Diff
Modified: branches/safari-608-branch/LayoutTests/ChangeLog (251352 => 251353)
--- branches/safari-608-branch/LayoutTests/ChangeLog 2019-10-20 23:24:48 UTC (rev 251352)
+++ branches/safari-608-branch/LayoutTests/ChangeLog 2019-10-20 23:40:21 UTC (rev 251353)
@@ -1,3 +1,20 @@
+2019-10-20 Babak Shafiei <bshaf...@apple.com>
+
+ Apply patch. rdar://problem/56427498
+
+ 2019-10-20 John Wilander <wilan...@apple.com>
+
+ Cherry-pick r251213. rdar://problem/56262708
+
+ Resource Load Statistics: Block all third-party cookies on websites without prior user interaction
+ https://bugs.webkit.org/show_bug.cgi?id=203017
+ <rdar://problem/56262708>
+
+ Reviewed by Alex Christensen.
+
+ * http/tests/resourceLoadStatistics/third-party-cookie-blocking-on-sites-without-user-interaction-expected.txt: Added.
+ * http/tests/resourceLoadStatistics/third-party-cookie-blocking-on-sites-without-user-interaction.html: Added.
+
2019-10-17 Alan Coon <alanc...@apple.com>
Cherry-pick r250589. rdar://problem/55927251
Added: branches/safari-608-branch/LayoutTests/http/tests/resourceLoadStatistics/third-party-cookie-blocking-on-sites-without-user-interaction-expected.txt (0 => 251353)
--- branches/safari-608-branch/LayoutTests/http/tests/resourceLoadStatistics/third-party-cookie-blocking-on-sites-without-user-interaction-expected.txt (rev 0)
+++ branches/safari-608-branch/LayoutTests/http/tests/resourceLoadStatistics/third-party-cookie-blocking-on-sites-without-user-interaction-expected.txt 2019-10-20 23:40:21 UTC (rev 251353)
@@ -0,0 +1,25 @@
+Tests that all third-party cookies are blocked under websites that have not received user interaction.
+
+On success, you will see a series of "PASS" messages, followed by "TEST COMPLETE".
+
+
+PASS successfullyParsed is true
+
+TEST COMPLETE
+
+
+--------
+Frame: '<!--frame1-->'
+--------
+Before user interaction, should receive no cookies.
+Did not receive cookie named 'firstPartyCookie'.
+Did not receive cookie named 'partitionedCookie'.
+Client-side document.cookie:
+
+--------
+Frame: '<!--frame2-->'
+--------
+After user interaction, should receive first-party cookie.
+Received cookie named 'firstPartyCookie'.
+Did not receive cookie named 'partitionedCookie'.
+Client-side document.cookie: firstPartyCookie=value
Added: branches/safari-608-branch/LayoutTests/http/tests/resourceLoadStatistics/third-party-cookie-blocking-on-sites-without-user-interaction.html (0 => 251353)
--- branches/safari-608-branch/LayoutTests/http/tests/resourceLoadStatistics/third-party-cookie-blocking-on-sites-without-user-interaction.html (rev 0)
+++ branches/safari-608-branch/LayoutTests/http/tests/resourceLoadStatistics/third-party-cookie-blocking-on-sites-without-user-interaction.html 2019-10-20 23:40:21 UTC (rev 251353)
@@ -0,0 +1,76 @@
+<!DOCTYPE html>
+<html lang="en">
+<head>
+ <meta charset="UTF-8">
+ <script src=""
+ <script src=""
+</head>
+<body>
+<script>
+ description("Tests that all third-party cookies are blocked under websites that have not received user interaction.");
+ jsTestIsAsync = true;
+
+ const partitionHost = "127.0.0.1:8000";
+ const partitionOrigin = "http://" + partitionHost;
+ const thirdPartyOrigin = "http://localhost:8000";
+ const resourcePath = "/resourceLoadStatistics/resources";
+ const thirdPartyBaseUrl = thirdPartyOrigin + resourcePath;
+ const firstPartyCookieName = "firstPartyCookie";
+ const subPathToSetFirstPartyCookie = "/set-cookie.php?name=" + firstPartyCookieName + "&value=value";
+ const partitionedCookieName = "partitionedCookie";
+ const subPathToSetPartitionedCookie = "/set-cookie.php?name=" + partitionedCookieName + "&value=value";
+ const returnUrl = partitionOrigin + "/resourceLoadStatistics/third-party-cookie-blocking-on-sites-without-user-interaction.html";
+ const subPathToGetCookies = "/get-cookies.php?name1=" + firstPartyCookieName + "&name2=" + partitionedCookieName;
+
+ function openIframe(url, onLoadHandler) {
+ const element = document.createElement("iframe");
+ element.src = ""
+ if (onLoadHandler) {
+ element._onload_ = onLoadHandler;
+ }
+ document.body.appendChild(element);
+ }
+
+ function runTest() {
+ switch (document.location.hash) {
+ case "#step1":
+ // Set first-party cookie for localhost.
+ document.location.href = "" + subPathToSetFirstPartyCookie + "#" + returnUrl + "#step2";
+ break;
+ case "#step2":
+ document.location.hash = "step3";
+ // Check that the cookie is blocked for localhost under 127.0.0.1 even though localhost is not prevalent.
+ openIframe(thirdPartyBaseUrl + subPathToGetCookies + "&message=Before user interaction, should receive no cookies.", runTest);
+ break;
+ case "#step3":
+ document.location.hash = "step4";
+ // Produce user interaction for the first-party to allow third-party cookie access.
+ testRunner.setStatisticsHasHadUserInteraction(partitionOrigin, true, function() {
+ testRunner.statisticsUpdateCookieBlocking(function() {
+ // Check that the cookie is no longer blocked for localhost under 127.0.0.1.
+ openIframe(thirdPartyBaseUrl + subPathToGetCookies + "&message=After user interaction, should receive first-party cookie.", runTest);
+ });
+ });
+ break;
+ case "#step4":
+ testRunner.setStatisticsShouldBlockThirdPartyCookies(false, function() {
+ setEnableFeature(false, finishJSTest);
+ });
+ break;
+ }
+ }
+
+ if (document.location.hash === "") {
+ setEnableFeature(true, function () {
+ if (testRunner.isStatisticsPrevalentResource(thirdPartyOrigin))
+ testFailed("Localhost was classified as prevalent resource before the test starts.");
+ testRunner.dumpChildFramesAsText();
+ document.location.hash = "step1";
+ testRunner.setStatisticsShouldBlockThirdPartyCookies(true, runTest);
+ });
+ } else {
+ runTest();
+ }
+</script>
+</body>
+</html>
Modified: branches/safari-608-branch/Source/WebCore/ChangeLog (251352 => 251353)
--- branches/safari-608-branch/Source/WebCore/ChangeLog 2019-10-20 23:24:48 UTC (rev 251352)
+++ branches/safari-608-branch/Source/WebCore/ChangeLog 2019-10-20 23:40:21 UTC (rev 251353)
@@ -1,3 +1,31 @@
+2019-10-20 Babak Shafiei <bshaf...@apple.com>
+
+ Apply patch. rdar://problem/56427498
+
+ 2019-10-20 John Wilander <wilan...@apple.com>
+
+ Cherry-pick r251213. rdar://problem/56262708
+
+ Resource Load Statistics: Block all third-party cookies on websites without prior user interaction
+ https://bugs.webkit.org/show_bug.cgi?id=203017
+ <rdar://problem/56262708>
+
+ Reviewed by Alex Christensen.
+
+ NetworkStorageSession::shouldBlockCookies() now checks if the first-party website has
+ received user interaction and if not, blocks all third-party cookies, regardless of the
+ status of those third-party domains (prevalent or not).
