Diff
Modified: trunk/LayoutTests/ChangeLog (235568 => 235569)
--- trunk/LayoutTests/ChangeLog 2018-08-31 20:41:57 UTC (rev 235568)
+++ trunk/LayoutTests/ChangeLog 2018-08-31 21:09:36 UTC (rev 235569)
@@ -1,3 +1,25 @@
+2018-08-31 John Wilander <[email protected]>
+
+ Storage Access API: Maintain access through same-site navigations
+ https://bugs.webkit.org/show_bug.cgi?id=188564
+ <rdar://problem/43445160>
+
+ Reviewed by Alex Christensen.
+
+ * http/tests/storageAccess/request-and-grant-access-cross-origin-sandboxed-iframe-from-prevalent-domain-with-user-interaction-and-access-from-right-frame-expected.txt:
+ * http/tests/storageAccess/request-and-grant-access-cross-origin-sandboxed-iframe-from-prevalent-domain-with-user-interaction-and-access-from-right-frame.html:
+ Added both a same-site and a cross-site navigation to the sub frame to test maintained and cleared access.
+ * http/tests/storageAccess/request-and-grant-access-then-navigate-cross-site-should-not-have-access-expected.txt: Copied from LayoutTests/http/tests/storageAccess/request-and-grant-access-then-navigate-should-not-have-access-expected.txt.
+ * http/tests/storageAccess/request-and-grant-access-then-navigate-cross-site-should-not-have-access.html: Copied from LayoutTests/http/tests/storageAccess/request-and-grant-access-then-navigate-should-not-have-access.html.
+ * http/tests/storageAccess/request-and-grant-access-then-navigate-same-site-should-have-access-expected.txt: Renamed from LayoutTests/http/tests/storageAccess/request-and-grant-access-then-navigate-should-not-have-access-expected.txt.
+ * http/tests/storageAccess/request-and-grant-access-then-navigate-same-site-should-have-access.html: Renamed from LayoutTests/http/tests/storageAccess/request-and-grant-access-then-navigate-should-not-have-access.html.
+ * http/tests/storageAccess/resources/get-cookies.php:
+ Support for the new test scenarios.
+ * http/tests/storageAccess/resources/self-navigating-frame-after-granted-access.html:
+ Support for the new test scenarios.
+ * platform/mac-wk2/TestExpectations:
+ Marked the new and the renamed tests as [ Pass ].
+
2018-08-30 Ryosuke Niwa <[email protected]>
slotchange-event-bubbling.html fails in Chrome & Firefox
Modified: trunk/LayoutTests/http/tests/storageAccess/request-and-grant-access-cross-origin-sandboxed-iframe-from-prevalent-domain-with-user-interaction-and-access-from-right-frame-expected.txt (235568 => 235569)
--- trunk/LayoutTests/http/tests/storageAccess/request-and-grant-access-cross-origin-sandboxed-iframe-from-prevalent-domain-with-user-interaction-and-access-from-right-frame-expected.txt 2018-08-31 20:41:57 UTC (rev 235568)
+++ trunk/LayoutTests/http/tests/storageAccess/request-and-grant-access-cross-origin-sandboxed-iframe-from-prevalent-domain-with-user-interaction-and-access-from-right-frame-expected.txt 2018-08-31 21:09:36 UTC (rev 235569)
@@ -4,6 +4,8 @@
PASS Storage access was granted. document.cookie == firstPartyCookie=value, cookies seen server-side == {"firstPartyCookie":"value"}
+Did navigate iframe same-site and will now check that it still has storage access.
+PASS document.cookie == firstPartyCookie=value, cookies seen server-side == {"firstPartyCookie":"value"}
PASS successfullyParsed is true
TEST COMPLETE
@@ -42,7 +44,7 @@
--------
Frame: '<!--frame5-->'
--------
-After the top frame navigates the sub frame, the sub frame should no longer have access to cookies.
+After the top frame navigates the sub frame cross-site and back, the sub frame should no longer have access to cookies.
Did not receive cookie named 'firstPartyCookie'.
Did not receive cookie named 'partitionedCookie'.
