Diff
Modified: trunk/LayoutTests/ChangeLog (248272 => 248273)
--- trunk/LayoutTests/ChangeLog 2019-08-05 21:24:52 UTC (rev 248272)
+++ trunk/LayoutTests/ChangeLog 2019-08-05 21:33:51 UTC (rev 248273)
@@ -1,3 +1,28 @@
+2019-08-05 John Wilander <[email protected]>
+
+ Resource Load Statistics: Re-introduce latch mode for subresource cookie blocking
+ https://bugs.webkit.org/show_bug.cgi?id=200395
+ <rdar://problem/53869611>
+
+ Reviewed by Darin Adler.
+
+ Back when we had a relaxation of cookie blocking 24 hours after first-party user
+ interaction, we made sure cookie blocking could be turned on and off in subresource
+ redirect chains. The 24 hour window is now long gone. This patch simplifies the
+ cookie blocking so that once a subresource request is denied cookies, any
+ subsequent redirect of that request will also be denied cookies, regardless of the
+ classification status of the domains involved. I call it latch mode.
+
+ * http/tests/resourceLoadStatistics/do-not-remove-blocking-in-redirect-expected.txt: Renamed from LayoutTests/http/tests/resourceLoadStatistics/remove-blocking-in-redirect-expected.txt.
+ * http/tests/resourceLoadStatistics/do-not-remove-blocking-in-redirect.html: Renamed from LayoutTests/http/tests/resourceLoadStatistics/remove-blocking-in-redirect.html.
+ Changed to expect no removal of blocking in the redirect and renamed accordingly.
+ * platform/ios/TestExpectations:
+ Renamed.
+ * platform/mac-wk2/TestExpectations:
+ Renamed.
+ * platform/wk2/TestExpectations:
+ Renamed.
+
2019-08-05 Youenn Fablet <[email protected]>
Disable speculative loading if cache is not to be used for the load
Copied: trunk/LayoutTests/http/tests/resourceLoadStatistics/do-not-remove-blocking-in-redirect-expected.txt (from rev 248272, trunk/LayoutTests/http/tests/resourceLoadStatistics/remove-blocking-in-redirect-expected.txt) (0 => 248273)
--- trunk/LayoutTests/http/tests/resourceLoadStatistics/do-not-remove-blocking-in-redirect-expected.txt (rev 0)
+++ trunk/LayoutTests/http/tests/resourceLoadStatistics/do-not-remove-blocking-in-redirect-expected.txt 2019-08-05 21:33:51 UTC (rev 248273)
@@ -0,0 +1,51 @@
+Tests that blocking is not removed mid-flight in redirects.
+
+On success, you will see a series of "PASS" messages, followed by "TEST COMPLETE".
+
+
+PASS successfullyParsed is true
+
+TEST COMPLETE
+
+
+--------
+Frame: '<!--frame1-->'
+--------
+Should receive first-party cookie for localhost.
+Did not receive cookie named 'firstPartyCookieIP'.
+Received cookie named 'firstPartyCookieLocalhost'.
+Did not receive cookie named 'thirdPartyCookie'.
+Client-side document.cookie: firstPartyCookieLocalhost=localhost
+
+--------
+Frame: '<!--frame2-->'
+--------
+Redirect case 1, should receive first-party cookie for 127.0.0.1.
+Received cookie named 'firstPartyCookieIP'.
+Did not receive cookie named 'firstPartyCookieLocalhost'.
+Did not receive cookie named 'thirdPartyCookie'.
+Client-side document.cookie: firstPartyCookieIP=127.0.0.1
+
+--------
+Frame: '<!--frame3-->'
+--------
+Try to set third-party cookie for localhost in blocked mode.
+
+
+--------
+Frame: '<!--frame4-->'
+--------
+Should receive no cookie.
+Did not receive cookie named 'firstPartyCookieIP'.
+Did not receive cookie named 'firstPartyCookieLocalhost'.
+Did not receive cookie named 'thirdPartyCookie'.
+Client-side document.cookie:
+
+--------
+Frame: '<!--frame5-->'
+--------
+Redirect case 2, should not receive first-party cookie for 127.0.0.1.