+
+ Test: http/tests/resourceLoadStatistics/third-party-cookie-blocking-on-sites-without-user-interaction.html
+
+ * page/Settings.yaml:
+ * platform/network/NetworkStorageSession.cpp:
+ (WebCore::NetworkStorageSession::hasHadUserInteractionAsFirstParty const):
+ (WebCore::NetworkStorageSession::shouldBlockCookies const):
+ (WebCore::NetworkStorageSession::setDomainsWithUserInteractionAsFirstParty):
+ * platform/network/NetworkStorageSession.h:
+ (WebCore::NetworkStorageSession::setIsThirdPartyCookieBlockingOnSitesWithoutUserInteractionEnabled):
+
2019-10-17 Alan Coon <alanc...@apple.com>
Cherry-pick r250589. rdar://problem/55927251
Modified: branches/safari-608-branch/Source/WebCore/page/Settings.yaml (251352 => 251353)
--- branches/safari-608-branch/Source/WebCore/page/Settings.yaml 2019-10-20 23:24:48 UTC (rev 251352)
+++ branches/safari-608-branch/Source/WebCore/page/Settings.yaml 2019-10-20 23:40:21 UTC (rev 251353)
@@ -859,6 +859,9 @@
allowViewportShrinkToFitContent:
initial: true
+isThirdPartyCookieBlockingOnSitesWithoutUserInteractionEnabled:
+ initial: false
+
# Deprecated
iceCandidateFilteringEnabled:
Modified: branches/safari-608-branch/Source/WebCore/platform/network/NetworkStorageSession.cpp (251352 => 251353)
--- branches/safari-608-branch/Source/WebCore/platform/network/NetworkStorageSession.cpp 2019-10-20 23:24:48 UTC (rev 251352)
+++ branches/safari-608-branch/Source/WebCore/platform/network/NetworkStorageSession.cpp 2019-10-20 23:40:21 UTC (rev 251353)
@@ -66,6 +66,14 @@
return m_registrableDomainsToBlockCookieFor.contains(registrableDomain);
}
+bool NetworkStorageSession::hasHadUserInteractionAsFirstParty(const RegistrableDomain& registrableDomain) const
+{
+ if (registrableDomain.isEmpty())
+ return false;
+
+ return m_registrableDomainsWithUserInteractionAsFirstParty.contains(registrableDomain);
+}
+
bool NetworkStorageSession::shouldBlockCookies(const ResourceRequest& request, Optional<uint64_t> frameID, Optional<PageIdentifier> pageID) const
{
return shouldBlockCookies(request.firstPartyForCookies(), request.url(), frameID, pageID);
@@ -87,6 +95,9 @@
if (pageID && hasStorageAccess(resourceDomain, firstPartyDomain, frameID, pageID.value()))
return false;
+ if (m_isThirdPartyCookieBlockingOnSitesWithoutUserInteractionEnabled && !hasHadUserInteractionAsFirstParty(firstPartyDomain))
+ return true;
+
return shouldBlockThirdPartyCookies(resourceDomain);
}
@@ -109,6 +120,12 @@
m_registrableDomainsToBlockCookieFor.add(domains.begin(), domains.end());
}
+void NetworkStorageSession::setDomainsWithUserInteractionAsFirstParty(const Vector<RegistrableDomain>& domains)
+{
+ m_registrableDomainsWithUserInteractionAsFirstParty.clear();
+ m_registrableDomainsWithUserInteractionAsFirstParty.add(domains.begin(), domains.end());
+}
+
void NetworkStorageSession::removePrevalentDomains(const Vector<RegistrableDomain>& domains)
{
for (auto& domain : domains)
Modified: branches/safari-608-branch/Source/WebCore/platform/network/NetworkStorageSession.h (251352 => 251353)
--- branches/safari-608-branch/Source/WebCore/platform/network/NetworkStorageSession.h 2019-10-20 23:24:48 UTC (rev 251352)
+++ branches/safari-608-branch/Source/WebCore/platform/network/NetworkStorageSession.h 2019-10-20 23:40:21 UTC (rev 251353)
@@ -148,7 +148,9 @@
WEBCORE_EXPORT bool shouldBlockCookies(const ResourceRequest&, Optional<uint64_t> frameID, Optional<PageIdentifier>) const;
WEBCORE_EXPORT bool shouldBlockCookies(const URL& firstPartyForCookies, const URL& resource, Optional<uint64_t> frameID, Optional<PageIdentifier>) const;
WEBCORE_EXPORT bool shouldBlockThirdPartyCookies(const RegistrableDomain&) const;
+ WEBCORE_EXPORT bool hasHadUserInteractionAsFirstParty(const RegistrableDomain&) const;
WEBCORE_EXPORT void setPrevalentDomainsToBlockCookiesFor(const Vector<RegistrableDomain>&);
+ WEBCORE_EXPORT void setDomainsWithUserInteractionAsFirstParty(const Vector<RegistrableDomain>&);
WEBCORE_EXPORT void setAgeCapForClientSideCookies(Optional<Seconds>);
WEBCORE_EXPORT void removePrevalentDomains(const Vector<RegistrableDomain>& domains);
WEBCORE_EXPORT bool hasStorageAccess(const RegistrableDomain& resourceDomain, const RegistrableDomain& firstPartyDomain, Optional<uint64_t> frameID, PageIdentifier) const;
@@ -162,6 +164,7 @@
WEBCORE_EXPORT Optional<Seconds> maxAgeCacheCap(const ResourceRequest&);
WEBCORE_EXPORT void didCommitCrossSiteLoadWithDataTransferFromPrevalentResource(const RegistrableDomain& toDomain, PageIdentifier);
WEBCORE_EXPORT void resetCrossSiteLoadsWithLinkDecorationForTesting();
+ void setIsThirdPartyCookieBlockingOnSitesWithoutUserInteractionEnabled(bool enabled) { m_isThirdPartyCookieBlockingOnSitesWithoutUserInteractionEnabled = enabled; }
#endif
private:
@@ -187,6 +190,7 @@
#if ENABLE(RESOURCE_LOAD_STATISTICS)
Optional<Seconds> clientSideCookieCap(const RegistrableDomain& firstParty, Optional<PageIdentifier>) const;
HashSet<RegistrableDomain> m_registrableDomainsToBlockCookieFor;
+ HashSet<RegistrableDomain> m_registrableDomainsWithUserInteractionAsFirstParty;
HashMap<PageIdentifier, HashMap<uint64_t, RegistrableDomain, DefaultHash<uint64_t>::Hash, WTF::UnsignedWithZeroKeyHashTraits<uint64_t>>> m_framesGrantedStorageAccess;
HashMap<PageIdentifier, HashMap<RegistrableDomain, RegistrableDomain>> m_pagesGrantedStorageAccess;
Optional<Seconds> m_cacheMaxAgeCapForPrevalentResources { };
@@ -194,6 +198,7 @@
Optional<Seconds> m_ageCapForClientSideCookiesShort { };
HashMap<WebCore::PageIdentifier, RegistrableDomain> m_navigatedToWithLinkDecorationByPrevalentResource;
bool m_navigationWithLinkDecorationTestMode = false;
+ bool m_isThirdPartyCookieBlockingOnSitesWithoutUserInteractionEnabled = true;
#endif
#if PLATFORM(COCOA)
Modified: branches/safari-608-branch/Source/WebKit/ChangeLog (251352 => 251353)
--- branches/safari-608-branch/Source/WebKit/ChangeLog 2019-10-20 23:24:48 UTC (rev 251352)
+++ branches/safari-608-branch/Source/WebKit/ChangeLog 2019-10-20 23:40:21 UTC (rev 251353)
@@ -1,3 +1,76 @@
+2019-10-20 Babak Shafiei <bshaf...@apple.com>
+
+ Apply patch. rdar://problem/56427498
+
+ 2019-10-20 John Wilander <wilan...@apple.com>
+
+ Cherry-pick r251213. rdar://problem/56262708
+
+ Resource Load Statistics: Block all third-party cookies on websites without prior user interaction
+ https://bugs.webkit.org/show_bug.cgi?id=203017
+ <rdar://problem/56262708>
+
+ Reviewed by Alex Christensen.
+
+ The functional change is in WebCore::NetworkStorageSession::shouldBlockCookies() which is
+ called from:
+ - NetworkDataTaskCocoa::NetworkDataTaskCocoa()
+ - NetworkDataTaskCocoa::willPerformHTTPRedirection
+
+ shouldBlockCookies() now checks if the first-party website has received user interaction
+ and if not, blocks all third-party cookies, regardless of the status of those third-party
+ domains (prevalent or not).
+
+ The changes to ResourceLoadStatisticsDatabaseStore and ResourceLoadStatisticsMemoryStore
+ are about communicating which domains have received user interaction (prevalent or not)
+ to the network storage session so that it can enforce the new restriction.
+
+ The C API change and piping through the WebsiteDataStore is test infrastructure.
+
+ * NetworkProcess/Classifier/ResourceLoadStatisticsDatabaseStore.cpp:
+ (WebKit::ResourceLoadStatisticsDatabaseStore::clear):
+ (WebKit::ResourceLoadStatisticsDatabaseStore::updateCookieBlocking):
+ * NetworkProcess/Classifier/ResourceLoadStatisticsMemoryStore.cpp:
+ (WebKit::ResourceLoadStatisticsMemoryStore::logUserInteraction):
+ (WebKit::ResourceLoadStatisticsMemoryStore::clear):
+ (WebKit::ResourceLoadStatisticsMemoryStore::updateCookieBlocking):
+ * NetworkProcess/Classifier/ResourceLoadStatisticsStore.cpp:
+ (WebKit::ResourceLoadStatisticsStore::updateCookieBlockingForDomains):
+ * NetworkProcess/Classifier/ResourceLoadStatisticsStore.h:
+ * NetworkProcess/Classifier/WebResourceLoadStatisticsStore.cpp:
+ (WebKit::WebResourceLoadStatisticsStore::callUpdatePrevalentDomainsToBlockCookiesForHandler):
+ (WebKit::WebResourceLoadStatisticsStore::scheduleCookieBlockingUpdateForDomains): Deleted.
+ (WebKit::WebResourceLoadStatisticsStore::scheduleClearBlockingStateForDomains): Deleted.
