Diff
Modified: trunk/LayoutTests/ChangeLog (251212 => 251213)
--- trunk/LayoutTests/ChangeLog 2019-10-16 22:16:29 UTC (rev 251212)
+++ trunk/LayoutTests/ChangeLog 2019-10-16 22:38:55 UTC (rev 251213)
@@ -1,3 +1,16 @@
+2019-10-16 John Wilander <wilan...@apple.com>
+
+ Resource Load Statistics (experimental): Block all third-party cookies on websites without prior user interaction
+ https://bugs.webkit.org/show_bug.cgi?id=203017
+ <rdar://problem/56262708>
+
+ Reviewed by Alex Christensen.
+
+ * http/tests/resourceLoadStatistics/third-party-cookie-blocking-on-sites-without-user-interaction-database-expected.txt: Added.
+ * http/tests/resourceLoadStatistics/third-party-cookie-blocking-on-sites-without-user-interaction-database.html: Added.
+ * http/tests/resourceLoadStatistics/third-party-cookie-blocking-on-sites-without-user-interaction-expected.txt: Added.
+ * http/tests/resourceLoadStatistics/third-party-cookie-blocking-on-sites-without-user-interaction.html: Added.
+
2019-10-16 Russell Epstein <repst...@apple.com>
Correct TestExpectations from r251119.
Added: trunk/LayoutTests/http/tests/resourceLoadStatistics/third-party-cookie-blocking-on-sites-without-user-interaction-database-expected.txt (0 => 251213)
--- trunk/LayoutTests/http/tests/resourceLoadStatistics/third-party-cookie-blocking-on-sites-without-user-interaction-database-expected.txt (rev 0)
+++ trunk/LayoutTests/http/tests/resourceLoadStatistics/third-party-cookie-blocking-on-sites-without-user-interaction-database-expected.txt 2019-10-16 22:38:55 UTC (rev 251213)
@@ -0,0 +1,25 @@
+Tests that all third-party cookies are blocked under websites that have not received user interaction.
+
+On success, you will see a series of "PASS" messages, followed by "TEST COMPLETE".
+
+
+PASS successfullyParsed is true
+
+TEST COMPLETE
+
+
+--------
+Frame: '<!--frame1-->'
+--------
+Before user interaction, should receive no cookies.
+Did not receive cookie named 'firstPartyCookie'.
+Did not receive cookie named 'partitionedCookie'.
+Client-side document.cookie:
+
+--------
+Frame: '<!--frame2-->'
+--------
+After user interaction, should receive first-party cookie.
+Received cookie named 'firstPartyCookie'.
+Did not receive cookie named 'partitionedCookie'.
+Client-side document.cookie: firstPartyCookie=value
Added: trunk/LayoutTests/http/tests/resourceLoadStatistics/third-party-cookie-blocking-on-sites-without-user-interaction-database.html (0 => 251213)
--- trunk/LayoutTests/http/tests/resourceLoadStatistics/third-party-cookie-blocking-on-sites-without-user-interaction-database.html (rev 0)
+++ trunk/LayoutTests/http/tests/resourceLoadStatistics/third-party-cookie-blocking-on-sites-without-user-interaction-database.html 2019-10-16 22:38:55 UTC (rev 251213)
@@ -0,0 +1,78 @@
+<!DOCTYPE html>
+<html lang="en">
+<head>
+ <meta charset="UTF-8">
+ <script src=""
+ <script src=""
+</head>
+<body>
+<script>
+ description("Tests that all third-party cookies are blocked under websites that have not received user interaction.");
+ jsTestIsAsync = true;
+
+ const partitionHost = "127.0.0.1:8000";
+ const partitionOrigin = "http://" + partitionHost;
+ const thirdPartyOrigin = "http://localhost:8000";
+ const resourcePath = "/resourceLoadStatistics/resources";
+ const thirdPartyBaseUrl = thirdPartyOrigin + resourcePath;
+ const firstPartyCookieName = "firstPartyCookie";
+ const subPathToSetFirstPartyCookie = "/set-cookie.php?name=" + firstPartyCookieName + "&value=value";
+ const partitionedCookieName = "partitionedCookie";
+ const subPathToSetPartitionedCookie = "/set-cookie.php?name=" + partitionedCookieName + "&value=value";
+ const returnUrl = partitionOrigin + "/resourceLoadStatistics/third-party-cookie-blocking-on-sites-without-user-interaction.html";
+ const subPathToGetCookies = "/get-cookies.php?name1=" + firstPartyCookieName + "&name2=" + partitionedCookieName;
+
+ function openIframe(url, onLoadHandler) {
+ const element = document.createElement("iframe");
+ element.src = ""
+ if (onLoadHandler) {
+ element._onload_ = onLoadHandler;
+ }
+ document.body.appendChild(element);
+ }
+
+ function runTest() {
+ switch (document.location.hash) {
+ case "#step1":
+ // Set first-party cookie for localhost.
+ document.location.href = "" + subPathToSetFirstPartyCookie + "#" + returnUrl + "#step2";
+ break;
+ case "#step2":
+ document.location.hash = "step3";
+ // Check that the cookie is blocked for localhost under 127.0.0.1 even though localhost is not prevalent.
+ openIframe(thirdPartyBaseUrl + subPathToGetCookies + "&message=Before user interaction, should receive no cookies.", runTest);
+ break;
+ case "#step3":
+ document.location.hash = "step4";
+ // Produce user interaction for the first-party to allow third-party cookie access.
+ testRunner.setStatisticsHasHadUserInteraction(partitionOrigin, true, function() {
+ testRunner.statisticsUpdateCookieBlocking(function() {
+ // Check that the cookie is no longer blocked for localhost under 127.0.0.1.
+ openIframe(thirdPartyBaseUrl + subPathToGetCookies + "&message=After user interaction, should receive first-party cookie.", runTest);
+ });
+ });
+ break;
+ case "#step4":
+ testRunner.setUseITPDatabase(false);
+ testRunner.setStatisticsShouldBlockThirdPartyCookies(false, function() {
+ setEnableFeature(false, finishJSTest);
+ });
+ break;
+ }
+ }
+
+ if (document.location.hash === "") {
+ testRunner.setUseITPDatabase(true);
+ setEnableFeature(true, function () {
+ if (testRunner.isStatisticsPrevalentResource(thirdPartyOrigin))
+ testFailed("Localhost was classified as prevalent resource before the test starts.");
+ testRunner.dumpChildFramesAsText();
+ document.location.hash = "step1";
+ testRunner.setStatisticsShouldBlockThirdPartyCookies(true, runTest);
+ });
+ } else {
+ runTest();
+ }
+</script>
+</body>
+</html>
Added: trunk/LayoutTests/http/tests/resourceLoadStatistics/third-party-cookie-blocking-on-sites-without-user-interaction-expected.txt (0 => 251213)
--- trunk/LayoutTests/http/tests/resourceLoadStatistics/third-party-cookie-blocking-on-sites-without-user-interaction-expected.txt (rev 0)
+++ trunk/LayoutTests/http/tests/resourceLoadStatistics/third-party-cookie-blocking-on-sites-without-user-interaction-expected.txt 2019-10-16 22:38:55 UTC (rev 251213)
@@ -0,0 +1,25 @@
+Tests that all third-party cookies are blocked under websites that have not received user interaction.
+
+On success, you will see a series of "PASS" messages, followed by "TEST COMPLETE".
+
+
+PASS successfullyParsed is true
+
+TEST COMPLETE
+
+
+--------
+Frame: '<!--frame1-->'
+--------
+Before user interaction, should receive no cookies.
+Did not receive cookie named 'firstPartyCookie'.
+Did not receive cookie named 'partitionedCookie'.
+Client-side document.cookie:
+
+--------
+Frame: '<!--frame2-->'
+--------
+After user interaction, should receive first-party cookie.
+Received cookie named 'firstPartyCookie'.
+Did not receive cookie named 'partitionedCookie'.
+Client-side document.cookie: firstPartyCookie=value
Added: trunk/LayoutTests/http/tests/resourceLoadStatistics/third-party-cookie-blocking-on-sites-without-user-interaction.html (0 => 251213)
--- trunk/LayoutTests/http/tests/resourceLoadStatistics/third-party-cookie-blocking-on-sites-without-user-interaction.html (rev 0)
+++ trunk/LayoutTests/http/tests/resourceLoadStatistics/third-party-cookie-blocking-on-sites-without-user-interaction.html 2019-10-16 22:38:55 UTC (rev 251213)
@@ -0,0 +1,76 @@
+<!DOCTYPE html>
+<html lang="en">
+<head>
+ <meta charset="UTF-8">
+ <script src=""
+ <script src=""
+</head>
+<body>
+<script>
+ description("Tests that all third-party cookies are blocked under websites that have not received user interaction.");
+ jsTestIsAsync = true;
+
+ const partitionHost = "127.0.0.1:8000";
+ const partitionOrigin = "http://" + partitionHost;
+ const thirdPartyOrigin = "http://localhost:8000";
+ const resourcePath = "/resourceLoadStatistics/resources";
+ const thirdPartyBaseUrl = thirdPartyOrigin + resourcePath;
+ const firstPartyCookieName = "firstPartyCookie";
+ const subPathToSetFirstPartyCookie = "/set-cookie.php?name=" + firstPartyCookieName + "&value=value";
+ const partitionedCookieName = "partitionedCookie";
+ const subPathToSetPartitionedCookie = "/set-cookie.php?name=" + partitionedCookieName + "&value=value";
+ const returnUrl = partitionOrigin + "/resourceLoadStatistics/third-party-cookie-blocking-on-sites-without-user-interaction.html";
+ const subPathToGetCookies = "/get-cookies.php?name1=" + firstPartyCookieName + "&name2=" + partitionedCookieName;
+
+ function openIframe(url, onLoadHandler) {
+ const element = document.createElement("iframe");
+ element.src = ""
+ if (onLoadHandler) {
+ element._onload_ = onLoadHandler;
+ }
+ document.body.appendChild(element);
+ }
+
+ function runTest() {
+ switch (document.location.hash) {
+ case "#step1":
+ // Set first-party cookie for localhost.