+Did not receive cookie named 'firstPartyCookieIP'.
+Did not receive cookie named 'firstPartyCookieLocalhost'.
+Did not receive cookie named 'thirdPartyCookie'.
+Client-side document.cookie: firstPartyCookieIP=127.0.0.1
Copied: trunk/LayoutTests/http/tests/resourceLoadStatistics/do-not-remove-blocking-in-redirect.html (from rev 248272, trunk/LayoutTests/http/tests/resourceLoadStatistics/remove-blocking-in-redirect.html) (0 => 248273)
--- trunk/LayoutTests/http/tests/resourceLoadStatistics/do-not-remove-blocking-in-redirect.html (rev 0)
+++ trunk/LayoutTests/http/tests/resourceLoadStatistics/do-not-remove-blocking-in-redirect.html 2019-08-05 21:33:51 UTC (rev 248273)
@@ -0,0 +1,99 @@
+<!DOCTYPE html>
+<html lang="en">
+<head>
+ <meta charset="UTF-8">
+ <script src=""
+ <script src=""
+</head>
+<body>
+<script>
+ description("Tests that blocking is not removed mid-flight in redirects.");
+ jsTestIsAsync = true;
+
+ const partitionHost = "127.0.0.1:8000";
+ const thirdPartyOrigin = "http://localhost:8000";
+ const resourcePath = "/resourceLoadStatistics/resources";
+ const thirdPartyBaseUrl = thirdPartyOrigin + resourcePath;
+ const firstPartyCookieNamePrefix = "firstPartyCookie";
+ const firstPartyCookieNameIP = firstPartyCookieNamePrefix + "IP";
+ const firstPartyCookieNameLocalhost = firstPartyCookieNamePrefix + "Localhost";
+ const thirdPartyCookieName = "thirdPartyCookie";
+ const subPathToSetThirdPartyCookie = "/set-cookie.php?name=" + thirdPartyCookieName + "&value=value";
+ const subPathToGetCookies = "/get-cookies.php?name1=" + firstPartyCookieNameIP + "&name2=" + firstPartyCookieNameLocalhost + "&name3=" + thirdPartyCookieName;
+ const redirectChainUrl = thirdPartyOrigin + resourcePath + "/redirect.php?redirectTo=http://" + partitionHost + resourcePath + subPathToGetCookies;
+
+ function openIframe(url, onLoadHandler) {
+ const element = document.createElement("iframe");
+ element.src = ""
+ if (onLoadHandler) {
+ element._onload_ = onLoadHandler;
+ }
+ document.body.appendChild(element);
+ }
+
+ function runTest() {
+ switch (document.location.hash) {
+ case "#step1":
+ // Set first-party cookies for 127.0.0.1 and localhost.
+ if (document.location.origin === thirdPartyOrigin) {
+ document.cookie = firstPartyCookieNameLocalhost + "=localhost;path='/'";
+ document.location.href = ""
+ } else {
+ document.cookie = firstPartyCookieNameIP + "=127.0.0.1;path='/'";
+ document.location.href = ""
+ }
+ break;
+ case "#step2":
+ // Check that the cookie gets sent for localhost under 127.0.0.1 since localhost is not prevalent.
+ document.location.hash = "step3";
+ openIframe(thirdPartyBaseUrl + subPathToGetCookies + "&message=Should receive first-party cookie for localhost.", runTest);
+ break;
+ case "#step3":
+ document.location.hash = "step4";
+ // Load an iframe in a redirect chain that starts with localhost and ends with 127.0.0.1. Expect a cookie for 127.0.0.1.
+ openIframe(redirectChainUrl + "&message=Redirect case 1, should receive first-party cookie for 127.0.0.1.", runTest);
+ break;
+ case "#step4":
+ // Set localhost as prevalent to put it in the blocking category.
+ document.location.hash = "step5";
+ testRunner.setStatisticsPrevalentResource(thirdPartyOrigin, true, function() {
+ if (!testRunner.isStatisticsPrevalentResource(thirdPartyOrigin))
+ testFailed("Host did not get set as prevalent resource.");
+ testRunner.statisticsUpdateCookieBlocking(runTest);
+ });
+ break;
+ case "#step5":
+ // Try to set partitioned cookie for localhost under 127.0.0.1.