+ * NetworkProcess/Classifier/WebResourceLoadStatisticsStore.h:
+ (WebKit::RegistrableDomainsToBlockCookiesFor::isolatedCopy const):
+ * NetworkProcess/NetworkProcess.cpp:
+ (WebKit::NetworkProcess::setShouldBlockThirdPartyCookiesForTesting):
+ * NetworkProcess/NetworkProcess.h:
+ * NetworkProcess/NetworkProcess.messages.in:
+ * NetworkProcess/NetworkSession.h:
+ * NetworkProcess/NetworkSessionCreationParameters.cpp:
+ (WebKit::NetworkSessionCreationParameters::privateSessionParameters):
+ (WebKit::NetworkSessionCreationParameters::encode const):
+ (WebKit::NetworkSessionCreationParameters::decode):
+ * NetworkProcess/NetworkSessionCreationParameters.h:
+ * NetworkProcess/cocoa/NetworkSessionCocoa.mm:
+ (WebKit::NetworkSessionCocoa::NetworkSessionCocoa):
+ * Shared/WebPreferences.yaml:
+ * UIProcess/API/C/WKWebsiteDataStoreRef.cpp:
+ (WKWebsiteDataStoreSetResourceLoadStatisticsShouldBlockThirdPartyCookiesForTesting):
+ (WKWebsiteDataStoreStatisticsResetToConsistentState):
+ * UIProcess/API/C/WKWebsiteDataStoreRef.h:
+ * UIProcess/Network/NetworkProcessProxy.cpp:
+ (WebKit::NetworkProcessProxy::setShouldBlockThirdPartyCookiesForTesting):
+ * UIProcess/Network/NetworkProcessProxy.h:
+ * UIProcess/WebProcessPool.cpp:
+ (WebKit::WebProcessPool::ensureNetworkProcess):
+ * UIProcess/WebsiteData/Cocoa/WebsiteDataStoreCocoa.mm:
+ (WebKit::WebsiteDataStore::parameters):
+ * UIProcess/WebsiteData/WebsiteDataStore.cpp:
+ (WebKit::WebsiteDataStore::setResourceLoadStatisticsShouldBlockThirdPartyCookiesForTesting):
+ * UIProcess/WebsiteData/WebsiteDataStore.h:
+
2019-10-17 Alan Coon <alanc...@apple.com>
Cherry-pick r250589. rdar://problem/55927251
Modified: branches/safari-608-branch/Source/WebKit/NetworkProcess/Classifier/ResourceLoadStatisticsDatabaseStore.cpp (251352 => 251353)
--- branches/safari-608-branch/Source/WebKit/NetworkProcess/Classifier/ResourceLoadStatisticsDatabaseStore.cpp 2019-10-20 23:24:48 UTC (rev 251352)
+++ branches/safari-608-branch/Source/WebKit/NetworkProcess/Classifier/ResourceLoadStatisticsDatabaseStore.cpp 2019-10-20 23:40:21 UTC (rev 251353)
@@ -1319,7 +1319,8 @@
removeAllStorageAccess([callbackAggregator = callbackAggregator.copyRef()] { });
auto primaryDomainsToBlock = ensurePrevalentResourcesForDebugMode();
- updateCookieBlockingForDomains(primaryDomainsToBlock, [callbackAggregator = callbackAggregator.copyRef()] { });
+ RegistrableDomainsToBlockCookiesFor domainsToBlock { primaryDomainsToBlock, { } };
+ updateCookieBlockingForDomains(domainsToBlock, [callbackAggregator = callbackAggregator.copyRef()] { });
}
ResourceLoadStatisticsDatabaseStore::CookieTreatmentResult ResourceLoadStatisticsDatabaseStore::cookieTreatmentForOrigin(const RegistrableDomain& domain) const
@@ -1383,8 +1384,12 @@
if (debugLoggingEnabled() && !domainsToBlock.isEmpty())
debugLogDomainsInBatches("block", domainsToBlock);
- RunLoop::main().dispatch([weakThis = makeWeakPtr(*this), store = makeRef(store()), domainsToBlock = crossThreadCopy(domainsToBlock), completionHandler = WTFMove(completionHandler)] () mutable {
- store->callUpdatePrevalentDomainsToBlockCookiesForHandler(domainsToBlock, [weakThis = WTFMove(weakThis), store = store.copyRef(), completionHandler = WTFMove(completionHandler)]() mutable {
+ // Note that this does not properly forward information about which domains have
+ // received user interaction. But the database store is not used on the branch.
+ RegistrableDomainsToBlockCookiesFor toBlock { domainsToBlock, { } };
+
+ RunLoop::main().dispatch([weakThis = makeWeakPtr(*this), store = makeRef(store()), toBlock = crossThreadCopy(toBlock), completionHandler = WTFMove(completionHandler)] () mutable {
+ store->callUpdatePrevalentDomainsToBlockCookiesForHandler(toBlock, [weakThis = WTFMove(weakThis), store = store.copyRef(), completionHandler = WTFMove(completionHandler)]() mutable {
store->statisticsQueue().dispatch([weakThis = WTFMove(weakThis), completionHandler = WTFMove(completionHandler)]() mutable {
completionHandler();
if (!weakThis)
Modified: branches/safari-608-branch/Source/WebKit/NetworkProcess/Classifier/ResourceLoadStatisticsMemoryStore.cpp (251352 => 251353)
--- branches/safari-608-branch/Source/WebKit/NetworkProcess/Classifier/ResourceLoadStatisticsMemoryStore.cpp 2019-10-20 23:24:48 UTC (rev 251352)
+++ branches/safari-608-branch/Source/WebKit/NetworkProcess/Classifier/ResourceLoadStatisticsMemoryStore.cpp 2019-10-20 23:40:21 UTC (rev 251353)
@@ -415,8 +415,11 @@
ASSERT(!RunLoop::isMain());
auto& statistics = ensureResourceStatisticsForRegistrableDomain(domain);
+ bool cookieBlockingNeedsUpdate = !statistics.hadUserInteraction;
statistics.hadUserInteraction = true;
statistics.mostRecentUserInteractionTime = WallTime::now();
+ if (cookieBlockingNeedsUpdate)
+ updateCookieBlocking([] { });
}
void ResourceLoadStatisticsMemoryStore::logCrossSiteLoadWithLinkDecoration(const NavigatedFromDomain& fromDomain, const NavigatedToDomain& toDomain)
@@ -704,7 +707,8 @@
removeAllStorageAccess([callbackAggregator = callbackAggregator.copyRef()] { });
auto primaryDomainsToBlock = ensurePrevalentResourcesForDebugMode();
- updateCookieBlockingForDomains(primaryDomainsToBlock, [callbackAggregator = callbackAggregator.copyRef()] { });
+ RegistrableDomainsToBlockCookiesFor domainsToBlock { primaryDomainsToBlock, { } };
+ updateCookieBlockingForDomains(domainsToBlock, [callbackAggregator = callbackAggregator.copyRef()] { });
}
bool ResourceLoadStatisticsMemoryStore::wasAccessedAsFirstPartyDueToUserInteraction(const ResourceLoadStatistics& current, const ResourceLoadStatistics& updated) const
@@ -753,21 +757,26 @@
ASSERT(!RunLoop::isMain());
Vector<RegistrableDomain> domainsToBlock;
+ Vector<RegistrableDomain> domainsWithUserInteraction;
for (auto& resourceStatistic : m_resourceStatisticsMap.values()) {
if (resourceStatistic.isPrevalentResource)
domainsToBlock.append(resourceStatistic.registrableDomain);
+ if (hasHadUnexpiredRecentUserInteraction(resourceStatistic, OperatingDatesWindow::Long))
+ domainsWithUserInteraction.append(resourceStatistic.registrableDomain);
}
- if (domainsToBlock.isEmpty() && !debugModeEnabled()) {
+ if (domainsToBlock.isEmpty() && domainsWithUserInteraction.isEmpty() && !debugModeEnabled()) {
completionHandler();
return;
}
- if (debugLoggingEnabled() && !domainsToBlock.isEmpty())
+ if (debugLoggingEnabled() && (!domainsToBlock.isEmpty() || !domainsWithUserInteraction.isEmpty()))
debugLogDomainsInBatches("block", domainsToBlock);
- RunLoop::main().dispatch([weakThis = makeWeakPtr(*this), store = makeRef(store()), domainsToBlock = crossThreadCopy(domainsToBlock), completionHandler = WTFMove(completionHandler)] () mutable {
- store->callUpdatePrevalentDomainsToBlockCookiesForHandler(domainsToBlock, [weakThis = WTFMove(weakThis), store = store.copyRef(), completionHandler = WTFMove(completionHandler)]() mutable {
+ RegistrableDomainsToBlockCookiesFor toBlock { domainsToBlock, domainsWithUserInteraction };
+
+ RunLoop::main().dispatch([weakThis = makeWeakPtr(*this), store = makeRef(store()), toBlock = crossThreadCopy(toBlock), completionHandler = WTFMove(completionHandler)] () mutable {
+ store->callUpdatePrevalentDomainsToBlockCookiesForHandler(toBlock, [weakThis = WTFMove(weakThis), store = store.copyRef(), completionHandler = WTFMove(completionHandler)]() mutable {
