Diff
Modified: trunk/LayoutTests/ChangeLog (251466 => 251467)
--- trunk/LayoutTests/ChangeLog 2019-10-23 00:33:37 UTC (rev 251466)
+++ trunk/LayoutTests/ChangeLog 2019-10-23 00:54:41 UTC (rev 251467)
@@ -1,3 +1,21 @@
+2019-10-22 John Wilander <wilan...@apple.com>
+
+ Resource Load Statistics (experimental): Block all third-party cookies
+ https://bugs.webkit.org/show_bug.cgi?id=203266
+ <rdar://problem/56512858>
+
+ Reviewed by Alex Christensen.
+
+ This change updates the experimental change in
+ <https://trac.webkit.org/changeset/251213> to block all
+ third-party cookies, regardless of user interaction with
+ the first-party website.
+
+ * http/tests/resourceLoadStatistics/third-party-cookie-blocking-database-expected.txt: Renamed from LayoutTests/http/tests/resourceLoadStatistics/third-party-cookie-blocking-on-sites-without-user-interaction-expected.txt.
+ * http/tests/resourceLoadStatistics/third-party-cookie-blocking-database.html: Renamed from LayoutTests/http/tests/resourceLoadStatistics/third-party-cookie-blocking-on-sites-without-user-interaction.html.
+ * http/tests/resourceLoadStatistics/third-party-cookie-blocking-expected.txt: Renamed from LayoutTests/http/tests/resourceLoadStatistics/third-party-cookie-blocking-on-sites-without-user-interaction-database-expected.txt.
+ * http/tests/resourceLoadStatistics/third-party-cookie-blocking.html: Renamed from LayoutTests/http/tests/resourceLoadStatistics/third-party-cookie-blocking-on-sites-without-user-interaction-database.html.
+
2019-10-22 Wenson Hsieh <wenson_hs...@apple.com>
editing/pasteboard/paste-and-sanitize.html is a flaky failure
Copied: trunk/LayoutTests/http/tests/resourceLoadStatistics/third-party-cookie-blocking-database-expected.txt (from rev 251466, trunk/LayoutTests/http/tests/resourceLoadStatistics/third-party-cookie-blocking-on-sites-without-user-interaction-expected.txt) (0 => 251467)
--- trunk/LayoutTests/http/tests/resourceLoadStatistics/third-party-cookie-blocking-database-expected.txt (rev 0)
+++ trunk/LayoutTests/http/tests/resourceLoadStatistics/third-party-cookie-blocking-database-expected.txt 2019-10-23 00:54:41 UTC (rev 251467)
@@ -0,0 +1,25 @@
+Tests that all third-party cookies are blocked.
+
+On success, you will see a series of "PASS" messages, followed by "TEST COMPLETE".
+
+
+PASS successfullyParsed is true
+
+TEST COMPLETE
+
+
+--------
+Frame: '<!--frame1-->'
+--------
+Before user interaction, should receive no cookies.
+Did not receive cookie named 'firstPartyCookie'.
+Did not receive cookie named 'partitionedCookie'.
+Client-side document.cookie:
+
+--------
+Frame: '<!--frame2-->'
+--------
+After user interaction, should receive no cookies.
+Did not receive cookie named 'firstPartyCookie'.
+Did not receive cookie named 'partitionedCookie'.
+Client-side document.cookie:
Copied: trunk/LayoutTests/http/tests/resourceLoadStatistics/third-party-cookie-blocking-database.html (from rev 251466, trunk/LayoutTests/http/tests/resourceLoadStatistics/third-party-cookie-blocking-on-sites-without-user-interaction-database.html) (0 => 251467)
--- trunk/LayoutTests/http/tests/resourceLoadStatistics/third-party-cookie-blocking-database.html (rev 0)
+++ trunk/LayoutTests/http/tests/resourceLoadStatistics/third-party-cookie-blocking-database.html 2019-10-23 00:54:41 UTC (rev 251467)
@@ -0,0 +1,75 @@
+<!DOCTYPE html>
+<html lang="en">
+<head>
+ <meta charset="UTF-8">
+ <script src=""
+ <script src=""
+</head>
+<body>
+<script>
+ description("Tests that all third-party cookies are blocked.");
+ jsTestIsAsync = true;
+
+ const partitionHost = "127.0.0.1:8000";
+ const partitionOrigin = "http://" + partitionHost;
+ const thirdPartyOrigin = "http://localhost:8000";
+ const resourcePath = "/resourceLoadStatistics/resources";
+ const thirdPartyBaseUrl = thirdPartyOrigin + resourcePath;
+ const firstPartyCookieName = "firstPartyCookie";
+ const subPathToSetFirstPartyCookie = "/set-cookie.php?name=" + firstPartyCookieName + "&value=value";
+ const partitionedCookieName = "partitionedCookie";
+ const subPathToSetPartitionedCookie = "/set-cookie.php?name=" + partitionedCookieName + "&value=value";
+ const returnUrl = partitionOrigin + "/resourceLoadStatistics/third-party-cookie-blocking-database.html";
+ const subPathToGetCookies = "/get-cookies.php?name1=" + firstPartyCookieName + "&name2=" + partitionedCookieName;
+
+ function openIframe(url, onLoadHandler) {
+ const element = document.createElement("iframe");
+ element.src = ""
+ if (onLoadHandler) {
+ element._onload_ = onLoadHandler;
+ }
+ document.body.appendChild(element);
+ }
+
+ function runTest() {
+ switch (document.location.hash) {
+ case "#step1":
+ // Set first-party cookie for localhost.
