Branch: refs/heads/main
Home: https://github.com/WebKit/WebKit
Commit: 8f3d12f42fdeda8c17ff59c35b7e4707c853178c
https://github.com/WebKit/WebKit/commit/8f3d12f42fdeda8c17ff59c35b7e4707c853178c
Author: Charlie Wolfe <[email protected]>
Date: 2025-09-17 (Wed, 17 Sep 2025)
Changed paths:
M
LayoutTests/imported/w3c/web-platform-tests/storage-access-api/requestStorageAccess-dedicated-worker.sub.https.window-expected.txt
M Source/WebCore/platform/network/NetworkStorageSession.cpp
M Source/WebCore/platform/network/NetworkStorageSession.h
M Source/WebKit/NetworkProcess/NetworkDataTask.cpp
M Source/WebKit/NetworkProcess/NetworkDataTask.h
M Source/WebKit/NetworkProcess/NetworkDataTaskBlob.cpp
M Source/WebKit/NetworkProcess/NetworkDataTaskDataURL.cpp
M Source/WebKit/NetworkProcess/NetworkLoadParameters.h
M Source/WebKit/NetworkProcess/NetworkResourceLoadParameters.cpp
M Source/WebKit/NetworkProcess/NetworkResourceLoadParameters.h
M
Source/WebKit/NetworkProcess/NetworkResourceLoadParameters.serialization.in
M Source/WebKit/NetworkProcess/ServiceWorker/ServiceWorkerDownloadTask.cpp
M Source/WebKit/NetworkProcess/cocoa/NetworkDataTaskCocoa.h
M Source/WebKit/NetworkProcess/cocoa/NetworkDataTaskCocoa.mm
M Source/WebKit/NetworkProcess/cocoa/NetworkTaskCocoa.h
M Source/WebKit/NetworkProcess/cocoa/NetworkTaskCocoa.mm
M Source/WebKit/NetworkProcess/curl/NetworkDataTaskCurl.cpp
M Source/WebKit/NetworkProcess/soup/NetworkDataTaskSoup.cpp
M Source/WebKit/WebProcess/Network/WebLoaderStrategy.cpp
Log Message:
-----------
Storage access should not be inherited by dedicated workers
https://bugs.webkit.org/show_bug.cgi?id=297702
rdar://158814068
Reviewed by Pascoe.
This patch prevents dedicated workers from sending requests with cookies from
cross-site iframes, even
if the document which created it has storage access.
*
LayoutTests/imported/w3c/web-platform-tests/storage-access-api/requestStorageAccess-dedicated-worker.sub.https.window-expected.txt:
* Source/WebCore/platform/network/NetworkStorageSession.cpp:
(WebCore::NetworkStorageSession::thirdPartyCookieBlockingDecisionForRequest
const):
* Source/WebCore/platform/network/NetworkStorageSession.h:
* Source/WebKit/NetworkProcess/NetworkDataTask.cpp:
(WebKit::NetworkDataTask::NetworkDataTask):
* Source/WebKit/NetworkProcess/NetworkDataTask.h:
(WebKit::NetworkDataTask::isInitiatedByDedicatedWorker const):
* Source/WebKit/NetworkProcess/NetworkDataTaskBlob.cpp:
(WebKit::NetworkDataTaskBlob::NetworkDataTaskBlob):
* Source/WebKit/NetworkProcess/NetworkDataTaskDataURL.cpp:
(WebKit::NetworkDataTaskDataURL::NetworkDataTaskDataURL):
* Source/WebKit/NetworkProcess/NetworkLoadParameters.h:
* Source/WebKit/NetworkProcess/NetworkResourceLoadParameters.cpp:
(WebKit::NetworkResourceLoadParameters::networkLoadParameters const):
* Source/WebKit/NetworkProcess/NetworkResourceLoadParameters.h:
* Source/WebKit/NetworkProcess/NetworkResourceLoadParameters.serialization.in:
* Source/WebKit/NetworkProcess/ServiceWorker/ServiceWorkerDownloadTask.cpp:
(WebKit::ServiceWorkerDownloadTask::ServiceWorkerDownloadTask):
* Source/WebKit/NetworkProcess/cocoa/NetworkDataTaskCocoa.h:
* Source/WebKit/NetworkProcess/cocoa/NetworkDataTaskCocoa.mm:
(WebKit::NetworkDataTaskCocoa::NetworkDataTaskCocoa):
* Source/WebKit/NetworkProcess/cocoa/NetworkTaskCocoa.h:
(WebKit::NetworkTaskCocoa::isInitiatedByDedicatedWorker const):
* Source/WebKit/NetworkProcess/cocoa/NetworkTaskCocoa.mm:
(WebKit::NetworkTaskCocoa::requestThirdPartyCookieBlockingDecision const):
* Source/WebKit/NetworkProcess/curl/NetworkDataTaskCurl.cpp:
(WebKit::NetworkDataTaskCurl::NetworkDataTaskCurl):
* Source/WebKit/NetworkProcess/soup/NetworkDataTaskSoup.cpp:
(WebKit::NetworkDataTaskSoup::NetworkDataTaskSoup):
* Source/WebKit/WebProcess/Network/WebLoaderStrategy.cpp:
(WebKit::WebLoaderStrategy::scheduleLoadFromNetworkProcess):
Canonical link: https://commits.webkit.org/300120@main
To unsubscribe from these emails, change your notification settings at
https://github.com/WebKit/WebKit/settings/notifications
_______________________________________________
webkit-changes mailing list
[email protected]
https://lists.webkit.org/mailman/listinfo/webkit-changes
