;
@@ -146,9 +146,10 @@
reportDetails->setInteger("trigger_data"_s, m_attributionTriggerData->data);
reportDetails->setInteger("version"_s, 2);
- if (m_sourceUnlinkableToken) {
- reportDetails->setString("source_unlinkable_token"_s, m_sourceUnlinkableToken->tokenBase64URL);
- reportDetails->setString("source_unlinkable_token_signature"_s, m_sourceUnlinkableToken->signatureBase64URL);
+ // This token has been kept secret this far and cannot be linked to the unlinkable token.
+ if (m_sourceSecretToken) {
+ reportDetails->setString("source_secret_token"_s, m_sourceSecretToken->tokenBase64URL);
+ reportDetails->setString("source_secret_token_signature"_s, m_sourceSecretToken->signatureBase64URL);
}
return reportDetails;
@@ -212,24 +213,25 @@
if (!m_ephemeralSourceNonce || !m_ephemeralSourceNonce->isValid())
return reportDetails;
- if (m_sourceSecretToken.valueBase64URL.isEmpty())
+ if (m_sourceUnlinkableToken.valueBase64URL.isEmpty())
return reportDetails;
reportDetails->setString("source_engagement_type"_s, "click"_s);
reportDetails->setString("source_nonce"_s, m_ephemeralSourceNonce->nonce);
- reportDetails->setString("source_secret_token"_s, m_sourceSecretToken.valueBase64URL);
+ // This token can not be linked to the secret token.
+ reportDetails->setString("source_unlinkable_token"_s, m_sourceUnlinkableToken.valueBase64URL);
reportDetails->setInteger("version"_s, 2);
return reportDetails;
}
-void PrivateClickMeasurement::setSourceUnlinkableToken(SourceUnlinkableToken&& token)
+void PrivateClickMeasurement::setSourceSecretToken(SourceSecretToken&& token)
{
if (!token.isValid())
return;
- m_sourceUnlinkableToken = WTFMove(token);
+ m_sourceSecretToken = WTFMove(token);
}
-bool PrivateClickMeasurement::SourceUnlinkableToken::isValid() const
+bool PrivateClickMeasurement::SourceSecretToken::isValid() const
{
return !(tokenBase64URL.isEmpty() || signatureBase64URL.isEmpty() || keyIDBase64URL.isEmpty());
}
Modified: trunk/Source/WebCore/loader/PrivateClickMeasurement.h (274086 => 274087)
--- trunk/Source/WebCore/loader/PrivateClickMeasurement.h 2021-03-08 19:36:48 UTC (rev 274086)
+++ trunk/Source/WebCore/loader/PrivateClickMeasurement.h 2021-03-08 19:51:56 UTC (rev 274087)
@@ -295,7 +295,7 @@
Optional<EphemeralSourceNonce> ephemeralSourceNonce() const { return m_ephemeralSourceNonce; };
void clearEphemeralSourceNonce() { m_ephemeralSourceNonce.reset(); };
- struct SourceUnlinkableToken {
+ struct SourceSecretToken {
String tokenBase64URL;
String signatureBase64URL;
String keyIDBase64URL;
@@ -304,13 +304,13 @@
};
#if PLATFORM(COCOA)
- WEBCORE_EXPORT bool calculateAndUpdateSourceSecretToken(const String& serverPublicKeyBase64URL);
- WEBCORE_EXPORT bool calculateAndUpdateSourceUnlinkableToken(const String& serverResponseBase64URL);
+ WEBCORE_EXPORT bool calculateAndUpdateSourceUnlinkableToken(const String& serverPublicKeyBase64URL);
+ WEBCORE_EXPORT bool calculateAndUpdateSourceSecretToken(const String& serverResponseBase64URL);
#endif
- void setSourceSecretTokenValue(const String& value) { m_sourceSecretToken.valueBase64URL = value; }
- const Optional<SourceUnlinkableToken>& sourceUnlinkableToken() const { return m_sourceUnlinkableToken; }
- WEBCORE_EXPORT void setSourceUnlinkableToken(SourceUnlinkableToken&&);
+ void setSourceUnlinkableTokenValue(const String& value) { m_sourceUnlinkableToken.valueBase64URL = value; }
+ const Optional<SourceSecretToken>& sourceUnlinkableToken() const { return m_sourceSecretToken; }
+ WEBCORE_EXPORT void setSourceSecretToken(SourceSecretToken&&);
template<class Encoder> void encode(Encoder&) const;
template<class Decoder> static Optional<PrivateClickMeasurement> decode(Decoder&);
@@ -328,7 +328,7 @@
Optional<AttributionTriggerData> m_attributionTriggerData;
Optional<WallTime> m_earliestTimeToSend;
- struct SourceSecretToken {
+ struct SourceUnlinkableToken {
#if PLATFORM(COCOA)
RetainPtr<RSABSSATokenBlinder> blinder;
RetainPtr<RSABSSATokenWaitingActivation> waitingToken;
@@ -338,8 +338,8 @@
};
Optional<EphemeralSourceNonce> m_ephemeralSourceNonce;
- SourceSecretToken m_sourceSecretToken;
- Optional<SourceUnlinkableToken> m_sourceUnlinkableToken;
+ SourceUnlinkableToken m_sourceUnlinkableToken;
+ Optional<SourceSecretToken> m_sourceSecretToken;
};
template<class Encoder>
Modified: trunk/Source/WebCore/loader/cocoa/PrivateClickMeasurementCocoa.mm (274086 => 274087)
--- trunk/Source/WebCore/loader/cocoa/PrivateClickMeasurementCocoa.mm 2021-03-08 19:36:48 UTC (rev 274086)
+++ trunk/Source/WebCore/loader/cocoa/PrivateClickMeasurementCocoa.mm 2021-03-08 19:51:56 UTC (rev 274087)
@@ -30,7 +30,7 @@
namespace WebCore {
-bool PrivateClickMeasurement::calculateAndUpdateSourceSecretToken(const String& serverPublicKeyBase64URL)
+bool PrivateClickMeasurement::calculateAndUpdateSourceUnlinkableToken(const String& serverPublicKeyBase64URL)
{
#if HAVE(RSA_BSSA)
{
@@ -40,17 +40,17 @@
auto serverPublicKey = adoptNS([[NSData alloc] initWithBytes:serverPublicKeyData.data() length:serverPublicKeyData.size()]);
// FIXME(222018): Check error.
- m_sourceSecretToken.blinder = adoptNS([PAL::allocRSABSSATokenBlinderInstance() initWithPublicKey:serverPublicKey.get() error:nullptr]);
- if (!m_sourceSecretToken.blinder)
+ m_sourceUnlinkableToken.blinder = adoptNS([PAL::allocRSABSSATokenBlinderInstance() initWithPublicKey:serverPublicKey.get() error:nullptr]);
+ if (!m_sourceUnlinkableToken.blinder)
return false;
}
// FIXME(222018): Check error.