+ document.location.href = "" + subPathToSetFirstPartyCookie + "#" + returnUrl + "#step2";
+ break;
+ case "#step2":
+ document.location.hash = "step3";
+ // Check that the cookie is blocked for localhost under 127.0.0.1 even though localhost is not prevalent.
+ openIframe(thirdPartyBaseUrl + subPathToGetCookies + "&message=Before user interaction, should receive no cookies.", runTest);
+ break;
+ case "#step3":
+ document.location.hash = "step4";
+ // Produce user interaction for the first-party.
+ testRunner.setStatisticsHasHadUserInteraction(partitionOrigin, true, function() {
+ // Check that the cookie is still blocked for localhost under 127.0.0.1.
+ openIframe(thirdPartyBaseUrl + subPathToGetCookies + "&message=After user interaction, should receive no cookies.", runTest);
+ });
+ break;
+ case "#step4":
+ testRunner.setStatisticsShouldBlockThirdPartyCookies(false, function() {
+ setEnableFeature(false, finishJSTest);
+ });
+ break;
+ }
+ }
+
+ if (document.location.hash === "") {
+ testRunner.setUseITPDatabase(true);
+ setEnableFeature(true, function () {
+ if (testRunner.isStatisticsPrevalentResource(thirdPartyOrigin))
+ testFailed("Localhost was classified as prevalent resource before the test starts.");
+ testRunner.dumpChildFramesAsText();
+ document.location.hash = "step1";
+ testRunner.setStatisticsShouldBlockThirdPartyCookies(true, runTest);
+ });
+ } else {
+ runTest();
+ }
+</script>
+</body>
+</html>
Copied: trunk/LayoutTests/http/tests/resourceLoadStatistics/third-party-cookie-blocking-expected.txt (from rev 251466, trunk/LayoutTests/http/tests/resourceLoadStatistics/third-party-cookie-blocking-on-sites-without-user-interaction-database-expected.txt) (0 => 251467)
--- trunk/LayoutTests/http/tests/resourceLoadStatistics/third-party-cookie-blocking-expected.txt (rev 0)
+++ trunk/LayoutTests/http/tests/resourceLoadStatistics/third-party-cookie-blocking-expected.txt 2019-10-23 00:54:41 UTC (rev 251467)
@@ -0,0 +1,25 @@
+Tests that all third-party cookies are blocked.
+
+On success, you will see a series of "PASS" messages, followed by "TEST COMPLETE".
+
+
+PASS successfullyParsed is true
+
+TEST COMPLETE
+
+
+--------
+Frame: '<!--frame1-->'
+--------
+Before user interaction, should receive no cookies.
+Did not receive cookie named 'firstPartyCookie'.
+Did not receive cookie named 'partitionedCookie'.
+Client-side document.cookie:
+
+--------
+Frame: '<!--frame2-->'
+--------
+After user interaction, should receive no cookies.
+Did not receive cookie named 'firstPartyCookie'.
+Did not receive cookie named 'partitionedCookie'.
+Client-side document.cookie:
Deleted: trunk/LayoutTests/http/tests/resourceLoadStatistics/third-party-cookie-blocking-on-sites-without-user-interaction-database-expected.txt (251466 => 251467)
--- trunk/LayoutTests/http/tests/resourceLoadStatistics/third-party-cookie-blocking-on-sites-without-user-interaction-database-expected.txt 2019-10-23 00:33:37 UTC (rev 251466)
+++ trunk/LayoutTests/http/tests/resourceLoadStatistics/third-party-cookie-blocking-on-sites-without-user-interaction-database-expected.txt 2019-10-23 00:54:41 UTC (rev 251467)
@@ -1,25 +0,0 @@
-Tests that all third-party cookies are blocked under websites that have not received user interaction.
-
-On success, you will see a series of "PASS" messages, followed by "TEST COMPLETE".
-
-
-PASS successfullyParsed is true
-
-TEST COMPLETE
-
-
---------
-Frame: '<!--frame1-->'
---------
-Before user interaction, should receive no cookies.
-Did not receive cookie named 'firstPartyCookie'.
-Did not receive cookie named 'partitionedCookie'.
-Client-side document.cookie:
-
---------
-Frame: '<!--frame2-->'
---------
-After user interaction, should receive first-party cookie.
-Received cookie named 'firstPartyCookie'.
-Did not receive cookie named 'partitionedCookie'.
