[webkit-changes] [280250] trunk

Fri, 23 Jul 2021 11:24:10 -0700

Title: [280250] trunk
Revision
280250
Author
[email protected]
Date
2021-07-23 11:23:14 -0700 (Fri, 23 Jul 2021)

Log Message

WebSocket traffic should be correctly assigned to either Developer or User.
https://bugs.webkit.org/show_bug.cgi?id=227564
<rdar://problem/79307301>

Patch by Richard Houle <[email protected]> on 2021-07-23
Reviewed by Kate Cheney.

Source/WebCore:

Tests: http/tests/app-privacy-report/websocket-isappinitiated.html
       http/tests/app-privacy-report/websocket-isnotappinitiated.html

* Modules/websockets/ThreadableWebSocketChannel.cpp:
(WebCore::ThreadableWebSocketChannel::webSocketConnectRequest):

Source/WebKit:

* NetworkProcess/cocoa/NetworkSessionCocoa.mm:
(WebKit::NetworkSessionCocoa::createWebSocketTask):

LayoutTests:

* http/tests/app-privacy-report/websocket-isappinitiated-expected.txt: Added.
* http/tests/app-privacy-report/websocket-isappinitiated.html: Added.
* http/tests/app-privacy-report/websocket-isnotappinitiated-expected.txt: Added.
* http/tests/app-privacy-report/websocket-isnotappinitiated.html: Added.

Modified Paths

Added Paths

Diff

Modified: trunk/LayoutTests/ChangeLog (280249 => 280250)


--- trunk/LayoutTests/ChangeLog	2021-07-23 18:12:32 UTC (rev 280249)
+++ trunk/LayoutTests/ChangeLog	2021-07-23 18:23:14 UTC (rev 280250)
@@ -1,3 +1,16 @@
+2021-07-23  Richard Houle  <[email protected]>
+
+        WebSocket traffic should be correctly assigned to either Developer or User.
+        https://bugs.webkit.org/show_bug.cgi?id=227564
+        <rdar://problem/79307301>
+
+        Reviewed by Kate Cheney.
+
+        * http/tests/app-privacy-report/websocket-isappinitiated-expected.txt: Added.
+        * http/tests/app-privacy-report/websocket-isappinitiated.html: Added.
+        * http/tests/app-privacy-report/websocket-isnotappinitiated-expected.txt: Added.
+        * http/tests/app-privacy-report/websocket-isnotappinitiated.html: Added.
+
 2021-07-23  Eric Hutchison  <[email protected]>
 
         [ BigSur wk1 Debug arm64 ] imported/w3c/web-platform-tests/IndexedDB/idbcursor-iterating-update.htm is a flaky timeout.

Added: trunk/LayoutTests/http/tests/app-privacy-report/websocket-isappinitiated-expected.txt (0 => 280250)


--- trunk/LayoutTests/http/tests/app-privacy-report/websocket-isappinitiated-expected.txt	                        (rev 0)
+++ trunk/LayoutTests/http/tests/app-privacy-report/websocket-isappinitiated-expected.txt	2021-07-23 18:23:14 UTC (rev 280250)
@@ -0,0 +1,10 @@
+Ensure web socket loads are attributed correctly.
+
+On success, you will see a series of "PASS" messages, followed by "TEST COMPLETE".
+
+
+PASS successfully loaded only app initiated requests
+PASS successfullyParsed is true
+
+TEST COMPLETE
+

Added: trunk/LayoutTests/http/tests/app-privacy-report/websocket-isappinitiated.html (0 => 280250)