+ document.location.href = "" + subPathToSetFirstPartyCookie + "#" + returnUrl + "#step2";
+ break;
+ case "#step2":
+ document.location.hash = "step3";
+ // Check that the cookie is blocked for localhost under 127.0.0.1 even though localhost is not prevalent.
+ openIframe(thirdPartyBaseUrl + subPathToGetCookies + "&message=Before user interaction, should receive no cookies.", runTest);
+ break;
+ case "#step3":
+ document.location.hash = "step4";
+ // Produce user interaction for the first-party to allow third-party cookie access.
+ testRunner.setStatisticsHasHadUserInteraction(partitionOrigin, true, function() {
+ testRunner.statisticsUpdateCookieBlocking(function() {
+ // Check that the cookie is no longer blocked for localhost under 127.0.0.1.
+ openIframe(thirdPartyBaseUrl + subPathToGetCookies + "&message=After user interaction, should receive first-party cookie.", runTest);
+ });
+ });
+ break;
+ case "#step4":
+ testRunner.setStatisticsShouldBlockThirdPartyCookies(false, function() {
+ setEnableFeature(false, finishJSTest);
+ });
+ break;
+ }
+ }
+
+ if (document.location.hash === "") {
+ setEnableFeature(true, function () {
+ if (testRunner.isStatisticsPrevalentResource(thirdPartyOrigin))
+ testFailed("Localhost was classified as prevalent resource before the test starts.");
+ testRunner.dumpChildFramesAsText();
+ document.location.hash = "step1";
+ testRunner.setStatisticsShouldBlockThirdPartyCookies(true, runTest);
+ });
+ } else {
+ runTest();
+ }
+</script>
+</body>
+</html>
Modified: trunk/Source/WebCore/ChangeLog (251212 => 251213)
--- trunk/Source/WebCore/ChangeLog 2019-10-16 22:16:29 UTC (rev 251212)
+++ trunk/Source/WebCore/ChangeLog 2019-10-16 22:38:55 UTC (rev 251213)
@@ -1,3 +1,31 @@
+2019-10-16 John Wilander <wilan...@apple.com>
+
+ Resource Load Statistics (experimental): Block all third-party cookies on websites without prior user interaction
+ https://bugs.webkit.org/show_bug.cgi?id=203017
+ <rdar://problem/56262708>
+
+ Reviewed by Alex Christensen.
+
+ NetworkStorageSession::shouldBlockCookies() now checks if the first-party website has
+ received user interaction and if not, blocks all third-party cookies, regardless of the
+ status of those third-party domains (prevalent or not).
+
+ Bundled cleanup task: Remove the two month old feature flag for NSURLSession switching.
+
+ Tests: http/tests/resourceLoadStatistics/third-party-cookie-blocking-on-sites-without-user-interaction-database.html
+ http/tests/resourceLoadStatistics/third-party-cookie-blocking-on-sites-without-user-interaction.html
+
+ * page/RuntimeEnabledFeatures.h:
+ (WebCore::RuntimeEnabledFeatures::setIsITPSessionSwitchingEnabled): Deleted.
+ (WebCore::RuntimeEnabledFeatures::isITPSessionSwitchingEnabled const): Deleted.
+ * page/Settings.yaml:
+ * platform/network/NetworkStorageSession.cpp:
+ (WebCore::NetworkStorageSession::hasHadUserInteractionAsFirstParty const):
+ (WebCore::NetworkStorageSession::shouldBlockCookies const):
+ (WebCore::NetworkStorageSession::setDomainsWithUserInteractionAsFirstParty):
+ * platform/network/NetworkStorageSession.h:
+ (WebCore::NetworkStorageSession::setIsThirdPartyCookieBlockingOnSitesWithoutUserInteractionEnabled):
+
2019-10-16 Zalan Bujtas <za...@apple.com>
[LFC][IFC] Add style and text content to Display::Run
Modified: trunk/Source/WebCore/page/RuntimeEnabledFeatures.h (251212 => 251213)
--- trunk/Source/WebCore/page/RuntimeEnabledFeatures.h 2019-10-16 22:16:29 UTC (rev 251212)
+++ trunk/Source/WebCore/page/RuntimeEnabledFeatures.h 2019-10-16 22:38:55 UTC (rev 251213)
@@ -147,9 +147,6 @@
void setIsITPDatabaseEnabled(bool isEnabled) { m_isITPDatabaseEnabled = isEnabled; }
bool isITPDatabaseEnabled() const { return m_isITPDatabaseEnabled; }
- void setIsITPSessionSwitchingEnabled(bool isEnabled) { m_isITPSessionSwitchingEnabled = isEnabled; }
- bool isITPSessionSwitchingEnabled() const { return m_isITPSessionSwitchingEnabled; }
-
void setRestrictedHTTPResponseAccess(bool isEnabled) { m_isRestrictedHTTPResponseAccess = isEnabled; }
bool restrictedHTTPResponseAccess() const { return m_isRestrictedHTTPResponseAccess; }
@@ -420,7 +417,6 @@
bool m_accessibilityObjectModelEnabled { false };
bool m_ariaReflectionEnabled { true };
bool m_itpDebugMode { false };
- bool m_isITPSessionSwitchingEnabled { true };
bool m_isRestrictedHTTPResponseAccess { true };
bool m_crossOriginResourcePolicyEnabled { true };
bool m_isWebGLCompressedTextureASTCSupportEnabled { false };
Modified: trunk/Source/WebCore/page/Settings.yaml (251212 => 251213)
--- trunk/Source/WebCore/page/Settings.yaml 2019-10-16 22:16:29 UTC (rev 251212)
+++ trunk/Source/WebCore/page/Settings.yaml 2019-10-16 22:38:55 UTC (rev 251213)
@@ -869,8 +869,8 @@
initial: true
inspectorOverride: true
-isITPSessionSwitchingEnabled:
- initial: true
+isThirdPartyCookieBlockingOnSitesWithoutUserInteractionEnabled:
+ initial: false
isLoggedInAPIEnabled:
initial: false
Modified: trunk/Source/WebCore/platform/network/NetworkStorageSession.cpp (251212 => 251213)
--- trunk/Source/WebCore/platform/network/NetworkStorageSession.cpp 2019-10-16 22:16:29 UTC (rev 251212)
+++ trunk/Source/WebCore/platform/network/NetworkStorageSession.cpp 2019-10-16 22:38:55 UTC (rev 251213)
@@ -78,6 +78,14 @@
return m_registrableDomainsToBlockButKeepCookiesFor.contains(registrableDomain);
}
+bool NetworkStorageSession::hasHadUserInteractionAsFirstParty(const RegistrableDomain& registrableDomain) const
+{
+ if (registrableDomain.isEmpty())
+ return false;
+
+ return m_registrableDomainsWithUserInteractionAsFirstParty.contains(registrableDomain);
+}
+
bool NetworkStorageSession::shouldBlockCookies(const ResourceRequest& request, Optional<FrameIdentifier> frameID, Optional<PageIdentifier> pageID) const
{
return shouldBlockCookies(request.firstPartyForCookies(), request.url(), frameID, pageID);
@@ -99,6 +107,9 @@
if (pageID && hasStorageAccess(resourceDomain, firstPartyDomain, frameID, pageID.value()))
return false;
+ if (m_isThirdPartyCookieBlockingOnSitesWithoutUserInteractionEnabled && !hasHadUserInteractionAsFirstParty(firstPartyDomain))
+ return true;
+
return shouldBlockThirdPartyCookies(resourceDomain);
}
@@ -127,6 +138,12 @@
m_registrableDomainsToBlockButKeepCookiesFor.add(domains.begin(), domains.end());
}
+void NetworkStorageSession::setDomainsWithUserInteractionAsFirstParty(const Vector<RegistrableDomain>& domains)
+{
+ m_registrableDomainsWithUserInteractionAsFirstParty.clear();
+ m_registrableDomainsWithUserInteractionAsFirstParty.add(domains.begin(), domains.end());
+}
+
void NetworkStorageSession::removePrevalentDomains(const Vector<RegistrableDomain>& domains)
{
for (auto& domain : domains) {
Modified: trunk/Source/WebCore/platform/network/NetworkStorageSession.h (251212 => 251213)
--- trunk/Source/WebCore/platform/network/NetworkStorageSession.h 2019-10-16 22:16:29 UTC (rev 251212)
+++ trunk/Source/WebCore/platform/network/NetworkStorageSession.h 2019-10-16 22:38:55 UTC (rev 251213)
@@ -147,8 +147,10 @@
WEBCORE_EXPORT bool shouldBlockCookies(const URL& firstPartyForCookies, const URL& resource, Optional<FrameIdentifier>, Optional<PageIdentifier>) const;
WEBCORE_EXPORT bool shouldBlockThirdPartyCookies(const RegistrableDomain&) const;
WEBCORE_EXPORT bool shouldBlockThirdPartyCookiesButKeepFirstPartyCookiesFor(const RegistrableDomain&) const;
