Diff
Modified: trunk/LayoutTests/ChangeLog (262494 => 262495)
--- trunk/LayoutTests/ChangeLog 2020-06-03 17:46:51 UTC (rev 262494)
+++ trunk/LayoutTests/ChangeLog 2020-06-03 18:07:49 UTC (rev 262495)
@@ -1,3 +1,14 @@
+2020-06-03 John Wilander <[email protected]>
+
+ Storage Access API: Add setting for per-page storage access scope
+ https://bugs.webkit.org/show_bug.cgi?id=212682
+ <rdar://problem/63904824>
+
+ Reviewed by Brent Fulgham.
+
+ * http/tests/storageAccess/request-and-grant-access-with-per-page-scope-access-from-another-frame-expected.txt: Added.
+ * http/tests/storageAccess/request-and-grant-access-with-per-page-scope-access-from-another-frame.html: Added.
+
2020-06-03 Diego Pino Garcia <[email protected]>
[WPE] Gardening, lint WPE test expectations
Added: trunk/LayoutTests/http/tests/storageAccess/request-and-grant-access-with-per-page-scope-access-from-another-frame-expected.txt (0 => 262495)
--- trunk/LayoutTests/http/tests/storageAccess/request-and-grant-access-with-per-page-scope-access-from-another-frame-expected.txt (rev 0)
+++ trunk/LayoutTests/http/tests/storageAccess/request-and-grant-access-with-per-page-scope-access-from-another-frame-expected.txt 2020-06-03 18:07:49 UTC (rev 262495)
@@ -0,0 +1,36 @@
+Tests that storage access is granted for all frames under per-page storage scope.
+
+On success, you will see a series of "PASS" messages, followed by "TEST COMPLETE".
+
+
+PASS Storage access was granted. document.cookie == firstPartyCookie=value, cookies seen server-side == {"firstPartyCookie":"value"}
+PASS successfullyParsed is true
+
+TEST COMPLETE
+
+
+--------
+Frame: '<!--frame1-->'
+--------
+Should not receive cookies without user interaction.
+Did not receive cookie named 'firstPartyCookie'.
+Client-side document.cookie:
+
+--------
+Frame: '<!--frame2-->'
+--------
+Should not receive cookies with user interaction.
+Did not receive cookie named 'firstPartyCookie'.
+Client-side document.cookie:
+
+--------
+Frame: '<!--frame3-->'
+--------
+
+
+--------
+Frame: '<!--frame4-->'
+--------
+Should receive cookies even though it's not the requesting frame.
+Received cookie named 'firstPartyCookie'.
+Client-side document.cookie: firstPartyCookie=value
Added: trunk/LayoutTests/http/tests/storageAccess/request-and-grant-access-with-per-page-scope-access-from-another-frame.html (0 => 262495)
--- trunk/LayoutTests/http/tests/storageAccess/request-and-grant-access-with-per-page-scope-access-from-another-frame.html (rev 0)
+++ trunk/LayoutTests/http/tests/storageAccess/request-and-grant-access-with-per-page-scope-access-from-another-frame.html 2020-06-03 18:07:49 UTC (rev 262495)
@@ -0,0 +1,122 @@
+<!DOCTYPE html>
+<html>
+<head>
+ <script src=""
+ <script src=""
+ <script src=""
+</head>
+<body>
+ <script>
+ description("Tests that storage access is granted for all frames under per-page storage scope.");
+ jsTestIsAsync = true;
+
+ const hostUnderTest = "localhost:8000";
+ const statisticsUrl = "http://" + hostUnderTest + "/temp";
+
+ const partitionHost = "127.0.0.1:8000";
+ const thirdPartyOrigin = "http://localhost:8000";
+ const resourcePath = "/storageAccess/resources";
+ const thirdPartyBaseUrl = thirdPartyOrigin + resourcePath;
+ const firstPartyCookieName = "firstPartyCookie";
+ const subPathToSetFirstPartyCookie = "/set-cookie.php?name=" + firstPartyCookieName + "&value=value";
+ const returnUrl = "http://" + partitionHost + "/storageAccess/request-and-grant-access-with-per-page-scope-access-from-another-frame.html";
+ const subPathToGetCookies = "/get-cookies.php?name1=" + firstPartyCookieName;
+
+ function openIframe(url, onLoadHandler) {