-Client-side document.cookie: firstPartyCookie=value
Deleted: trunk/LayoutTests/http/tests/resourceLoadStatistics/third-party-cookie-blocking-on-sites-without-user-interaction-database.html (251466 => 251467)
--- trunk/LayoutTests/http/tests/resourceLoadStatistics/third-party-cookie-blocking-on-sites-without-user-interaction-database.html 2019-10-23 00:33:37 UTC (rev 251466)
+++ trunk/LayoutTests/http/tests/resourceLoadStatistics/third-party-cookie-blocking-on-sites-without-user-interaction-database.html 2019-10-23 00:54:41 UTC (rev 251467)
@@ -1,76 +0,0 @@
-<!DOCTYPE html>
-<html lang="en">
-<head>
- <meta charset="UTF-8">
- <script src=""
- <script src=""
-</head>
-<body>
-<script>
- description("Tests that all third-party cookies are blocked under websites that have not received user interaction.");
- jsTestIsAsync = true;
-
- const partitionHost = "127.0.0.1:8000";
- const partitionOrigin = "http://" + partitionHost;
- const thirdPartyOrigin = "http://localhost:8000";
- const resourcePath = "/resourceLoadStatistics/resources";
- const thirdPartyBaseUrl = thirdPartyOrigin + resourcePath;
- const firstPartyCookieName = "firstPartyCookie";
- const subPathToSetFirstPartyCookie = "/set-cookie.php?name=" + firstPartyCookieName + "&value=value";
- const partitionedCookieName = "partitionedCookie";
- const subPathToSetPartitionedCookie = "/set-cookie.php?name=" + partitionedCookieName + "&value=value";
- const returnUrl = partitionOrigin + "/resourceLoadStatistics/third-party-cookie-blocking-on-sites-without-user-interaction.html";
- const subPathToGetCookies = "/get-cookies.php?name1=" + firstPartyCookieName + "&name2=" + partitionedCookieName;
-
- function openIframe(url, onLoadHandler) {
- const element = document.createElement("iframe");
- element.src = ""
- if (onLoadHandler) {
- element._onload_ = onLoadHandler;
- }
- document.body.appendChild(element);
- }
-
- function runTest() {
- switch (document.location.hash) {
- case "#step1":
- // Set first-party cookie for localhost.
- document.location.href = "" + subPathToSetFirstPartyCookie + "#" + returnUrl + "#step2";
- break;
- case "#step2":
- document.location.hash = "step3";
- // Check that the cookie is blocked for localhost under 127.0.0.1 even though localhost is not prevalent.
- openIframe(thirdPartyBaseUrl + subPathToGetCookies + "&message=Before user interaction, should receive no cookies.", runTest);
- break;
- case "#step3":
- document.location.hash = "step4";
- // Produce user interaction for the first-party to allow third-party cookie access.
- testRunner.setStatisticsHasHadUserInteraction(partitionOrigin, true, function() {
- // Check that the cookie is no longer blocked for localhost under 127.0.0.1.
- openIframe(thirdPartyBaseUrl + subPathToGetCookies + "&message=After user interaction, should receive first-party cookie.", runTest);
- });
- break;
- case "#step4":
- testRunner.setUseITPDatabase(false);
- testRunner.setStatisticsShouldBlockThirdPartyCookies(false, function() {
- setEnableFeature(false, finishJSTest);
- });
- break;
- }
- }
-
- if (document.location.hash === "") {
- testRunner.setUseITPDatabase(true);
- setEnableFeature(true, function () {
- if (testRunner.isStatisticsPrevalentResource(thirdPartyOrigin))
- testFailed("Localhost was classified as prevalent resource before the test starts.");
- testRunner.dumpChildFramesAsText();
- document.location.hash = "step1";
- testRunner.setStatisticsShouldBlockThirdPartyCookies(true, runTest);
- });
- } else {
- runTest();
- }
-</script>
-</body>
-</html>
Deleted: trunk/LayoutTests/http/tests/resourceLoadStatistics/third-party-cookie-blocking-on-sites-without-user-interaction-expected.txt (251466 => 251467)
--- trunk/LayoutTests/http/tests/resourceLoadStatistics/third-party-cookie-blocking-on-sites-without-user-interaction-expected.txt 2019-10-23 00:33:37 UTC (rev 251466)
+++ trunk/LayoutTests/http/tests/resourceLoadStatistics/third-party-cookie-blocking-on-sites-without-user-interaction-expected.txt 2019-10-23 00:54:41 UTC (rev 251467)
@@ -1,25 +0,0 @@
-Tests that all third-party cookies are blocked under websites that have not received user interaction.
-
-On success, you will see a series of "PASS" messages, followed by "TEST COMPLETE".
-
-
-PASS successfullyParsed is true
-
-TEST COMPLETE
-
-
---------
-Frame: '<!--frame1-->'
---------
-Before user interaction, should receive no cookies.
-Did not receive cookie named 'firstPartyCookie'.
-Did not receive cookie named 'partitionedCookie'.
-Client-side document.cookie:
-
---------
-Frame: '<!--frame2-->'
---------
-After user interaction, should receive first-party cookie.
-Received cookie named 'firstPartyCookie'.
-Did not receive cookie named 'partitionedCookie'.