+ WEBCORE_EXPORT bool hasHadUserInteractionAsFirstParty(const RegistrableDomain&) const;
WEBCORE_EXPORT void setPrevalentDomainsToBlockAndDeleteCookiesFor(const Vector<RegistrableDomain>&);
WEBCORE_EXPORT void setPrevalentDomainsToBlockButKeepCookiesFor(const Vector<RegistrableDomain>&);
+ WEBCORE_EXPORT void setDomainsWithUserInteractionAsFirstParty(const Vector<RegistrableDomain>&);
WEBCORE_EXPORT void setAgeCapForClientSideCookies(Optional<Seconds>);
WEBCORE_EXPORT void removePrevalentDomains(const Vector<RegistrableDomain>& domains);
WEBCORE_EXPORT bool hasStorageAccess(const RegistrableDomain& resourceDomain, const RegistrableDomain& firstPartyDomain, Optional<FrameIdentifier>, PageIdentifier) const;
@@ -162,6 +164,7 @@
WEBCORE_EXPORT Optional<Seconds> maxAgeCacheCap(const ResourceRequest&);
WEBCORE_EXPORT void didCommitCrossSiteLoadWithDataTransferFromPrevalentResource(const RegistrableDomain& toDomain, PageIdentifier);
WEBCORE_EXPORT void resetCrossSiteLoadsWithLinkDecorationForTesting();
+ void setIsThirdPartyCookieBlockingOnSitesWithoutUserInteractionEnabled(bool enabled) { m_isThirdPartyCookieBlockingOnSitesWithoutUserInteractionEnabled = enabled; }
#endif
private:
@@ -188,6 +191,7 @@
Optional<Seconds> clientSideCookieCap(const RegistrableDomain& firstParty, Optional<PageIdentifier>) const;
HashSet<RegistrableDomain> m_registrableDomainsToBlockAndDeleteCookiesFor;
HashSet<RegistrableDomain> m_registrableDomainsToBlockButKeepCookiesFor;
+ HashSet<RegistrableDomain> m_registrableDomainsWithUserInteractionAsFirstParty;
HashMap<PageIdentifier, HashMap<FrameIdentifier, RegistrableDomain>> m_framesGrantedStorageAccess;
HashMap<PageIdentifier, HashMap<RegistrableDomain, RegistrableDomain>> m_pagesGrantedStorageAccess;
Optional<Seconds> m_cacheMaxAgeCapForPrevalentResources { };
@@ -195,6 +199,7 @@
Optional<Seconds> m_ageCapForClientSideCookiesShort { };
HashMap<WebCore::PageIdentifier, RegistrableDomain> m_navigatedToWithLinkDecorationByPrevalentResource;
bool m_navigationWithLinkDecorationTestMode = false;
+ bool m_isThirdPartyCookieBlockingOnSitesWithoutUserInteractionEnabled = false;
#endif
#if PLATFORM(COCOA)
Modified: trunk/Source/WebKit/ChangeLog (251212 => 251213)
--- trunk/Source/WebKit/ChangeLog 2019-10-16 22:16:29 UTC (rev 251212)
+++ trunk/Source/WebKit/ChangeLog 2019-10-16 22:38:55 UTC (rev 251213)
@@ -1,3 +1,71 @@
+2019-10-16 John Wilander <wilan...@apple.com>
+
+ Resource Load Statistics (experimental): Block all third-party cookies on websites without prior user interaction
+ https://bugs.webkit.org/show_bug.cgi?id=203017
+ <rdar://problem/56262708>
+
+ Reviewed by Alex Christensen.
+
+ This enhancement is off by default and controlled by an internal feature flag.
+
+ The functional change is in WebCore::NetworkStorageSession::shouldBlockCookies() which is
+ called from:
+ - NetworkDataTaskCocoa::NetworkDataTaskCocoa()
+ - NetworkDataTaskCocoa::willPerformHTTPRedirection
+
+ shouldBlockCookies() now checks if the first-party website has received user interaction
+ and if not, blocks all third-party cookies, regardless of the status of those third-party
+ domains (prevalent or not).
+
+ The changes to ResourceLoadStatisticsDatabaseStore and ResourceLoadStatisticsMemoryStore
+ are about communicating which domains have received user interaction (prevalent or not)
+ to the network storage session so that it can enforce the new restriction.
+
+ The C API change and piping through the WebsiteDataStore is test infrastructure.
+
+ Bundled cleanup task: Remove the two month old feature flag for NSURLSession switching.
+
+ * NetworkProcess/Classifier/ResourceLoadStatisticsDatabaseStore.cpp:
+ (WebKit::CompletionHandler<void):
+ * NetworkProcess/Classifier/ResourceLoadStatisticsDatabaseStore.h:
+ * NetworkProcess/Classifier/ResourceLoadStatisticsMemoryStore.cpp:
+ (WebKit::ResourceLoadStatisticsMemoryStore::clear):
+ (WebKit::ResourceLoadStatisticsMemoryStore::updateCookieBlocking):
+ * NetworkProcess/Classifier/WebResourceLoadStatisticsStore.cpp:
+ (WebKit::WebResourceLoadStatisticsStore::callUpdatePrevalentDomainsToBlockCookiesForHandler):
+ * NetworkProcess/Classifier/WebResourceLoadStatisticsStore.h:
+ (WebKit::RegistrableDomainsToBlockCookiesFor::isolatedCopy const):
+ * NetworkProcess/NetworkProcess.cpp:
+ (WebKit::NetworkProcess::initializeNetworkProcess):
+ (WebKit::NetworkProcess::setShouldBlockThirdPartyCookiesForTesting):
+ * NetworkProcess/NetworkProcess.messages.in:
+ * NetworkProcess/NetworkSession.cpp:
+ (WebKit::NetworkSession::NetworkSession):
+ * NetworkProcess/NetworkSession.h:
+ (WebKit::NetworkSession::setResourceLoadStatisticsLogTestingEvent):
+ (WebKit::NetworkSession::shouldIsolateSessionsForPrevalentTopFrames const): Deleted.
+ * NetworkProcess/NetworkSessionCreationParameters.cpp:
+ (WebKit::NetworkSessionCreationParameters::encode const):
+ (WebKit::NetworkSessionCreationParameters::decode):
+ * NetworkProcess/NetworkSessionCreationParameters.h:
+ * NetworkProcess/cocoa/NetworkDataTaskCocoa.mm:
+ (WebKit::NetworkDataTaskCocoa::NetworkDataTaskCocoa):
+ * NetworkProcess/cocoa/NetworkSessionCocoa.mm:
+ (WebKit::NetworkSessionCocoa::NetworkSessionCocoa):
+ * Shared/WebPreferences.yaml:
+ * UIProcess/API/C/WKWebsiteDataStoreRef.cpp:
+ (WKWebsiteDataStoreSetResourceLoadStatisticsShouldBlockThirdPartyCookiesForTesting):
+ (WKWebsiteDataStoreStatisticsResetToConsistentState):
+ * UIProcess/API/C/WKWebsiteDataStoreRef.h:
+ * UIProcess/Network/NetworkProcessProxy.cpp:
+ (WebKit::NetworkProcessProxy::setShouldBlockThirdPartyCookiesForTesting):
+ * UIProcess/Network/NetworkProcessProxy.h:
+ * UIProcess/WebsiteData/Cocoa/WebsiteDataStoreCocoa.mm:
+ (WebKit::WebsiteDataStore::parameters):
+ * UIProcess/WebsiteData/WebsiteDataStore.cpp:
+ (WebKit::WebsiteDataStore::setResourceLoadStatisticsShouldBlockThirdPartyCookiesForTesting):
+ * UIProcess/WebsiteData/WebsiteDataStore.h:
+
2019-10-16 Kate Cheney <katherine_che...@apple.com>
WKWebsiteDataStoreStatisticsResetToConsistentState() should call store.setUseITPDatabase(false)
Modified: trunk/Source/WebKit/NetworkProcess/Classifier/ResourceLoadStatisticsDatabaseStore.cpp (251212 => 251213)
--- trunk/Source/WebKit/NetworkProcess/Classifier/ResourceLoadStatisticsDatabaseStore.cpp 2019-10-16 22:16:29 UTC (rev 251212)
+++ trunk/Source/WebKit/NetworkProcess/Classifier/ResourceLoadStatisticsDatabaseStore.cpp 2019-10-16 22:38:55 UTC (rev 251213)
@@ -1680,7 +1680,7 @@
removeAllStorageAccess([callbackAggregator = callbackAggregator.copyRef()] { });
auto registrableDomainsToBlockAndDeleteCookiesFor = ensurePrevalentResourcesForDebugMode();
- RegistrableDomainsToBlockCookiesFor domainsToBlock { registrableDomainsToBlockAndDeleteCookiesFor, { } };
+ RegistrableDomainsToBlockCookiesFor domainsToBlock { registrableDomainsToBlockAndDeleteCookiesFor, { }, { } };
updateCookieBlockingForDomains(domainsToBlock, [callbackAggregator = callbackAggregator.copyRef()] { });
}
@@ -1752,6 +1752,21 @@
return results;
}
+Vector<RegistrableDomain> ResourceLoadStatisticsDatabaseStore::domainsWithUserInteractionAsFirstParty() const
+{
+ ASSERT(!RunLoop::isMain());
+
+ Vector<RegistrableDomain> results;