+ const element = document.createElement("iframe");
+ element.src = ""
+ if (onLoadHandler) {
+ element._onload_ = onLoadHandler;
+ }
+ document.body.appendChild(element);
+ }
+
+ function receiveMessage(event) {
+ if (event.origin === "http://localhost:8000") {
+ if (event.data.indexOf("PASS") !== -1)
+ testPassed(event.data.replace("PASS ", ""));
+ else
+ testFailed(event.data);
+ } else
+ testFailed("Received a message from an unexpected origin: " + event.origin);
+ runTest();
+ }
+
+ function activateElement(elementId) {
+ var element = document.getElementById(elementId);
+ var centerX = element.offsetLeft + element.offsetWidth / 2;
+ var centerY = element.offsetTop + element.offsetHeight / 2;
+ UIHelper.activateAt(centerX, centerY).then(
+ function () {
+ if (window.eventSender)
+ eventSender.keyDown("escape");
+ else {
+ testFailed("No eventSender.");
+ setEnableFeature(false, finishJSTest);
+ }
+ },
+ function () {
+ testFailed("Promise rejected.");
+ setEnableFeature(false, finishJSTest);
+ }
+ );
+ }
+
+ function runTest() {
+ switch (document.location.hash) {
+ case "#step1":
+ // Set first-party cookie for localhost.
+ document.location.href = "" + subPathToSetFirstPartyCookie + "#" + returnUrl + "#step2";
+ break;
+ case "#step2":
+ document.location.hash = "step3";
+ // Check that the first-party cookie does not get sent for localhost under 127.0.0.1.
+ openIframe(thirdPartyBaseUrl + subPathToGetCookies + "&message=Should not receive cookies without user interaction.", runTest);
+ break;
+ case "#step3":
+ document.location.hash = "step4";
+ testRunner.setStatisticsHasHadUserInteraction(statisticsUrl, true, function() {
+ if (!testRunner.isStatisticsHasHadUserInteraction(statisticsUrl))
+ testFailed("Host did not get logged for user interaction.");
+ openIframe(thirdPartyBaseUrl + subPathToGetCookies + "&message=Should not receive cookies with user interaction.", runTest);
+ });
+ break;
+ case "#step4":
+ document.location.hash = "step5";
+ internals.settings.setStorageAccessAPIPerPageScopeEnabled(true);
+ let iframeElement = document.createElement("iframe");
+ iframeElement._onload_ = function() {
+ activateElement("TheIframeThatRequestsStorageAccess");
+ };
+ iframeElement.id = "TheIframeThatRequestsStorageAccess";
+ iframeElement.src = ""
+ document.body.appendChild(iframeElement);
+ break;
+ case "#step5":
+ document.location.hash = "step6";
+ // Check that the cookie gets sent for localhost under 127.0.0.1 in a new frame.
+ openIframe(thirdPartyBaseUrl + subPathToGetCookies + "&message=Should receive cookies even though it's not the requesting frame.", runTest);
+ break;
+ case "#step6":
+ testRunner.setStatisticsShouldBlockThirdPartyCookies(false, function() {
+ internals.settings.setStorageAccessAPIPerPageScopeEnabled(false);
+ setEnableFeature(false, finishJSTest);
+ });
+ break;
+ }
+ }
+
+ window.addEventListener("message", receiveMessage, false);
+
+ if (document.location.hash === "") {
+ setEnableFeature(true, function() {
+ testRunner.dumpChildFramesAsText();
+ document.location.hash = "step1";
+ testRunner.setStatisticsShouldBlockThirdPartyCookies(true, runTest);
+ });
+ } else {
+ runTest();
+ }
+ </script>
+</body>
+</html>
Modified: trunk/Source/WebCore/ChangeLog (262494 => 262495)
--- trunk/Source/WebCore/ChangeLog 2020-06-03 17:46:51 UTC (rev 262494)
+++ trunk/Source/WebCore/ChangeLog 2020-06-03 18:07:49 UTC (rev 262495)
@@ -1,3 +1,24 @@
+2020-06-03 John Wilander <[email protected]>
+
+ Storage Access API: Add setting for per-page storage access scope
+ https://bugs.webkit.org/show_bug.cgi?id=212682
+ <rdar://problem/63904824>
+
+ Reviewed by Brent Fulgham.