Client-side document.cookie:
Modified: trunk/LayoutTests/http/tests/storageAccess/request-and-grant-access-cross-origin-sandboxed-iframe-from-prevalent-domain-with-user-interaction-and-access-from-right-frame.html (235568 => 235569)
--- trunk/LayoutTests/http/tests/storageAccess/request-and-grant-access-cross-origin-sandboxed-iframe-from-prevalent-domain-with-user-interaction-and-access-from-right-frame.html 2018-08-31 20:41:57 UTC (rev 235568)
+++ trunk/LayoutTests/http/tests/storageAccess/request-and-grant-access-cross-origin-sandboxed-iframe-from-prevalent-domain-with-user-interaction-and-access-from-right-frame.html 2018-08-31 21:09:36 UTC (rev 235569)
@@ -119,12 +119,30 @@
break;
case "#step7":
document.location.hash = "step8";
- // Check that no cookie gets sent for localhost under 127.0.0.1 since we're opening in the frame that was granted access.
- let existingIframe = document.getElementById("TheIframeThatRequestsStorageAccess");
- existingIframe._onload_ = runTest;
- existingIframe.src = "" + subPathToGetCookies + "&message=After the top frame navigates the sub frame, the sub frame should no longer have access to cookies.";
+ // Navigate the frame same-site.
+ let existingIframe1 = document.getElementById("TheIframeThatRequestsStorageAccess");
+ existingIframe1._onload_ = function () {
+ debug("Did navigate iframe same-site and will now check that it still has storage access.");
+ let iframe = document.getElementById("TheIframeThatRequestsStorageAccess");
+ iframe.contentWindow.postMessage("reportBackCookies", "http://localhost:8000");
+ };
+ existingIframe1.src = "" + subPathToGetCookies;
break;
case "#step8":
+ document.location.hash = "step9";
+ // Navigate the frame cross-site. This should clear out storage access.
+ let existingIframe2 = document.getElementById("TheIframeThatRequestsStorageAccess");
+ existingIframe2._onload_ = runTest;
+ existingIframe2.src = "" + partitionHost;
+ break;
+ case "#step9":
+ document.location.hash = "step10";
+ // Again open localhost in the existing frame and check that no cookie gets sent for localhost under 127.0.0.1 since it has been navigated cross-site.
+ let existingIframe3 = document.getElementById("TheIframeThatRequestsStorageAccess");
+ existingIframe3._onload_ = runTest;
+ existingIframe3.src = "" + subPathToGetCookies + "&message=After the top frame navigates the sub frame cross-site and back, the sub frame should no longer have access to cookies.";
+ break;
+ case "#step10":
setEnableFeature(false, finishJSTest);
break;
}
Copied: trunk/LayoutTests/http/tests/storageAccess/request-and-grant-access-then-navigate-cross-site-should-not-have-access-expected.txt (from rev 235568, trunk/LayoutTests/http/tests/storageAccess/request-and-grant-access-then-navigate-should-not-have-access-expected.txt) (0 => 235569)
--- trunk/LayoutTests/http/tests/storageAccess/request-and-grant-access-then-navigate-cross-site-should-not-have-access-expected.txt (rev 0)
+++ trunk/LayoutTests/http/tests/storageAccess/request-and-grant-access-then-navigate-cross-site-should-not-have-access-expected.txt 2018-08-31 21:09:36 UTC (rev 235569)
@@ -0,0 +1,13 @@
+Tests that a cross-origin iframe from a prevalent domain that is granted storage access and then navigates itself cross-site does not have storage access.
+
+On success, you will see a series of "PASS" messages, followed by "TEST COMPLETE".
+
+
+PASS document.cookie ==
+PASS Storage access was granted.