--- trunk/LayoutTests/http/tests/app-privacy-report/websocket-isappinitiated.html	                        (rev 0)
+++ trunk/LayoutTests/http/tests/app-privacy-report/websocket-isappinitiated.html	2021-07-23 18:23:14 UTC (rev 280250)
@@ -0,0 +1,46 @@
+<!DOCTYPE html><!-- webkit-test-runner [ isAppInitiated=true ] -->
+<head>
+    <script src=""
+</head>
+<body _onload_="runTest()">
+<script>
+    description('Ensure web socket loads are attributed correctly.');
+
+    window.jsTestIsAsync = true;
+
+    if (window.testRunner)
+        testRunner.setAllowsAnySSLCertificate(true);
+
+    function log(message)
+    {
+        document.getElementById('console').appendChild(document.createTextNode(message + '\n'));
+    }
+
+    function askForAttribution() {
+        var didLoadAppBoundRequest = testRunner.didLoadAppInitiatedRequest();
+        var didLoadNonAppBoundRequest = testRunner.didLoadNonAppInitiatedRequest();
+
+        if (didLoadNonAppBoundRequest) {
+            log("FAIL did load non app initiated request");
+            finishJSTest();
+            return;
+        }
+
+        if (!didLoadAppBoundRequest) {
+            log("FAIL did not load app initiated request");
+            finishJSTest();
+            return;
+        }
+
+        log("PASS successfully loaded only app initiated requests");
+
+        finishJSTest();
+    }
+
+    function runTest() {
+        new WebSocket('ws://localhost:8880/websocket/tests/hybi/simple');
+        setTimeout(askForAttribution, 0);
+    }
+</script>
+<script src=""
+</body>
\ No newline at end of file

Added: trunk/LayoutTests/http/tests/app-privacy-report/websocket-isnotappinitiated-expected.txt (0 => 280250)


--- trunk/LayoutTests/http/tests/app-privacy-report/websocket-isnotappinitiated-expected.txt	                        (rev 0)
+++ trunk/LayoutTests/http/tests/app-privacy-report/websocket-isnotappinitiated-expected.txt	2021-07-23 18:23:14 UTC (rev 280250)
@@ -0,0 +1,10 @@
+Ensure web socket loads are attributed correctly.
+
+On success, you will see a series of "PASS" messages, followed by "TEST COMPLETE".
+
+
+PASS successfully loaded only non app initiated requests
+PASS successfullyParsed is true
+
+TEST COMPLETE
+

Added: trunk/LayoutTests/http/tests/app-privacy-report/websocket-isnotappinitiated.html (0 => 280250)


--- trunk/LayoutTests/http/tests/app-privacy-report/websocket-isnotappinitiated.html	                        (rev 0)
+++ trunk/LayoutTests/http/tests/app-privacy-report/websocket-isnotappinitiated.html	2021-07-23 18:23:14 UTC (rev 280250)
@@ -0,0 +1,46 @@
+<!DOCTYPE html><!-- webkit-test-runner [ isAppInitiated=false ] -->
+<head>
+    <script src=""
+</head>
+<body _onload_="runTest()">
+<script>
+    description('Ensure web socket loads are attributed correctly.');
+
+    window.jsTestIsAsync = true;
+
+    if (window.testRunner)
+        testRunner.setAllowsAnySSLCertificate(true);
+
+    function log(message)
+    {
+        document.getElementById('console').appendChild(document.createTextNode(message + '\n'));
+    }
+
+    function askForAttribution() {
+        var didLoadAppBoundRequest = testRunner.didLoadAppInitiatedRequest();
+        var didLoadNonAppBoundRequest = testRunner.didLoadNonAppInitiatedRequest();
+
+        if (didLoadAppBoundRequest) {
+            log("FAIL did load app initiated request");
+            finishJSTest();
+            return;
+        }
+
+        if (!didLoadNonAppBoundRequest) {
+            log("FAIL did not load non app initiated request");
+            finishJSTest();
+            return;
+        }
+
+        log("PASS successfully loaded only non app initiated requests");
+
+        finishJSTest();
+    }
+
+    function runTest() {
+        new WebSocket('ws://localhost:8880/websocket/tests/hybi/simple');
+        setTimeout(askForAttribution, 0);
+    }
+</script>
+<script src=""
+</body>
\ No newline at end of file

Modified: trunk/Source/WebCore/ChangeLog (280249 => 280250)


--- trunk/Source/WebCore/ChangeLog	2021-07-23 18:12:32 UTC (rev 280249)
+++ trunk/Source/WebCore/ChangeLog	2021-07-23 18:23:14 UTC (rev 280250)
@@ -1,3 +1,17 @@
+2021-07-23  Richard Houle  <[email protected]>
+
+        WebSocket traffic should be correctly assigned to either Developer or User.
+        https://bugs.webkit.org/show_bug.cgi?id=227564
+        <rdar://problem/79307301>
+
+        Reviewed by Kate Cheney.
+
+        Tests: http/tests/app-privacy-report/websocket-isappinitiated.html
+               http/tests/app-privacy-report/websocket-isnotappinitiated.html
+
+        * Modules/websockets/ThreadableWebSocketChannel.cpp:
+        (WebCore::ThreadableWebSocketChannel::webSocketConnectRequest):
+
 2021-07-23  Aditya Keerthi  <[email protected]>
 