-Client-side document.cookie: firstPartyCookie=value
Deleted: trunk/LayoutTests/http/tests/resourceLoadStatistics/third-party-cookie-blocking-on-sites-without-user-interaction.html (251466 => 251467)
--- trunk/LayoutTests/http/tests/resourceLoadStatistics/third-party-cookie-blocking-on-sites-without-user-interaction.html 2019-10-23 00:33:37 UTC (rev 251466)
+++ trunk/LayoutTests/http/tests/resourceLoadStatistics/third-party-cookie-blocking-on-sites-without-user-interaction.html 2019-10-23 00:54:41 UTC (rev 251467)
@@ -1,74 +0,0 @@
-<!DOCTYPE html>
-<html lang="en">
-<head>
- <meta charset="UTF-8">
- <script src=""
- <script src=""
-</head>
-<body>
-<script>
- description("Tests that all third-party cookies are blocked under websites that have not received user interaction.");
- jsTestIsAsync = true;
-
- const partitionHost = "127.0.0.1:8000";
- const partitionOrigin = "http://" + partitionHost;
- const thirdPartyOrigin = "http://localhost:8000";
- const resourcePath = "/resourceLoadStatistics/resources";
- const thirdPartyBaseUrl = thirdPartyOrigin + resourcePath;
- const firstPartyCookieName = "firstPartyCookie";
- const subPathToSetFirstPartyCookie = "/set-cookie.php?name=" + firstPartyCookieName + "&value=value";
- const partitionedCookieName = "partitionedCookie";
- const subPathToSetPartitionedCookie = "/set-cookie.php?name=" + partitionedCookieName + "&value=value";
- const returnUrl = partitionOrigin + "/resourceLoadStatistics/third-party-cookie-blocking-on-sites-without-user-interaction.html";
- const subPathToGetCookies = "/get-cookies.php?name1=" + firstPartyCookieName + "&name2=" + partitionedCookieName;
-
- function openIframe(url, onLoadHandler) {
- const element = document.createElement("iframe");
- element.src = ""
- if (onLoadHandler) {
- element._onload_ = onLoadHandler;
- }
- document.body.appendChild(element);
- }
-
- function runTest() {
- switch (document.location.hash) {
- case "#step1":
- // Set first-party cookie for localhost.
- document.location.href = "" + subPathToSetFirstPartyCookie + "#" + returnUrl + "#step2";
- break;
- case "#step2":
- document.location.hash = "step3";
- // Check that the cookie is blocked for localhost under 127.0.0.1 even though localhost is not prevalent.
- openIframe(thirdPartyBaseUrl + subPathToGetCookies + "&message=Before user interaction, should receive no cookies.", runTest);
- break;
- case "#step3":
- document.location.hash = "step4";
- // Produce user interaction for the first-party to allow third-party cookie access.
- testRunner.setStatisticsHasHadUserInteraction(partitionOrigin, true, function() {
- // Check that the cookie is no longer blocked for localhost under 127.0.0.1.
- openIframe(thirdPartyBaseUrl + subPathToGetCookies + "&message=After user interaction, should receive first-party cookie.", runTest);
- });
- break;
- case "#step4":
- testRunner.setStatisticsShouldBlockThirdPartyCookies(false, function() {
- setEnableFeature(false, finishJSTest);
- });
- break;
- }
- }
-
- if (document.location.hash === "") {
- setEnableFeature(true, function () {
- if (testRunner.isStatisticsPrevalentResource(thirdPartyOrigin))
- testFailed("Localhost was classified as prevalent resource before the test starts.");
- testRunner.dumpChildFramesAsText();
- document.location.hash = "step1";
- testRunner.setStatisticsShouldBlockThirdPartyCookies(true, runTest);
- });
- } else {
- runTest();
- }
-</script>
-</body>
-</html>
Copied: trunk/LayoutTests/http/tests/resourceLoadStatistics/third-party-cookie-blocking.html (from rev 251466, trunk/LayoutTests/http/tests/resourceLoadStatistics/third-party-cookie-blocking-on-sites-without-user-interaction.html) (0 => 251467)
--- trunk/LayoutTests/http/tests/resourceLoadStatistics/third-party-cookie-blocking.html (rev 0)
+++ trunk/LayoutTests/http/tests/resourceLoadStatistics/third-party-cookie-blocking.html 2019-10-23 00:54:41 UTC (rev 251467)
@@ -0,0 +1,74 @@
+<!DOCTYPE html>
+<html lang="en">
+<head>
+ <meta charset="UTF-8">
+ <script src=""
+ <script src=""
+</head>
+<body>
+<script>
+ description("Tests that all third-party cookies are blocked.");
+ jsTestIsAsync = true;
+
+ const partitionHost = "127.0.0.1:8000";
+ const partitionOrigin = "http://" + partitionHost;
+ const thirdPartyOrigin = "http://localhost:8000";
+ const resourcePath = "/resourceLoadStatistics/resources";
+ const thirdPartyBaseUrl = thirdPartyOrigin + resourcePath;
+ const firstPartyCookieName = "firstPartyCookie";
+ const subPathToSetFirstPartyCookie = "/set-cookie.php?name=" + firstPartyCookieName + "&value=value";
+ const partitionedCookieName = "partitionedCookie";
+ const subPathToSetPartitionedCookie = "/set-cookie.php?name=" + partitionedCookieName + "&value=value";
+ const returnUrl = partitionOrigin + "/resourceLoadStatistics/third-party-cookie-blocking.html";
+ const subPathToGetCookies = "/get-cookies.php?name1=" + firstPartyCookieName + "&name2=" + partitionedCookieName;
+
+ function openIframe(url, onLoadHandler) {
+ const element = document.createElement("iframe");
+ element.src = ""
+ if (onLoadHandler) {
+ element._onload_ = onLoadHandler;
+ }
+ document.body.appendChild(element);
+ }
+
+ function runTest() {
+ switch (document.location.hash) {
+ case "#step1":
+ // Set first-party cookie for localhost.