+PASS document.cookie == cookieSetClientSideAfterGrantedStorageAccess=value; firstPartyCookie=value
+PASS No storage access. document.cookie == , cookies seen server-side == "No cookies"
+PASS successfullyParsed is true
+
+TEST COMPLETE
+
Copied: trunk/LayoutTests/http/tests/storageAccess/request-and-grant-access-then-navigate-cross-site-should-not-have-access.html (from rev 235568, trunk/LayoutTests/http/tests/storageAccess/request-and-grant-access-then-navigate-should-not-have-access.html) (0 => 235569)
--- trunk/LayoutTests/http/tests/storageAccess/request-and-grant-access-then-navigate-cross-site-should-not-have-access.html (rev 0)
+++ trunk/LayoutTests/http/tests/storageAccess/request-and-grant-access-then-navigate-cross-site-should-not-have-access.html 2018-08-31 21:09:36 UTC (rev 235569)
@@ -0,0 +1,90 @@
+<!DOCTYPE html>
+<html>
+<head>
+ <script src=""
+ <script src=""
+ <script src=""
+ <script>
+ description("Tests that a cross-origin iframe from a prevalent domain that is granted storage access and then navigates itself cross-site does not have storage access.");
+ jsTestIsAsync = true;
+
+ window.addEventListener("message", receiveMessage, false);
+
+ function finishTest() {
+ setEnableFeature(false, finishJSTest);
+ }
+
+ const expectedPassMessages = 2;
+ var passMessagesReceived = 0;
+ function receiveMessage(event) {
+ if (event.origin === "http://localhost:8000") {
+ if (event.data.indexOf("document.cookie") === 0) {
+ testPassed(event.data);
+ } else if (event.data.indexOf("PASS") !== -1) {
+ testPassed(event.data.replace("PASS ", ""));
+ passMessagesReceived++;
+ if (passMessagesReceived >= expectedPassMessages)
+ finishTest();
+ } else {
+ testFailed(event.data);
+ finishTest();
+ }
+ } else {
+ testFailed("Received a message from an unexpected origin: " + event.origin);
+ finishTest();
+ }
+ }
+
+ function activateElement(elementId) {
+ var element = document.getElementById(elementId);
+ var centerX = element.offsetLeft + element.offsetWidth / 2;
+ var centerY = element.offsetTop + element.offsetHeight / 2;
+ UIHelper.activateAt(centerX, centerY).then(
+ function () {
+ if (window.eventSender)
+ eventSender.keyDown("escape");
+ else {
+ testFailed("No eventSender.");
+ finishTest();
+ }
+ },
+ function () {
+ testFailed("Promise rejected.");
+ finishTest();
+ }
+ );
+ }
+
+ function runTest() {
+ activateElement("TheIframeThatRequestsStorageAccess");
+ }
+
+ const hostUnderTest = "localhost:8000";
+ const statisticsUrl = "http://" + hostUnderTest;
+ if (document.location.hash !== "#firstPartyCookieSet") {
+ setEnableFeature(true, function() {
+ document.location.href = "" + "/storageAccess/resources/set-cookie.php?name=firstPartyCookie&value=value#http://127.0.0.1:8000/storageAccess/request-and-grant-access-then-navigate-cross-site-should-not-have-access.html#firstPartyCookieSet";
+ });
+ } else {
+ testRunner.setStatisticsPrevalentResource(statisticsUrl, true, function() {
+ if (!testRunner.isStatisticsPrevalentResource(statisticsUrl))
+ testFailed("Host did not get set as prevalent resource.");
+ testRunner.setStatisticsHasHadUserInteraction(statisticsUrl, true, function() {
+ if (!testRunner.isStatisticsHasHadUserInteraction(statisticsUrl))
+ testFailed("Host did not get logged for user interaction.");
+ testRunner.statisticsUpdateCookieBlocking(function() {
+ let iframeElement = document.createElement("iframe");
+ iframeElement.setAttribute("sandbox", "allow-storage-access-by-user-activation allow-scripts allow-same-origin allow-modals");
+ iframeElement._onload_ = runTest;
+ iframeElement.id = "TheIframeThatRequestsStorageAccess";
+ iframeElement.src = ""
+ document.body.appendChild(iframeElement);
+ });
+ });
+ });
+ }
+ </script>
+</head>
+<body>
+</body>
+</html>
\ No newline at end of file
Copied: trunk/LayoutTests/http/tests/storageAccess/request-and-grant-access-then-navigate-same-site-should-have-access-expected.txt (from rev 235568, trunk/LayoutTests/http/tests/storageAccess/request-and-grant-access-then-navigate-should-not-have-access-expected.txt) (0 => 235569)
--- trunk/LayoutTests/http/tests/storageAccess/request-and-grant-access-then-navigate-same-site-should-have-access-expected.txt (rev 0)
+++ trunk/LayoutTests/http/tests/storageAccess/request-and-grant-access-then-navigate-same-site-should-have-access-expected.txt 2018-08-31 21:09:36 UTC (rev 235569)
@@ -0,0 +1,13 @@
+Tests that a cross-origin iframe from a prevalent domain that is granted storage access and then navigates itself same-site still has storage access.