+ SQLiteStatement statement(m_database, "SELECT registrableDomain FROM ObservedDomains WHERE hadUserInteraction = 1"_s);
+ if (statement.prepare() != SQLITE_OK)
+ return results;
+
+ while (statement.step() == SQLITE_ROW)
+ results.append(RegistrableDomain::uncheckedCreateFromRegistrableDomainString(statement.getColumnText(0)));
+
+ return results;
+}
+
void ResourceLoadStatisticsDatabaseStore::updateCookieBlocking(CompletionHandler<void()>&& completionHandler)
{
ASSERT(!RunLoop::isMain());
@@ -1758,13 +1773,14 @@
auto domainsToBlockAndDeleteCookiesFor = this->domainsToBlockAndDeleteCookiesFor();
auto domainsToBlockButKeepCookiesFor = this->domainsToBlockButKeepCookiesFor();
+ auto domainsWithUserInteractionAsFirstParty = this->domainsWithUserInteractionAsFirstParty();
- if (domainsToBlockAndDeleteCookiesFor.isEmpty() && domainsToBlockButKeepCookiesFor.isEmpty()) {
+ if (domainsToBlockAndDeleteCookiesFor.isEmpty() && domainsToBlockButKeepCookiesFor.isEmpty() && domainsWithUserInteractionAsFirstParty.isEmpty()) {
completionHandler();
return;
}
- RegistrableDomainsToBlockCookiesFor domainsToBlock { domainsToBlockAndDeleteCookiesFor, domainsToBlockButKeepCookiesFor };
+ RegistrableDomainsToBlockCookiesFor domainsToBlock { domainsToBlockAndDeleteCookiesFor, domainsToBlockButKeepCookiesFor, domainsWithUserInteractionAsFirstParty };
if (debugLoggingEnabled() && !domainsToBlockAndDeleteCookiesFor.isEmpty() && !domainsToBlockButKeepCookiesFor.isEmpty())
debugLogDomainsInBatches("block", domainsToBlock);
Modified: trunk/Source/WebKit/NetworkProcess/Classifier/ResourceLoadStatisticsDatabaseStore.h (251212 => 251213)
--- trunk/Source/WebKit/NetworkProcess/Classifier/ResourceLoadStatisticsDatabaseStore.h 2019-10-16 22:16:29 UTC (rev 251212)
+++ trunk/Source/WebKit/NetworkProcess/Classifier/ResourceLoadStatisticsDatabaseStore.h 2019-10-16 22:38:55 UTC (rev 251213)
@@ -155,6 +155,7 @@
void setUserInteraction(const RegistrableDomain&, bool hadUserInteraction, WallTime);
Vector<RegistrableDomain> domainsToBlockAndDeleteCookiesFor() const;
Vector<RegistrableDomain> domainsToBlockButKeepCookiesFor() const;
+ Vector<RegistrableDomain> domainsWithUserInteractionAsFirstParty() const;
struct PrevalentDomainData {
unsigned domainID;
Modified: trunk/Source/WebKit/NetworkProcess/Classifier/ResourceLoadStatisticsMemoryStore.cpp (251212 => 251213)
--- trunk/Source/WebKit/NetworkProcess/Classifier/ResourceLoadStatisticsMemoryStore.cpp 2019-10-16 22:16:29 UTC (rev 251212)
+++ trunk/Source/WebKit/NetworkProcess/Classifier/ResourceLoadStatisticsMemoryStore.cpp 2019-10-16 22:38:55 UTC (rev 251213)
@@ -697,7 +697,7 @@
removeAllStorageAccess([callbackAggregator = callbackAggregator.copyRef()] { });
auto registrableDomainsToBlockAndDeleteCookiesFor = ensurePrevalentResourcesForDebugMode();
- RegistrableDomainsToBlockCookiesFor domainsToBlock { registrableDomainsToBlockAndDeleteCookiesFor, { } };
+ RegistrableDomainsToBlockCookiesFor domainsToBlock { registrableDomainsToBlockAndDeleteCookiesFor, { }, { } };
updateCookieBlockingForDomains(domainsToBlock, [callbackAggregator = callbackAggregator.copyRef()] { });
}
@@ -735,21 +735,22 @@
Vector<RegistrableDomain> domainsToBlockAndDeleteCookiesFor;
Vector<RegistrableDomain> domainsToBlockButKeepCookiesFor;
+ Vector<RegistrableDomain> domainsWithUserInteractionAsFirstParty;
for (auto& resourceStatistic : m_resourceStatisticsMap.values()) {
- if (resourceStatistic.isPrevalentResource) {
- if (hasHadUnexpiredRecentUserInteraction(resourceStatistic, OperatingDatesWindow::Long))
- domainsToBlockButKeepCookiesFor.append(resourceStatistic.registrableDomain);
- else
- domainsToBlockAndDeleteCookiesFor.append(resourceStatistic.registrableDomain);
- }
+ if (hasHadUnexpiredRecentUserInteraction(resourceStatistic, OperatingDatesWindow::Long)) {
+ if (resourceStatistic.isPrevalentResource)
+ domainsToBlockButKeepCookiesFor.append(resourceStatistic.registrableDomain.isolatedCopy());
+ domainsWithUserInteractionAsFirstParty.append(resourceStatistic.registrableDomain);
+ } else if (resourceStatistic.isPrevalentResource)
+ domainsToBlockAndDeleteCookiesFor.append(resourceStatistic.registrableDomain);
}
- if (domainsToBlockAndDeleteCookiesFor.isEmpty() && domainsToBlockButKeepCookiesFor.isEmpty() && !debugModeEnabled()) {
+ if (domainsToBlockAndDeleteCookiesFor.isEmpty() && domainsToBlockButKeepCookiesFor.isEmpty() && domainsWithUserInteractionAsFirstParty.isEmpty() && !debugModeEnabled()) {
completionHandler();
return;
}
- RegistrableDomainsToBlockCookiesFor domainsToBlock { domainsToBlockAndDeleteCookiesFor, domainsToBlockButKeepCookiesFor };
+ RegistrableDomainsToBlockCookiesFor domainsToBlock { domainsToBlockAndDeleteCookiesFor, domainsToBlockButKeepCookiesFor, domainsWithUserInteractionAsFirstParty };
if (debugLoggingEnabled() && !domainsToBlockAndDeleteCookiesFor.isEmpty() && !domainsToBlockButKeepCookiesFor.isEmpty())
debugLogDomainsInBatches("block", domainsToBlock);
Modified: trunk/Source/WebKit/NetworkProcess/Classifier/WebResourceLoadStatisticsStore.cpp (251212 => 251213)
--- trunk/Source/WebKit/NetworkProcess/Classifier/WebResourceLoadStatisticsStore.cpp 2019-10-16 22:16:29 UTC (rev 251212)
+++ trunk/Source/WebKit/NetworkProcess/Classifier/WebResourceLoadStatisticsStore.cpp 2019-10-16 22:38:55 UTC (rev 251213)
@@ -965,6 +965,7 @@
if (auto* storageSession = m_networkSession->networkStorageSession()) {
storageSession->setPrevalentDomainsToBlockAndDeleteCookiesFor(domainsToBlock.domainsToBlockAndDeleteCookiesFor);
storageSession->setPrevalentDomainsToBlockButKeepCookiesFor(domainsToBlock.domainsToBlockButKeepCookiesFor);
+ storageSession->setDomainsWithUserInteractionAsFirstParty(domainsToBlock.domainsWithUserInteractionAsFirstParty);
}
}
Modified: trunk/Source/WebKit/NetworkProcess/Classifier/WebResourceLoadStatisticsStore.h (251212 => 251213)
--- trunk/Source/WebKit/NetworkProcess/Classifier/WebResourceLoadStatisticsStore.h 2019-10-16 22:16:29 UTC (rev 251212)
+++ trunk/Source/WebKit/NetworkProcess/Classifier/WebResourceLoadStatisticsStore.h 2019-10-16 22:38:55 UTC (rev 251213)
@@ -65,7 +65,6 @@
enum class ShouldGrandfatherStatistics : bool;
enum class ShouldIncludeLocalhost : bool { No, Yes };
enum class EnableResourceLoadStatisticsDebugMode : bool { No, Yes };
-enum class EnableResourceLoadStatisticsNSURLSessionSwitching : bool { No, Yes };
enum class WebsiteDataToRemove : uint8_t {
All,
AllButHttpOnlyCookies,
@@ -74,7 +73,8 @@
struct RegistrableDomainsToBlockCookiesFor {
Vector<WebCore::RegistrableDomain> domainsToBlockAndDeleteCookiesFor;
Vector<WebCore::RegistrableDomain> domainsToBlockButKeepCookiesFor;
- RegistrableDomainsToBlockCookiesFor isolatedCopy() const { return { domainsToBlockAndDeleteCookiesFor.isolatedCopy(), domainsToBlockButKeepCookiesFor.isolatedCopy() }; }
+ Vector<WebCore::RegistrableDomain> domainsWithUserInteractionAsFirstParty;
+ RegistrableDomainsToBlockCookiesFor isolatedCopy() const { return { domainsToBlockAndDeleteCookiesFor.isolatedCopy(), domainsToBlockButKeepCookiesFor.isolatedCopy(), domainsWithUserInteractionAsFirstParty.isolatedCopy() }; }
};
class WebResourceLoadStatisticsStore final : public ThreadSafeRefCounted<WebResourceLoadStatisticsStore, WTF::DestructionThread::Main> {
Modified: trunk/Source/WebKit/NetworkProcess/NetworkProcess.cpp (251212 => 251213)