- m_sourceSecretToken.waitingToken = [m_sourceSecretToken.blinder tokenWaitingActivationWithContent:nullptr error:nullptr];
- if (!m_sourceSecretToken.waitingToken)
+ m_sourceUnlinkableToken.waitingToken = [m_sourceUnlinkableToken.blinder tokenWaitingActivationWithContent:nullptr error:nullptr];
+ if (!m_sourceUnlinkableToken.waitingToken)
return false;
- m_sourceSecretToken.valueBase64URL = WTF::base64URLEncode([m_sourceSecretToken.waitingToken blindedMessage].bytes, [m_sourceSecretToken.waitingToken blindedMessage].length);
+ m_sourceUnlinkableToken.valueBase64URL = WTF::base64URLEncode([m_sourceUnlinkableToken.waitingToken blindedMessage].bytes, [m_sourceUnlinkableToken.waitingToken blindedMessage].length);
return true;
#else
UNUSED_PARAM(serverPublicKeyBase64URL);
@@ -58,10 +58,10 @@
#endif // HAVE(RSA_BSSA)
}
-bool PrivateClickMeasurement::calculateAndUpdateSourceUnlinkableToken(const String& serverResponseBase64URL)
+bool PrivateClickMeasurement::calculateAndUpdateSourceSecretToken(const String& serverResponseBase64URL)
{
#if HAVE(RSA_BSSA)
- if (!m_sourceSecretToken.waitingToken)
+ if (!m_sourceUnlinkableToken.waitingToken)
return false;
{
@@ -71,17 +71,17 @@
auto serverResponse = adoptNS([[NSData alloc] initWithBytes:serverResponseData.data() length:serverResponseData.size()]);
// FIXME(222018): Check error.
- m_sourceSecretToken.readyToken = [m_sourceSecretToken.waitingToken activateTokenWithServerResponse:serverResponse.get() error:nullptr];
- if (!m_sourceSecretToken.readyToken)
+ m_sourceUnlinkableToken.readyToken = [m_sourceUnlinkableToken.waitingToken activateTokenWithServerResponse:serverResponse.get() error:nullptr];
+ if (!m_sourceUnlinkableToken.readyToken)
return false;
}
- SourceUnlinkableToken token;
- token.tokenBase64URL = WTF::base64URLEncode([m_sourceSecretToken.readyToken tokenContent].bytes, [m_sourceSecretToken.readyToken tokenContent].length);
- token.keyIDBase64URL = WTF::base64URLEncode([m_sourceSecretToken.readyToken keyId].bytes, [m_sourceSecretToken.readyToken keyId].length);
- token.signatureBase64URL = WTF::base64URLEncode([m_sourceSecretToken.readyToken signature].bytes, [m_sourceSecretToken.readyToken signature].length);
+ SourceSecretToken token;
+ token.tokenBase64URL = WTF::base64URLEncode([m_sourceUnlinkableToken.readyToken tokenContent].bytes, [m_sourceUnlinkableToken.readyToken tokenContent].length);
+ token.keyIDBase64URL = WTF::base64URLEncode([m_sourceUnlinkableToken.readyToken keyId].bytes, [m_sourceUnlinkableToken.readyToken keyId].length);
+ token.signatureBase64URL = WTF::base64URLEncode([m_sourceUnlinkableToken.readyToken signature].bytes, [m_sourceUnlinkableToken.readyToken signature].length);
- m_sourceUnlinkableToken = WTFMove(token);
+ m_sourceSecretToken = WTFMove(token);
return true;
#else
UNUSED_PARAM(serverResponseBase64URL);
Modified: trunk/Source/WebKit/ChangeLog (274086 => 274087)
--- trunk/Source/WebKit/ChangeLog 2021-03-08 19:36:48 UTC (rev 274086)
+++ trunk/Source/WebKit/ChangeLog 2021-03-08 19:51:56 UTC (rev 274087)
@@ -1,3 +1,61 @@
+2021-03-08 John Wilander <wilan...@apple.com>
+
+ PCM: Align fraud prevention token naming with issue 73 in the Privacy CG repo
+ https://bugs.webkit.org/show_bug.cgi?id=222838
+ <rdar://75115427>
+
+ Reviewed by Brent Fulgham.
+
+ This patch doesn't change functionality and only aligns naming to this W3C Privacy CG issue:
+ https://github.com/privacycg/private-click-measurement/issues/73
+
+ Naming for PCM fraud prevention is updated like this:
+
+ /.well-known/private-click-measurement/sign-secret-token/ changed to
+ /.well-known/private-click-measurement/sign-unlinkable-token/
+
+ /.well-known/private-click-measurement/get-unlinkable-token-public-key/ changed to
+ /.well-known/private-click-measurement/get-token-public-key/
+
+ source_secret_token in requests for token signature changed to source_unlinkable_token
+
+ source_unlinkable_token in attribution reports changed to source_secret_token
+
+ Variable, member, and function names are being renamed similarly.
+
+ * NetworkProcess/Classifier/ResourceLoadStatisticsDatabaseStore.cpp:
+ (WebKit::ResourceLoadStatisticsDatabaseStore::buildPrivateClickMeasurementFromDatabase):
+ * NetworkProcess/NetworkProcess.cpp:
+ (WebKit::NetworkProcess::setPCMFraudPreventionValuesForTesting):
+ (WebKit::NetworkProcess::setFraudPreventionValuesForTesting): Deleted.
+ Renamed setPCMFraudPreventionValuesForTesting() to make it more clear.
+ * NetworkProcess/NetworkProcess.h:
+ * NetworkProcess/NetworkProcess.messages.in:
+ * NetworkProcess/NetworkSession.cpp:
+ (WebKit::NetworkSession::setPCMFraudPreventionValuesForTesting):
+ (WebKit::NetworkSession::setFraudPreventionValuesForTesting): Deleted.
+ Renamed setPCMFraudPreventionValuesForTesting() to make it more clear.
+ * NetworkProcess/NetworkSession.h:
+ * NetworkProcess/PrivateClickMeasurementManager.cpp:
+ (WebKit::PrivateClickMeasurementManager::storeUnattributed):
+ (WebKit::PrivateClickMeasurementManager::getTokenPublicKey):
+ (WebKit::PrivateClickMeasurementManager::getSignedUnlinkableToken):
+ (WebKit::PrivateClickMeasurementManager::setPCMFraudPreventionValuesForTesting):
+ (WebKit::PrivateClickMeasurementManager::getSignedSecretToken): Deleted.
+ (WebKit::PrivateClickMeasurementManager::setFraudPreventionValuesForTesting): Deleted.
+ Renamed setPCMFraudPreventionValuesForTesting() to make it more clear.