+
+On success, you will see a series of "PASS" messages, followed by "TEST COMPLETE".
+
+
+PASS document.cookie ==
+PASS Storage access was granted.
+PASS document.cookie == cookieSetClientSideAfterGrantedStorageAccess=value; firstPartyCookie=value
+PASS Has storage access. document.cookie == cookieSetClientSideAfterGrantedStorageAccess=value; firstPartyCookie=value, cookies seen server-side == {"cookieSetClientSideAfterGrantedStorageAccess":"value","firstPartyCookie":"value"}
+PASS successfullyParsed is true
+
+TEST COMPLETE
+
Copied: trunk/LayoutTests/http/tests/storageAccess/request-and-grant-access-then-navigate-same-site-should-have-access.html (from rev 235568, trunk/LayoutTests/http/tests/storageAccess/request-and-grant-access-then-navigate-should-not-have-access.html) (0 => 235569)
--- trunk/LayoutTests/http/tests/storageAccess/request-and-grant-access-then-navigate-same-site-should-have-access.html (rev 0)
+++ trunk/LayoutTests/http/tests/storageAccess/request-and-grant-access-then-navigate-same-site-should-have-access.html 2018-08-31 21:09:36 UTC (rev 235569)
@@ -0,0 +1,90 @@
+<!DOCTYPE html>
+<html>
+<head>
+ <script src=""
+ <script src=""
+ <script src=""
+ <script>
+ description("Tests that a cross-origin iframe from a prevalent domain that is granted storage access and then navigates itself same-site still has storage access.");
+ jsTestIsAsync = true;
+
+ window.addEventListener("message", receiveMessage, false);
+
+ function finishTest() {
+ setEnableFeature(false, finishJSTest);
+ }
+
+ const expectedPassMessages = 2;
+ var passMessagesReceived = 0;
+ function receiveMessage(event) {
+ if (event.origin === "http://localhost:8000") {
+ if (event.data.indexOf("document.cookie") === 0) {
+ testPassed(event.data);
+ } else if (event.data.indexOf("PASS") !== -1) {
+ testPassed(event.data.replace("PASS ", ""));
+ passMessagesReceived++;
+ if (passMessagesReceived >= expectedPassMessages)
+ finishTest();
+ } else {
+ testFailed(event.data);
+ finishTest();
+ }
+ } else {
+ testFailed("Received a message from an unexpected origin: " + event.origin);
+ finishTest();
+ }
+ }
+
+ function activateElement(elementId) {
+ var element = document.getElementById(elementId);
+ var centerX = element.offsetLeft + element.offsetWidth / 2;
+ var centerY = element.offsetTop + element.offsetHeight / 2;
+ UIHelper.activateAt(centerX, centerY).then(
+ function () {
+ if (window.eventSender)
+ eventSender.keyDown("escape");
+ else {
+ testFailed("No eventSender.");
+ finishTest();
+ }
+ },
+ function () {
+ testFailed("Promise rejected.");
+ finishTest();
+ }
+ );
+ }
+
+ function runTest() {
+ activateElement("TheIframeThatRequestsStorageAccess");
+ }
+
+ const hostUnderTest = "localhost:8000";
+ const statisticsUrl = "http://" + hostUnderTest;
+ if (document.location.hash !== "#firstPartyCookieSet") {
+ setEnableFeature(true, function() {
+ document.location.href = "" + "/storageAccess/resources/set-cookie.php?name=firstPartyCookie&value=value#http://127.0.0.1:8000/storageAccess/request-and-grant-access-then-navigate-same-site-should-have-access.html#firstPartyCookieSet";
+ });
+ } else {
+ testRunner.setStatisticsPrevalentResource(statisticsUrl, true, function() {
+ if (!testRunner.isStatisticsPrevalentResource(statisticsUrl))
+ testFailed("Host did not get set as prevalent resource.");
+ testRunner.setStatisticsHasHadUserInteraction(statisticsUrl, true, function() {
+ if (!testRunner.isStatisticsHasHadUserInteraction(statisticsUrl))
+ testFailed("Host did not get logged for user interaction.");
+ testRunner.statisticsUpdateCookieBlocking(function() {
+ let iframeElement = document.createElement("iframe");
+ iframeElement.setAttribute("sandbox", "allow-storage-access-by-user-activation allow-scripts allow-same-origin allow-modals");
+ iframeElement._onload_ = runTest;
+ iframeElement.id = "TheIframeThatRequestsStorageAccess";
+ iframeElement.src = ""
+ document.body.appendChild(iframeElement);
+ });
+ });
+ });
+ }
+ </script>
+</head>
+<body>
+</body>
+</html>
\ No newline at end of file
Deleted: trunk/LayoutTests/http/tests/storageAccess/request-and-grant-access-then-navigate-should-not-have-access-expected.txt (235568 => 235569)
--- trunk/LayoutTests/http/tests/storageAccess/request-and-grant-access-then-navigate-should-not-have-access-expected.txt 2018-08-31 20:41:57 UTC (rev 235568)
+++ trunk/LayoutTests/http/tests/storageAccess/request-and-grant-access-then-navigate-should-not-have-access-expected.txt 2018-08-31 21:09:36 UTC (rev 235569)
@@ -1,13 +0,0 @@
-Tests that a cross-origin iframe from a prevalent domain that is granted storage access and then navigates itself does not have storage access.