+ document.location.hash = "step6";
+ openIframe(thirdPartyBaseUrl + subPathToSetThirdPartyCookie + "&message=Try to set third-party cookie for localhost in blocked mode.", runTest);
+ break;
+ case "#step6":
+ // Check that no cookie gets sent for localhost under 127.0.0.1 since localhost's cookies are blocked.
+ document.location.hash = "step7";
+ openIframe(thirdPartyBaseUrl + subPathToGetCookies + "&message=Should receive no cookie.", runTest);
+ break;
+ case "#step7":
+ // Load an iframe in a redirect chain that starts with localhost and ends with 127.0.0.1. Expect a cookie for 127.0.0.1.
+ document.location.hash = "step8";
+ openIframe(redirectChainUrl + "&message=Redirect case 2, should not receive first-party cookie for 127.0.0.1.", runTest);
+ break;
+ case "#step8":
+ setEnableFeature(false, finishJSTest);
+ break;
+ }
+ }
+
+ if (document.location.hash === "") {
+ setEnableFeature(true, function() {
+ if (testRunner.isStatisticsPrevalentResource(thirdPartyOrigin))
+ testFailed("Localhost was classified as prevalent resource before the test starts.");
+ testRunner.dumpChildFramesAsText();
+ document.location.hash = "step1";
+ runTest();
+ });
+ } else {
+ runTest();
+ }
+</script>
+</body>
+</html>
Deleted: trunk/LayoutTests/http/tests/resourceLoadStatistics/remove-blocking-in-redirect-expected.txt (248272 => 248273)
--- trunk/LayoutTests/http/tests/resourceLoadStatistics/remove-blocking-in-redirect-expected.txt 2019-08-05 21:24:52 UTC (rev 248272)
+++ trunk/LayoutTests/http/tests/resourceLoadStatistics/remove-blocking-in-redirect-expected.txt 2019-08-05 21:33:51 UTC (rev 248273)
@@ -1,51 +0,0 @@
-Tests that blocking is removed mid-flight in redirects.
-
-On success, you will see a series of "PASS" messages, followed by "TEST COMPLETE".
-
-
-PASS successfullyParsed is true
-
-TEST COMPLETE
-
-
---------
-Frame: '<!--frame1-->'
---------
-Should receive first-party cookie for localhost.
-Did not receive cookie named 'firstPartyCookieIP'.
-Received cookie named 'firstPartyCookieLocalhost'.
-Did not receive cookie named 'thirdPartyCookie'.
-Client-side document.cookie: firstPartyCookieLocalhost=localhost
-
---------
-Frame: '<!--frame2-->'
---------
-Redirect case 1, should receive first-party cookie for 127.0.0.1.
-Received cookie named 'firstPartyCookieIP'.
-Did not receive cookie named 'firstPartyCookieLocalhost'.
-Did not receive cookie named 'thirdPartyCookie'.
-Client-side document.cookie: firstPartyCookieIP=127.0.0.1
-
---------
-Frame: '<!--frame3-->'
---------
-Try to set third-party cookie for localhost in blocked mode.
-
-
---------
-Frame: '<!--frame4-->'
---------
-Should receive no cookie.
-Did not receive cookie named 'firstPartyCookieIP'.
-Did not receive cookie named 'firstPartyCookieLocalhost'.
-Did not receive cookie named 'thirdPartyCookie'.
-Client-side document.cookie:
-
---------
-Frame: '<!--frame5-->'
---------
-Redirect case 2, should receive first-party cookie for 127.0.0.1.
-Received cookie named 'firstPartyCookieIP'.
-Did not receive cookie named 'firstPartyCookieLocalhost'.
-Did not receive cookie named 'thirdPartyCookie'.