+ * NetworkProcess/PrivateClickMeasurementManager.h:
+ * UIProcess/API/C/WKPage.cpp:
+ (WKPageSetPCMFraudPreventionValuesForTesting):
+ (WKPageSetFraudPreventionValuesForTesting): Deleted.
+ Renamed WKPageSetPCMFraudPreventionValuesForTesting() to make it more clear.
+ * UIProcess/API/C/WKPagePrivate.h:
+ * UIProcess/WebPageProxy.cpp:
+ (WebKit::WebPageProxy::setPCMFraudPreventionValuesForTesting):
+ (WebKit::WebPageProxy::setFraudPreventionValuesForTesting): Deleted.
+ Renamed setPCMFraudPreventionValuesForTesting() to make it more clear.
+ * UIProcess/WebPageProxy.h:
+
2021-03-08 Aditya Keerthi <akeer...@apple.com>
[iOS] <select multiple> group headers are illegible in dark mode
Modified: trunk/Source/WebKit/NetworkProcess/Classifier/ResourceLoadStatisticsDatabaseStore.cpp (274086 => 274087)
--- trunk/Source/WebKit/NetworkProcess/Classifier/ResourceLoadStatisticsDatabaseStore.cpp 2021-03-08 19:36:48 UTC (rev 274086)
+++ trunk/Source/WebKit/NetworkProcess/Classifier/ResourceLoadStatisticsDatabaseStore.cpp 2021-03-08 19:51:56 UTC (rev 274087)
@@ -2985,7 +2985,7 @@
attribution.setEarliestTimeToSend(WallTime::fromRawSeconds(earliestTimeToSend));
}
- attribution.setSourceUnlinkableToken({ token, signature, keyID });
+ attribution.setSourceSecretToken({ token, signature, keyID });
return attribution;
}
Modified: trunk/Source/WebKit/NetworkProcess/NetworkProcess.cpp (274086 => 274087)
--- trunk/Source/WebKit/NetworkProcess/NetworkProcess.cpp 2021-03-08 19:36:48 UTC (rev 274086)
+++ trunk/Source/WebKit/NetworkProcess/NetworkProcess.cpp 2021-03-08 19:51:56 UTC (rev 274087)
@@ -2640,10 +2640,10 @@
completionHandler();
}
-void NetworkProcess::setFraudPreventionValuesForTesting(PAL::SessionID sessionID, String&& secretToken, String&& unlinkableToken, String&& signature, String&& keyID, CompletionHandler<void()>&& completionHandler)
+void NetworkProcess::setPCMFraudPreventionValuesForTesting(PAL::SessionID sessionID, String&& unlinkableToken, String&& secretToken, String&& signature, String&& keyID, CompletionHandler<void()>&& completionHandler)
{
if (auto* session = networkSession(sessionID))
- session->setFraudPreventionValuesForTesting(WTFMove(secretToken), WTFMove(unlinkableToken), WTFMove(signature), WTFMove(keyID));
+ session->setPCMFraudPreventionValuesForTesting(WTFMove(unlinkableToken), WTFMove(secretToken), WTFMove(signature), WTFMove(keyID));
completionHandler();
}
Modified: trunk/Source/WebKit/NetworkProcess/NetworkProcess.h (274086 => 274087)
--- trunk/Source/WebKit/NetworkProcess/NetworkProcess.h 2021-03-08 19:36:48 UTC (rev 274086)
+++ trunk/Source/WebKit/NetworkProcess/NetworkProcess.h 2021-03-08 19:51:56 UTC (rev 274087)
@@ -341,7 +341,7 @@
void setPrivateClickMeasurementTokenSignatureURLForTesting(PAL::SessionID, URL&&, CompletionHandler<void()>&&);
void setPrivateClickMeasurementAttributionReportURLForTesting(PAL::SessionID, URL&&, CompletionHandler<void()>&&);
void markPrivateClickMeasurementsAsExpiredForTesting(PAL::SessionID, CompletionHandler<void()>&&);
- void setFraudPreventionValuesForTesting(PAL::SessionID, String&& secretToken, String&& unlinkableToken, String&& signature, String&& keyID, CompletionHandler<void()>&&);
+ void setPCMFraudPreventionValuesForTesting(PAL::SessionID, String&& unlinkableToken, String&& secretToken, String&& signature, String&& keyID, CompletionHandler<void()>&&);
RefPtr<WebCore::StorageQuotaManager> storageQuotaManager(PAL::SessionID, const WebCore::ClientOrigin&);
Modified: trunk/Source/WebKit/NetworkProcess/NetworkProcess.messages.in (274086 => 274087)
--- trunk/Source/WebKit/NetworkProcess/NetworkProcess.messages.in 2021-03-08 19:36:48 UTC (rev 274086)
+++ trunk/Source/WebKit/NetworkProcess/NetworkProcess.messages.in 2021-03-08 19:51:56 UTC (rev 274087)
@@ -171,7 +171,7 @@
SetPrivateClickMeasurementTokenSignatureURLForTesting(PAL::SessionID sessionID, URL url) -> () Async
SetPrivateClickMeasurementAttributionReportURLForTesting(PAL::SessionID sessionID, URL url) -> () Async
MarkPrivateClickMeasurementsAsExpiredForTesting(PAL::SessionID sessionID) -> () Async
- SetFraudPreventionValuesForTesting(PAL::SessionID sessionID, String secretToken, String unlinkableToken, String signature, String keyID) -> () Async
+ SetPCMFraudPreventionValuesForTesting(PAL::SessionID sessionID, String secretToken, String unlinkableToken, String signature, String keyID) -> () Async
GetLocalStorageOriginDetails(PAL::SessionID sessionID) -> (Vector<WebKit::LocalStorageDatabaseTracker::OriginDetails> details) Async
SetServiceWorkerFetchTimeoutForTesting(Seconds seconds) -> () Synchronous
Modified: trunk/Source/WebKit/NetworkProcess/NetworkSession.cpp (274086 => 274087)
--- trunk/Source/WebKit/NetworkProcess/NetworkSession.cpp 2021-03-08 19:36:48 UTC (rev 274086)
+++ trunk/Source/WebKit/NetworkProcess/NetworkSession.cpp 2021-03-08 19:51:56 UTC (rev 274087)
@@ -359,9 +359,9 @@
}
// FIXME: Switch to non-mocked test data once the right cryptography library is available in open source.
