[webkit-changes] [270421] trunk/Source/WebCore

Thu, 03 Dec 2020 17:33:06 -0800

Title: [270421] trunk/Source/WebCore
Revision
270421
Author
[email protected]
Date
2020-12-03 17:32:23 -0800 (Thu, 03 Dec 2020)

Log Message

Issue logging in to Microsoft Teams if logged into other Microsoft accounts and navigating directly to teams.microsoft.com
https://bugs.webkit.org/show_bug.cgi?id=219505
<rdar://problem/71391657>

Reviewed by Alex Christensen.

This is a temporary quirk to assist a high-traffic website while they
complete the large task of migrating away from login flows that
require third party cookies. This quirk will be removed when the site
is updated.

No new tests, site specific quirk.

In https://bugs.webkit.org/show_bug.cgi?id=218778 we added a quirk to
call the Storage Access API on behalf of microsoft.com when logging
into Microsoft Teams. This patch covers a final edge case where a user
was logged into other Microsoft accounts prior to the fix. In this
case, if the user tries to go straight to teams.microsoft.com, an endless
redirect loop will occur because the site has login credentials from a previous
Microsoft login but does not have 3rd party cookie access to authenticate the
login on teams.microsoft.com. The solution is to redirect the user to
the login page for Teams on microsoft.com where the previous fix added
a Storage Access prompt.

* loader/DocumentLoader.cpp:
(WebCore::microsoftTeamsRedirectURL):
(WebCore::DocumentLoader::responseReceived):
* page/Quirks.cpp:
(WebCore::Quirks::isMicrosoftTeamsRedirectURL):
* page/Quirks.h:

Modified Paths

Diff

Modified: trunk/Source/WebCore/ChangeLog (270420 => 270421)


--- trunk/Source/WebCore/ChangeLog	2020-12-04 01:22:19 UTC (rev 270420)
+++ trunk/Source/WebCore/ChangeLog	2020-12-04 01:32:23 UTC (rev 270421)
@@ -1,3 +1,36 @@
+2020-12-03  Kate Cheney  <[email protected]>
+
+        Issue logging in to Microsoft Teams if logged into other Microsoft accounts and navigating directly to teams.microsoft.com
+        https://bugs.webkit.org/show_bug.cgi?id=219505
+        <rdar://problem/71391657>
+
+        Reviewed by Alex Christensen.
+
+        This is a temporary quirk to assist a high-traffic website while they
+        complete the large task of migrating away from login flows that
+        require third party cookies. This quirk will be removed when the site
+        is updated.
+
+        No new tests, site specific quirk.
+
+        In https://bugs.webkit.org/show_bug.cgi?id=218778 we added a quirk to
+        call the Storage Access API on behalf of microsoft.com when logging
+        into Microsoft Teams. This patch covers a final edge case where a user
+        was logged into other Microsoft accounts prior to the fix. In this
+        case, if the user tries to go straight to teams.microsoft.com, an endless
+        redirect loop will occur because the site has login credentials from a previous
+        Microsoft login but does not have 3rd party cookie access to authenticate the
+        login on teams.microsoft.com. The solution is to redirect the user to
+        the login page for Teams on microsoft.com where the previous fix added
+        a Storage Access prompt.
+
+        * loader/DocumentLoader.cpp:
+        (WebCore::microsoftTeamsRedirectURL):
+        (WebCore::DocumentLoader::responseReceived):
+        * page/Quirks.cpp:
+        (WebCore::Quirks::isMicrosoftTeamsRedirectURL):
+        * page/Quirks.h:
+
 2020-12-03  Adam Roben  <[email protected]>
 
         Adopt FALLBACK_PLATFORM

Modified: trunk/Source/WebCore/loader/DocumentLoader.cpp (270420 => 270421)