-
-On success, you will see a series of "PASS" messages, followed by "TEST COMPLETE".
-
-
-PASS document.cookie ==
-PASS Storage access was granted.
-PASS document.cookie == cookieSetClientSideAfterGrantedStorageAccess=value; firstPartyCookie=value
-PASS No storage access. document.cookie == , cookies seen server-side == "No cookies"
-PASS successfullyParsed is true
-
-TEST COMPLETE
-
Deleted: trunk/LayoutTests/http/tests/storageAccess/request-and-grant-access-then-navigate-should-not-have-access.html (235568 => 235569)
--- trunk/LayoutTests/http/tests/storageAccess/request-and-grant-access-then-navigate-should-not-have-access.html 2018-08-31 20:41:57 UTC (rev 235568)
+++ trunk/LayoutTests/http/tests/storageAccess/request-and-grant-access-then-navigate-should-not-have-access.html 2018-08-31 21:09:36 UTC (rev 235569)
@@ -1,90 +0,0 @@
-<!DOCTYPE html>
-<html>
-<head>
- <script src=""
- <script src=""
- <script src=""
- <script>
- description("Tests that a cross-origin iframe from a prevalent domain that is granted storage access and then navigates itself does not have storage access.");
- jsTestIsAsync = true;
-
- window.addEventListener("message", receiveMessage, false);
-
- function finishTest() {
- setEnableFeature(false, finishJSTest);
- }
-
- const expectedPassMessages = 2;
- var passMessagesReceived = 0;
- function receiveMessage(event) {
- if (event.origin === "http://localhost:8000") {
- if (event.data.indexOf("document.cookie") === 0) {
- testPassed(event.data);
- } else if (event.data.indexOf("PASS") !== -1) {
- testPassed(event.data.replace("PASS ", ""));
- passMessagesReceived++;
- if (passMessagesReceived >= expectedPassMessages)
- finishTest();
- } else {
- testFailed(event.data);
- finishTest();
- }
- } else {
- testFailed("Received a message from an unexpected origin: " + event.origin);
- finishTest();
- }
- }
-
- function activateElement(elementId) {
- var element = document.getElementById(elementId);
- var centerX = element.offsetLeft + element.offsetWidth / 2;
- var centerY = element.offsetTop + element.offsetHeight / 2;
- UIHelper.activateAt(centerX, centerY).then(
- function () {
- if (window.eventSender)
- eventSender.keyDown("escape");
- else {
- testFailed("No eventSender.");
- finishTest();
- }
- },
- function () {
- testFailed("Promise rejected.");
- finishTest();
- }
- );
- }
-
- function runTest() {
- activateElement("TheIframeThatRequestsStorageAccess");
- }
-
- const hostUnderTest = "localhost:8000";
- const statisticsUrl = "http://" + hostUnderTest;
- if (document.location.hash !== "#firstPartyCookieSet") {
- setEnableFeature(true, function() {
- document.location.href = "" + "/storageAccess/resources/set-cookie.php?name=firstPartyCookie&value=value#http://127.0.0.1:8000/storageAccess/request-and-grant-access-then-navigate-should-not-have-access.html#firstPartyCookieSet";
- });
- } else {
- testRunner.setStatisticsPrevalentResource(statisticsUrl, true, function() {
- if (!testRunner.isStatisticsPrevalentResource(statisticsUrl))
- testFailed("Host did not get set as prevalent resource.");
- testRunner.setStatisticsHasHadUserInteraction(statisticsUrl, true, function() {
- if (!testRunner.isStatisticsHasHadUserInteraction(statisticsUrl))
- testFailed("Host did not get logged for user interaction.");
- testRunner.statisticsUpdateCookieBlocking(function() {
- let iframeElement = document.createElement("iframe");
- iframeElement.setAttribute("sandbox", "allow-storage-access-by-user-activation allow-scripts allow-same-origin allow-modals");
- iframeElement._onload_ = runTest;