-Client-side document.cookie: firstPartyCookieIP=127.0.0.1
Deleted: trunk/LayoutTests/http/tests/resourceLoadStatistics/remove-blocking-in-redirect.html (248272 => 248273)
--- trunk/LayoutTests/http/tests/resourceLoadStatistics/remove-blocking-in-redirect.html 2019-08-05 21:24:52 UTC (rev 248272)
+++ trunk/LayoutTests/http/tests/resourceLoadStatistics/remove-blocking-in-redirect.html 2019-08-05 21:33:51 UTC (rev 248273)
@@ -1,99 +0,0 @@
-<!DOCTYPE html>
-<html lang="en">
-<head>
- <meta charset="UTF-8">
- <script src=""
- <script src=""
-</head>
-<body>
-<script>
- description("Tests that blocking is removed mid-flight in redirects.");
- jsTestIsAsync = true;
-
- const partitionHost = "127.0.0.1:8000";
- const thirdPartyOrigin = "http://localhost:8000";
- const resourcePath = "/resourceLoadStatistics/resources";
- const thirdPartyBaseUrl = thirdPartyOrigin + resourcePath;
- const firstPartyCookieNamePrefix = "firstPartyCookie";
- const firstPartyCookieNameIP = firstPartyCookieNamePrefix + "IP";
- const firstPartyCookieNameLocalhost = firstPartyCookieNamePrefix + "Localhost";
- const thirdPartyCookieName = "thirdPartyCookie";
- const subPathToSetThirdPartyCookie = "/set-cookie.php?name=" + thirdPartyCookieName + "&value=value";
- const subPathToGetCookies = "/get-cookies.php?name1=" + firstPartyCookieNameIP + "&name2=" + firstPartyCookieNameLocalhost + "&name3=" + thirdPartyCookieName;
- const redirectChainUrl = thirdPartyOrigin + resourcePath + "/redirect.php?redirectTo=http://" + partitionHost + resourcePath + subPathToGetCookies;
-
- function openIframe(url, onLoadHandler) {
- const element = document.createElement("iframe");
- element.src = ""
- if (onLoadHandler) {
- element._onload_ = onLoadHandler;
- }
- document.body.appendChild(element);
- }
-
- function runTest() {
- switch (document.location.hash) {
- case "#step1":
- // Set first-party cookies for 127.0.0.1 and localhost.
- if (document.location.origin === thirdPartyOrigin) {
- document.cookie = firstPartyCookieNameLocalhost + "=localhost;path='/'";
- document.location.href = ""
- } else {
- document.cookie = firstPartyCookieNameIP + "=127.0.0.1;path='/'";
- document.location.href = ""
- }
- break;
- case "#step2":
- // Check that the cookie gets sent for localhost under 127.0.0.1 since localhost is not prevalent.
- document.location.hash = "step3";
- openIframe(thirdPartyBaseUrl + subPathToGetCookies + "&message=Should receive first-party cookie for localhost.", runTest);
- break;
- case "#step3":
- document.location.hash = "step4";
- // Load an iframe in a redirect chain that starts with localhost and ends with 127.0.0.1. Expect a cookie for 127.0.0.1.
- openIframe(redirectChainUrl + "&message=Redirect case 1, should receive first-party cookie for 127.0.0.1.", runTest);
- break;
- case "#step4":
- // Set localhost as prevalent to put it in the blocking category.
- document.location.hash = "step5";
- testRunner.setStatisticsPrevalentResource(thirdPartyOrigin, true, function() {
- if (!testRunner.isStatisticsPrevalentResource(thirdPartyOrigin))
- testFailed("Host did not get set as prevalent resource.");
- testRunner.statisticsUpdateCookieBlocking(runTest);
- });
- break;
- case "#step5":
- // Try to set partitioned cookie for localhost under 127.0.0.1.
- document.location.hash = "step6";
- openIframe(thirdPartyBaseUrl + subPathToSetThirdPartyCookie + "&message=Try to set third-party cookie for localhost in blocked mode.", runTest);
- break;
- case "#step6":
- // Check that no cookie gets sent for localhost under 127.0.0.1 since localhost's cookies are blocked.
- document.location.hash = "step7";
- openIframe(thirdPartyBaseUrl + subPathToGetCookies + "&message=Should receive no cookie.", runTest);
- break;
- case "#step7":
- // Load an iframe in a redirect chain that starts with localhost and ends with 127.0.0.1. Expect a cookie for 127.0.0.1.