store->statisticsQueue().dispatch([weakThis = WTFMove(weakThis), completionHandler = WTFMove(completionHandler)]() mutable {
completionHandler();
if (!weakThis)
Modified: branches/safari-608-branch/Source/WebKit/NetworkProcess/Classifier/ResourceLoadStatisticsStore.cpp (251352 => 251353)
--- branches/safari-608-branch/Source/WebKit/NetworkProcess/Classifier/ResourceLoadStatisticsStore.cpp 2019-10-20 23:24:48 UTC (rev 251352)
+++ branches/safari-608-branch/Source/WebKit/NetworkProcess/Classifier/ResourceLoadStatisticsStore.cpp 2019-10-20 23:40:21 UTC (rev 251353)
@@ -413,7 +413,7 @@
m_lastTimeDataRecordsWereRemoved = MonotonicTime::now();
}
-void ResourceLoadStatisticsStore::updateCookieBlockingForDomains(const Vector<RegistrableDomain>& domainsToBlock, CompletionHandler<void()>&& completionHandler)
+void ResourceLoadStatisticsStore::updateCookieBlockingForDomains(const RegistrableDomainsToBlockCookiesFor& domainsToBlock, CompletionHandler<void()>&& completionHandler)
{
ASSERT(!RunLoop::isMain());
Modified: branches/safari-608-branch/Source/WebKit/NetworkProcess/Classifier/ResourceLoadStatisticsStore.h (251352 => 251353)
--- branches/safari-608-branch/Source/WebKit/NetworkProcess/Classifier/ResourceLoadStatisticsStore.h 2019-10-20 23:24:48 UTC (rev 251352)
+++ branches/safari-608-branch/Source/WebKit/NetworkProcess/Classifier/ResourceLoadStatisticsStore.h 2019-10-20 23:40:21 UTC (rev 251353)
@@ -98,7 +98,7 @@
virtual bool isEmpty() const = 0;
virtual void updateCookieBlocking(CompletionHandler<void()>&&) = 0;
- void updateCookieBlockingForDomains(const Vector<RegistrableDomain>& domainsToBlock, CompletionHandler<void()>&&);
+ void updateCookieBlockingForDomains(const RegistrableDomainsToBlockCookiesFor& domainsToBlock, CompletionHandler<void()>&&);
void clearBlockingStateForDomains(const Vector<RegistrableDomain>& domains, CompletionHandler<void()>&&);
void includeTodayAsOperatingDateIfNecessary();
Modified: branches/safari-608-branch/Source/WebKit/NetworkProcess/Classifier/WebResourceLoadStatisticsStore.cpp (251352 => 251353)
--- branches/safari-608-branch/Source/WebKit/NetworkProcess/Classifier/WebResourceLoadStatisticsStore.cpp 2019-10-20 23:24:48 UTC (rev 251352)
+++ branches/safari-608-branch/Source/WebKit/NetworkProcess/Classifier/WebResourceLoadStatisticsStore.cpp 2019-10-20 23:40:21 UTC (rev 251353)
@@ -842,44 +842,6 @@
});
}
-void WebResourceLoadStatisticsStore::scheduleCookieBlockingUpdateForDomains(const Vector<RegistrableDomain>& domainsToBlock, CompletionHandler<void()>&& completionHandler)
-{
- // Helper function used by testing system. Should only be called from the main thread.
- ASSERT(RunLoop::isMain());
- postTask([this, domainsToBlock = crossThreadCopy(domainsToBlock), completionHandler = WTFMove(completionHandler)]() mutable {
- if (!m_statisticsStore) {
- postTaskReply(WTFMove(completionHandler));
- return;
- }
-
- auto callbackAggregator = CallbackAggregator::create([completionHandler = WTFMove(completionHandler)] () mutable {
- postTaskReply(WTFMove(completionHandler));
- });
-
- if (m_statisticsStore)
- m_statisticsStore->updateCookieBlockingForDomains(domainsToBlock, [callbackAggregator = callbackAggregator.copyRef()]() { });
- });
-}
-
-void WebResourceLoadStatisticsStore::scheduleClearBlockingStateForDomains(const Vector<RegistrableDomain>& domains, CompletionHandler<void()>&& completionHandler)
-{
- // Helper function used by testing system. Should only be called from the main thread.
- ASSERT(RunLoop::isMain());
- postTask([this, domains = crossThreadCopy(domains), completionHandler = WTFMove(completionHandler)]() mutable {
- if (!m_statisticsStore) {
- postTaskReply(WTFMove(completionHandler));
- return;
- }
-
- auto callbackAggregator = CallbackAggregator::create([completionHandler = WTFMove(completionHandler)] () mutable {
- postTaskReply(WTFMove(completionHandler));
- });
-
- if (m_statisticsStore)
- m_statisticsStore->clearBlockingStateForDomains(domains, [callbackAggregator = callbackAggregator.copyRef()]() { });
- });
-}
-
void WebResourceLoadStatisticsStore::scheduleClearInMemoryAndPersistent(ShouldGrandfatherStatistics shouldGrandfather, CompletionHandler<void()>&& completionHandler)
{
ASSERT(RunLoop::isMain());
@@ -966,13 +928,15 @@
completionHandler();
}
-void WebResourceLoadStatisticsStore::callUpdatePrevalentDomainsToBlockCookiesForHandler(const Vector<RegistrableDomain>& domainsToBlock, CompletionHandler<void()>&& completionHandler)
+void WebResourceLoadStatisticsStore::callUpdatePrevalentDomainsToBlockCookiesForHandler(const RegistrableDomainsToBlockCookiesFor& domainsToBlock, CompletionHandler<void()>&& completionHandler)
{
ASSERT(RunLoop::isMain());
if (m_networkSession) {
- if (auto* storageSession = m_networkSession->networkStorageSession())
- storageSession->setPrevalentDomainsToBlockCookiesFor(domainsToBlock);
+ if (auto* storageSession = m_networkSession->networkStorageSession()) {
+ storageSession->setPrevalentDomainsToBlockCookiesFor(domainsToBlock.domainsToBlockCookiesFor);
+ storageSession->setDomainsWithUserInteractionAsFirstParty(domainsToBlock.domainsWithUserInteractionAsFirstParty);
+ }
}
completionHandler();
Modified: branches/safari-608-branch/Source/WebKit/NetworkProcess/Classifier/WebResourceLoadStatisticsStore.h (251352 => 251353)
--- branches/safari-608-branch/Source/WebKit/NetworkProcess/Classifier/WebResourceLoadStatisticsStore.h 2019-10-20 23:24:48 UTC (rev 251352)
+++ branches/safari-608-branch/Source/WebKit/NetworkProcess/Classifier/WebResourceLoadStatisticsStore.h 2019-10-20 23:40:21 UTC (rev 251353)
@@ -68,6 +68,11 @@
AllButHttpOnlyCookies,
AllButCookies
};
+struct RegistrableDomainsToBlockCookiesFor {
+ Vector<WebCore::RegistrableDomain> domainsToBlockCookiesFor;
+ Vector<WebCore::RegistrableDomain> domainsWithUserInteractionAsFirstParty;
+ RegistrableDomainsToBlockCookiesFor isolatedCopy() const { return { domainsToBlockCookiesFor.isolatedCopy(), domainsWithUserInteractionAsFirstParty.isolatedCopy() }; }
+};
class WebResourceLoadStatisticsStore final : public ThreadSafeRefCounted<WebResourceLoadStatisticsStore, WTF::DestructionThread::Main> {
public:
@@ -168,7 +173,7 @@
void logTestingEvent(const String&);
void callGrantStorageAccessHandler(const SubFrameDomain&, const TopFrameDomain&, Optional<FrameID>, WebCore::PageIdentifier, CompletionHandler<void(StorageAccessWasGranted)>&&);
void removeAllStorageAccess(CompletionHandler<void()>&&);
- void callUpdatePrevalentDomainsToBlockCookiesForHandler(const Vector<RegistrableDomain>&, CompletionHandler<void()>&&);
+ void callUpdatePrevalentDomainsToBlockCookiesForHandler(const RegistrableDomainsToBlockCookiesFor&, CompletionHandler<void()>&&);
void callRemoveDomainsHandler(const Vector<RegistrableDomain>&);
void callHasStorageAccessForFrameHandler(const SubFrameDomain&, const TopFrameDomain&, FrameID, WebCore::PageIdentifier, CompletionHandler<void(bool)>&&);
Modified: branches/safari-608-branch/Source/WebKit/NetworkProcess/NetworkProcess.cpp (251352 => 251353)
--- branches/safari-608-branch/Source/WebKit/NetworkProcess/NetworkProcess.cpp 2019-10-20 23:24:48 UTC (rev 251352)
+++ branches/safari-608-branch/Source/WebKit/NetworkProcess/NetworkProcess.cpp 2019-10-20 23:40:21 UTC (rev 251353)
@@ -1221,6 +1221,15 @@