--- trunk/Source/WebKit/NetworkProcess/NetworkProcess.cpp 2019-10-16 22:16:29 UTC (rev 251212)
+++ trunk/Source/WebKit/NetworkProcess/NetworkProcess.cpp 2019-10-16 22:38:55 UTC (rev 251213)
@@ -1258,6 +1258,15 @@
});
completionHandler();
}
+
+void NetworkProcess::setShouldBlockThirdPartyCookiesForTesting(PAL::SessionID sessionID, bool enabled, CompletionHandler<void()>&& completionHandler)
+{
+ if (auto* networkStorageSession = storageSession(sessionID))
+ networkStorageSession->setIsThirdPartyCookieBlockingOnSitesWithoutUserInteractionEnabled(enabled);
+ else
+ ASSERT_NOT_REACHED();
+ completionHandler();
+}
#endif // ENABLE(RESOURCE_LOAD_STATISTICS)
bool NetworkProcess::sessionIsControlledByAutomation(PAL::SessionID sessionID) const
Modified: trunk/Source/WebKit/NetworkProcess/NetworkProcess.h (251212 => 251213)
--- trunk/Source/WebKit/NetworkProcess/NetworkProcess.h 2019-10-16 22:16:29 UTC (rev 251212)
+++ trunk/Source/WebKit/NetworkProcess/NetworkProcess.h 2019-10-16 22:38:55 UTC (rev 251213)
@@ -266,6 +266,7 @@
void hasIsolatedSession(PAL::SessionID, const WebCore::RegistrableDomain&, CompletionHandler<void(bool)>&&) const;
bool isITPDatabaseEnabled() const { return m_isITPDatabaseEnabled; }
void setShouldDowngradeReferrerForTesting(bool, CompletionHandler<void()>&&);
+ void setShouldBlockThirdPartyCookiesForTesting(PAL::SessionID, bool, CompletionHandler<void()>&&);
#endif
using CacheStorageRootPathCallback = CompletionHandler<void(String&&)>;
Modified: trunk/Source/WebKit/NetworkProcess/NetworkProcess.messages.in (251212 => 251213)
--- trunk/Source/WebKit/NetworkProcess/NetworkProcess.messages.in 2019-10-16 22:16:29 UTC (rev 251212)
+++ trunk/Source/WebKit/NetworkProcess/NetworkProcess.messages.in 2019-10-16 22:38:55 UTC (rev 251213)
@@ -137,6 +137,7 @@
DeleteCookiesForTesting(PAL::SessionID sessionID, WebCore::RegistrableDomain domain, bool includeHttpOnlyCookies) -> () Async
HasIsolatedSession(PAL::SessionID sessionID, WebCore::RegistrableDomain domain) -> (bool hasIsolatedSession) Async
SetShouldDowngradeReferrerForTesting(bool enabled) -> () Async
+ SetShouldBlockThirdPartyCookiesForTesting(PAL::SessionID sessionID, bool enabled) -> () Async
#endif
SetSessionIsControlledByAutomation(PAL::SessionID sessionID, bool controlled);
Modified: trunk/Source/WebKit/NetworkProcess/NetworkSession.h (251212 => 251213)
--- trunk/Source/WebKit/NetworkProcess/NetworkSession.h 2019-10-16 22:16:29 UTC (rev 251212)
+++ trunk/Source/WebKit/NetworkProcess/NetworkSession.h 2019-10-16 22:38:55 UTC (rev 251213)
@@ -93,11 +93,11 @@
void notifyPageStatisticsTelemetryFinished(unsigned numberOfPrevalentResources, unsigned numberOfPrevalentResourcesWithUserInteraction, unsigned numberOfPrevalentResourcesWithoutUserInteraction, unsigned topPrevalentResourceWithUserInteractionDaysSinceUserInteraction, unsigned medianDaysSinceUserInteractionPrevalentResourceWithUserInteraction, unsigned top3NumberOfPrevalentResourcesWithUI, unsigned top3MedianSubFrameWithoutUI, unsigned top3MedianSubResourceWithoutUI, unsigned top3MedianUniqueRedirectsWithoutUI, unsigned top3MedianDataRecordsRemovedWithoutUI);
bool enableResourceLoadStatisticsLogTestingEvent() const { return m_enableResourceLoadStatisticsLogTestingEvent; }
void setResourceLoadStatisticsLogTestingEvent(bool log) { m_enableResourceLoadStatisticsLogTestingEvent = log; }
- bool shouldIsolateSessionsForPrevalentTopFrames() const { return m_enableResourceLoadStatisticsNSURLSessionSwitching == EnableResourceLoadStatisticsNSURLSessionSwitching::Yes; }
virtual bool hasIsolatedSession(const WebCore::RegistrableDomain) const { return false; }
virtual void clearIsolatedSessions() { }
void setShouldDowngradeReferrerForTesting(bool);
bool shouldDowngradeReferrer() const;
+ void setShouldBlockThirdPartyCookiesForTesting(bool);
#endif
void storeAdClickAttribution(WebCore::AdClickAttribution&&);
void handleAdClickAttributionConversion(WebCore::AdClickAttribution::Conversion&&, const URL& requestURL, const WebCore::ResourceRequest& redirectRequest);
@@ -140,7 +140,6 @@
ShouldIncludeLocalhost m_shouldIncludeLocalhostInResourceLoadStatistics { ShouldIncludeLocalhost::Yes };
EnableResourceLoadStatisticsDebugMode m_enableResourceLoadStatisticsDebugMode { EnableResourceLoadStatisticsDebugMode::No };
WebCore::RegistrableDomain m_resourceLoadStatisticsManualPrevalentResource;
- EnableResourceLoadStatisticsNSURLSessionSwitching m_enableResourceLoadStatisticsNSURLSessionSwitching { EnableResourceLoadStatisticsNSURLSessionSwitching::No };
bool m_enableResourceLoadStatisticsLogTestingEvent;
bool m_downgradeReferrer { true };
#endif
Modified: trunk/Source/WebKit/NetworkProcess/NetworkSessionCreationParameters.cpp (251212 => 251213)
--- trunk/Source/WebKit/NetworkProcess/NetworkSessionCreationParameters.cpp 2019-10-16 22:16:29 UTC (rev 251212)
+++ trunk/Source/WebKit/NetworkProcess/NetworkSessionCreationParameters.cpp 2019-10-16 22:38:55 UTC (rev 251213)
@@ -68,7 +68,7 @@
encoder << shouldIncludeLocalhostInResourceLoadStatistics;
encoder << enableResourceLoadStatisticsDebugMode;
encoder << resourceLoadStatisticsManualPrevalentResource;
- encoder << enableResourceLoadStatisticsNSURLSessionSwitching;
+ encoder << enableThirdPartyCookieBlockingOnSitesWithoutUserInteraction;
encoder << networkCacheDirectory << networkCacheDirectoryExtensionHandle;
@@ -199,9 +199,9 @@
if (!resourceLoadStatisticsManualPrevalentResource)
return WTF::nullopt;
- Optional<bool> enableResourceLoadStatisticsNSURLSessionSwitching;
- decoder >> enableResourceLoadStatisticsNSURLSessionSwitching;
- if (!enableResourceLoadStatisticsNSURLSessionSwitching)
+ Optional<bool> enableThirdPartyCookieBlockingOnSitesWithoutUserInteraction;
+ decoder >> enableThirdPartyCookieBlockingOnSitesWithoutUserInteraction;
+ if (!enableThirdPartyCookieBlockingOnSitesWithoutUserInteraction)
return WTF::nullopt;
Optional<String> networkCacheDirectory;
@@ -282,7 +282,7 @@
, WTFMove(*enableResourceLoadStatisticsLogTestingEvent)
, WTFMove(*shouldIncludeLocalhostInResourceLoadStatistics)
, WTFMove(*enableResourceLoadStatisticsDebugMode)
- , WTFMove(*enableResourceLoadStatisticsNSURLSessionSwitching)
+ , WTFMove(*enableThirdPartyCookieBlockingOnSitesWithoutUserInteraction)
, WTFMove(*deviceManagementRestrictionsEnabled)
, WTFMove(*allLoadsBlockedByDeviceManagementRestrictionsForTesting)
, WTFMove(*resourceLoadStatisticsManualPrevalentResource)
Modified: trunk/Source/WebKit/NetworkProcess/NetworkSessionCreationParameters.h (251212 => 251213)
--- trunk/Source/WebKit/NetworkProcess/NetworkSessionCreationParameters.h 2019-10-16 22:16:29 UTC (rev 251212)
+++ trunk/Source/WebKit/NetworkProcess/NetworkSessionCreationParameters.h 2019-10-16 22:38:55 UTC (rev 251213)
@@ -85,7 +85,7 @@
bool enableResourceLoadStatisticsLogTestingEvent { false };
bool shouldIncludeLocalhostInResourceLoadStatistics { true };
bool enableResourceLoadStatisticsDebugMode { false };
- bool enableResourceLoadStatisticsNSURLSessionSwitching { true };
+ bool enableThirdPartyCookieBlockingOnSitesWithoutUserInteraction { false };
bool deviceManagementRestrictionsEnabled { false };
bool allLoadsBlockedByDeviceManagementRestrictionsForTesting { false };
WebCore::RegistrableDomain resourceLoadStatisticsManualPrevalentResource { };