- document.location.hash = "step8";
- openIframe(redirectChainUrl + "&message=Redirect case 2, should receive first-party cookie for 127.0.0.1.", runTest);
- break;
- case "#step8":
- setEnableFeature(false, finishJSTest);
- break;
- }
- }
-
- if (document.location.hash === "") {
- setEnableFeature(true, function() {
- if (testRunner.isStatisticsPrevalentResource(thirdPartyOrigin))
- testFailed("Localhost was classified as prevalent resource before the test starts.");
- testRunner.dumpChildFramesAsText();
- document.location.hash = "step1";
- runTest();
- });
- } else {
- runTest();
- }
-</script>
-</body>
-</html>
Modified: trunk/LayoutTests/platform/ios/TestExpectations (248272 => 248273)
--- trunk/LayoutTests/platform/ios/TestExpectations 2019-08-05 21:24:52 UTC (rev 248272)
+++ trunk/LayoutTests/platform/ios/TestExpectations 2019-08-05 21:33:51 UTC (rev 248273)
@@ -2783,7 +2783,7 @@
http/tests/resourceLoadStatistics/cookies-with-and-without-user-interaction.html [ Pass ]
http/tests/resourceLoadStatistics/non-prevalent-resources-can-access-cookies-in-a-third-party-context.html [ Pass ]
http/tests/resourceLoadStatistics/add-blocking-to-redirect.html [ Pass ]
-http/tests/resourceLoadStatistics/remove-blocking-in-redirect.html [ Pass ]
+http/tests/resourceLoadStatistics/do-not-remove-blocking-in-redirect.html [ Pass ]
http/tests/resourceLoadStatistics/grandfathering.html [ Pass ]
http/tests/resourceLoadStatistics/clear-in-memory-and-persistent-store.html [ Pass ]
http/tests/resourceLoadStatistics/clear-in-memory-and-persistent-store-one-hour.html [ Pass ]
Modified: trunk/LayoutTests/platform/mac-wk2/TestExpectations (248272 => 248273)
--- trunk/LayoutTests/platform/mac-wk2/TestExpectations 2019-08-05 21:24:52 UTC (rev 248272)
+++ trunk/LayoutTests/platform/mac-wk2/TestExpectations 2019-08-05 21:33:51 UTC (rev 248273)
@@ -791,7 +791,7 @@
[ HighSierra+ ] http/tests/resourceLoadStatistics/cookie-deletion.html [ Pass ]
[ HighSierra+ ] http/tests/resourceLoadStatistics/non-prevalent-resources-can-access-cookies-in-a-third-party-context.html [ Pass ]
[ HighSierra+ ] http/tests/resourceLoadStatistics/add-blocking-to-redirect.html [ Pass ]
-[ HighSierra+ ] http/tests/resourceLoadStatistics/remove-blocking-in-redirect.html [ Pass ]
+[ HighSierra+ ] http/tests/resourceLoadStatistics/do-not-remove-blocking-in-redirect.html [ Pass ]
[ HighSierra+ ] http/tests/resourceLoadStatistics/clear-in-memory-and-persistent-store.html [ Pass ]
[ HighSierra+ ] http/tests/resourceLoadStatistics/clear-in-memory-and-persistent-store-one-hour.html [ Pass ]
[ HighSierra+ ] http/tests/resourceLoadStatistics/grandfathering.html [ Pass ]
Modified: trunk/LayoutTests/platform/wk2/TestExpectations (248272 => 248273)
--- trunk/LayoutTests/platform/wk2/TestExpectations 2019-08-05 21:24:52 UTC (rev 248272)
+++ trunk/LayoutTests/platform/wk2/TestExpectations 2019-08-05 21:33:51 UTC (rev 248273)
@@ -736,7 +736,7 @@
http/tests/resourceLoadStatistics/strip-referrer-to-origin-for-prevalent-subresource-redirects.html [ Skip ]
http/tests/resourceLoadStatistics/strip-referrer-to-origin-for-prevalent-subresource-requests.html [ Skip ]
http/tests/resourceLoadStatistics/add-blocking-to-redirect.html [ Skip ]
-http/tests/resourceLoadStatistics/remove-blocking-in-redirect.html [ Skip ]
+http/tests/resourceLoadStatistics/do-not-remove-blocking-in-redirect.html [ Skip ]
http/tests/resourceLoadStatistics/non-prevalent-resources-can-access-cookies-in-a-third-party-context.html [ Skip ]
http/tests/resourceLoadStatistics/cap-cache-max-age-for-prevalent-resource.html [ Skip ]
Modified: trunk/Source/WebKit/ChangeLog (248272 => 248273)
--- trunk/Source/WebKit/ChangeLog 2019-08-05 21:24:52 UTC (rev 248272)
+++ trunk/Source/WebKit/ChangeLog 2019-08-05 21:33:51 UTC (rev 248273)
@@ -1,3 +1,25 @@
+2019-08-05 John Wilander <[email protected]>
+
+ Resource Load Statistics: Re-introduce latch mode for subresource cookie blocking
+ https://bugs.webkit.org/show_bug.cgi?id=200395
+ <rdar://problem/53869611>
+
+ Reviewed by Darin Adler.