networkSession.get().setShouldDowngradeReferrerForTesting(enabled);
completionHandler();
}
+
+void NetworkProcess::setShouldBlockThirdPartyCookiesForTesting(PAL::SessionID sessionID, bool enabled, CompletionHandler<void()>&& completionHandler)
+{
+ if (auto* networkStorageSession = storageSession(sessionID))
+ networkStorageSession->setIsThirdPartyCookieBlockingOnSitesWithoutUserInteractionEnabled(enabled);
+ else
+ ASSERT_NOT_REACHED();
+ completionHandler();
+}
#endif // ENABLE(RESOURCE_LOAD_STATISTICS)
bool NetworkProcess::sessionIsControlledByAutomation(PAL::SessionID sessionID) const
Modified: branches/safari-608-branch/Source/WebKit/NetworkProcess/NetworkProcess.h (251352 => 251353)
--- branches/safari-608-branch/Source/WebKit/NetworkProcess/NetworkProcess.h 2019-10-20 23:24:48 UTC (rev 251352)
+++ branches/safari-608-branch/Source/WebKit/NetworkProcess/NetworkProcess.h 2019-10-20 23:40:21 UTC (rev 251353)
@@ -262,6 +262,7 @@
void setCrossSiteLoadWithLinkDecorationForTesting(PAL::SessionID, const RegistrableDomain& fromDomain, const RegistrableDomain& toDomain, CompletionHandler<void()>&&);
void resetCrossSiteLoadsWithLinkDecorationForTesting(PAL::SessionID, CompletionHandler<void()>&&);
void setShouldDowngradeReferrerForTesting(bool, CompletionHandler<void()>&&);
+ void setShouldBlockThirdPartyCookiesForTesting(PAL::SessionID, bool, CompletionHandler<void()>&&);
#endif
using CacheStorageRootPathCallback = CompletionHandler<void(String&&)>;
Modified: branches/safari-608-branch/Source/WebKit/NetworkProcess/NetworkProcess.messages.in (251352 => 251353)
--- branches/safari-608-branch/Source/WebKit/NetworkProcess/NetworkProcess.messages.in 2019-10-20 23:24:48 UTC (rev 251352)
+++ branches/safari-608-branch/Source/WebKit/NetworkProcess/NetworkProcess.messages.in 2019-10-20 23:40:21 UTC (rev 251353)
@@ -137,6 +137,7 @@
ResetCrossSiteLoadsWithLinkDecorationForTesting(PAL::SessionID sessionID) -> () Async
DeleteCookiesForTesting(PAL::SessionID sessionID, WebCore::RegistrableDomain domain, bool includeHttpOnlyCookies) -> () Async
SetShouldDowngradeReferrerForTesting(bool enabled) -> () Async
+ SetShouldBlockThirdPartyCookiesForTesting(PAL::SessionID sessionID, bool enabled) -> () Async
#endif
SetSessionIsControlledByAutomation(PAL::SessionID sessionID, bool controlled);
Modified: branches/safari-608-branch/Source/WebKit/NetworkProcess/NetworkSession.h (251352 => 251353)
--- branches/safari-608-branch/Source/WebKit/NetworkProcess/NetworkSession.h 2019-10-20 23:24:48 UTC (rev 251352)
+++ branches/safari-608-branch/Source/WebKit/NetworkProcess/NetworkSession.h 2019-10-20 23:40:21 UTC (rev 251353)
@@ -90,6 +90,7 @@
void notifyPageStatisticsTelemetryFinished(unsigned totalPrevalentResources, unsigned totalPrevalentResourcesWithUserInteraction, unsigned top3SubframeUnderTopFrameOrigins);
void setShouldDowngradeReferrerForTesting(bool);
bool shouldDowngradeReferrer() const;
+ void setShouldBlockThirdPartyCookiesForTesting(bool);
#endif
void storeAdClickAttribution(WebCore::AdClickAttribution&&);
void handleAdClickAttributionConversion(WebCore::AdClickAttribution::Conversion&&, const URL& requestURL, const WebCore::ResourceRequest& redirectRequest);
Modified: branches/safari-608-branch/Source/WebKit/NetworkProcess/NetworkSessionCreationParameters.cpp (251352 => 251353)
--- branches/safari-608-branch/Source/WebKit/NetworkProcess/NetworkSessionCreationParameters.cpp 2019-10-20 23:24:48 UTC (rev 251352)
+++ branches/safari-608-branch/Source/WebKit/NetworkProcess/NetworkSessionCreationParameters.cpp 2019-10-20 23:40:21 UTC (rev 251353)
@@ -50,7 +50,7 @@
#if USE(CURL)
, { }, { }
#endif
- , { }, { }, false, { }, { }, { }, { }, { }, { }, { }
+ , { }, { }, false, { }, { }, { }, { }, { }, { }, { }, { }
};
}
@@ -82,6 +82,7 @@
encoder << enableResourceLoadStatistics;
encoder << shouldIncludeLocalhostInResourceLoadStatistics;
encoder << enableResourceLoadStatisticsDebugMode;
+ encoder << enableThirdPartyCookieBlockingOnSitesWithoutUserInteraction;
encoder << resourceLoadStatisticsManualPrevalentResource;
encoder << localStorageDirectory << localStorageDirectoryExtensionHandle;
@@ -196,6 +197,11 @@
if (!enableResourceLoadStatisticsDebugMode)
return WTF::nullopt;
+ Optional<bool> enableThirdPartyCookieBlockingOnSitesWithoutUserInteraction;
+ decoder >> enableThirdPartyCookieBlockingOnSitesWithoutUserInteraction;
+ if (!enableThirdPartyCookieBlockingOnSitesWithoutUserInteraction)
+ return WTF::nullopt;
+
Optional<WebCore::RegistrableDomain> resourceLoadStatisticsManualPrevalentResource;
decoder >> resourceLoadStatisticsManualPrevalentResource;
if (!resourceLoadStatisticsManualPrevalentResource)
@@ -248,6 +254,7 @@
, WTFMove(*enableResourceLoadStatistics)
, WTFMove(*shouldIncludeLocalhostInResourceLoadStatistics)
, WTFMove(*enableResourceLoadStatisticsDebugMode)
+ , WTFMove(*enableThirdPartyCookieBlockingOnSitesWithoutUserInteraction)
, WTFMove(*deviceManagementRestrictionsEnabled)
, WTFMove(*allLoadsBlockedByDeviceManagementRestrictionsForTesting)
, WTFMove(*resourceLoadStatisticsManualPrevalentResource)
Modified: branches/safari-608-branch/Source/WebKit/NetworkProcess/NetworkSessionCreationParameters.h (251352 => 251353)
--- branches/safari-608-branch/Source/WebKit/NetworkProcess/NetworkSessionCreationParameters.h 2019-10-20 23:24:48 UTC (rev 251352)
+++ branches/safari-608-branch/Source/WebKit/NetworkProcess/NetworkSessionCreationParameters.h 2019-10-20 23:40:21 UTC (rev 251353)
@@ -86,6 +86,7 @@
bool enableResourceLoadStatistics { false };
bool shouldIncludeLocalhostInResourceLoadStatistics { true };
bool enableResourceLoadStatisticsDebugMode { false };
+ bool enableThirdPartyCookieBlockingOnSitesWithoutUserInteraction { true };
bool deviceManagementRestrictionsEnabled { false };
bool allLoadsBlockedByDeviceManagementRestrictionsForTesting { false };
WebCore::RegistrableDomain resourceLoadStatisticsManualPrevalentResource { };
Modified: branches/safari-608-branch/Source/WebKit/NetworkProcess/cocoa/NetworkSessionCocoa.mm (251352 => 251353)
--- branches/safari-608-branch/Source/WebKit/NetworkProcess/cocoa/NetworkSessionCocoa.mm 2019-10-20 23:24:48 UTC (rev 251352)
+++ branches/safari-608-branch/Source/WebKit/NetworkProcess/cocoa/NetworkSessionCocoa.mm 2019-10-20 23:40:21 UTC (rev 251353)
@@ -1038,6 +1038,7 @@
m_shouldIncludeLocalhostInResourceLoadStatistics = parameters.shouldIncludeLocalhostInResourceLoadStatistics ? ShouldIncludeLocalhost::Yes : ShouldIncludeLocalhost::No;
m_enableResourceLoadStatisticsDebugMode = parameters.enableResourceLoadStatisticsDebugMode ? EnableResourceLoadStatisticsDebugMode::Yes : EnableResourceLoadStatisticsDebugMode::No;
m_resourceLoadStatisticsManualPrevalentResource = parameters.resourceLoadStatisticsManualPrevalentResource;
+ storageSession->setIsThirdPartyCookieBlockingOnSitesWithoutUserInteractionEnabled(parameters.enableThirdPartyCookieBlockingOnSitesWithoutUserInteraction);
setResourceLoadStatisticsEnabled(parameters.enableResourceLoadStatistics);
#endif
Modified: branches/safari-608-branch/Source/WebKit/Shared/WebPreferences.yaml (251352 => 251353)
--- branches/safari-608-branch/Source/WebKit/Shared/WebPreferences.yaml 2019-10-20 23:24:48 UTC (rev 251352)
+++ branches/safari-608-branch/Source/WebKit/Shared/WebPreferences.yaml 2019-10-20 23:40:21 UTC (rev 251353)