Modified: trunk/Source/WebKit/NetworkProcess/cocoa/NetworkDataTaskCocoa.mm (251212 => 251213)
--- trunk/Source/WebKit/NetworkProcess/cocoa/NetworkDataTaskCocoa.mm 2019-10-16 22:16:29 UTC (rev 251212)
+++ trunk/Source/WebKit/NetworkProcess/cocoa/NetworkDataTaskCocoa.mm 2019-10-16 22:38:55 UTC (rev 251213)
@@ -213,7 +213,7 @@
if (auto* networkStorageSession = session.networkStorageSession()) {
if (!shouldBlockCookies)
shouldBlockCookies = networkStorageSession->shouldBlockCookies(request, frameID, pageID);
- needsIsolatedSession = session.shouldIsolateSessionsForPrevalentTopFrames() && networkStorageSession->shouldBlockThirdPartyCookiesButKeepFirstPartyCookiesFor(firstParty);
+ needsIsolatedSession = networkStorageSession->shouldBlockThirdPartyCookiesButKeepFirstPartyCookiesFor(firstParty);
}
#endif
restrictRequestReferrerToOriginIfNeeded(request);
Modified: trunk/Source/WebKit/NetworkProcess/cocoa/NetworkSessionCocoa.mm (251212 => 251213)
--- trunk/Source/WebKit/NetworkProcess/cocoa/NetworkSessionCocoa.mm 2019-10-16 22:16:29 UTC (rev 251212)
+++ trunk/Source/WebKit/NetworkProcess/cocoa/NetworkSessionCocoa.mm 2019-10-16 22:38:55 UTC (rev 251213)
@@ -1109,7 +1109,7 @@
m_shouldIncludeLocalhostInResourceLoadStatistics = parameters.shouldIncludeLocalhostInResourceLoadStatistics ? ShouldIncludeLocalhost::Yes : ShouldIncludeLocalhost::No;
m_enableResourceLoadStatisticsDebugMode = parameters.enableResourceLoadStatisticsDebugMode ? EnableResourceLoadStatisticsDebugMode::Yes : EnableResourceLoadStatisticsDebugMode::No;
m_resourceLoadStatisticsManualPrevalentResource = parameters.resourceLoadStatisticsManualPrevalentResource;
- m_enableResourceLoadStatisticsNSURLSessionSwitching = parameters.enableResourceLoadStatisticsNSURLSessionSwitching ? EnableResourceLoadStatisticsNSURLSessionSwitching::Yes : EnableResourceLoadStatisticsNSURLSessionSwitching::No;
+ storageSession->setIsThirdPartyCookieBlockingOnSitesWithoutUserInteractionEnabled(parameters.enableThirdPartyCookieBlockingOnSitesWithoutUserInteraction);
setResourceLoadStatisticsEnabled(parameters.enableResourceLoadStatistics);
#endif
Modified: trunk/Source/WebKit/Shared/WebPreferences.yaml (251212 => 251213)
--- trunk/Source/WebKit/Shared/WebPreferences.yaml 2019-10-16 22:16:29 UTC (rev 251212)
+++ trunk/Source/WebKit/Shared/WebPreferences.yaml 2019-10-16 22:38:55 UTC (rev 251213)
@@ -1765,12 +1765,11 @@
webcoreBinding: RuntimeEnabledFeatures
category: experimental
-IsITPSessionSwitchingEnabled:
+IsThirdPartyCookieBlockingOnSitesWithoutUserInteractionEnabled:
type: bool
- defaultValue: true
- humanReadableName: "ITP Session Switching"
- humanReadableDescription: "Enable session switching for domains classified by ITP"
- webcoreBinding: RuntimeEnabledFeatures
+ defaultValue: false
+ humanReadableName: "Block 3rd-Party Cookies On Sites Without Interaction (ITP)"
+ humanReadableDescription: "Block all third-party cookies on websites without user interaction"
category: internal
IsLoggedInAPIEnabled:
Modified: trunk/Source/WebKit/UIProcess/API/C/WKWebsiteDataStoreRef.cpp (251212 => 251213)
--- trunk/Source/WebKit/UIProcess/API/C/WKWebsiteDataStoreRef.cpp 2019-10-16 22:16:29 UTC (rev 251212)
+++ trunk/Source/WebKit/UIProcess/API/C/WKWebsiteDataStoreRef.cpp 2019-10-16 22:38:55 UTC (rev 251213)
@@ -538,6 +538,17 @@
#endif
}
+void WKWebsiteDataStoreSetResourceLoadStatisticsShouldBlockThirdPartyCookiesForTesting(WKWebsiteDataStoreRef dataStoreRef, bool enabled, void* context, WKWebsiteDataStoreSetResourceLoadStatisticsShouldBlockThirdPartyCookiesForTestingFunction completionHandler)
+{
+#if ENABLE(RESOURCE_LOAD_STATISTICS)
+ WebKit::toImpl(dataStoreRef)->setResourceLoadStatisticsShouldBlockThirdPartyCookiesForTesting(enabled, [context, completionHandler] {
+ completionHandler(context);
+ });
+#else
+ completionHandler(context);
+#endif
+}
+
void WKWebsiteDataStoreStatisticsResetToConsistentState(WKWebsiteDataStoreRef dataStoreRef, void* context, WKWebsiteDataStoreStatisticsResetToConsistentStateFunction completionHandler)
{
#if ENABLE(RESOURCE_LOAD_STATISTICS)
@@ -550,6 +561,7 @@
store.resetCacheMaxAgeCapForPrevalentResources([callbackAggregator = callbackAggregator.copyRef()] { });
store.resetCrossSiteLoadsWithLinkDecorationForTesting([callbackAggregator = callbackAggregator.copyRef()] { });
store.setResourceLoadStatisticsShouldDowngradeReferrerForTesting(true, [callbackAggregator = callbackAggregator.copyRef()] { });
+ store.setResourceLoadStatisticsShouldBlockThirdPartyCookiesForTesting(false, [callbackAggregator = callbackAggregator.copyRef()] { });
store.resetParametersToDefaultValues([callbackAggregator = callbackAggregator.copyRef()] { });
store.scheduleClearInMemoryAndPersistent(WebKit::ShouldGrandfatherStatistics::No, [callbackAggregator = callbackAggregator.copyRef()] { });
store.setUseITPDatabase(false, [callbackAggregator = callbackAggregator.copyRef()] { });
Modified: trunk/Source/WebKit/UIProcess/API/C/WKWebsiteDataStoreRef.h (251212 => 251213)
--- trunk/Source/WebKit/UIProcess/API/C/WKWebsiteDataStoreRef.h 2019-10-16 22:16:29 UTC (rev 251212)
+++ trunk/Source/WebKit/UIProcess/API/C/WKWebsiteDataStoreRef.h 2019-10-16 22:38:55 UTC (rev 251213)
@@ -117,6 +117,8 @@
WK_EXPORT void WKWebsiteDataStoreStatisticsHasIsolatedSession(WKWebsiteDataStoreRef dataStoreRef, WKStringRef host, void* context, WKWebsiteDataStoreStatisticsHasIsolatedSessionFunction callback);
typedef void (*WKWebsiteDataStoreSetResourceLoadStatisticsShouldDowngradeReferrerForTestingFunction)(void* functionContext);
WK_EXPORT void WKWebsiteDataStoreSetResourceLoadStatisticsShouldDowngradeReferrerForTesting(WKWebsiteDataStoreRef dataStoreRef, bool enabled, void* context, WKWebsiteDataStoreSetResourceLoadStatisticsShouldDowngradeReferrerForTestingFunction completionHandler);
+typedef void (*WKWebsiteDataStoreSetResourceLoadStatisticsShouldBlockThirdPartyCookiesForTestingFunction)(void* functionContext);
+WK_EXPORT void WKWebsiteDataStoreSetResourceLoadStatisticsShouldBlockThirdPartyCookiesForTesting(WKWebsiteDataStoreRef dataStoreRef, bool enabled, void* context, WKWebsiteDataStoreSetResourceLoadStatisticsShouldBlockThirdPartyCookiesForTestingFunction completionHandler);
typedef void (*WKWebsiteDataStoreStatisticsResetToConsistentStateFunction)(void* functionContext);
WK_EXPORT void WKWebsiteDataStoreStatisticsResetToConsistentState(WKWebsiteDataStoreRef dataStoreRef, void* context, WKWebsiteDataStoreStatisticsResetToConsistentStateFunction completionHandler);
Modified: trunk/Source/WebKit/UIProcess/Network/NetworkProcessProxy.cpp (251212 => 251213)
--- trunk/Source/WebKit/UIProcess/Network/NetworkProcessProxy.cpp 2019-10-16 22:16:29 UTC (rev 251212)
+++ trunk/Source/WebKit/UIProcess/Network/NetworkProcessProxy.cpp 2019-10-16 22:38:55 UTC (rev 251213)
@@ -1054,6 +1054,16 @@
sendWithAsyncReply(Messages::NetworkProcess::SetShouldDowngradeReferrerForTesting(enabled), WTFMove(completionHandler));
}
+
+void NetworkProcessProxy::setShouldBlockThirdPartyCookiesForTesting(PAL::SessionID sessionID, bool enabled, CompletionHandler<void()>&& completionHandler)
+{
+ if (!canSendMessage()) {
+ completionHandler();
+ return;
+ }
+
+ sendWithAsyncReply(Messages::NetworkProcess::SetShouldBlockThirdPartyCookiesForTesting(sessionID, enabled), WTFMove(completionHandler));