-void NetworkSession::setFraudPreventionValuesForTesting(String&& secretToken, String&& unlinkableToken, String&& signature, String&& keyID)
+void NetworkSession::setPCMFraudPreventionValuesForTesting(String&& unlinkableToken, String&& secretToken, String&& signature, String&& keyID)
{
- privateClickMeasurement().setFraudPreventionValuesForTesting(WTFMove(secretToken), WTFMove(unlinkableToken), WTFMove(signature), WTFMove(keyID));
+ privateClickMeasurement().setPCMFraudPreventionValuesForTesting(WTFMove(unlinkableToken), WTFMove(secretToken), WTFMove(signature), WTFMove(keyID));
}
void NetworkSession::firePrivateClickMeasurementTimerImmediately()
Modified: trunk/Source/WebKit/NetworkProcess/NetworkSession.h (274086 => 274087)
--- trunk/Source/WebKit/NetworkProcess/NetworkSession.h 2021-03-08 19:36:48 UTC (rev 274086)
+++ trunk/Source/WebKit/NetworkProcess/NetworkSession.h 2021-03-08 19:51:56 UTC (rev 274087)
@@ -128,7 +128,7 @@
void setPrivateClickMeasurementTokenSignatureURLForTesting(URL&&);
void setPrivateClickMeasurementAttributionReportURLForTesting(URL&&);
void markPrivateClickMeasurementsAsExpiredForTesting();
- void setFraudPreventionValuesForTesting(String&& secretToken, String&& unlinkableToken, String&& signature, String&& keyID);
+ void setPCMFraudPreventionValuesForTesting(String&& unlinkableToken, String&& secretToken, String&& signature, String&& keyID);
void firePrivateClickMeasurementTimerImmediately();
void addKeptAliveLoad(Ref<NetworkResourceLoader>&&);
Modified: trunk/Source/WebKit/NetworkProcess/PrivateClickMeasurementManager.cpp (274086 => 274087)
--- trunk/Source/WebKit/NetworkProcess/PrivateClickMeasurementManager.cpp 2021-03-08 19:36:48 UTC (rev 274086)
+++ trunk/Source/WebKit/NetworkProcess/PrivateClickMeasurementManager.cpp 2021-03-08 19:51:56 UTC (rev 274087)
@@ -85,15 +85,15 @@
return;
if (m_fraudPreventionValuesForTesting)
- attribution.setSourceSecretTokenValue(m_fraudPreventionValuesForTesting->secretToken);
+ attribution.setSourceUnlinkableTokenValue(m_fraudPreventionValuesForTesting->unlinkableToken);
#if PLATFORM(COCOA)
else {
- if (!attribution.calculateAndUpdateSourceSecretToken(publicKeyBase64URL))
+ if (!attribution.calculateAndUpdateSourceUnlinkableToken(publicKeyBase64URL))
return;
}
#endif
- getSignedSecretToken(WTFMove(attribution));
+ getSignedUnlinkableToken(WTFMove(attribution));
});
}
@@ -150,8 +150,8 @@
return;
// This is guaranteed to be close in time to the navigational click which makes it likely to be personally identifiable.
+ auto pcmDataCarried = PrivateClickMeasurement::PcmDataCarried::PersonallyIdentifiable;
auto tokenPublicKeyURL = attribution.tokenPublicKeyURL();
- auto pcmDataCarried = PrivateClickMeasurement::PcmDataCarried::PersonallyIdentifiable;
if (m_tokenPublicKeyURLForTesting) {
tokenPublicKeyURL = *m_tokenPublicKeyURLForTesting;
pcmDataCarried = PrivateClickMeasurement::PcmDataCarried::NonPersonallyIdentifiable;
@@ -162,8 +162,8 @@
auto loadParameters = generateNetworkResourceLoadParametersForHttpGet(WTFMove(tokenPublicKeyURL), pcmDataCarried);
- RELEASE_LOG_INFO(PrivateClickMeasurement, "About to fire a unlinkable token public key request.");
- m_networkProcess->broadcastConsoleMessage(m_sessionID, MessageSource::PrivateClickMeasurement, MessageLevel::Log, "[Private Click Measurement] About to fire a unlinkable token public key request."_s);
+ RELEASE_LOG_INFO(PrivateClickMeasurement, "About to fire a token public key request.");
+ m_networkProcess->broadcastConsoleMessage(m_sessionID, MessageSource::PrivateClickMeasurement, MessageLevel::Log, "[Private Click Measurement] About to fire a token public key request."_s);
m_pingLoadFunction(WTFMove(loadParameters), [weakThis = makeWeakPtr(*this), this, attribution = WTFMove(attribution), callback = WTFMove(callback)] (const WebCore::ResourceError& error, const WebCore::ResourceResponse& response) mutable {
if (!weakThis)
@@ -170,24 +170,25 @@
return;
if (!error.isNull()) {
- m_networkProcess->broadcastConsoleMessage(weakThis->m_sessionID, MessageSource::PrivateClickMeasurement, MessageLevel::Error, makeString("[Private Click Measurement] Received error: '"_s, error.localizedDescription(), "' for unlinkable token public key request."_s));
+ m_networkProcess->broadcastConsoleMessage(weakThis->m_sessionID, MessageSource::PrivateClickMeasurement, MessageLevel::Error, makeString("[Private Click Measurement] Received error: '"_s, error.localizedDescription(), "' for token public key request."_s));
return;
}
// FIXME(222217): Retrieve the public key from the content instead of the header.
+ // FIXME: This should be renamed to token public key without "unlinkble" or "secret" when 222217 is fixed.
callback(WTFMove(attribution), response.httpHeaderFields().get("unlinkable_token_public_key"_s));
});
}
-void PrivateClickMeasurementManager::getSignedSecretToken(PrivateClickMeasurement&& attribution)
+void PrivateClickMeasurementManager::getSignedUnlinkableToken(PrivateClickMeasurement&& attribution)
{
if (!featureEnabled())
return;
// This is guaranteed to be close in time to the navigational click which makes it likely to be personally identifiable.
+ auto pcmDataCarried = PrivateClickMeasurement::PcmDataCarried::PersonallyIdentifiable;
auto tokenSignatureURL = attribution.tokenSignatureURL();
- auto pcmDataCarried = PrivateClickMeasurement::PcmDataCarried::PersonallyIdentifiable;
if (m_tokenSignatureURLForTesting) {
tokenSignatureURL = *m_tokenSignatureURLForTesting;
pcmDataCarried = PrivateClickMeasurement::PcmDataCarried::NonPersonallyIdentifiable;
@@ -198,8 +199,8 @@
auto loadParameters = generateNetworkResourceLoadParametersForHttpPost(WTFMove(tokenSignatureURL), attribution.tokenSignatureJSON(), pcmDataCarried);
- RELEASE_LOG_INFO(PrivateClickMeasurement, "About to fire a secret token signing request.");
- m_networkProcess->broadcastConsoleMessage(m_sessionID, MessageSource::PrivateClickMeasurement, MessageLevel::Log, "[Private Click Measurement] About to fire a secret token signing request."_s);
+ RELEASE_LOG_INFO(PrivateClickMeasurement, "About to fire a unlinkable token signing request.");
+ m_networkProcess->broadcastConsoleMessage(m_sessionID, MessageSource::PrivateClickMeasurement, MessageLevel::Log, "[Private Click Measurement] About to fire a unlinkable token signing request."_s);
m_pingLoadFunction(WTFMove(loadParameters), [weakThis = makeWeakPtr(*this), this, attribution = WTFMove(attribution)] (const WebCore::ResourceError& error, const WebCore::ResourceResponse& response) mutable {
if (!weakThis)
@@ -211,20 +212,22 @@
}
// FIXME(222217): Retrieve the signature from the content instead of the header.