@@ -1723,6 +1723,13 @@
webcoreBinding: RuntimeEnabledFeatures
condition: HAVE(NSURLSESSION_WEBSOCKET)
+IsThirdPartyCookieBlockingOnSitesWithoutUserInteractionEnabled:
+ type: bool
+ defaultValue: true
+ humanReadableName: "Block 3rd-Party Cookies On Sites Without Interaction (ITP)"
+ humanReadableDescription: "Block all third-party cookies on websites without user interaction"
+ category: internal
+
# Deprecated
ICECandidateFilteringEnabled:
Modified: branches/safari-608-branch/Source/WebKit/UIProcess/API/C/WKWebsiteDataStoreRef.cpp (251352 => 251353)
--- branches/safari-608-branch/Source/WebKit/UIProcess/API/C/WKWebsiteDataStoreRef.cpp 2019-10-20 23:24:48 UTC (rev 251352)
+++ branches/safari-608-branch/Source/WebKit/UIProcess/API/C/WKWebsiteDataStoreRef.cpp 2019-10-20 23:40:21 UTC (rev 251353)
@@ -483,6 +483,17 @@
#endif
}
+void WKWebsiteDataStoreSetResourceLoadStatisticsShouldBlockThirdPartyCookiesForTesting(WKWebsiteDataStoreRef dataStoreRef, bool enabled, void* context, WKWebsiteDataStoreSetResourceLoadStatisticsShouldBlockThirdPartyCookiesForTestingFunction completionHandler)
+{
+#if ENABLE(RESOURCE_LOAD_STATISTICS)
+ WebKit::toImpl(dataStoreRef)->websiteDataStore().setResourceLoadStatisticsShouldBlockThirdPartyCookiesForTesting(enabled, [context, completionHandler] {
+ completionHandler(context);
+ });
+#else
+ completionHandler(context);
+#endif
+}
+
void WKWebsiteDataStoreStatisticsResetToConsistentState(WKWebsiteDataStoreRef dataStoreRef, void* context, WKWebsiteDataStoreStatisticsResetToConsistentStateFunction completionHandler)
{
#if ENABLE(RESOURCE_LOAD_STATISTICS)
@@ -495,6 +506,7 @@
store.resetCacheMaxAgeCapForPrevalentResources([callbackAggregator = callbackAggregator.copyRef()] { });
store.resetCrossSiteLoadsWithLinkDecorationForTesting([callbackAggregator = callbackAggregator.copyRef()] { });
store.setResourceLoadStatisticsShouldDowngradeReferrerForTesting(true, [callbackAggregator = callbackAggregator.copyRef()] { });
+ store.setResourceLoadStatisticsShouldBlockThirdPartyCookiesForTesting(false, [callbackAggregator = callbackAggregator.copyRef()] { });
store.resetParametersToDefaultValues([callbackAggregator = callbackAggregator.copyRef()] { });
store.scheduleClearInMemoryAndPersistent(WebKit::ShouldGrandfatherStatistics::No, [callbackAggregator = callbackAggregator.copyRef()] { });
#else
Modified: branches/safari-608-branch/Source/WebKit/UIProcess/API/C/WKWebsiteDataStoreRef.h (251352 => 251353)
--- branches/safari-608-branch/Source/WebKit/UIProcess/API/C/WKWebsiteDataStoreRef.h 2019-10-20 23:24:48 UTC (rev 251352)
+++ branches/safari-608-branch/Source/WebKit/UIProcess/API/C/WKWebsiteDataStoreRef.h 2019-10-20 23:40:21 UTC (rev 251353)
@@ -105,6 +105,8 @@
WK_EXPORT void WKWebsiteDataStoreSetStatisticsCacheMaxAgeCap(WKWebsiteDataStoreRef dataStoreRef, double seconds, void* context, WKWebsiteDataStoreSetStatisticsCacheMaxAgeCapFunction);
typedef void (*WKWebsiteDataStoreSetResourceLoadStatisticsShouldDowngradeReferrerForTestingFunction)(void* functionContext);
WK_EXPORT void WKWebsiteDataStoreSetResourceLoadStatisticsShouldDowngradeReferrerForTesting(WKWebsiteDataStoreRef dataStoreRef, bool enabled, void* context, WKWebsiteDataStoreSetResourceLoadStatisticsShouldDowngradeReferrerForTestingFunction completionHandler);
+typedef void (*WKWebsiteDataStoreSetResourceLoadStatisticsShouldBlockThirdPartyCookiesForTestingFunction)(void* functionContext);
+WK_EXPORT void WKWebsiteDataStoreSetResourceLoadStatisticsShouldBlockThirdPartyCookiesForTesting(WKWebsiteDataStoreRef dataStoreRef, bool enabled, void* context, WKWebsiteDataStoreSetResourceLoadStatisticsShouldBlockThirdPartyCookiesForTestingFunction completionHandler);
typedef void (*WKWebsiteDataStoreStatisticsResetToConsistentStateFunction)(void* functionContext);
WK_EXPORT void WKWebsiteDataStoreStatisticsResetToConsistentState(WKWebsiteDataStoreRef dataStoreRef, void* context, WKWebsiteDataStoreStatisticsResetToConsistentStateFunction completionHandler);
Modified: branches/safari-608-branch/Source/WebKit/UIProcess/Network/NetworkProcessProxy.cpp (251352 => 251353)
--- branches/safari-608-branch/Source/WebKit/UIProcess/Network/NetworkProcessProxy.cpp 2019-10-20 23:24:48 UTC (rev 251352)
+++ branches/safari-608-branch/Source/WebKit/UIProcess/Network/NetworkProcessProxy.cpp 2019-10-20 23:40:21 UTC (rev 251353)
@@ -983,6 +983,16 @@
sendWithAsyncReply(Messages::NetworkProcess::SetShouldDowngradeReferrerForTesting(enabled), WTFMove(completionHandler));
}
+
+void NetworkProcessProxy::setShouldBlockThirdPartyCookiesForTesting(PAL::SessionID sessionID, bool enabled, CompletionHandler<void()>&& completionHandler)
+{
+ if (!canSendMessage()) {
+ completionHandler();
+ return;
+ }
+
+ sendWithAsyncReply(Messages::NetworkProcess::SetShouldBlockThirdPartyCookiesForTesting(sessionID, enabled), WTFMove(completionHandler));
+}
#endif // ENABLE(RESOURCE_LOAD_STATISTICS)
void NetworkProcessProxy::sendProcessWillSuspendImminently()
Modified: branches/safari-608-branch/Source/WebKit/UIProcess/Network/NetworkProcessProxy.h (251352 => 251353)
--- branches/safari-608-branch/Source/WebKit/UIProcess/Network/NetworkProcessProxy.h 2019-10-20 23:24:48 UTC (rev 251352)
+++ branches/safari-608-branch/Source/WebKit/UIProcess/Network/NetworkProcessProxy.h 2019-10-20 23:40:21 UTC (rev 251353)
@@ -151,6 +151,7 @@
void deleteCookiesForTesting(PAL::SessionID, const RegistrableDomain&, bool includeHttpOnlyCookies, CompletionHandler<void()>&&);
void deleteWebsiteDataInUIProcessForRegistrableDomains(PAL::SessionID, OptionSet<WebsiteDataType>, OptionSet<WebsiteDataFetchOption>, Vector<RegistrableDomain>, CompletionHandler<void(HashSet<WebCore::RegistrableDomain>&&)>&&);
void setShouldDowngradeReferrerForTesting(bool, CompletionHandler<void()>&&);
+ void setShouldBlockThirdPartyCookiesForTesting(PAL::SessionID, bool, CompletionHandler<void()>&&);
#endif
void processReadyToSuspend();
Modified: branches/safari-608-branch/Source/WebKit/UIProcess/WebProcessPool.cpp (251352 => 251353)
--- branches/safari-608-branch/Source/WebKit/UIProcess/WebProcessPool.cpp 2019-10-20 23:24:48 UTC (rev 251352)
+++ branches/safari-608-branch/Source/WebKit/UIProcess/WebProcessPool.cpp 2019-10-20 23:40:21 UTC (rev 251353)
@@ -597,6 +597,7 @@
bool enableResourceLoadStatistics = m_shouldEnableITPForDefaultSessions;
bool shouldIncludeLocalhost = true;
bool enableResourceLoadStatisticsDebugMode = false;
+ bool enableThirdPartyCookieBlockingOnSitesWithoutUserInteraction = true;
WebCore::RegistrableDomain manualPrevalentResource { };
if (withWebsiteDataStore) {
enableResourceLoadStatistics = withWebsiteDataStore->resourceLoadStatisticsEnabled();
@@ -604,6 +605,7 @@
auto networkSessionParameters = withWebsiteDataStore->parameters().networkSessionParameters;
shouldIncludeLocalhost = networkSessionParameters.shouldIncludeLocalhostInResourceLoadStatistics;
enableResourceLoadStatisticsDebugMode = networkSessionParameters.enableResourceLoadStatisticsDebugMode;
+ enableThirdPartyCookieBlockingOnSitesWithoutUserInteraction = networkSessionParameters.enableThirdPartyCookieBlockingOnSitesWithoutUserInteraction;
manualPrevalentResource = networkSessionParameters.resourceLoadStatisticsManualPrevalentResource;
}
@@ -615,6 +617,7 @@