--- trunk/Source/WebCore/loader/DocumentLoader.cpp	2020-12-04 01:22:19 UTC (rev 270420)
+++ trunk/Source/WebCore/loader/DocumentLoader.cpp	2020-12-04 01:32:23 UTC (rev 270421)
@@ -67,6 +67,7 @@
 #include "LoaderStrategy.h"
 #include "Logging.h"
 #include "MemoryCache.h"
+#include "NavigationScheduler.h"
 #include "NetworkLoadMetrics.h"
 #include "Page.h"
 #include "PingLoader.h"
@@ -765,9 +766,33 @@
         cancelMainResourceLoad(frameLoader->cancelledError(m_request));
 }
 
+#if ENABLE(RESOURCE_LOAD_STATISTICS)
+static URL microsoftTeamsRedirectURL()
+{
+    return URL(URL(), "https://www.microsoft.com/en-us/microsoft-365/microsoft-teams/");
+}
+#endif
+
 void DocumentLoader::responseReceived(CachedResource& resource, const ResourceResponse& response, CompletionHandler<void()>&& completionHandler)
 {
     ASSERT_UNUSED(resource, m_mainResource == &resource);
+
+#if ENABLE(RESOURCE_LOAD_STATISTICS)
+    // FIXME(218779): Remove this quirk once microsoft.com completes their login flow redesign.
+    if (m_frame && m_frame->document()) {
+        auto& document = *m_frame->document();
+        if (Quirks::isMicrosoftTeamsRedirectURL(response.url())) {
+            auto firstPartyDomain = RegistrableDomain(response.url());
+            if (auto loginDomain = NetworkStorageSession::loginDomainForFirstParty(firstPartyDomain)) {
+                if (!ResourceLoadObserver::shared().hasCrossPageStorageAccess(*loginDomain, firstPartyDomain)) {
+                    m_frame->navigationScheduler().scheduleRedirect(document, 0, microsoftTeamsRedirectURL());
+                    return;
+                }
+            }
+        }
+    }
+#endif
+
 #if ENABLE(SERVICE_WORKER)
     if (RuntimeEnabledFeatures::sharedFeatures().serviceWorkerEnabled() && response.source() == ResourceResponse::Source::MemoryCache) {
         matchRegistration(response.url(), [this, protectedThis = makeRef(*this), response, completionHandler = WTFMove(completionHandler)](auto&& registrationData) mutable {

Modified: trunk/Source/WebCore/page/Quirks.cpp (270420 => 270421)


--- trunk/Source/WebCore/page/Quirks.cpp	2020-12-04 01:22:19 UTC (rev 270420)
+++ trunk/Source/WebCore/page/Quirks.cpp	2020-12-04 01:32:23 UTC (rev 270421)
@@ -978,6 +978,11 @@
 
     return domain == microsoftDotCom || domain == liveDotCom;
 }
+
+bool Quirks::isMicrosoftTeamsRedirectURL(const URL& url)
+{
+    return url.host() == "teams.microsoft.com"_s && url.query().toString().contains("Retried+3+times+without+success");
+}
 #endif
 
 Quirks::StorageAccessResult Quirks::triggerOptionalStorageAccessQuirk(Element& element, const PlatformMouseEvent& platformEvent, const AtomString& eventType, int detail, Element* relatedTarget) const

Modified: trunk/Source/WebCore/page/Quirks.h (270420 => 270421)


--- trunk/Source/WebCore/page/Quirks.h	2020-12-04 01:22:19 UTC (rev 270420)
+++ trunk/Source/WebCore/page/Quirks.h	2020-12-04 01:32:23 UTC (rev 270421)
@@ -122,6 +122,10 @@
 
     bool needsBlackFullscreenBackgroundQuirk() const;
 
+#if ENABLE(RESOURCE_LOAD_STATISTICS)
+    static bool isMicrosoftTeamsRedirectURL(const URL&);
+#endif
+
 private:
     bool needsQuirks() const;
 

_______________________________________________
webkit-changes mailing list
[email protected]
https://lists.webkit.org/mailman/listinfo/webkit-changes

Reply via email to