- iframeElement.id = "TheIframeThatRequestsStorageAccess";
- iframeElement.src = ""
- document.body.appendChild(iframeElement);
- });
- });
- });
- }
- </script>
-</head>
-<body>
-</body>
-</html>
\ No newline at end of file
Modified: trunk/LayoutTests/http/tests/storageAccess/resources/get-cookies.php (235568 => 235569)
--- trunk/LayoutTests/http/tests/storageAccess/resources/get-cookies.php 2018-08-31 20:41:57 UTC (rev 235568)
+++ trunk/LayoutTests/http/tests/storageAccess/resources/get-cookies.php 2018-08-31 21:09:36 UTC (rev 235569)
@@ -21,4 +21,29 @@
<p id="output"></p>
<script>
document.getElementById("output").textContent = "Client-side document.cookie: " + document.cookie;
+
+ function messageToTop(messagePrefix, fetchData) {
+ top.postMessage(messagePrefix + " document.cookie == " + document.cookie +
+ (fetchData ? ", cookies seen server-side == " + JSON.stringify(fetchData) : ""), "http://127.0.0.1:8000");
+ }
+
+ function receiveMessage(event) {
+ if (event.origin === "http://127.0.0.1:8000") {
+ if (event.data.indexOf("reportBackCookies") !== -1) {
+ fetch("echo-incoming-cookies-as-json.php", { credentials: "same-origin" }).then(function(response) {
+ return response.json();
+ }).then(function(data) {
+ messageToTop("PASS", data);
+ }).catch(function(error) {
+ console.log(error.message);
+ });
+ } else {
+ messageToTop("FAIL Unknown request.");
+ }
+ } else {
+ messageToTop("Fail Received a message from an unexpected origin: " + event.origin);
+ }
+ }
+
+ window.addEventListener("message", receiveMessage, false);
</script>
\ No newline at end of file
Modified: trunk/LayoutTests/http/tests/storageAccess/resources/self-navigating-frame-after-granted-access.html (235568 => 235569)
--- trunk/LayoutTests/http/tests/storageAccess/resources/self-navigating-frame-after-granted-access.html 2018-08-31 20:41:57 UTC (rev 235568)
+++ trunk/LayoutTests/http/tests/storageAccess/resources/self-navigating-frame-after-granted-access.html 2018-08-31 21:09:36 UTC (rev 235569)
@@ -5,6 +5,7 @@
const userShouldGrantAccess = hashArguments[0] === "userShouldGrantAccess";
const userShouldBeConsulted = hashArguments[1] === "userShouldBeConsulted";
const policyShouldGrantAccess = hashArguments[2] === "policyShouldGrantAccess";
+ const sameSiteNavigation = hashArguments[3] === "sameSiteNavigation";
if (internals && userShouldGrantAccess)
internals.setUserGrantsStorageAccess(true);
@@ -26,7 +27,11 @@
}
function navigate() {
- document.location.href = ""
+ if (sameSiteNavigation) {
+ document.location.href = ""
+ } else {
+ document.location.href = ""
+ }
}
function setCookieAndNavigate() {
Modified: trunk/LayoutTests/platform/mac-wk2/TestExpectations (235568 => 235569)
--- trunk/LayoutTests/platform/mac-wk2/TestExpectations 2018-08-31 20:41:57 UTC (rev 235568)
+++ trunk/LayoutTests/platform/mac-wk2/TestExpectations 2018-08-31 21:09:36 UTC (rev 235569)
@@ -695,7 +695,8 @@
[ HighSierra+ ] http/tests/storageAccess/request-storage-access-cross-origin-sandboxed-iframe-without-user-gesture.html [ Pass ]
[ HighSierra+ ] http/tests/storageAccess/has-storage-access-from-prevalent-domain-with-user-interaction.html [ Pass ]
[ HighSierra+ ] http/tests/storageAccess/request-and-grant-access-then-detach-should-not-have-access.html [ Pass ]
-[ HighSierra+ ] http/tests/storageAccess/request-and-grant-access-then-navigate-should-not-have-access.html [ Pass ]
+[ HighSierra+ ] http/tests/storageAccess/request-and-grant-access-then-navigate-cross-site-should-not-have-access.html [ Pass ]