+ // FIXME: This should be renamed to unlinkable token when 222217 is fixed.
auto signatureBase64URL = response.httpHeaderFields().get("secret_token_signature"_s);
if (signatureBase64URL.isEmpty())
return;
+ // FIX NOW!
if (m_fraudPreventionValuesForTesting)
- attribution.setSourceUnlinkableToken({ m_fraudPreventionValuesForTesting->unlinkableToken, m_fraudPreventionValuesForTesting->signature, m_fraudPreventionValuesForTesting->keyID });
+ attribution.setSourceSecretToken({ m_fraudPreventionValuesForTesting->secretToken, m_fraudPreventionValuesForTesting->signature, m_fraudPreventionValuesForTesting->keyID });
#if PLATFORM(COCOA)
else {
- if (!attribution.calculateAndUpdateSourceUnlinkableToken(signatureBase64URL))
+ if (!attribution.calculateAndUpdateSourceSecretToken(signatureBase64URL))
return;
}
#endif
- m_networkProcess->broadcastConsoleMessage(m_sessionID, MessageSource::PrivateClickMeasurement, MessageLevel::Log, "[Private Click Measurement] Storing an unlinkable token."_s);
+ m_networkProcess->broadcastConsoleMessage(m_sessionID, MessageSource::PrivateClickMeasurement, MessageLevel::Log, "[Private Click Measurement] Storing a secret token."_s);
#if ENABLE(RESOURCE_LOAD_STATISTICS)
if (auto* resourceLoadStatistics = m_networkSession->resourceLoadStatistics())
@@ -490,11 +493,11 @@
#endif
}
-void PrivateClickMeasurementManager::setFraudPreventionValuesForTesting(String&& secretToken, String&& unlinkableToken, String&& signature, String&& keyID)
+void PrivateClickMeasurementManager::setPCMFraudPreventionValuesForTesting(String&& unlinkableToken, String&& secretToken, String&& signature, String&& keyID)
{
- if (secretToken.isEmpty() || unlinkableToken.isEmpty() || signature.isEmpty() || keyID.isEmpty())
+ if (unlinkableToken.isEmpty() || secretToken.isEmpty() || signature.isEmpty() || keyID.isEmpty())
return;
- m_fraudPreventionValuesForTesting = TestingFraudPreventionValues { WTFMove(secretToken), WTFMove(unlinkableToken), WTFMove(signature), WTFMove(keyID) };
+ m_fraudPreventionValuesForTesting = TestingFraudPreventionValues { WTFMove(unlinkableToken), WTFMove(secretToken), WTFMove(signature), WTFMove(keyID) };
}
bool PrivateClickMeasurementManager::featureEnabled() const
Modified: trunk/Source/WebKit/NetworkProcess/PrivateClickMeasurementManager.h (274086 => 274087)
--- trunk/Source/WebKit/NetworkProcess/PrivateClickMeasurementManager.h 2021-03-08 19:36:48 UTC (rev 274086)
+++ trunk/Source/WebKit/NetworkProcess/PrivateClickMeasurementManager.h 2021-03-08 19:51:56 UTC (rev 274087)
@@ -66,12 +66,12 @@
void setAttributionReportURLForTesting(URL&&);
void markAllUnattributedAsExpiredForTesting();
void markAttributedPrivateClickMeasurementsAsExpiredForTesting(CompletionHandler<void()>&&);
- void setFraudPreventionValuesForTesting(String&& secretToken, String&& unlinkableToken, String&& signature, String&& keyID);
+ void setPCMFraudPreventionValuesForTesting(String&& unlinkableToken, String&& secretToken, String&& signature, String&& keyID);
void startTimer(Seconds);
private:
void getTokenPublicKey(PrivateClickMeasurement&&, Function<void(PrivateClickMeasurement&& attribution, const String& publicKeyBase64URL)>&&);
- void getSignedSecretToken(PrivateClickMeasurement&&);
+ void getSignedUnlinkableToken(PrivateClickMeasurement&&);
void clearSentAttribution(PrivateClickMeasurement&&);
void attribute(const SourceSite&, const AttributeOnSite&, AttributionTriggerData&&);
void fireConversionRequest(const PrivateClickMeasurement&);
@@ -92,8 +92,8 @@
Function<void(NetworkResourceLoadParameters&&, CompletionHandler<void(const WebCore::ResourceError&, const WebCore::ResourceResponse&)>&&)> m_pingLoadFunction;
struct TestingFraudPreventionValues {
+ String unlinkableToken;
String secretToken;
- String unlinkableToken;
String signature;
String keyID;
};
Modified: trunk/Source/WebKit/UIProcess/API/C/WKPage.cpp (274086 => 274087)
--- trunk/Source/WebKit/UIProcess/API/C/WKPage.cpp 2021-03-08 19:36:48 UTC (rev 274086)
+++ trunk/Source/WebKit/UIProcess/API/C/WKPage.cpp 2021-03-08 19:51:56 UTC (rev 274087)
@@ -2973,9 +2973,9 @@
});
}
-void WKPageSetFraudPreventionValuesForTesting(WKPageRef page, WKStringRef secretToken, WKStringRef unlinkableToken, WKStringRef signature, WKStringRef keyID, WKPageSetFraudPreventionValuesForTestingFunction callback, void* callbackContext)
+void WKPageSetPCMFraudPreventionValuesForTesting(WKPageRef page, WKStringRef unlinkableToken, WKStringRef secretToken, WKStringRef signature, WKStringRef keyID, WKPageSetPCMFraudPreventionValuesForTestingFunction callback, void* callbackContext)
{
- toImpl(page)->setFraudPreventionValuesForTesting(toWTFString(secretToken), toWTFString(unlinkableToken), toWTFString(signature), toWTFString(keyID), [callbackContext, callback] () {
+ toImpl(page)->setPCMFraudPreventionValuesForTesting(toWTFString(unlinkableToken), toWTFString(secretToken), toWTFString(signature), toWTFString(keyID), [callbackContext, callback] () {
callback(callbackContext);
});
}
Modified: trunk/Source/WebKit/UIProcess/API/C/WKPagePrivate.h (274086 => 274087)
--- trunk/Source/WebKit/UIProcess/API/C/WKPagePrivate.h 2021-03-08 19:36:48 UTC (rev 274086)
+++ trunk/Source/WebKit/UIProcess/API/C/WKPagePrivate.h 2021-03-08 19:51:56 UTC (rev 274087)
@@ -187,8 +187,8 @@
WK_EXPORT void WKPageSetPrivateClickMeasurementAttributionReportURLForTesting(WKPageRef page, WKURLRef urlString, WKPageSetPrivateClickMeasurementAttributionReportURLForTestingFunction callback, void* callbackContext);
