[webkit-changes] [286656] trunk

Wed, 08 Dec 2021 08:27:41 -0800

Title: [286656] trunk
Revision
286656
Author
[email protected]
Date
2021-12-08 08:27:03 -0800 (Wed, 08 Dec 2021)

Log Message

Same-site lax cookies not sent by fetch event handler after page reload
https://bugs.webkit.org/show_bug.cgi?id=226386
<rdar://problem/78878853>

Reviewed by Chris Dumez.

Source/WebCore:

When a service worker fetches a navigation request exposed from the fetch event, we need to keep isTopSite intact as
the service worker does not really have the information of which frame is actually loaded and whether it is a main frame or not.

Tests: http/wpt/service-workers/cross-site-navigation-same-cookie-lax.https.html
       http/wpt/service-workers/same-cookie-lax.https.html

* loader/cache/CachedResource.cpp:

Source/WebKit:

StorageBlockingPolicy handling is not covered by generated code so explicit update StorageBlockingPolicy setting from preference store.
This impacts the computation of cookie/cache partitioning.

* WebProcess/Storage/WebSWContextManagerConnection.cpp:

LayoutTests:

* http/wpt/service-workers/cross-site-navigation-same-cookie-lax.https-expected.txt: Added.
* http/wpt/service-workers/cross-site-navigation-same-cookie-lax.https.html: Added.
* http/wpt/service-workers/resources/get-cookie.py: Added.
* http/wpt/service-workers/resources/get-document-cookie.py: Added.
* http/wpt/service-workers/resources/set-cookie-lax.py: Added.
* http/wpt/service-workers/same-cookie-lax-worker.js: Added.
* http/wpt/service-workers/same-cookie-lax.https-expected.txt: Added.
* http/wpt/service-workers/same-cookie-lax.https.html: Added.

Modified Paths

Added Paths

Diff

Modified: trunk/LayoutTests/ChangeLog (286655 => 286656)


--- trunk/LayoutTests/ChangeLog	2021-12-08 15:59:47 UTC (rev 286655)
+++ trunk/LayoutTests/ChangeLog	2021-12-08 16:27:03 UTC (rev 286656)
@@ -1,5 +1,22 @@
 2021-12-08  Youenn Fablet  <[email protected]>
 
+        Same-site lax cookies not sent by fetch event handler after page reload
+        https://bugs.webkit.org/show_bug.cgi?id=226386
+        <rdar://problem/78878853>
+
+        Reviewed by Chris Dumez.
+
+        * http/wpt/service-workers/cross-site-navigation-same-cookie-lax.https-expected.txt: Added.
+        * http/wpt/service-workers/cross-site-navigation-same-cookie-lax.https.html: Added.
+        * http/wpt/service-workers/resources/get-cookie.py: Added.
+        * http/wpt/service-workers/resources/get-document-cookie.py: Added.
+        * http/wpt/service-workers/resources/set-cookie-lax.py: Added.
+        * http/wpt/service-workers/same-cookie-lax-worker.js: Added.
+        * http/wpt/service-workers/same-cookie-lax.https-expected.txt: Added.
+        * http/wpt/service-workers/same-cookie-lax.https.html: Added.
+
+2021-12-08  Youenn Fablet  <[email protected]>
+
         Safari Bug "no-cache" network error
         https://bugs.webkit.org/show_bug.cgi?id=233916

Added: trunk/LayoutTests/http/wpt/service-workers/cross-site-navigation-same-cookie-lax.https-expected.txt (0 => 286656)


--- trunk/LayoutTests/http/wpt/service-workers/cross-site-navigation-same-cookie-lax.https-expected.txt	                        (rev 0)
+++ trunk/LayoutTests/http/wpt/service-workers/cross-site-navigation-same-cookie-lax.https-expected.txt	2021-12-08 16:27:03 UTC (rev 286656)
@@ -0,0 +1 @@
+PASS: got samesite-cookie-test=1

Added: trunk/LayoutTests/http/wpt/service-workers/cross-site-navigation-same-cookie-lax.https.html (0 => 286656)