+ document.location.href = "" + subPathToSetFirstPartyCookie + "#" + returnUrl + "#step2";
+ break;
+ case "#step2":
+ document.location.hash = "step3";
+ // Check that the cookie is blocked for localhost under 127.0.0.1 even though localhost is not prevalent.
+ openIframe(thirdPartyBaseUrl + subPathToGetCookies + "&message=Before user interaction, should receive no cookies.", runTest);
+ break;
+ case "#step3":
+ document.location.hash = "step4";
+ // Produce user interaction for the first-party.
+ testRunner.setStatisticsHasHadUserInteraction(partitionOrigin, true, function() {
+ // Check that the cookie is still blocked for localhost under 127.0.0.1.
+ openIframe(thirdPartyBaseUrl + subPathToGetCookies + "&message=After user interaction, should receive no cookies.", runTest);
+ });
+ break;
+ case "#step4":
+ testRunner.setStatisticsShouldBlockThirdPartyCookies(false, function() {
+ setEnableFeature(false, finishJSTest);
+ });
+ break;
+ }
+ }
+
+ if (document.location.hash === "") {
+ setEnableFeature(true, function () {
+ if (testRunner.isStatisticsPrevalentResource(thirdPartyOrigin))
+ testFailed("Localhost was classified as prevalent resource before the test starts.");
+ testRunner.dumpChildFramesAsText();
+ document.location.hash = "step1";
+ testRunner.setStatisticsShouldBlockThirdPartyCookies(true, runTest);
+ });
+ } else {
+ runTest();
+ }
+</script>
+</body>
+</html>
Modified: trunk/Source/WebCore/ChangeLog (251466 => 251467)
--- trunk/Source/WebCore/ChangeLog 2019-10-23 00:33:37 UTC (rev 251466)
+++ trunk/Source/WebCore/ChangeLog 2019-10-23 00:54:41 UTC (rev 251467)
@@ -1,3 +1,26 @@
+2019-10-22 John Wilander <wilan...@apple.com>
+
+ Resource Load Statistics (experimental): Block all third-party cookies
+ https://bugs.webkit.org/show_bug.cgi?id=203266
+ <rdar://problem/56512858>
+
+ Reviewed by Alex Christensen.
+
+ This change updates the experimental change in
+ <https://trac.webkit.org/changeset/251213> to block all
+ third-party cookies, regardless of user interaction with
+ the first-party website.
+
+ Tests: http/tests/resourceLoadStatistics/third-party-cookie-blocking-database.html
+ http/tests/resourceLoadStatistics/third-party-cookie-blocking.html
+
+ * page/Settings.yaml:
+ * platform/network/NetworkStorageSession.cpp:
+ (WebCore::NetworkStorageSession::shouldBlockCookies const):
+ * platform/network/NetworkStorageSession.h:
+ (WebCore::NetworkStorageSession::setIsThirdPartyCookieBlockingEnabled):
+ (WebCore::NetworkStorageSession::setIsThirdPartyCookieBlockingOnSitesWithoutUserInteractionEnabled): Deleted.
+
2019-10-22 Said Abou-Hallawa <sabouhall...@apple.com>
[SVG2] Remove the 'viewTarget' property of SVGViewElement
Modified: trunk/Source/WebCore/page/Settings.yaml (251466 => 251467)
--- trunk/Source/WebCore/page/Settings.yaml 2019-10-23 00:33:37 UTC (rev 251466)
+++ trunk/Source/WebCore/page/Settings.yaml 2019-10-23 00:54:41 UTC (rev 251467)
@@ -869,7 +869,7 @@
initial: true
inspectorOverride: true
-isThirdPartyCookieBlockingOnSitesWithoutUserInteractionEnabled:
+isThirdPartyCookieBlockingEnabled:
initial: false
isLoggedInAPIEnabled:
Modified: trunk/Source/WebCore/platform/network/NetworkStorageSession.cpp (251466 => 251467)
--- trunk/Source/WebCore/platform/network/NetworkStorageSession.cpp 2019-10-23 00:33:37 UTC (rev 251466)
+++ trunk/Source/WebCore/platform/network/NetworkStorageSession.cpp 2019-10-23 00:54:41 UTC (rev 251467)
@@ -107,7 +107,7 @@
if (pageID && hasStorageAccess(resourceDomain, firstPartyDomain, frameID, pageID.value()))
return false;
- if (m_isThirdPartyCookieBlockingOnSitesWithoutUserInteractionEnabled && !hasHadUserInteractionAsFirstParty(firstPartyDomain))
+ if (m_isThirdPartyCookieBlockingEnabled)
return true;
return shouldBlockThirdPartyCookies(resourceDomain);
Modified: trunk/Source/WebCore/platform/network/NetworkStorageSession.h (251466 => 251467)
--- trunk/Source/WebCore/platform/network/NetworkStorageSession.h 2019-10-23 00:33:37 UTC (rev 251466)
+++ trunk/Source/WebCore/platform/network/NetworkStorageSession.h 2019-10-23 00:54:41 UTC (rev 251467)