typedef void (*WKPageMarkPrivateClickMeasurementsAsExpiredForTestingFunction)(void* functionContext);
WK_EXPORT void WKPageMarkPrivateClickMeasurementsAsExpiredForTesting(WKPageRef page, WKPageMarkPrivateClickMeasurementsAsExpiredForTestingFunction callback, void* callbackContext);
-typedef void (*WKPageSetFraudPreventionValuesForTestingFunction)(void* functionContext);
-WK_EXPORT void WKPageSetFraudPreventionValuesForTesting(WKPageRef page, WKStringRef secretToken, WKStringRef unlinkableToken, WKStringRef signature, WKStringRef keyID, WKPageSetFraudPreventionValuesForTestingFunction callback, void* callbackContext);
+typedef void (*WKPageSetPCMFraudPreventionValuesForTestingFunction)(void* functionContext);
+WK_EXPORT void WKPageSetPCMFraudPreventionValuesForTesting(WKPageRef page, WKStringRef secretToken, WKStringRef unlinkableToken, WKStringRef signature, WKStringRef keyID, WKPageSetPCMFraudPreventionValuesForTestingFunction callback, void* callbackContext);
WK_EXPORT void WKPageSetMockCameraOrientation(WKPageRef page, uint64_t orientation);
WK_EXPORT bool WKPageIsMockRealtimeMediaSourceCenterEnabled(WKPageRef page);
Modified: trunk/Source/WebKit/UIProcess/WebPageProxy.cpp (274086 => 274087)
--- trunk/Source/WebKit/UIProcess/WebPageProxy.cpp 2021-03-08 19:36:48 UTC (rev 274086)
+++ trunk/Source/WebKit/UIProcess/WebPageProxy.cpp 2021-03-08 19:51:56 UTC (rev 274087)
@@ -10069,9 +10069,9 @@
websiteDataStore().networkProcess().sendWithAsyncReply(Messages::NetworkProcess::MarkPrivateClickMeasurementsAsExpiredForTesting(m_websiteDataStore->sessionID()), WTFMove(completionHandler));
}
-void WebPageProxy::setFraudPreventionValuesForTesting(const String& secretToken, const String& unlinkableToken, const String& signature, const String& keyID, CompletionHandler<void()>&& completionHandler)
+void WebPageProxy::setPCMFraudPreventionValuesForTesting(const String& unlinkableToken, const String& secretToken, const String& signature, const String& keyID, CompletionHandler<void()>&& completionHandler)
{
- websiteDataStore().networkProcess().sendWithAsyncReply(Messages::NetworkProcess::SetFraudPreventionValuesForTesting(m_websiteDataStore->sessionID(), secretToken, unlinkableToken, signature, keyID), WTFMove(completionHandler));
+ websiteDataStore().networkProcess().sendWithAsyncReply(Messages::NetworkProcess::SetPCMFraudPreventionValuesForTesting(m_websiteDataStore->sessionID(), unlinkableToken, secretToken, signature, keyID), WTFMove(completionHandler));
}
#if ENABLE(SPEECH_SYNTHESIS)
Modified: trunk/Source/WebKit/UIProcess/WebPageProxy.h (274086 => 274087)
--- trunk/Source/WebKit/UIProcess/WebPageProxy.h 2021-03-08 19:36:48 UTC (rev 274086)
+++ trunk/Source/WebKit/UIProcess/WebPageProxy.h 2021-03-08 19:51:56 UTC (rev 274087)
@@ -1707,7 +1707,7 @@
void setPrivateClickMeasurementTokenSignatureURLForTesting(const URL&, CompletionHandler<void()>&&);
void setPrivateClickMeasurementAttributionReportURLForTesting(const URL&, CompletionHandler<void()>&&);
void markPrivateClickMeasurementsAsExpiredForTesting(CompletionHandler<void()>&&);
- void setFraudPreventionValuesForTesting(const String& secretToken, const String& unlinkableToken, const String& signature, const String& keyID, CompletionHandler<void()>&&);
+ void setPCMFraudPreventionValuesForTesting(const String& unlinkableToken, const String& secretToken, const String& signature, const String& keyID, CompletionHandler<void()>&&);
#if ENABLE(SPEECH_SYNTHESIS)
void speechSynthesisVoiceList(CompletionHandler<void(Vector<WebSpeechSynthesisVoice>&&)>&&);
Modified: trunk/Tools/ChangeLog (274086 => 274087)
--- trunk/Tools/ChangeLog 2021-03-08 19:36:48 UTC (rev 274086)
+++ trunk/Tools/ChangeLog 2021-03-08 19:51:56 UTC (rev 274087)
@@ -1,3 +1,44 @@
+2021-03-08 John Wilander <wilan...@apple.com>
+
+ PCM: Align fraud prevention token naming with issue 73 in the Privacy CG repo
+ https://bugs.webkit.org/show_bug.cgi?id=222838
+ <rdar://75115427>
+
+ Reviewed by Brent Fulgham.
+
+ This patch doesn't change functionality and only aligns naming to this W3C Privacy CG issue:
+ https://github.com/privacycg/private-click-measurement/issues/73
+
+ Naming for PCM fraud prevention is updated like this:
+
+ /.well-known/private-click-measurement/sign-secret-token/ changed to
+ /.well-known/private-click-measurement/sign-unlinkable-token/
+
+ /.well-known/private-click-measurement/get-unlinkable-token-public-key/ changed to
+ /.well-known/private-click-measurement/get-token-public-key/
+
+ source_secret_token in requests for token signature changed to source_unlinkable_token
+
+ source_unlinkable_token in attribution reports changed to source_secret_token
+
+ Variable, member, and function names are being renamed similarly.
+
+ * TestWebKitAPI/Tests/WebCore/PrivateClickMeasurement.cpp:
+ (TestWebKitAPI::TEST):
+ * TestWebKitAPI/Tests/WebCore/cocoa/PrivateClickMeasurementCocoa.mm:
+ (TestWebKitAPI::TEST):
+ * WebKitTestRunner/InjectedBundle/Bindings/TestRunner.idl:
+ * WebKitTestRunner/InjectedBundle/TestRunner.cpp:
+ (WTR::TestRunner::setPrivateClickMeasurementFraudPreventionValuesForTesting):
+ (WTR::TestRunner::setFraudPreventionValuesForTesting): Deleted.
+ * WebKitTestRunner/InjectedBundle/TestRunner.h:
+ * WebKitTestRunner/TestController.cpp:
+ (WTR::TestController::setPCMFraudPreventionValuesForTesting):
+ (WTR::TestController::setFraudPreventionValuesForTesting): Deleted.