+
+ Back when we had a relaxation of cookie blocking 24 hours after first-party user
+ interaction, we made sure cookie blocking could be turned on and off in subresource
+ redirect chains. The 24 hour window is now long gone. This patch simplifies the
+ cookie blocking so that once a subresource request is denied cookies, any
+ subsequent redirect of that request will also be denied cookies, regardless of the
+ classification status of the domains involved. I call it latch mode.
+
+ * NetworkProcess/cocoa/NetworkDataTaskCocoa.h:
+ * NetworkProcess/cocoa/NetworkDataTaskCocoa.mm:
+ (WebKit::NetworkDataTaskCocoa::blockCookies):
+ (WebKit::NetworkDataTaskCocoa::NetworkDataTaskCocoa):
+ (WebKit::NetworkDataTaskCocoa::willPerformHTTPRedirection):
+ (WebKit::NetworkDataTaskCocoa::applyCookieBlockingPolicy): Deleted.
+
2019-08-05 Youenn Fablet <[email protected]>
Disable speculative loading if cache is not to be used for the load
Modified: trunk/Source/WebKit/NetworkProcess/cocoa/NetworkDataTaskCocoa.h (248272 => 248273)
--- trunk/Source/WebKit/NetworkProcess/cocoa/NetworkDataTaskCocoa.h 2019-08-05 21:24:52 UTC (rev 248272)
+++ trunk/Source/WebKit/NetworkProcess/cocoa/NetworkDataTaskCocoa.h 2019-08-05 21:33:51 UTC (rev 248273)
@@ -84,7 +84,7 @@
#if ENABLE(RESOURCE_LOAD_STATISTICS)
static NSHTTPCookieStorage *statelessCookieStorage();
- void applyCookieBlockingPolicy(bool shouldBlock);
+ void blockCookies();
#endif
bool isThirdPartyRequest(const WebCore::ResourceRequest&);
bool isAlwaysOnLoggingAllowed() const;
Modified: trunk/Source/WebKit/NetworkProcess/cocoa/NetworkDataTaskCocoa.mm (248272 => 248273)
--- trunk/Source/WebKit/NetworkProcess/cocoa/NetworkDataTaskCocoa.mm 2019-08-05 21:24:52 UTC (rev 248272)
+++ trunk/Source/WebKit/NetworkProcess/cocoa/NetworkDataTaskCocoa.mm 2019-08-05 21:33:51 UTC (rev 248273)
@@ -131,22 +131,15 @@
return statelessCookieStorage.get().get();
}
-void NetworkDataTaskCocoa::applyCookieBlockingPolicy(bool shouldBlock)
+void NetworkDataTaskCocoa::blockCookies()
{
ASSERT(hasProcessPrivilege(ProcessPrivilege::CanAccessRawCookies));
- if (shouldBlock == m_hasBeenSetToUseStatelessCookieStorage)
+ if (m_hasBeenSetToUseStatelessCookieStorage)
return;
- NSHTTPCookieStorage *storage = nil;
- if (shouldBlock)
- storage = statelessCookieStorage();
- else if (auto* storageSession = m_session->networkStorageSession())
- storage = storageSession->nsCookieStorage();
- if (storage) {
- [m_task _setExplicitCookieStorage:storage._cookieStorage];
- m_hasBeenSetToUseStatelessCookieStorage = shouldBlock;
- }
+ [m_task _setExplicitCookieStorage:statelessCookieStorage()._cookieStorage];
+ m_hasBeenSetToUseStatelessCookieStorage = true;
}
#endif
@@ -261,7 +254,7 @@
#else
LOG(NetworkSession, "%llu Blocking cookies for URL %s", [m_task taskIdentifier], nsRequest.URL.absoluteString.UTF8String);
#endif
