- Revision
- 143939
- Author
- [email protected]
- Date
- 2013-02-25 09:57:15 -0800 (Mon, 25 Feb 2013)
Log Message
Remove an obsolete workaround for relaxing 3rd party cookie policy
https://bugs.webkit.org/show_bug.cgi?id=110664
Reviewed by Benjamin Poulain.
Removed shouldRelaxThirdPartyCookiePolicy(). This workaround is no longer needed,
because CFNetwork performs the same check starting with 10.6.8.
Also, the workaround was not quite correct and harmful for performance, as it
was always changing main document URL to an untrue value, which caused ResourceRequest
regeneration.
* platform/network/ResourceHandle.h:
* platform/network/cf/ResourceHandleCFNet.cpp:
(WebCore::ResourceHandle::createCFURLConnection):
(WebCore::ResourceHandle::start):
(WebCore::ResourceHandle::platformLoadResourceSynchronously):
* platform/network/mac/ResourceHandleMac.mm:
(WebCore::ResourceHandle::createNSURLConnection):
(WebCore::ResourceHandle::start):
(WebCore::ResourceHandle::platformLoadResourceSynchronously):
Modified Paths
Diff
Modified: trunk/Source/WebCore/ChangeLog (143938 => 143939)
--- trunk/Source/WebCore/ChangeLog 2013-02-25 17:47:24 UTC (rev 143938)
+++ trunk/Source/WebCore/ChangeLog 2013-02-25 17:57:15 UTC (rev 143939)
@@ -1,3 +1,27 @@
+2013-02-25 Alexey Proskuryakov <[email protected]>
+
+ Remove an obsolete workaround for relaxing 3rd party cookie policy
+ https://bugs.webkit.org/show_bug.cgi?id=110664
+
+ Reviewed by Benjamin Poulain.
+
+ Removed shouldRelaxThirdPartyCookiePolicy(). This workaround is no longer needed,
+ because CFNetwork performs the same check starting with 10.6.8.
+
+ Also, the workaround was not quite correct and harmful for performance, as it
+ was always changing main document URL to an untrue value, which caused ResourceRequest
+ regeneration.
+
+ * platform/network/ResourceHandle.h:
+ * platform/network/cf/ResourceHandleCFNet.cpp:
+ (WebCore::ResourceHandle::createCFURLConnection):
+ (WebCore::ResourceHandle::start):
+ (WebCore::ResourceHandle::platformLoadResourceSynchronously):
+ * platform/network/mac/ResourceHandleMac.mm:
+ (WebCore::ResourceHandle::createNSURLConnection):
+ (WebCore::ResourceHandle::start):
+ (WebCore::ResourceHandle::platformLoadResourceSynchronously):
+
2013-02-25 Vsevolod Vlasov <[email protected]>
WebInspector: Do not keep track of resources unless they have a valid loader identifier.
Modified: trunk/Source/WebCore/platform/network/ResourceHandle.h (143938 => 143939)
--- trunk/Source/WebCore/platform/network/ResourceHandle.h 2013-02-25 17:47:24 UTC (rev 143938)
+++ trunk/Source/WebCore/platform/network/ResourceHandle.h 2013-02-25 17:57:15 UTC (rev 143939)
@@ -239,9 +239,9 @@
virtual void derefAuthenticationClient() { deref(); }
#if PLATFORM(MAC) && !USE(CFNETWORK)
- void createNSURLConnection(id delegate, bool shouldUseCredentialStorage, bool shouldRelaxThirdPartyCookiePolicy, bool shouldContentSniff);
+ void createNSURLConnection(id delegate, bool shouldUseCredentialStorage, bool shouldContentSniff);
#elif USE(CFNETWORK)
- void createCFURLConnection(bool shouldUseCredentialStorage, bool shouldRelaxThirdPartyCookiePolicy, bool shouldContentSniff);
+ void createCFURLConnection(bool shouldUseCredentialStorage, bool shouldContentSniff);
#endif
friend class ResourceHandleInternal;
Modified: trunk/Source/WebCore/platform/network/cf/ResourceHandleCFNet.cpp (143938 => 143939)
--- trunk/Source/WebCore/platform/network/cf/ResourceHandleCFNet.cpp 2013-02-25 17:47:24 UTC (rev 143938)
+++ trunk/Source/WebCore/platform/network/cf/ResourceHandleCFNet.cpp 2013-02-25 17:57:15 UTC (rev 143939)
@@ -395,23 +395,8 @@
return propertiesDictionary;
}
-static bool shouldRelaxThirdPartyCookiePolicy(NetworkingContext* context, const KURL& url)
+void ResourceHandle::createCFURLConnection(bool shouldUseCredentialStorage, bool shouldContentSniff)
{
- // If a URL already has cookies, then we'll relax the 3rd party cookie policy and accept new cookies.
-
- RetainPtr<CFHTTPCookieStorageRef> cfCookieStorage = context->storageSession().cookieStorage();
- CFHTTPCookieStorageAcceptPolicy cookieAcceptPolicy = CFHTTPCookieStorageGetCookieAcceptPolicy(cfCookieStorage.get());
-
- if (cookieAcceptPolicy != CFHTTPCookieStorageAcceptPolicyOnlyFromMainDocumentDomain)
- return false;
-
- RetainPtr<CFURLRef> cfURL = adoptCF(url.createCFURL());
- RetainPtr<CFArrayRef> cookies = adoptCF(CFHTTPCookieStorageCopyCookiesForURL(cfCookieStorage.get(), cfURL.get(), false));
- return CFArrayGetCount(cookies.get());
-}
-
-void ResourceHandle::createCFURLConnection(bool shouldUseCredentialStorage, bool shouldRelaxThirdPartyCookiePolicy, bool shouldContentSniff)
-{
if ((!d->m_user.isEmpty() || !d->m_pass.isEmpty()) && !firstRequest().url().protocolIsInHTTPFamily()) {
// Credentials for ftp can only be passed in URL, the didReceiveAuthenticationChallenge delegate call won't be made.