+ * WebKitTestRunner/TestController.h:
+ * WebKitTestRunner/TestInvocation.cpp:
+ (WTR::TestInvocation::didReceiveSynchronousMessageFromInjectedBundle):
+
2021-03-08 Jonathan Bedard <jbed...@apple.com>
[resultsdbpy] Adopt webkitscmpy
Modified: trunk/Tools/TestWebKitAPI/Tests/WebCore/PrivateClickMeasurement.cpp (274086 => 274087)
--- trunk/Tools/TestWebKitAPI/Tests/WebCore/PrivateClickMeasurement.cpp 2021-03-08 19:36:48 UTC (rev 274086)
+++ trunk/Tools/TestWebKitAPI/Tests/WebCore/PrivateClickMeasurement.cpp 2021-03-08 19:51:56 UTC (rev 274087)
@@ -307,18 +307,18 @@
const char serverPublicKeyBase64URL[] = "MIICIjANBgkqhkiG9w0BAQEFAAOCAg8AMIICCgKCAgEAzb1dThrtYwVh46SjInegKhAqpbJwm1XnTBCvybSK8zk53R0Am1hG33AVF5J1lqYf36wp663GasclHtqzvxFZIvDA1DUSH4aZz_fDHCTTxEeJVPORS3zNN2UjWwbtnwsh4BmDTi-z_cDn0LAz2JuZyKlyFt5GgVLAQvL9H3VLHU9_XHNK-uboyXfcHRTtrDnpu3c6wvX5dd-AJoLmIQTZBEJfVkxBGznk1qKHjc6nASAirKF_wJCnuwAK8C6BAcjNcwUWCeKp0YECzCXU--JXd2OEU-QhxPC67faiDOh3V0vlfqZLtrlbnanUCKrvhw7GaGOGYotIrnZtuNfxC14d_XNVd1FS8nHjRTHnEgw_jnlSssfgStz0uJtcmkfgoJBvOE4mIRpi7iSlRfXNkKsWX1J-gwcnCVo5u0uJEW6X6NyvEGYJ8w5BPfwsQuK9y-4Z7ikt9IOucEHY7ThDmi9TNNhHBVj0Gu4wGoSjq3a6vL5N10ZSHXoq1XgfGPrmHhhL90cjvWonoyOXsUqlXEzTjD2W9897Q-Mx9BUNrGQPqmIx8F5MwxWcOrye8WRp4Q88n2YSUnV7C8ayld3v1Fh7N5jeSqeVmtDVRYTn2sVfNqgXrzgdigJcQR8vFENu6nzFPwsrXPMaCiLUnZNUmQ1ZSLQeQyhYXxHqRJrnuCDWXLkCAwEAAQ";
PrivateClickMeasurement pcm;
- auto sourceSecretToken = pcm.tokenSignatureJSON();
- EXPECT_EQ(sourceSecretToken->asObject()->size(), 0ul);
+ auto sourceUnlinkableToken = pcm.tokenSignatureJSON();
+ EXPECT_EQ(sourceUnlinkableToken->asObject()->size(), 0ul);
auto ephemeralNonce = PrivateClickMeasurement::EphemeralSourceNonce { "ABCDEFabcdef0123456789"_s };
EXPECT_TRUE(ephemeralNonce.isValid());
pcm.setEphemeralSourceNonce(WTFMove(ephemeralNonce));
- EXPECT_TRUE(pcm.calculateAndUpdateSourceSecretToken(serverPublicKeyBase64URL));
- sourceSecretToken = pcm.tokenSignatureJSON();
- EXPECT_EQ(sourceSecretToken->asObject()->size(), 4ul);
+ EXPECT_TRUE(pcm.calculateAndUpdateSourceUnlinkableToken(serverPublicKeyBase64URL));
+ sourceUnlinkableToken = pcm.tokenSignatureJSON();
+ EXPECT_EQ(sourceUnlinkableToken->asObject()->size(), 4ul);
- EXPECT_FALSE(pcm.calculateAndUpdateSourceUnlinkableToken(emptyString()));
+ EXPECT_FALSE(pcm.calculateAndUpdateSourceSecretToken(emptyString()));
}
#endif
Modified: trunk/Tools/TestWebKitAPI/Tests/WebCore/cocoa/PrivateClickMeasurementCocoa.mm (274086 => 274087)
--- trunk/Tools/TestWebKitAPI/Tests/WebCore/cocoa/PrivateClickMeasurementCocoa.mm 2021-03-08 19:36:48 UTC (rev 274086)
+++ trunk/Tools/TestWebKitAPI/Tests/WebCore/cocoa/PrivateClickMeasurementCocoa.mm 2021-03-08 19:51:56 UTC (rev 274087)
@@ -81,7 +81,7 @@
auto *nsSpkiData = (__bridge NSData *)spkiData.get();
// Continue the test.
- EXPECT_TRUE(pcm.calculateAndUpdateSourceSecretToken(WTF::base64URLEncode(nsSpkiData.bytes, nsSpkiData.length)));
+ EXPECT_TRUE(pcm.calculateAndUpdateSourceUnlinkableToken(WTF::base64URLEncode(nsSpkiData.bytes, nsSpkiData.length)));
auto sourceSecretToken = pcm.tokenSignatureJSON();
EXPECT_EQ(sourceSecretToken->asObject()->size(), 4ul);
EXPECT_STREQ(sourceSecretToken->getString("source_engagement_type"_s).utf8().data(), "click");
@@ -97,7 +97,7 @@
ccrsabssa_sign_blinded_message(ciphersuite, rsaPrivateKey, blindedMessage.data(), blindedMessage.size(), static_cast<uint8_t *>([blindedSignature mutableBytes]), [blindedSignature length], rng);
// Continue the test.