@@ -164,7 +164,7 @@
WEBCORE_EXPORT Optional<Seconds> maxAgeCacheCap(const ResourceRequest&);
WEBCORE_EXPORT void didCommitCrossSiteLoadWithDataTransferFromPrevalentResource(const RegistrableDomain& toDomain, PageIdentifier);
WEBCORE_EXPORT void resetCrossSiteLoadsWithLinkDecorationForTesting();
- void setIsThirdPartyCookieBlockingOnSitesWithoutUserInteractionEnabled(bool enabled) { m_isThirdPartyCookieBlockingOnSitesWithoutUserInteractionEnabled = enabled; }
+ void setIsThirdPartyCookieBlockingEnabled(bool enabled) { m_isThirdPartyCookieBlockingEnabled = enabled; }
#endif
private:
@@ -199,7 +199,7 @@
Optional<Seconds> m_ageCapForClientSideCookiesShort { };
HashMap<WebCore::PageIdentifier, RegistrableDomain> m_navigatedToWithLinkDecorationByPrevalentResource;
bool m_navigationWithLinkDecorationTestMode = false;
- bool m_isThirdPartyCookieBlockingOnSitesWithoutUserInteractionEnabled = false;
+ bool m_isThirdPartyCookieBlockingEnabled = false;
#endif
#if PLATFORM(COCOA)
Modified: trunk/Source/WebKit/ChangeLog (251466 => 251467)
--- trunk/Source/WebKit/ChangeLog 2019-10-23 00:33:37 UTC (rev 251466)
+++ trunk/Source/WebKit/ChangeLog 2019-10-23 00:54:41 UTC (rev 251467)
@@ -1,3 +1,30 @@
+2019-10-22 John Wilander <wilan...@apple.com>
+
+ Resource Load Statistics (experimental): Block all third-party cookies
+ https://bugs.webkit.org/show_bug.cgi?id=203266
+ <rdar://problem/56512858>
+
+ Reviewed by Alex Christensen.
+
+ This change updates the experimental change in
+ <https://trac.webkit.org/changeset/251213> to block all
+ third-party cookies, regardless of user interaction with
+ the first-party website.
+
+ * NetworkProcess/NetworkProcess.cpp:
+ (WebKit::NetworkProcess::setShouldBlockThirdPartyCookiesForTesting):
+ * NetworkProcess/NetworkSessionCreationParameters.cpp:
+ (WebKit::NetworkSessionCreationParameters::encode const):
+ (WebKit::NetworkSessionCreationParameters::decode):
+ * NetworkProcess/NetworkSessionCreationParameters.h:
+ * NetworkProcess/cocoa/NetworkSessionCocoa.mm:
+ (WebKit::NetworkSessionCocoa::NetworkSessionCocoa):
+ * Shared/WebPreferences.yaml:
+ * UIProcess/WebProcessPool.cpp:
+ (WebKit::WebProcessPool::ensureNetworkProcess):
+ * UIProcess/WebsiteData/Cocoa/WebsiteDataStoreCocoa.mm:
+ (WebKit::WebsiteDataStore::parameters):
+
2019-10-22 Tim Horton <timothy_hor...@apple.com>
Make it possible to not include IPC Messages headers in other headers
Modified: trunk/Source/WebKit/NetworkProcess/NetworkProcess.cpp (251466 => 251467)
--- trunk/Source/WebKit/NetworkProcess/NetworkProcess.cpp 2019-10-23 00:33:37 UTC (rev 251466)
+++ trunk/Source/WebKit/NetworkProcess/NetworkProcess.cpp 2019-10-23 00:54:41 UTC (rev 251467)
@@ -1262,7 +1262,7 @@
void NetworkProcess::setShouldBlockThirdPartyCookiesForTesting(PAL::SessionID sessionID, bool enabled, CompletionHandler<void()>&& completionHandler)
{
if (auto* networkStorageSession = storageSession(sessionID))
- networkStorageSession->setIsThirdPartyCookieBlockingOnSitesWithoutUserInteractionEnabled(enabled);
+ networkStorageSession->setIsThirdPartyCookieBlockingEnabled(enabled);
else
ASSERT_NOT_REACHED();
completionHandler();
Modified: trunk/Source/WebKit/NetworkProcess/NetworkSessionCreationParameters.cpp (251466 => 251467)
--- trunk/Source/WebKit/NetworkProcess/NetworkSessionCreationParameters.cpp 2019-10-23 00:33:37 UTC (rev 251466)
+++ trunk/Source/WebKit/NetworkProcess/NetworkSessionCreationParameters.cpp 2019-10-23 00:54:41 UTC (rev 251467)
@@ -68,7 +68,7 @@
encoder << shouldIncludeLocalhostInResourceLoadStatistics;
encoder << enableResourceLoadStatisticsDebugMode;
encoder << resourceLoadStatisticsManualPrevalentResource;
- encoder << enableThirdPartyCookieBlockingOnSitesWithoutUserInteraction;
+ encoder << enableThirdPartyCookieBlocking;
encoder << networkCacheDirectory << networkCacheDirectoryExtensionHandle;
@@ -199,9 +199,9 @@
if (!resourceLoadStatisticsManualPrevalentResource)
return WTF::nullopt;
- Optional<bool> enableThirdPartyCookieBlockingOnSitesWithoutUserInteraction;