+
+ This is a follow-up patch to https://bugs.webkit.org/show_bug.cgi?id=212114,
+ adding an off-by-default setting and a test case for per-page storage access.
+
+ Test: http/tests/storageAccess/request-and-grant-access-with-per-page-scope-access-from-another-frame.html
+
+ * dom/DocumentStorageAccess.cpp:
+ (WebCore::DocumentStorageAccess::requestStorageAccess):
+ * page/Settings.yaml:
+ * testing/InternalSettings.cpp:
+ (WebCore::InternalSettings::setStorageAccessAPIPerPageScopeEnabled):
+ * testing/InternalSettings.h:
+ * testing/InternalSettings.idl:
+
2020-06-03 Rob Buis <[email protected]>
Make generated C++ code use modern C++
Modified: trunk/Source/WebCore/dom/DocumentStorageAccess.cpp (262494 => 262495)
--- trunk/Source/WebCore/dom/DocumentStorageAccess.cpp 2020-06-03 17:46:51 UTC (rev 262494)
+++ trunk/Source/WebCore/dom/DocumentStorageAccess.cpp 2020-06-03 18:07:49 UTC (rev 262495)
@@ -170,7 +170,10 @@
promise->reject();
return;
}
-
+
+ if (page->settings().storageAccessAPIPerPageScopeEnabled())
+ m_storageAccessScope = StorageAccessScope::PerPage;
+
auto subFrameDomain = RegistrableDomain::uncheckedCreateFromHost(securityOrigin.host());
auto topFrameDomain = RegistrableDomain::uncheckedCreateFromHost(topSecurityOrigin.host());
Modified: trunk/Source/WebCore/page/Settings.yaml (262494 => 262495)
--- trunk/Source/WebCore/page/Settings.yaml 2020-06-03 17:46:51 UTC (rev 262494)
+++ trunk/Source/WebCore/page/Settings.yaml 2020-06-03 18:07:49 UTC (rev 262495)
@@ -692,6 +692,9 @@
storageAccessAPIEnabled:
initial: true
+storageAccessAPIPerPageScopeEnabled:
+ initial: false
+
timeWithoutMouseMovementBeforeHidingControls:
type: Seconds
initial: 3_s
Modified: trunk/Source/WebCore/testing/InternalSettings.cpp (262494 => 262495)
--- trunk/Source/WebCore/testing/InternalSettings.cpp 2020-06-03 17:46:51 UTC (rev 262494)
+++ trunk/Source/WebCore/testing/InternalSettings.cpp 2020-06-03 18:07:49 UTC (rev 262495)
@@ -1028,6 +1028,10 @@
#endif
}
+void InternalSettings::setStorageAccessAPIPerPageScopeEnabled(bool enabled)
+{
+ settings().setStorageAccessAPIPerPageScopeEnabled(enabled);
+}
// If you add to this class, make sure that you update the Backup class for test reproducability!
}
Modified: trunk/Source/WebCore/testing/InternalSettings.h (262494 => 262495)
--- trunk/Source/WebCore/testing/InternalSettings.h 2020-06-03 17:46:51 UTC (rev 262494)
+++ trunk/Source/WebCore/testing/InternalSettings.h 2020-06-03 18:07:49 UTC (rev 262495)
@@ -136,6 +136,8 @@
static bool webAnimationsCSSIntegrationEnabled();
void setShouldDeactivateAudioSession(bool);
+
+ void setStorageAccessAPIPerPageScopeEnabled(bool);
private:
explicit InternalSettings(Page*);
Modified: trunk/Source/WebCore/testing/InternalSettings.idl (262494 => 262495)
--- trunk/Source/WebCore/testing/InternalSettings.idl 2020-06-03 17:46:51 UTC (rev 262494)
+++ trunk/Source/WebCore/testing/InternalSettings.idl 2020-06-03 18:07:49 UTC (rev 262495)
@@ -120,5 +120,7 @@
[EnabledAtRuntime=WebAnimations] boolean webAnimationsCSSIntegrationEnabled();
void setShouldDeactivateAudioSession(boolean shouldDeactivate);
+
+ void setStorageAccessAPIPerPageScopeEnabled(boolean enabled);
};