+[ HighSierra+ ] http/tests/storageAccess/request-and-grant-access-then-navigate-same-site-should-have-access.html [ Pass ]
[ HighSierra+ ] http/tests/storageAccess/deny-storage-access-under-opener.html [ Pass ]
[ HighSierra+ ] http/tests/storageAccess/grant-storage-access-under-opener.html [ Pass ]
Modified: trunk/Source/WebCore/ChangeLog (235568 => 235569)
--- trunk/Source/WebCore/ChangeLog 2018-08-31 20:41:57 UTC (rev 235568)
+++ trunk/Source/WebCore/ChangeLog 2018-08-31 21:09:36 UTC (rev 235569)
@@ -1,3 +1,20 @@
+2018-08-31 John Wilander <[email protected]>
+
+ Storage Access API: Maintain access through same-site navigations
+ https://bugs.webkit.org/show_bug.cgi?id=188564
+ <rdar://problem/43445160>
+
+ Reviewed by Alex Christensen.
+
+ Tests: http/tests/storageAccess/request-and-grant-access-then-navigate-cross-site-should-not-have-access.html
+ http/tests/storageAccess/request-and-grant-access-then-navigate-same-site-should-have-access.html
+
+ * dom/Document.h:
+ Removed unused member variable m_hasFrameSpecificStorageAccess.
+ * loader/DocumentLoader.cpp:
+ (WebCore::DocumentLoader::willSendRequest):
+ * loader/FrameLoaderClient.h:
+
2018-08-31 Youenn Fablet <[email protected]>
WebAudioBufferList.cpp/.h is named as cocoa/WebAudioBufferList.cpp/.h
Modified: trunk/Source/WebCore/dom/Document.h (235568 => 235569)
--- trunk/Source/WebCore/dom/Document.h 2018-08-31 20:41:57 UTC (rev 235568)
+++ trunk/Source/WebCore/dom/Document.h 2018-08-31 21:09:36 UTC (rev 235569)
@@ -1995,7 +1995,6 @@
static bool hasEverCreatedAnAXObjectCache;
- bool m_hasFrameSpecificStorageAccess { false };
bool m_grantStorageAccessOverride { false };
#if USE(REQUEST_ANIMATION_FRAME_DISPLAY_MONITOR)
Modified: trunk/Source/WebCore/loader/DocumentLoader.cpp (235568 => 235569)
--- trunk/Source/WebCore/loader/DocumentLoader.cpp 2018-08-31 20:41:57 UTC (rev 235568)
+++ trunk/Source/WebCore/loader/DocumentLoader.cpp 2018-08-31 21:09:36 UTC (rev 235569)
@@ -600,7 +600,7 @@
FrameLoader::addSameSiteInfoToRequestIfNeeded(newRequest, m_frame->document());
if (!didReceiveRedirectResponse)
- frameLoader()->client().dispatchWillChangeDocument();
+ frameLoader()->client().dispatchWillChangeDocument(m_frame->document()->url(), newRequest.url());
// If we're fielding a redirect in response to a POST, force a load from origin, since
// this is a common site technique to return to a page viewing some data that the POST
Modified: trunk/Source/WebCore/loader/FrameLoaderClient.h (235568 => 235569)
--- trunk/Source/WebCore/loader/FrameLoaderClient.h 2018-08-31 20:41:57 UTC (rev 235568)
+++ trunk/Source/WebCore/loader/FrameLoaderClient.h 2018-08-31 21:09:36 UTC (rev 235569)
@@ -166,7 +166,7 @@
virtual void dispatchDidCancelClientRedirect() = 0;
virtual void dispatchWillPerformClientRedirect(const URL&, double interval, WallTime fireDate) = 0;
virtual void dispatchDidChangeMainDocument() { }
- virtual void dispatchWillChangeDocument() { }
+ virtual void dispatchWillChangeDocument(const URL&, const URL&) { }
virtual void dispatchDidNavigateWithinPage() { }
virtual void dispatchDidChangeLocationWithinPage() = 0;
virtual void dispatchDidPushStateWithinPage() = 0;
Modified: trunk/Source/WebKit/ChangeLog (235568 => 235569)
--- trunk/Source/WebKit/ChangeLog 2018-08-31 20:41:57 UTC (rev 235568)
+++ trunk/Source/WebKit/ChangeLog 2018-08-31 21:09:36 UTC (rev 235569)
@@ -1,3 +1,18 @@
+2018-08-31 John Wilander <[email protected]>
+
+ Storage Access API: Maintain access through same-site navigations
+ https://bugs.webkit.org/show_bug.cgi?id=188564
+ <rdar://problem/43445160>
+
+ Reviewed by Alex Christensen.