- decoder >> enableThirdPartyCookieBlockingOnSitesWithoutUserInteraction;
- if (!enableThirdPartyCookieBlockingOnSitesWithoutUserInteraction)
+ Optional<bool> enableThirdPartyCookieBlocking;
+ decoder >> enableThirdPartyCookieBlocking;
+ if (!enableThirdPartyCookieBlocking)
return WTF::nullopt;
Optional<String> networkCacheDirectory;
@@ -282,7 +282,7 @@
, WTFMove(*enableResourceLoadStatisticsLogTestingEvent)
, WTFMove(*shouldIncludeLocalhostInResourceLoadStatistics)
, WTFMove(*enableResourceLoadStatisticsDebugMode)
- , WTFMove(*enableThirdPartyCookieBlockingOnSitesWithoutUserInteraction)
+ , WTFMove(*enableThirdPartyCookieBlocking)
, WTFMove(*deviceManagementRestrictionsEnabled)
, WTFMove(*allLoadsBlockedByDeviceManagementRestrictionsForTesting)
, WTFMove(*resourceLoadStatisticsManualPrevalentResource)
Modified: trunk/Source/WebKit/NetworkProcess/NetworkSessionCreationParameters.h (251466 => 251467)
--- trunk/Source/WebKit/NetworkProcess/NetworkSessionCreationParameters.h 2019-10-23 00:33:37 UTC (rev 251466)
+++ trunk/Source/WebKit/NetworkProcess/NetworkSessionCreationParameters.h 2019-10-23 00:54:41 UTC (rev 251467)
@@ -85,7 +85,7 @@
bool enableResourceLoadStatisticsLogTestingEvent { false };
bool shouldIncludeLocalhostInResourceLoadStatistics { true };
bool enableResourceLoadStatisticsDebugMode { false };
- bool enableThirdPartyCookieBlockingOnSitesWithoutUserInteraction { false };
+ bool enableThirdPartyCookieBlocking { false };
bool deviceManagementRestrictionsEnabled { false };
bool allLoadsBlockedByDeviceManagementRestrictionsForTesting { false };
WebCore::RegistrableDomain resourceLoadStatisticsManualPrevalentResource { };
Modified: trunk/Source/WebKit/NetworkProcess/cocoa/NetworkSessionCocoa.mm (251466 => 251467)
--- trunk/Source/WebKit/NetworkProcess/cocoa/NetworkSessionCocoa.mm 2019-10-23 00:33:37 UTC (rev 251466)
+++ trunk/Source/WebKit/NetworkProcess/cocoa/NetworkSessionCocoa.mm 2019-10-23 00:54:41 UTC (rev 251467)
@@ -1109,7 +1109,7 @@
m_shouldIncludeLocalhostInResourceLoadStatistics = parameters.shouldIncludeLocalhostInResourceLoadStatistics ? ShouldIncludeLocalhost::Yes : ShouldIncludeLocalhost::No;
m_enableResourceLoadStatisticsDebugMode = parameters.enableResourceLoadStatisticsDebugMode ? EnableResourceLoadStatisticsDebugMode::Yes : EnableResourceLoadStatisticsDebugMode::No;
m_resourceLoadStatisticsManualPrevalentResource = parameters.resourceLoadStatisticsManualPrevalentResource;
- storageSession->setIsThirdPartyCookieBlockingOnSitesWithoutUserInteractionEnabled(parameters.enableThirdPartyCookieBlockingOnSitesWithoutUserInteraction);
+ storageSession->setIsThirdPartyCookieBlockingEnabled(parameters.enableThirdPartyCookieBlocking);
setResourceLoadStatisticsEnabled(parameters.enableResourceLoadStatistics);
#endif
Modified: trunk/Source/WebKit/Shared/WebPreferences.yaml (251466 => 251467)
--- trunk/Source/WebKit/Shared/WebPreferences.yaml 2019-10-23 00:33:37 UTC (rev 251466)
+++ trunk/Source/WebKit/Shared/WebPreferences.yaml 2019-10-23 00:54:41 UTC (rev 251467)
@@ -1768,12 +1768,12 @@
webcoreBinding: RuntimeEnabledFeatures
category: experimental
-IsThirdPartyCookieBlockingOnSitesWithoutUserInteractionEnabled:
+IsThirdPartyCookieBlockingEnabled:
type: bool
defaultValue: false
- humanReadableName: "Block 3rd-Party Cookies On Sites Without Interaction (ITP)"
- humanReadableDescription: "Block all third-party cookies on websites without user interaction"
- category: internal
+ humanReadableName: "Block All 3rd-Party Cookies (ITP)"
+ humanReadableDescription: "Block all third-party cookies when Intelligent Tracking Prevention is enabled"
+ category: experimental
IsLoggedInAPIEnabled:
type: bool
Modified: trunk/Source/WebKit/UIProcess/WebProcessPool.cpp (251466 => 251467)
--- trunk/Source/WebKit/UIProcess/WebProcessPool.cpp 2019-10-23 00:33:37 UTC (rev 251466)
+++ trunk/Source/WebKit/UIProcess/WebProcessPool.cpp 2019-10-23 00:54:41 UTC (rev 251467)
@@ -564,6 +564,7 @@
bool enableResourceLoadStatisticsLogTestingEvent = false;
bool shouldIncludeLocalhost = true;