         [macOS] Repainting artifacts when moving input type=range slider thumb

Modified: trunk/Source/WebCore/Modules/websockets/ThreadableWebSocketChannel.cpp (280249 => 280250)


--- trunk/Source/WebCore/Modules/websockets/ThreadableWebSocketChannel.cpp	2021-07-23 18:12:32 UTC (rev 280249)
+++ trunk/Source/WebCore/Modules/websockets/ThreadableWebSocketChannel.cpp	2021-07-23 18:23:14 UTC (rev 280250)
@@ -33,6 +33,7 @@
 
 #include "ContentRuleListResults.h"
 #include "Document.h"
+#include "DocumentLoader.h"
 #include "FrameLoader.h"
 #include "HTTPHeaderValues.h"
 #include "Page.h"
@@ -121,6 +122,10 @@
     request.setAllowCookies(validatedURL->areCookiesAllowed);
     request.setFirstPartyForCookies(document.firstPartyForCookies());
     request.setHTTPHeaderField(HTTPHeaderName::Origin, document.securityOrigin().toString());
+
+    if (auto* documentLoader = document.loader())
+        request.setIsAppInitiated(documentLoader->lastNavigationWasAppInitiated());
+
     FrameLoader::addSameSiteInfoToRequestIfNeeded(request, &document);
 
     // Add no-cache headers to avoid compatibility issue.

Modified: trunk/Source/WebKit/ChangeLog (280249 => 280250)


--- trunk/Source/WebKit/ChangeLog	2021-07-23 18:12:32 UTC (rev 280249)
+++ trunk/Source/WebKit/ChangeLog	2021-07-23 18:23:14 UTC (rev 280250)
@@ -1,3 +1,14 @@
+2021-07-23  Richard Houle  <[email protected]>
+
+        WebSocket traffic should be correctly assigned to either Developer or User.
+        https://bugs.webkit.org/show_bug.cgi?id=227564
+        <rdar://problem/79307301>
+
+        Reviewed by Kate Cheney.
+
+        * NetworkProcess/cocoa/NetworkSessionCocoa.mm:
+        (WebKit::NetworkSessionCocoa::createWebSocketTask):
+
 2021-07-23  Sihui Liu  <[email protected]>
 
         Generate simulated crash when UI process fails to get network process connection

Modified: trunk/Source/WebKit/NetworkProcess/cocoa/NetworkSessionCocoa.mm (280249 => 280250)


--- trunk/Source/WebKit/NetworkProcess/cocoa/NetworkSessionCocoa.mm	2021-07-23 18:12:32 UTC (rev 280249)
+++ trunk/Source/WebKit/NetworkProcess/cocoa/NetworkSessionCocoa.mm	2021-07-23 18:23:14 UTC (rev 280250)
@@ -1710,6 +1710,16 @@
     // rdar://problem/68057031: explicitly disable sniffing for WebSocket handshakes.
     [nsRequest _setProperty:@NO forKey:(NSString *)_kCFURLConnectionPropertyShouldSniff];
 
+#if ENABLE(APP_PRIVACY_REPORT)
+    if (!request.isAppInitiated()) {
+        RetainPtr<NSMutableURLRequest> mutableRequest = adoptNS([nsRequest.get() mutableCopy]);
+        mutableRequest.get().attribution = NSURLRequestAttributionUser;
+        nsRequest = WTFMove(mutableRequest);
+    }
+
+    appPrivacyReportTestingData().didLoadAppInitiatedRequest(nsRequest.get().attribution == NSURLRequestAttributionDeveloper);
+#endif
+
     auto& sessionSet = sessionSetForPage(webPageProxyID);
     RetainPtr<NSURLSessionWebSocketTask> task = [sessionSet.sessionWithCredentialStorage.session webSocketTaskWithRequest:nsRequest.get()];
     

_______________________________________________
webkit-changes mailing list
[email protected]
https://lists.webkit.org/mailman/listinfo/webkit-changes

Reply via email to