+}
#endif // ENABLE(RESOURCE_LOAD_STATISTICS)
void NetworkProcessProxy::sendProcessWillSuspendImminently()
Modified: trunk/Source/WebKit/UIProcess/Network/NetworkProcessProxy.h (251212 => 251213)
--- trunk/Source/WebKit/UIProcess/Network/NetworkProcessProxy.h 2019-10-16 22:16:29 UTC (rev 251212)
+++ trunk/Source/WebKit/UIProcess/Network/NetworkProcessProxy.h 2019-10-16 22:38:55 UTC (rev 251213)
@@ -155,6 +155,7 @@
void deleteWebsiteDataInUIProcessForRegistrableDomains(PAL::SessionID, OptionSet<WebsiteDataType>, OptionSet<WebsiteDataFetchOption>, Vector<RegistrableDomain>, CompletionHandler<void(HashSet<WebCore::RegistrableDomain>&&)>&&);
void hasIsolatedSession(PAL::SessionID, const RegistrableDomain&, CompletionHandler<void(bool)>&&);
void setShouldDowngradeReferrerForTesting(bool, CompletionHandler<void()>&&);
+ void setShouldBlockThirdPartyCookiesForTesting(PAL::SessionID, bool, CompletionHandler<void()>&&);
#endif
void processReadyToSuspend();
Modified: trunk/Source/WebKit/UIProcess/WebsiteData/Cocoa/WebsiteDataStoreCocoa.mm (251212 => 251213)
--- trunk/Source/WebKit/UIProcess/WebsiteData/Cocoa/WebsiteDataStoreCocoa.mm 2019-10-16 22:16:29 UTC (rev 251212)
+++ trunk/Source/WebKit/UIProcess/WebsiteData/Cocoa/WebsiteDataStoreCocoa.mm 2019-10-16 22:38:55 UTC (rev 251213)
@@ -29,6 +29,7 @@
#import "CookieStorageUtilsCF.h"
#import "SandboxUtilities.h"
#import "StorageManager.h"
+#import "WebPreferencesKeys.h"
#import "WebResourceLoadStatisticsStore.h"
#import "WebsiteDataStoreParameters.h"
#import <WebCore/RegistrableDomain.h>
@@ -68,11 +69,12 @@
NSUserDefaults *defaults = [NSUserDefaults standardUserDefaults];
bool shouldLogCookieInformation = false;
bool enableResourceLoadStatisticsDebugMode = false;
- bool enableResourceLoadStatisticsNSURLSessionSwitching = WebCore::RuntimeEnabledFeatures::sharedFeatures().isITPSessionSwitchingEnabled();
+ bool enableThirdPartyCookieBlockingOnSitesWithoutUserInteraction = false;
+ bool enableLegacyTLS = [defaults boolForKey:@"WebKitEnableLegacyTLS"];
WebCore::RegistrableDomain resourceLoadStatisticsManualPrevalentResource { };
- bool enableLegacyTLS = [defaults boolForKey:@"WebKitEnableLegacyTLS"];
#if ENABLE(RESOURCE_LOAD_STATISTICS)
enableResourceLoadStatisticsDebugMode = [defaults boolForKey:@"ITPDebugMode"];
+ enableThirdPartyCookieBlockingOnSitesWithoutUserInteraction = [defaults boolForKey:[NSString stringWithFormat:@"InternalDebug%@", WebPreferencesKey::isThirdPartyCookieBlockingOnSitesWithoutUserInteractionEnabledKey().createCFString().get()]];
auto* manualPrevalentResource = [defaults stringForKey:@"ITPManualPrevalentResource"];
if (manualPrevalentResource) {
URL url { URL(), manualPrevalentResource };
@@ -136,7 +138,7 @@
hasStatisticsTestingCallback(),
shouldIncludeLocalhostInResourceLoadStatistics,
enableResourceLoadStatisticsDebugMode,
- enableResourceLoadStatisticsNSURLSessionSwitching,
+ enableThirdPartyCookieBlockingOnSitesWithoutUserInteraction,
m_configuration->deviceManagementRestrictionsEnabled(),
m_configuration->allLoadsBlockedByDeviceManagementRestrictionsForTesting(),
WTFMove(resourceLoadStatisticsManualPrevalentResource),
Modified: trunk/Source/WebKit/UIProcess/WebsiteData/WebsiteDataStore.cpp (251212 => 251213)
--- trunk/Source/WebKit/UIProcess/WebsiteData/WebsiteDataStore.cpp 2019-10-16 22:16:29 UTC (rev 251212)
+++ trunk/Source/WebKit/UIProcess/WebsiteData/WebsiteDataStore.cpp 2019-10-16 22:38:55 UTC (rev 251213)
@@ -1782,6 +1782,20 @@
}
ASSERT(!completionHandler);
}
+
+void WebsiteDataStore::setResourceLoadStatisticsShouldBlockThirdPartyCookiesForTesting(bool enabled, CompletionHandler<void()>&& completionHandler)
+{
+ auto callbackAggregator = CallbackAggregator::create(WTFMove(completionHandler));
+
+ for (auto& processPool : processPools()) {
+ if (auto* networkProcess = processPool->networkProcess()) {
+ networkProcess->setShouldBlockThirdPartyCookiesForTesting(m_sessionID, enabled, [callbackAggregator = callbackAggregator.copyRef()] { });
+ ASSERT(processPools().size() == 1);
+ break;
+ }
+ }
+ ASSERT(!completionHandler);
+}
#endif // ENABLE(RESOURCE_LOAD_STATISTICS)
void WebsiteDataStore::setCacheMaxAgeCapForPrevalentResources(Seconds seconds, CompletionHandler<void()>&& completionHandler)
Modified: trunk/Source/WebKit/UIProcess/WebsiteData/WebsiteDataStore.h (251212 => 251213)
--- trunk/Source/WebKit/UIProcess/WebsiteData/WebsiteDataStore.h 2019-10-16 22:16:29 UTC (rev 251212)
+++ trunk/Source/WebKit/UIProcess/WebsiteData/WebsiteDataStore.h 2019-10-16 22:38:55 UTC (rev 251213)
@@ -192,6 +192,7 @@
void hasLocalStorageForTesting(const URL&, CompletionHandler<void(bool)>&&) const;
void hasIsolatedSessionForTesting(const URL&, CompletionHandler<void(bool)>&&) const;
void setResourceLoadStatisticsShouldDowngradeReferrerForTesting(bool, CompletionHandler<void()>&&);
+ void setResourceLoadStatisticsShouldBlockThirdPartyCookiesForTesting(bool, CompletionHandler<void()>&&);
#endif
void setCacheMaxAgeCapForPrevalentResources(Seconds, CompletionHandler<void()>&&);
void resetCacheMaxAgeCapForPrevalentResources(CompletionHandler<void()>&&);
Modified: trunk/Tools/ChangeLog (251212 => 251213)
--- trunk/Tools/ChangeLog 2019-10-16 22:16:29 UTC (rev 251212)
+++ trunk/Tools/ChangeLog 2019-10-16 22:38:55 UTC (rev 251213)
@@ -1,3 +1,29 @@
+2019-10-16 John Wilander <wilan...@apple.com>
+
+ Resource Load Statistics (experimental): Block all third-party cookies on websites without prior user interaction
+ https://bugs.webkit.org/show_bug.cgi?id=203017
+ <rdar://problem/56262708>
+
+ Reviewed by Alex Christensen.
+
+ These changes are test infrastructure to be able to toggle the function
+ through testRunner.setStatisticsShouldBlockThirdPartyCookies().
+
+ * WebKitTestRunner/InjectedBundle/Bindings/TestRunner.idl:
+ * WebKitTestRunner/InjectedBundle/InjectedBundle.cpp:
+ (WTR::InjectedBundle::didReceiveMessageToPage):
+ * WebKitTestRunner/InjectedBundle/TestRunner.cpp:
+ (WTR::TestRunner::setStatisticsShouldBlockThirdPartyCookies):
+ (WTR::TestRunner::statisticsCallDidSetShouldBlockThirdPartyCookiesCallback):
+ * WebKitTestRunner/InjectedBundle/TestRunner.h:
+ * WebKitTestRunner/TestController.cpp:
+ (WTR::TestController::setStatisticsShouldBlockThirdPartyCookies):
+ * WebKitTestRunner/TestController.h:
+ * WebKitTestRunner/TestInvocation.cpp:
+ (WTR::TestInvocation::didReceiveSynchronousMessageFromInjectedBundle):
+ (WTR::TestInvocation::didSetShouldBlockThirdPartyCookies):
+ * WebKitTestRunner/TestInvocation.h:
+
2019-10-16 Kate Cheney <katherine_che...@apple.com>
WKWebsiteDataStoreStatisticsResetToConsistentState() should call store.setUseITPDatabase(false)
Modified: trunk/Tools/WebKitTestRunner/InjectedBundle/Bindings/TestRunner.idl (251212 => 251213)
--- trunk/Tools/WebKitTestRunner/InjectedBundle/Bindings/TestRunner.idl 2019-10-16 22:16:29 UTC (rev 251212)
+++ trunk/Tools/WebKitTestRunner/InjectedBundle/Bindings/TestRunner.idl 2019-10-16 22:38:55 UTC (rev 251213)
@@ -341,6 +341,7 @@
void statisticsResetToConsistentState(object completionHandler);
boolean hasStatisticsIsolatedSession(DOMString hostName);
void setStatisticsShouldDowngradeReferrer(boolean value, object callback);
+ void setStatisticsShouldBlockThirdPartyCookies(boolean value, object callback);
// Injected bundle form client.