+
+ * WebProcess/WebCoreSupport/WebFrameLoaderClient.cpp:
+ (WebKit::WebFrameLoaderClient::dispatchWillChangeDocument):
+ Now takes the current URL and the new URL as parameters
+ and only clears out storage access if the navigation is
+ cross-site, i.e. with differing eTLD+1s.
+ * WebProcess/WebCoreSupport/WebFrameLoaderClient.h:
+
2018-08-31 Chris Dumez <[email protected]>
Assertion hit in ~CompletionHandler() from ~WebFrame()
Modified: trunk/Source/WebKit/WebProcess/WebCoreSupport/WebFrameLoaderClient.cpp (235568 => 235569)
--- trunk/Source/WebKit/WebProcess/WebCoreSupport/WebFrameLoaderClient.cpp 2018-08-31 20:41:57 UTC (rev 235568)
+++ trunk/Source/WebKit/WebProcess/WebCoreSupport/WebFrameLoaderClient.cpp 2018-08-31 21:09:36 UTC (rev 235569)
@@ -83,6 +83,7 @@
#include <WebCore/PolicyChecker.h>
#include <WebCore/ProgressTracker.h>
#include <WebCore/ResourceError.h>
+#include <WebCore/ResourceRequest.h>
#include <WebCore/ScriptController.h>
#include <WebCore/SecurityOriginData.h>
#include <WebCore/Settings.h>
@@ -383,7 +384,7 @@
webPage->send(Messages::WebPageProxy::DidChangeMainDocument(m_frame->frameID()));
}
-void WebFrameLoaderClient::dispatchWillChangeDocument()
+void WebFrameLoaderClient::dispatchWillChangeDocument(const URL& currentUrl, const URL& newUrl)
{
#if HAVE(CFNETWORK_STORAGE_PARTITIONING)
if (m_frame->isMainFrame())
@@ -393,7 +394,7 @@
if (!webPage)
return;
- if (m_hasFrameSpecificStorageAccess) {
+ if (m_hasFrameSpecificStorageAccess && !WebCore::registrableDomainsAreEqual(currentUrl, newUrl)) {
WebProcess::singleton().ensureNetworkProcessConnection().connection().send(Messages::NetworkConnectionToWebProcess::RemoveStorageAccessForFrame(sessionID(), frameID().value(), pageID().value()), 0);
m_hasFrameSpecificStorageAccess = false;
}
Modified: trunk/Source/WebKit/WebProcess/WebCoreSupport/WebFrameLoaderClient.h (235568 => 235569)
--- trunk/Source/WebKit/WebProcess/WebCoreSupport/WebFrameLoaderClient.h 2018-08-31 20:41:57 UTC (rev 235568)
+++ trunk/Source/WebKit/WebProcess/WebCoreSupport/WebFrameLoaderClient.h 2018-08-31 21:09:36 UTC (rev 235569)
@@ -97,7 +97,7 @@
void dispatchDidFinishDataDetection(NSArray *detectionResults) final;
#endif
void dispatchDidChangeMainDocument() final;
- void dispatchWillChangeDocument() final;
+ void dispatchWillChangeDocument(const WebCore::URL& currentUrl, const WebCore::URL& newUrl) final;
void dispatchDidDispatchOnloadEvents() final;
void dispatchDidReceiveServerRedirectForProvisionalLoad() final;