auto networkSessionParameters = m_websiteDataStore->websiteDataStore().parameters().networkSessionParameters;
shouldIncludeLocalhost = networkSessionParameters.shouldIncludeLocalhostInResourceLoadStatistics;
enableResourceLoadStatisticsDebugMode = networkSessionParameters.enableResourceLoadStatisticsDebugMode;
+ enableThirdPartyCookieBlockingOnSitesWithoutUserInteraction = networkSessionParameters.enableThirdPartyCookieBlockingOnSitesWithoutUserInteraction;
manualPrevalentResource = networkSessionParameters.resourceLoadStatisticsManualPrevalentResource;
}
@@ -625,6 +628,7 @@
parameters.defaultDataStoreParameters.networkSessionParameters.enableResourceLoadStatistics = enableResourceLoadStatistics;
parameters.defaultDataStoreParameters.networkSessionParameters.shouldIncludeLocalhostInResourceLoadStatistics = shouldIncludeLocalhost;
parameters.defaultDataStoreParameters.networkSessionParameters.enableResourceLoadStatisticsDebugMode = enableResourceLoadStatisticsDebugMode;
+ parameters.defaultDataStoreParameters.networkSessionParameters.enableThirdPartyCookieBlockingOnSitesWithoutUserInteraction = enableThirdPartyCookieBlockingOnSitesWithoutUserInteraction;
parameters.defaultDataStoreParameters.networkSessionParameters.resourceLoadStatisticsManualPrevalentResource = manualPrevalentResource;
// Add any platform specific parameters
Modified: branches/safari-608-branch/Source/WebKit/UIProcess/WebsiteData/Cocoa/WebsiteDataStoreCocoa.mm (251352 => 251353)
--- branches/safari-608-branch/Source/WebKit/UIProcess/WebsiteData/Cocoa/WebsiteDataStoreCocoa.mm 2019-10-20 23:24:48 UTC (rev 251352)
+++ branches/safari-608-branch/Source/WebKit/UIProcess/WebsiteData/Cocoa/WebsiteDataStoreCocoa.mm 2019-10-20 23:40:21 UTC (rev 251353)
@@ -66,9 +66,12 @@
NSUserDefaults *defaults = [NSUserDefaults standardUserDefaults];
bool shouldLogCookieInformation = false;
bool enableResourceLoadStatisticsDebugMode = false;
+ bool enableThirdPartyCookieBlockingOnSitesWithoutUserInteraction = true;
WebCore::RegistrableDomain resourceLoadStatisticsManualPrevalentResource { };
#if ENABLE(RESOURCE_LOAD_STATISTICS)
enableResourceLoadStatisticsDebugMode = [defaults boolForKey:@"ITPDebugMode"];
+ if ([defaults boolForKey:@"InternalDisableThirdPartyCookieBlockingOnSitesWithoutUserInteraction"])
+ enableThirdPartyCookieBlockingOnSitesWithoutUserInteraction = false;
auto* manualPrevalentResource = [defaults stringForKey:@"ITPManualPrevalentResource"];
if (manualPrevalentResource) {
URL url { URL(), manualPrevalentResource };
@@ -131,6 +134,7 @@
false,
shouldIncludeLocalhostInResourceLoadStatistics,
enableResourceLoadStatisticsDebugMode,
+ enableThirdPartyCookieBlockingOnSitesWithoutUserInteraction,
m_configuration->deviceManagementRestrictionsEnabled(),
m_configuration->allLoadsBlockedByDeviceManagementRestrictionsForTesting(),
WTFMove(resourceLoadStatisticsManualPrevalentResource),
Modified: branches/safari-608-branch/Source/WebKit/UIProcess/WebsiteData/WebsiteDataStore.cpp (251352 => 251353)
--- branches/safari-608-branch/Source/WebKit/UIProcess/WebsiteData/WebsiteDataStore.cpp 2019-10-20 23:24:48 UTC (rev 251352)
+++ branches/safari-608-branch/Source/WebKit/UIProcess/WebsiteData/WebsiteDataStore.cpp 2019-10-20 23:40:21 UTC (rev 251353)
@@ -1696,6 +1696,20 @@
}
ASSERT(!completionHandler);
}
+
+void WebsiteDataStore::setResourceLoadStatisticsShouldBlockThirdPartyCookiesForTesting(bool enabled, CompletionHandler<void()>&& completionHandler)
+{
+ auto callbackAggregator = CallbackAggregator::create(WTFMove(completionHandler));
+
+ for (auto& processPool : processPools()) {
+ if (auto* networkProcess = processPool->networkProcess()) {
+ networkProcess->setShouldBlockThirdPartyCookiesForTesting(m_sessionID, enabled, [callbackAggregator = callbackAggregator.copyRef()] { });
+ ASSERT(processPools().size() == 1);
+ break;
+ }
+ }
+ ASSERT(!completionHandler);
+}
#endif // ENABLE(RESOURCE_LOAD_STATISTICS)
void WebsiteDataStore::setCacheMaxAgeCapForPrevalentResources(Seconds seconds, CompletionHandler<void()>&& completionHandler)
Modified: branches/safari-608-branch/Source/WebKit/UIProcess/WebsiteData/WebsiteDataStore.h (251352 => 251353)
--- branches/safari-608-branch/Source/WebKit/UIProcess/WebsiteData/WebsiteDataStore.h 2019-10-20 23:24:48 UTC (rev 251352)
+++ branches/safari-608-branch/Source/WebKit/UIProcess/WebsiteData/WebsiteDataStore.h 2019-10-20 23:40:21 UTC (rev 251353)
@@ -179,6 +179,7 @@
void deleteCookiesForTesting(const URL&, bool includeHttpOnlyCookies, CompletionHandler<void()>&&);
void hasLocalStorageForTesting(const URL&, CompletionHandler<void(bool)>&&) const;
void setResourceLoadStatisticsShouldDowngradeReferrerForTesting(bool, CompletionHandler<void()>&&);
+ void setResourceLoadStatisticsShouldBlockThirdPartyCookiesForTesting(bool, CompletionHandler<void()>&&);
#endif
void setCacheMaxAgeCapForPrevalentResources(Seconds, CompletionHandler<void()>&&);
void resetCacheMaxAgeCapForPrevalentResources(CompletionHandler<void()>&&);
Modified: branches/safari-608-branch/Tools/ChangeLog (251352 => 251353)
--- branches/safari-608-branch/Tools/ChangeLog 2019-10-20 23:24:48 UTC (rev 251352)
+++ branches/safari-608-branch/Tools/ChangeLog 2019-10-20 23:40:21 UTC (rev 251353)
@@ -1,3 +1,35 @@
+2019-10-20 Babak Shafiei <bshaf...@apple.com>
+
+ Apply patch. rdar://problem/56427498
+
+ 2019-10-20 John Wilander <wilan...@apple.com>
+
+ Cherry-pick r251213. rdar://problem/56262708
+
+ Resource Load Statistics: Block all third-party cookies on websites without prior user interaction
+ https://bugs.webkit.org/show_bug.cgi?id=203017
+ <rdar://problem/56262708>
+
+ Reviewed by Alex Christensen.
+
+ These changes are test infrastructure to be able to toggle the function
+ through testRunner.setStatisticsShouldBlockThirdPartyCookies().
+
+ * WebKitTestRunner/InjectedBundle/Bindings/TestRunner.idl:
+ * WebKitTestRunner/InjectedBundle/InjectedBundle.cpp:
+ (WTR::InjectedBundle::didReceiveMessageToPage):
+ * WebKitTestRunner/InjectedBundle/TestRunner.cpp:
+ (WTR::TestRunner::setStatisticsShouldBlockThirdPartyCookies):
+ (WTR::TestRunner::statisticsCallDidSetShouldBlockThirdPartyCookiesCallback):
+ * WebKitTestRunner/InjectedBundle/TestRunner.h:
+ * WebKitTestRunner/TestController.cpp:
+ (WTR::TestController::setStatisticsShouldBlockThirdPartyCookies):
+ * WebKitTestRunner/TestController.h:
+ * WebKitTestRunner/TestInvocation.cpp:
+ (WTR::TestInvocation::didReceiveSynchronousMessageFromInjectedBundle):
+ (WTR::TestInvocation::didSetShouldBlockThirdPartyCookies):
+ * WebKitTestRunner/TestInvocation.h:
+
2019-10-17 Alan Coon <alanc...@apple.com>
Cherry-pick r250589. rdar://problem/55927251
Modified: branches/safari-608-branch/Tools/WebKitTestRunner/InjectedBundle/Bindings/TestRunner.idl (251352 => 251353)
--- branches/safari-608-branch/Tools/WebKitTestRunner/InjectedBundle/Bindings/TestRunner.idl 2019-10-20 23:24:48 UTC (rev 251352)
+++ branches/safari-608-branch/Tools/WebKitTestRunner/InjectedBundle/Bindings/TestRunner.idl 2019-10-20 23:40:21 UTC (rev 251353)
@@ -337,6 +337,7 @@
void setStatisticsCacheMaxAgeCap(double seconds);
void statisticsResetToConsistentState(object completionHandler);
void setStatisticsShouldDowngradeReferrer(boolean value, object callback);
+ void setStatisticsShouldBlockThirdPartyCookies(boolean value, object callback);
// Injected bundle form client.