- applyCookieBlockingPolicy(shouldBlockCookies);
+ blockCookies();
}
#endif
@@ -384,30 +377,19 @@
request.setFirstPartyForCookies(request.url());
#if ENABLE(RESOURCE_LOAD_STATISTICS)
- bool shouldBlockCookies = m_storedCredentialsPolicy == WebCore::StoredCredentialsPolicy::EphemeralStatelessCookieless
- || (m_session->networkStorageSession() && m_session->networkStorageSession()->shouldBlockCookies(request, m_frameID, m_pageID));
+ if (!m_hasBeenSetToUseStatelessCookieStorage) {
+ if (m_storedCredentialsPolicy == WebCore::StoredCredentialsPolicy::EphemeralStatelessCookieless
+ || (m_session->networkStorageSession() && m_session->networkStorageSession()->shouldBlockCookies(request, m_frameID, m_pageID)))
+ blockCookies();
+ }
#if !RELEASE_LOG_DISABLED
if (m_session->shouldLogCookieInformation())
- RELEASE_LOG_IF(isAlwaysOnLoggingAllowed(), Network, "%p - NetworkDataTaskCocoa::willPerformHTTPRedirection::logCookieInformation: pageID = %llu, frameID = %llu, taskID = %lu: %s cookies for redirect URL %s", this, m_pageID.toUInt64(), m_frameID, (unsigned long)[m_task taskIdentifier], (shouldBlockCookies ? "Blocking" : "Not blocking"), request.url().string().utf8().data());
+ RELEASE_LOG_IF(isAlwaysOnLoggingAllowed(), Network, "%p - NetworkDataTaskCocoa::willPerformHTTPRedirection::logCookieInformation: pageID = %llu, frameID = %llu, taskID = %lu: %s cookies for redirect URL %s", this, m_pageID.toUInt64(), m_frameID, (unsigned long)[m_task taskIdentifier], (m_hasBeenSetToUseStatelessCookieStorage ? "Blocking" : "Not blocking"), request.url().string().utf8().data());
#else
- LOG(NetworkSession, "%llu %s cookies for redirect URL %s", [m_task taskIdentifier], (shouldBlockCookies ? "Blocking" : "Not blocking"), request.url().string().utf8().data());
+ LOG(NetworkSession, "%llu %s cookies for redirect URL %s", [m_task taskIdentifier], (m_hasBeenSetToUseStatelessCookieStorage ? "Blocking" : "Not blocking"), request.url().string().utf8().data());
#endif
#endif
-#if ENABLE(RESOURCE_LOAD_STATISTICS)
- // Always apply the policy since blocking may need to be turned on or off in a redirect.
- applyCookieBlockingPolicy(shouldBlockCookies);
-
- if (!shouldBlockCookies) {
-#if !RELEASE_LOG_DISABLED
- if (m_session->shouldLogCookieInformation())
- RELEASE_LOG_IF(isAlwaysOnLoggingAllowed(), Network, "%p - NetworkDataTaskCocoa::willPerformHTTPRedirection::logCookieInformation: pageID = %llu, frameID = %llu, taskID = %lu: Not partitioning cookies for redirect URL %s", this, m_pageID.toUInt64(), m_frameID, (unsigned long)[m_task taskIdentifier], request.url().string().utf8().data());
-#else
- LOG(NetworkSession, "%llu Not partitioning cookies for redirect URL %s", [m_task taskIdentifier], request.url().string().utf8().data());
-#endif
- }
-#endif
-
updateTaskWithFirstPartyForSameSiteCookies(m_task.get(), request);
if (m_client)