void installTextDidChangeInTextFieldCallback(object callback);
Modified: trunk/Tools/WebKitTestRunner/InjectedBundle/InjectedBundle.cpp (251212 => 251213)
--- trunk/Tools/WebKitTestRunner/InjectedBundle/InjectedBundle.cpp 2019-10-16 22:16:29 UTC (rev 251212)
+++ trunk/Tools/WebKitTestRunner/InjectedBundle/InjectedBundle.cpp 2019-10-16 22:38:55 UTC (rev 251213)
@@ -332,6 +332,11 @@
return;
}
+ if (WKStringIsEqualToUTF8CString(messageName, "CallDidSetShouldBlockThirdPartyCookies")) {
+ m_testRunner->statisticsCallDidSetShouldBlockThirdPartyCookiesCallback();
+ return;
+ }
+
if (WKStringIsEqualToUTF8CString(messageName, "CallDidResetStatisticsToConsistentState")) {
m_testRunner->statisticsCallDidResetToConsistentStateCallback();
return;
Modified: trunk/Tools/WebKitTestRunner/InjectedBundle/TestRunner.cpp (251212 => 251213)
--- trunk/Tools/WebKitTestRunner/InjectedBundle/TestRunner.cpp 2019-10-16 22:16:29 UTC (rev 251212)
+++ trunk/Tools/WebKitTestRunner/InjectedBundle/TestRunner.cpp 2019-10-16 22:38:55 UTC (rev 251213)
@@ -743,6 +743,7 @@
StatisticsDidResetToConsistentStateCallbackID,
StatisticsDidSetBlockCookiesForHostCallbackID,
StatisticsDidSetShouldDowngradeReferrerCallbackID,
+ StatisticsDidSetShouldBlockThirdPartyCookiesCallbackID,
AllStorageAccessEntriesCallbackID,
DidRemoveAllSessionCredentialsCallbackID,
GetApplicationManifestCallbackID,
@@ -2208,6 +2209,23 @@
callTestRunnerCallback(StatisticsDidSetShouldDowngradeReferrerCallbackID);
}
+void TestRunner::setStatisticsShouldBlockThirdPartyCookies(bool value, JSValueRef completionHandler)
+{
+ if (m_hasSetBlockThirdPartyCookiesCallback)
+ return;
+
+ cacheTestRunnerCallback(StatisticsDidSetShouldBlockThirdPartyCookiesCallbackID, completionHandler);
+ WKRetainPtr<WKStringRef> messageName = adoptWK(WKStringCreateWithUTF8CString("SetStatisticsShouldBlockThirdPartyCookies"));
+ WKRetainPtr<WKBooleanRef> messageBody = adoptWK(WKBooleanCreate(value));
+ WKBundlePostSynchronousMessage(InjectedBundle::singleton().bundle(), messageName.get(), messageBody.get(), nullptr);
+ m_hasSetBlockThirdPartyCookiesCallback = true;
+}
+
+void TestRunner::statisticsCallDidSetShouldBlockThirdPartyCookiesCallback()
+{
+ callTestRunnerCallback(StatisticsDidSetShouldBlockThirdPartyCookiesCallbackID);
+}
+
void TestRunner::statisticsCallClearThroughWebsiteDataRemovalCallback()
{
callTestRunnerCallback(StatisticsDidClearThroughWebsiteDataRemovalCallbackID);
Modified: trunk/Tools/WebKitTestRunner/InjectedBundle/TestRunner.h (251212 => 251213)
--- trunk/Tools/WebKitTestRunner/InjectedBundle/TestRunner.h 2019-10-16 22:16:29 UTC (rev 251212)
+++ trunk/Tools/WebKitTestRunner/InjectedBundle/TestRunner.h 2019-10-16 22:38:55 UTC (rev 251213)
@@ -440,6 +440,8 @@
bool hasStatisticsIsolatedSession(JSStringRef hostName);
void setStatisticsShouldDowngradeReferrer(bool, JSValueRef callback);
void statisticsCallDidSetShouldDowngradeReferrerCallback();
+ void setStatisticsShouldBlockThirdPartyCookies(bool, JSValueRef callback);
+ void statisticsCallDidSetShouldBlockThirdPartyCookiesCallback();
void statisticsResetToConsistentState(JSValueRef completionHandler);
void statisticsCallDidResetToConsistentStateCallback();
@@ -573,6 +575,7 @@
bool m_userStyleSheetEnabled { false };
bool m_dumpAllHTTPRedirectedResponseHeaders { false };
bool m_hasSetDowngradeReferrerCallback { false };
+ bool m_hasSetBlockThirdPartyCookiesCallback { false };
};
} // namespace WTR
Modified: trunk/Tools/WebKitTestRunner/TestController.cpp (251212 => 251213)
--- trunk/Tools/WebKitTestRunner/TestController.cpp 2019-10-16 22:16:29 UTC (rev 251212)
+++ trunk/Tools/WebKitTestRunner/TestController.cpp 2019-10-16 22:38:55 UTC (rev 251213)
@@ -3555,6 +3555,14 @@
m_currentInvocation->didSetShouldDowngradeReferrer();
}
+void TestController::setStatisticsShouldBlockThirdPartyCookies(bool value)
+{
+ ResourceStatisticsCallbackContext context(*this);
+ WKWebsiteDataStoreSetResourceLoadStatisticsShouldBlockThirdPartyCookiesForTesting(TestController::websiteDataStore(), value, &context, resourceStatisticsVoidResultCallback);
+ runUntil(context.done, noTimeout);
+ m_currentInvocation->didSetShouldBlockThirdPartyCookies();
+}
+
void TestController::statisticsResetToConsistentState()
{
ResourceStatisticsCallbackContext context(*this);
Modified: trunk/Tools/WebKitTestRunner/TestController.h (251212 => 251213)
--- trunk/Tools/WebKitTestRunner/TestController.h 2019-10-16 22:16:29 UTC (rev 251212)
+++ trunk/Tools/WebKitTestRunner/TestController.h 2019-10-16 22:38:55 UTC (rev 251213)
@@ -252,6 +252,7 @@
void setStatisticsCacheMaxAgeCap(double seconds);
bool hasStatisticsIsolatedSession(WKStringRef hostName);
void setStatisticsShouldDowngradeReferrer(bool value);
+ void setStatisticsShouldBlockThirdPartyCookies(bool value);
void statisticsResetToConsistentState();
void getAllStorageAccessEntries();
Modified: trunk/Tools/WebKitTestRunner/TestInvocation.cpp (251212 => 251213)
--- trunk/Tools/WebKitTestRunner/TestInvocation.cpp 2019-10-16 22:16:29 UTC (rev 251212)
+++ trunk/Tools/WebKitTestRunner/TestInvocation.cpp 2019-10-16 22:38:55 UTC (rev 251213)
@@ -1542,6 +1542,13 @@
return nullptr;
}
+ if (WKStringIsEqualToUTF8CString(messageName, "SetStatisticsShouldBlockThirdPartyCookies")) {
+ ASSERT(WKGetTypeID(messageBody) == WKBooleanGetTypeID());
+ WKBooleanRef value = static_cast<WKBooleanRef>(messageBody);
+ TestController::singleton().setStatisticsShouldBlockThirdPartyCookies(WKBooleanGetValue(value));
+ return nullptr;
+ }
+
if (WKStringIsEqualToUTF8CString(messageName, "RemoveAllSessionCredentials")) {
TestController::singleton().removeAllSessionCredentials();
return nullptr;
@@ -1825,6 +1832,12 @@
WKPagePostMessageToInjectedBundle(TestController::singleton().mainWebView()->page(), messageName.get(), 0);
}
+void TestInvocation::didSetShouldBlockThirdPartyCookies()
+{
+ WKRetainPtr<WKStringRef> messageName = adoptWK(WKStringCreateWithUTF8CString("CallDidSetShouldBlockThirdPartyCookies"));
+ WKPagePostMessageToInjectedBundle(TestController::singleton().mainWebView()->page(), messageName.get(), nullptr);
+}
+
void TestInvocation::didResetStatisticsToConsistentState()
{
WKRetainPtr<WKStringRef> messageName = adoptWK(WKStringCreateWithUTF8CString("CallDidResetStatisticsToConsistentState"));
Modified: trunk/Tools/WebKitTestRunner/TestInvocation.h (251212 => 251213)
--- trunk/Tools/WebKitTestRunner/TestInvocation.h 2019-10-16 22:16:29 UTC (rev 251212)
+++ trunk/Tools/WebKitTestRunner/TestInvocation.h 2019-10-16 22:38:55 UTC (rev 251213)
@@ -74,6 +74,7 @@
void didClearStatisticsThroughWebsiteDataRemoval();
void didSetShouldDowngradeReferrer();
+ void didSetShouldBlockThirdPartyCookies();
void didResetStatisticsToConsistentState();
void didSetBlockCookiesForHost();
void didSetStatisticsDebugMode();