KURL urlWithCredentials(firstRequest().url());
@@ -420,10 +405,7 @@
firstRequest().setURL(urlWithCredentials);
}
- if (shouldRelaxThirdPartyCookiePolicy)
- firstRequest().setFirstPartyForCookies(firstRequest().url());
-
- // <rdar://problem/7174050> - For URLs that match the paths of those previously challenged for HTTP Basic authentication,
+ // <rdar://problem/7174050> - For URLs that match the paths of those previously challenged for HTTP Basic authentication,
// try and reuse the credential preemptively, as allowed by RFC 2617.
if (shouldUseCredentialStorage && firstRequest().url().protocolIsInHTTPFamily()) {
if (d->m_user.isEmpty() && d->m_pass.isEmpty()) {
@@ -510,7 +492,7 @@
bool shouldUseCredentialStorage = !client() || client()->shouldUseCredentialStorage(this);
- createCFURLConnection(shouldUseCredentialStorage, shouldRelaxThirdPartyCookiePolicy(d->m_context.get(), firstRequest().url()), d->m_shouldContentSniff);
+ createCFURLConnection(shouldUseCredentialStorage, d->m_shouldContentSniff);
#if PLATFORM(WIN)
CFURLConnectionScheduleWithCurrentMessageQueue(d->m_connection.get());
@@ -748,7 +730,7 @@
return;
}
- handle->createCFURLConnection(storedCredentials == AllowStoredCredentials, shouldRelaxThirdPartyCookiePolicy(context, request.url()), ResourceHandle::shouldContentSniffURL(request.url()));
+ handle->createCFURLConnection(storedCredentials == AllowStoredCredentials, ResourceHandle::shouldContentSniffURL(request.url()));
CFURLConnectionScheduleWithRunLoop(handle->connection(), CFRunLoopGetCurrent(), synchronousLoadRunLoopMode());
CFURLConnectionScheduleDownloadWithRunLoop(handle->connection(), CFRunLoopGetCurrent(), synchronousLoadRunLoopMode());
Modified: trunk/Source/WebCore/platform/network/mac/ResourceHandleMac.mm (143938 => 143939)
--- trunk/Source/WebCore/platform/network/mac/ResourceHandleMac.mm 2013-02-25 17:47:24 UTC (rev 143938)
+++ trunk/Source/WebCore/platform/network/mac/ResourceHandleMac.mm 2013-02-25 17:57:15 UTC (rev 143939)
@@ -143,23 +143,8 @@
LOG(Network, "Handle %p destroyed", this);
}
-static bool shouldRelaxThirdPartyCookiePolicy(NetworkingContext* context, const KURL& url)
+void ResourceHandle::createNSURLConnection(id delegate, bool shouldUseCredentialStorage, bool shouldContentSniff)
{
- // If a URL already has cookies, then we'll relax the 3rd party cookie policy and accept new cookies.
-
- RetainPtr<CFHTTPCookieStorageRef> cfCookieStorage = context->storageSession().cookieStorage();
- NSHTTPCookieAcceptPolicy cookieAcceptPolicy = static_cast<NSHTTPCookieAcceptPolicy>(wkGetHTTPCookieAcceptPolicy(cfCookieStorage.get()));
-
- if (cookieAcceptPolicy != NSHTTPCookieAcceptPolicyOnlyFromMainDocumentDomain)
- return false;
-
- NSArray *cookies = wkHTTPCookiesForURL(cfCookieStorage.get(), url);
-
- return [cookies count];
-}
-
-void ResourceHandle::createNSURLConnection(id delegate, bool shouldUseCredentialStorage, bool shouldRelaxThirdPartyCookiePolicy, bool shouldContentSniff)
-{
// Credentials for ftp can only be passed in URL, the connection:didReceiveAuthenticationChallenge: delegate call won't be made.
if ((!d->m_user.isEmpty() || !d->m_pass.isEmpty()) && !firstRequest().url().protocolIsInHTTPFamily()) {
KURL urlWithCredentials(firstRequest().url());
@@ -168,9 +153,6 @@
firstRequest().setURL(urlWithCredentials);
}
- if (shouldRelaxThirdPartyCookiePolicy)
- firstRequest().setFirstPartyForCookies(firstRequest().url());
-
if (shouldUseCredentialStorage && firstRequest().url().protocolIsInHTTPFamily()) {
if (d->m_user.isEmpty() && d->m_pass.isEmpty()) {
// <rdar://problem/7174050> - For URLs that match the paths of those previously challenged for HTTP Basic authentication,
@@ -243,7 +225,6 @@
createNSURLConnection(
d->m_proxy.get(),
shouldUseCredentialStorage,
- shouldRelaxThirdPartyCookiePolicy(d->m_context.get(), firstRequest().url()),
d->m_shouldContentSniff || d->m_context->localFileContentSniffingEnabled());
bool scheduled = false;
@@ -387,7 +368,6 @@
handle->createNSURLConnection(
handle->delegate(), // A synchronous request cannot turn into a download, so there is no need to proxy the delegate.
storedCredentials == AllowStoredCredentials,
- shouldRelaxThirdPartyCookiePolicy(context, request.url()),
handle->shouldContentSniff() || context->localFileContentSniffingEnabled());
[handle->connection() scheduleInRunLoop:[NSRunLoop currentRunLoop] forMode:(NSString *)synchronousLoadRunLoopMode()];