--- trunk/LayoutTests/http/wpt/service-workers/cross-site-navigation-same-cookie-lax.https.html	                        (rev 0)
+++ trunk/LayoutTests/http/wpt/service-workers/cross-site-navigation-same-cookie-lax.https.html	2021-12-08 16:27:03 UTC (rev 286656)
@@ -0,0 +1,39 @@
+<html>
+<head>
+</head>
+<body>
+<script>
+
+if (window.testRunner) {
+    testRunner.waitUntilDone();
+    testRunner.dumpAsText();
+}
+
+var scope = "";
+
+async function doTest()
+{
+    if (window.origin == "https://127.0.0.1:9443") {
+        window.location = "https://localhost:9443/WebKit/service-workers/resources/get-document-cookie.py?fetchTest";
+        return;
+    }
+
+    const registration = await navigator.serviceWorker.register("same-cookie-lax-worker.js", { scope : scope });
+    if (!registration.active) {
+        const worker = registration.installing;
+        await new Promise(resolve => {
+            worker.addEventListener('statechange', () => {
+                if (worker.state === "activated")
+                    resolve();
+            });
+        });
+    }
+    const cookieValue = "PASS: got samesite-cookie-test";
+    await fetch("resources/set-cookie-lax.py?name=" + cookieValue);
+
+    window.location = "https://127.0.0.1:9443/WebKit/service-workers/cross-site-navigation-same-cookie-lax.https.html?fetchTest";
+}
+doTest();
+</script>
+</body>
+</html>

Added: trunk/LayoutTests/http/wpt/service-workers/resources/get-cookie.py (0 => 286656)


--- trunk/LayoutTests/http/wpt/service-workers/resources/get-cookie.py	                        (rev 0)
+++ trunk/LayoutTests/http/wpt/service-workers/resources/get-cookie.py	2021-12-08 16:27:03 UTC (rev 286656)
@@ -0,0 +1,6 @@
+def main(request, response):
+    headers = [
+        ("Content-Type", "text/ascii"),
+    ]
+    body = request.headers.get("Cookie", "")
+    return headers, body

Added: trunk/LayoutTests/http/wpt/service-workers/resources/get-document-cookie.py (0 => 286656)


--- trunk/LayoutTests/http/wpt/service-workers/resources/get-document-cookie.py	                        (rev 0)
+++ trunk/LayoutTests/http/wpt/service-workers/resources/get-document-cookie.py	2021-12-08 16:27:03 UTC (rev 286656)
@@ -0,0 +1,7 @@
+def main(request, response):
+    headers = [
+        ("Content-Type", "text/html"),
+    ]
+    cookie = request.headers.get("Cookie", "no cookie")
+
+    return headers, "<html><body><div>%s</div><script>if (window.testRunner) testRunner.notifyDone();</script></body></html>" % cookie.decode()

Added: trunk/LayoutTests/http/wpt/service-workers/resources/set-cookie-lax.py (0 => 286656)


--- trunk/LayoutTests/http/wpt/service-workers/resources/set-cookie-lax.py	                        (rev 0)
+++ trunk/LayoutTests/http/wpt/service-workers/resources/set-cookie-lax.py	2021-12-08 16:27:03 UTC (rev 286656)
@@ -0,0 +1,12 @@
+import sys
+from urllib.parse import urlparse, parse_qs
+
+
+def main(request, response):
+    params = parse_qs(request.url_parts.query)
+    headers = [
+        ("Content-Type", "application/json"),
+        ("Set-Cookie", "{name[0]}=1; path=/; secure; HttpOnly; SameSite=Lax".format(**params))
+    ]
+    body = "{}"
+    return headers, body

Added: trunk/LayoutTests/http/wpt/service-workers/same-cookie-lax-worker.js (0 => 286656)