bool enableResourceLoadStatisticsDebugMode = false;
+ bool enableThirdPartyCookieBlocking = false;
WebCore::RegistrableDomain manualPrevalentResource { };
if (withWebsiteDataStore) {
enableResourceLoadStatistics = withWebsiteDataStore->resourceLoadStatisticsEnabled();
@@ -574,6 +575,7 @@
auto networkSessionParameters = withWebsiteDataStore->parameters().networkSessionParameters;
shouldIncludeLocalhost = networkSessionParameters.shouldIncludeLocalhostInResourceLoadStatistics;
enableResourceLoadStatisticsDebugMode = networkSessionParameters.enableResourceLoadStatisticsDebugMode;
+ enableThirdPartyCookieBlocking = networkSessionParameters.enableThirdPartyCookieBlocking;
manualPrevalentResource = networkSessionParameters.resourceLoadStatisticsManualPrevalentResource;
}
@@ -594,6 +596,7 @@
auto networkSessionParameters = m_websiteDataStore->parameters().networkSessionParameters;
shouldIncludeLocalhost = networkSessionParameters.shouldIncludeLocalhostInResourceLoadStatistics;
enableResourceLoadStatisticsDebugMode = networkSessionParameters.enableResourceLoadStatisticsDebugMode;
+ enableThirdPartyCookieBlocking = networkSessionParameters.enableThirdPartyCookieBlocking;
manualPrevalentResource = networkSessionParameters.resourceLoadStatisticsManualPrevalentResource;
}
@@ -617,6 +620,7 @@
parameters.defaultDataStoreParameters.networkSessionParameters.enableResourceLoadStatisticsLogTestingEvent = enableResourceLoadStatisticsLogTestingEvent;
parameters.defaultDataStoreParameters.networkSessionParameters.shouldIncludeLocalhostInResourceLoadStatistics = shouldIncludeLocalhost;
parameters.defaultDataStoreParameters.networkSessionParameters.enableResourceLoadStatisticsDebugMode = enableResourceLoadStatisticsDebugMode;
+ parameters.defaultDataStoreParameters.networkSessionParameters.enableThirdPartyCookieBlocking = enableThirdPartyCookieBlocking;
parameters.defaultDataStoreParameters.networkSessionParameters.resourceLoadStatisticsManualPrevalentResource = manualPrevalentResource;
// Add any platform specific parameters
Modified: trunk/Source/WebKit/UIProcess/WebsiteData/Cocoa/WebsiteDataStoreCocoa.mm (251466 => 251467)
--- trunk/Source/WebKit/UIProcess/WebsiteData/Cocoa/WebsiteDataStoreCocoa.mm 2019-10-23 00:33:37 UTC (rev 251466)
+++ trunk/Source/WebKit/UIProcess/WebsiteData/Cocoa/WebsiteDataStoreCocoa.mm 2019-10-23 00:54:41 UTC (rev 251467)
@@ -69,7 +69,7 @@
NSUserDefaults *defaults = [NSUserDefaults standardUserDefaults];
bool shouldLogCookieInformation = false;
bool enableResourceLoadStatisticsDebugMode = false;
- bool enableThirdPartyCookieBlockingOnSitesWithoutUserInteraction = false;
+ bool enableThirdPartyCookieBlocking = false;
bool enableLegacyTLS = true;
if (id value = [defaults objectForKey:@"WebKitEnableLegacyTLS"])
enableLegacyTLS = [value boolValue];
@@ -76,7 +76,7 @@
WebCore::RegistrableDomain resourceLoadStatisticsManualPrevalentResource { };
#if ENABLE(RESOURCE_LOAD_STATISTICS)
enableResourceLoadStatisticsDebugMode = [defaults boolForKey:@"ITPDebugMode"];
- enableThirdPartyCookieBlockingOnSitesWithoutUserInteraction = [defaults boolForKey:[NSString stringWithFormat:@"InternalDebug%@", WebPreferencesKey::isThirdPartyCookieBlockingOnSitesWithoutUserInteractionEnabledKey().createCFString().get()]];
+ enableThirdPartyCookieBlocking = [defaults boolForKey:[NSString stringWithFormat:@"Experimental%@", WebPreferencesKey::isThirdPartyCookieBlockingEnabledKey().createCFString().get()]];
auto* manualPrevalentResource = [defaults stringForKey:@"ITPManualPrevalentResource"];
if (manualPrevalentResource) {
URL url { URL(), manualPrevalentResource };
@@ -140,7 +140,7 @@
hasStatisticsTestingCallback(),
shouldIncludeLocalhostInResourceLoadStatistics,
enableResourceLoadStatisticsDebugMode,
- enableThirdPartyCookieBlockingOnSitesWithoutUserInteraction,
+ enableThirdPartyCookieBlocking,
m_configuration->deviceManagementRestrictionsEnabled(),
m_configuration->allLoadsBlockedByDeviceManagementRestrictionsForTesting(),
WTFMove(resourceLoadStatisticsManualPrevalentResource),