- EXPECT_TRUE(pcm.calculateAndUpdateSourceUnlinkableToken(WTF::base64URLEncode([blindedSignature bytes], [blindedSignature length])));
+ EXPECT_TRUE(pcm.calculateAndUpdateSourceSecretToken(WTF::base64URLEncode([blindedSignature bytes], [blindedSignature length])));
auto& persistentToken = pcm.sourceUnlinkableToken();
EXPECT_TRUE(persistentToken);
EXPECT_FALSE(persistentToken->tokenBase64URL.isEmpty());
Modified: trunk/Tools/WebKitTestRunner/InjectedBundle/Bindings/TestRunner.idl (274086 => 274087)
--- trunk/Tools/WebKitTestRunner/InjectedBundle/Bindings/TestRunner.idl 2021-03-08 19:36:48 UTC (rev 274086)
+++ trunk/Tools/WebKitTestRunner/InjectedBundle/Bindings/TestRunner.idl 2021-03-08 19:51:56 UTC (rev 274087)
@@ -407,7 +407,7 @@
undefined setPrivateClickMeasurementTokenSignatureURLForTesting(DOMString url);
undefined setPrivateClickMeasurementAttributionReportURLForTesting(DOMString url);
undefined markPrivateClickMeasurementsAsExpiredForTesting();
- undefined setFraudPreventionValuesForTesting(DOMString secretToken, DOMString unlinkableToken, DOMString signature, DOMString keyID);
+ undefined setPrivateClickMeasurementFraudPreventionValuesForTesting(DOMString unlinkableToken, DOMString secretToken, DOMString signature, DOMString keyID);
// SpeechRecognition
undefined setIsSpeechRecognitionPermissionGranted(boolean value);
Modified: trunk/Tools/WebKitTestRunner/InjectedBundle/TestRunner.cpp (274086 => 274087)
--- trunk/Tools/WebKitTestRunner/InjectedBundle/TestRunner.cpp 2021-03-08 19:36:48 UTC (rev 274086)
+++ trunk/Tools/WebKitTestRunner/InjectedBundle/TestRunner.cpp 2021-03-08 19:51:56 UTC (rev 274087)
@@ -2049,11 +2049,11 @@
postSynchronousPageMessage("MarkPrivateClickMeasurementsAsExpiredForTesting");
}
-void TestRunner::setFraudPreventionValuesForTesting(JSStringRef secretToken, JSStringRef unlinkableToken, JSStringRef signature, JSStringRef keyID)
+void TestRunner::setPrivateClickMeasurementFraudPreventionValuesForTesting(JSStringRef unlinkableToken, JSStringRef secretToken, JSStringRef signature, JSStringRef keyID)
{
- postSynchronousMessage("SetFraudPreventionValuesForTesting", createWKDictionary({
+ postSynchronousMessage("SetPCMFraudPreventionValuesForTesting", createWKDictionary({
+ { "UnlinkableToken", toWK(unlinkableToken) },
{ "SecretToken", toWK(secretToken) },
- { "UnlinkableToken", toWK(unlinkableToken) },
{ "Signature", toWK(signature) },
{ "KeyID", toWK(keyID) },
}));
Modified: trunk/Tools/WebKitTestRunner/InjectedBundle/TestRunner.h (274086 => 274087)
--- trunk/Tools/WebKitTestRunner/InjectedBundle/TestRunner.h 2021-03-08 19:36:48 UTC (rev 274086)
+++ trunk/Tools/WebKitTestRunner/InjectedBundle/TestRunner.h 2021-03-08 19:51:56 UTC (rev 274087)
@@ -517,7 +517,7 @@
void setPrivateClickMeasurementAttributionReportURLForTesting(JSStringRef);
void markPrivateClickMeasurementsAsExpiredForTesting();
void markAttributedPrivateClickMeasurementsAsExpiredForTesting();
- void setFraudPreventionValuesForTesting(JSStringRef secretToken, JSStringRef unlinkableToken, JSStringRef signature, JSStringRef keyID);
+ void setPrivateClickMeasurementFraudPreventionValuesForTesting(JSStringRef unlinkableToken, JSStringRef secretToken, JSStringRef signature, JSStringRef keyID);
void simulateResourceLoadStatisticsSessionRestart();
void setIsSpeechRecognitionPermissionGranted(bool);
Modified: trunk/Tools/WebKitTestRunner/TestController.cpp (274086 => 274087)
--- trunk/Tools/WebKitTestRunner/TestController.cpp 2021-03-08 19:36:48 UTC (rev 274086)
+++ trunk/Tools/WebKitTestRunner/TestController.cpp 2021-03-08 19:51:56 UTC (rev 274087)
@@ -3658,10 +3658,10 @@
runUntil(callbackContext.done, noTimeout);
}
-void TestController::setFraudPreventionValuesForTesting(WKStringRef secretToken, WKStringRef unlinkableToken, WKStringRef signature, WKStringRef keyID)
+void TestController::setPCMFraudPreventionValuesForTesting(WKStringRef unlinkableToken, WKStringRef secretToken, WKStringRef signature, WKStringRef keyID)
{
PrivateClickMeasurementVoidCallbackContext callbackContext(*this);
- WKPageSetFraudPreventionValuesForTesting(m_mainWebView->page(), secretToken, unlinkableToken, signature, keyID, privateClickMeasurementVoidCallback, &callbackContext);
+ WKPageSetPCMFraudPreventionValuesForTesting(m_mainWebView->page(), unlinkableToken, secretToken, signature, keyID, privateClickMeasurementVoidCallback, &callbackContext);
runUntil(callbackContext.done, noTimeout);
}
Modified: trunk/Tools/WebKitTestRunner/TestController.h (274086 => 274087)
--- trunk/Tools/WebKitTestRunner/TestController.h 2021-03-08 19:36:48 UTC (rev 274086)
+++ trunk/Tools/WebKitTestRunner/TestController.h 2021-03-08 19:51:56 UTC (rev 274087)
@@ -350,7 +350,7 @@
void setPrivateClickMeasurementTokenSignatureURLForTesting(WKURLRef);
void setPrivateClickMeasurementAttributionReportURLForTesting(WKURLRef);
void markPrivateClickMeasurementsAsExpiredForTesting();
- void setFraudPreventionValuesForTesting(WKStringRef secretToken, WKStringRef unlinkableToken, WKStringRef signature, WKStringRef keyID);
+ void setPCMFraudPreventionValuesForTesting(WKStringRef unlinkableToken, WKStringRef secretToken, WKStringRef signature, WKStringRef keyID);
void didSetAppBoundDomains() const;
Modified: trunk/Tools/WebKitTestRunner/TestInvocation.cpp (274086 => 274087)
--- trunk/Tools/WebKitTestRunner/TestInvocation.cpp 2021-03-08 19:36:48 UTC (rev 274086)
+++ trunk/Tools/WebKitTestRunner/TestInvocation.cpp 2021-03-08 19:51:56 UTC (rev 274087)
@@ -1363,14 +1363,14 @@
return nullptr;
}
- if (WKStringIsEqualToUTF8CString(messageName, "SetFraudPreventionValuesForTesting")) {
+ if (WKStringIsEqualToUTF8CString(messageName, "SetPCMFraudPreventionValuesForTesting")) {
auto testDictionary = dictionaryValue(messageBody);
+ auto unlinkableToken = stringValue(testDictionary, "UnlinkableToken");
auto secretToken = stringValue(testDictionary, "SecretToken");
- auto unlinkableToken = stringValue(testDictionary, "UnlinkableToken");
auto signature = stringValue(testDictionary, "Signature");
auto keyID = stringValue(testDictionary, "KeyID");
- TestController::singleton().setFraudPreventionValuesForTesting(secretToken, unlinkableToken, signature, keyID);
+ TestController::singleton().setPCMFraudPreventionValuesForTesting(unlinkableToken, secretToken, signature, keyID);
return nullptr;
}