void installTextDidChangeInTextFieldCallback(object callback);
Modified: branches/safari-608-branch/Tools/WebKitTestRunner/InjectedBundle/InjectedBundle.cpp (251352 => 251353)
--- branches/safari-608-branch/Tools/WebKitTestRunner/InjectedBundle/InjectedBundle.cpp 2019-10-20 23:24:48 UTC (rev 251352)
+++ branches/safari-608-branch/Tools/WebKitTestRunner/InjectedBundle/InjectedBundle.cpp 2019-10-20 23:40:21 UTC (rev 251353)
@@ -328,6 +328,11 @@
return;
}
+ if (WKStringIsEqualToUTF8CString(messageName, "CallDidSetShouldBlockThirdPartyCookies")) {
+ m_testRunner->statisticsCallDidSetShouldBlockThirdPartyCookiesCallback();
+ return;
+ }
+
if (WKStringIsEqualToUTF8CString(messageName, "CallDidResetStatisticsToConsistentState")) {
m_testRunner->statisticsCallDidResetToConsistentStateCallback();
return;
Modified: branches/safari-608-branch/Tools/WebKitTestRunner/InjectedBundle/TestRunner.cpp (251352 => 251353)
--- branches/safari-608-branch/Tools/WebKitTestRunner/InjectedBundle/TestRunner.cpp 2019-10-20 23:24:48 UTC (rev 251352)
+++ branches/safari-608-branch/Tools/WebKitTestRunner/InjectedBundle/TestRunner.cpp 2019-10-20 23:40:21 UTC (rev 251353)
@@ -729,6 +729,7 @@
StatisticsDidResetToConsistentStateCallbackID,
StatisticsDidSetBlockCookiesForHostCallbackID,
StatisticsDidSetShouldDowngradeReferrerCallbackID,
+ StatisticsDidSetShouldBlockThirdPartyCookiesCallbackID,
AllStorageAccessEntriesCallbackID,
DidRemoveAllSessionCredentialsCallbackID,
GetApplicationManifestCallbackID,
@@ -2091,6 +2092,23 @@
callTestRunnerCallback(StatisticsDidSetShouldDowngradeReferrerCallbackID);
}
+void TestRunner::setStatisticsShouldBlockThirdPartyCookies(bool value, JSValueRef completionHandler)
+{
+ if (m_hasSetBlockThirdPartyCookiesCallback)
+ return;
+
+ cacheTestRunnerCallback(StatisticsDidSetShouldBlockThirdPartyCookiesCallbackID, completionHandler);
+ WKRetainPtr<WKStringRef> messageName = adoptWK(WKStringCreateWithUTF8CString("SetStatisticsShouldBlockThirdPartyCookies"));
+ WKRetainPtr<WKBooleanRef> messageBody = adoptWK(WKBooleanCreate(value));
+ WKBundlePostSynchronousMessage(InjectedBundle::singleton().bundle(), messageName.get(), messageBody.get(), nullptr);
+ m_hasSetBlockThirdPartyCookiesCallback = true;
+}
+
+void TestRunner::statisticsCallDidSetShouldBlockThirdPartyCookiesCallback()
+{
+ callTestRunnerCallback(StatisticsDidSetShouldBlockThirdPartyCookiesCallbackID);
+}
+
void TestRunner::statisticsCallClearThroughWebsiteDataRemovalCallback()
{
callTestRunnerCallback(StatisticsDidClearThroughWebsiteDataRemovalCallbackID);
Modified: branches/safari-608-branch/Tools/WebKitTestRunner/InjectedBundle/TestRunner.h (251352 => 251353)
--- branches/safari-608-branch/Tools/WebKitTestRunner/InjectedBundle/TestRunner.h 2019-10-20 23:24:48 UTC (rev 251352)
+++ branches/safari-608-branch/Tools/WebKitTestRunner/InjectedBundle/TestRunner.h 2019-10-20 23:40:21 UTC (rev 251353)
@@ -436,6 +436,8 @@
void setStatisticsCacheMaxAgeCap(double seconds);
void setStatisticsShouldDowngradeReferrer(bool, JSValueRef callback);
void statisticsCallDidSetShouldDowngradeReferrerCallback();
+ void setStatisticsShouldBlockThirdPartyCookies(bool, JSValueRef callback);
+ void statisticsCallDidSetShouldBlockThirdPartyCookiesCallback();
void statisticsResetToConsistentState(JSValueRef completionHandler);
void statisticsCallDidResetToConsistentStateCallback();
@@ -570,6 +572,7 @@
bool m_userStyleSheetEnabled { false };
bool m_dumpAllHTTPRedirectedResponseHeaders { false };
bool m_hasSetDowngradeReferrerCallback { false };
+ bool m_hasSetBlockThirdPartyCookiesCallback { false };
};
} // namespace WTR
Modified: branches/safari-608-branch/Tools/WebKitTestRunner/TestController.cpp (251352 => 251353)
--- branches/safari-608-branch/Tools/WebKitTestRunner/TestController.cpp 2019-10-20 23:24:48 UTC (rev 251352)
+++ branches/safari-608-branch/Tools/WebKitTestRunner/TestController.cpp 2019-10-20 23:40:21 UTC (rev 251353)
@@ -3528,6 +3528,15 @@
m_currentInvocation->didSetShouldDowngradeReferrer();
}
+void TestController::setStatisticsShouldBlockThirdPartyCookies(bool value)
+{
+ auto* dataStore = WKContextGetWebsiteDataStore(platformContext());
+ ResourceStatisticsCallbackContext context(*this);
+ WKWebsiteDataStoreSetResourceLoadStatisticsShouldBlockThirdPartyCookiesForTesting(dataStore, value, &context, resourceStatisticsVoidResultCallback);
+ runUntil(context.done, noTimeout);
+ m_currentInvocation->didSetShouldBlockThirdPartyCookies();
+}
+
void TestController::statisticsResetToConsistentState()
{
auto* dataStore = WKContextGetWebsiteDataStore(platformContext());
Modified: branches/safari-608-branch/Tools/WebKitTestRunner/TestController.h (251352 => 251353)
--- branches/safari-608-branch/Tools/WebKitTestRunner/TestController.h 2019-10-20 23:24:48 UTC (rev 251352)
+++ branches/safari-608-branch/Tools/WebKitTestRunner/TestController.h 2019-10-20 23:40:21 UTC (rev 251353)
@@ -245,6 +245,7 @@
bool isStatisticsHasLocalStorage(WKStringRef hostName);
void setStatisticsCacheMaxAgeCap(double seconds);
void setStatisticsShouldDowngradeReferrer(bool value);
+ void setStatisticsShouldBlockThirdPartyCookies(bool value);
void statisticsResetToConsistentState();
void getAllStorageAccessEntries();
Modified: branches/safari-608-branch/Tools/WebKitTestRunner/TestInvocation.cpp (251352 => 251353)
--- branches/safari-608-branch/Tools/WebKitTestRunner/TestInvocation.cpp 2019-10-20 23:24:48 UTC (rev 251352)
+++ branches/safari-608-branch/Tools/WebKitTestRunner/TestInvocation.cpp 2019-10-20 23:40:21 UTC (rev 251353)
@@ -1469,6 +1469,13 @@
return nullptr;
}
+ if (WKStringIsEqualToUTF8CString(messageName, "SetStatisticsShouldBlockThirdPartyCookies")) {
+ ASSERT(WKGetTypeID(messageBody) == WKBooleanGetTypeID());
+ WKBooleanRef value = static_cast<WKBooleanRef>(messageBody);
+ TestController::singleton().setStatisticsShouldBlockThirdPartyCookies(WKBooleanGetValue(value));
+ return nullptr;
+ }
+
if (WKStringIsEqualToUTF8CString(messageName, "RemoveAllSessionCredentials")) {
TestController::singleton().removeAllSessionCredentials();
return nullptr;
@@ -1750,6 +1757,12 @@
WKPagePostMessageToInjectedBundle(TestController::singleton().mainWebView()->page(), messageName.get(), 0);
}
+void TestInvocation::didSetShouldBlockThirdPartyCookies()
+{
+ WKRetainPtr<WKStringRef> messageName = adoptWK(WKStringCreateWithUTF8CString("CallDidSetShouldBlockThirdPartyCookies"));
+ WKPagePostMessageToInjectedBundle(TestController::singleton().mainWebView()->page(), messageName.get(), nullptr);
+}
+
void TestInvocation::didResetStatisticsToConsistentState()
{
WKRetainPtr<WKStringRef> messageName = adoptWK(WKStringCreateWithUTF8CString("CallDidResetStatisticsToConsistentState"));
Modified: branches/safari-608-branch/Tools/WebKitTestRunner/TestInvocation.h (251352 => 251353)
--- branches/safari-608-branch/Tools/WebKitTestRunner/TestInvocation.h 2019-10-20 23:24:48 UTC (rev 251352)
+++ branches/safari-608-branch/Tools/WebKitTestRunner/TestInvocation.h 2019-10-20 23:40:21 UTC (rev 251353)
@@ -73,6 +73,7 @@
void didClearStatisticsThroughWebsiteDataRemoval();
void didSetShouldDowngradeReferrer();
+ void didSetShouldBlockThirdPartyCookies();
void didResetStatisticsToConsistentState();
void didSetBlockCookiesForHost();
void didSetStatisticsDebugMode();