--- trunk/LayoutTests/http/wpt/service-workers/same-cookie-lax-worker.js	                        (rev 0)
+++ trunk/LayoutTests/http/wpt/service-workers/same-cookie-lax-worker.js	2021-12-08 16:27:03 UTC (rev 286656)
@@ -0,0 +1,23 @@
+async function doTest(event)
+{
+    try {
+        if (!event.data.startsWith("test-cookie")) {
+            event.source.postMessage("FAIL: received unexpected message from client");
+            return;
+        }
+
+        const response = await fetch("resources/get-cookie.py");
+        event.source.postMessage(await response.text());
+    } catch (e) {
+        event.source.postMessage(e);
+    }
+}
+
+function doFetch(event)
+{
+    if (event.request.url.includes("fetchTest"))
+        event.respondWith(fetch(event.request));
+}
+
+self.addEventListener("message", doTest);
+self.addEventListener("fetch", doFetch);

Added: trunk/LayoutTests/http/wpt/service-workers/same-cookie-lax.https-expected.txt (0 => 286656)


--- trunk/LayoutTests/http/wpt/service-workers/same-cookie-lax.https-expected.txt	                        (rev 0)
+++ trunk/LayoutTests/http/wpt/service-workers/same-cookie-lax.https-expected.txt	2021-12-08 16:27:03 UTC (rev 286656)
@@ -0,0 +1,5 @@
+
+PASS Setup worker
+PASS Test service worker samesite lax cookie - service worker internal fetch
+PASS Test service worker samesite lax cookie - fetch served from service worker
+

Added: trunk/LayoutTests/http/wpt/service-workers/same-cookie-lax.https.html (0 => 286656)


--- trunk/LayoutTests/http/wpt/service-workers/same-cookie-lax.https.html	                        (rev 0)
+++ trunk/LayoutTests/http/wpt/service-workers/same-cookie-lax.https.html	2021-12-08 16:27:03 UTC (rev 286656)
@@ -0,0 +1,50 @@
+<html>
+<head>
+<script src=""
+<script src=""
+</head>
+<body>
+<script>
+var scope = "";
+var activeWorker;
+
+promise_test(async (test) => {
+    var registration = await navigator.serviceWorker.register("same-cookie-lax-worker.js", { scope : scope });
+    activeWorker = registration.active;
+    if (activeWorker)
+        return;
+    activeWorker = registration.installing;
+    return new Promise(resolve => {
+        activeWorker.addEventListener('statechange', () => {
+            if (activeWorker.state === "activated")
+                resolve();
+        });
+    });
+}, "Setup worker");
+
+promise_test(async (test) => {
+    const cookieValue = "samesite-cookie-test";
+    await fetch("resources/set-cookie-lax.py?name=" + cookieValue);
+
+    var promise = new Promise((resolve, reject) => {
+        navigator.serviceWorker.addEventListener("message", (event) => {
+            resolve(event.data);
+        });
+    });
+
+    activeWorker.postMessage("test-cookie");
+    const result = await promise;
+    assert_true(result.includes(cookieValue + "=1"));
+}, "Test service worker samesite lax cookie - service worker internal fetch");
+
+promise_test(async (test) => {
+    const cookieValue = "samesite-cookie-test-fetch";
+    await fetch("resources/set-cookie-lax.py?name=" + cookieValue);
+
+    const response = await fetch("resources/get-cookie.py?fetchTest");
+    const result = await response.text();
+    assert_true(result.includes(cookieValue + "=1"));
+}, "Test service worker samesite lax cookie - fetch served from service worker");
+</script>
+</body>
+</html>

Modified: trunk/Source/WebCore/ChangeLog (286655 => 286656)


--- trunk/Source/WebCore/ChangeLog	2021-12-08 15:59:47 UTC (rev 286655)
+++ trunk/Source/WebCore/ChangeLog	2021-12-08 16:27:03 UTC (rev 286656)
@@ -1,5 +1,21 @@
 2021-12-08  Youenn Fablet  <[email protected]>
 
+        Same-site lax cookies not sent by fetch event handler after page reload
+        https://bugs.webkit.org/show_bug.cgi?id=226386
+        <rdar://problem/78878853>
+
+        Reviewed by Chris Dumez.
+
+        When a service worker fetches a navigation request exposed from the fetch event, we need to keep isTopSite intact as
+        the service worker does not really have the information of which frame is actually loaded and whether it is a main frame or not.
+
+        Tests: http/wpt/service-workers/cross-site-navigation-same-cookie-lax.https.html
+               http/wpt/service-workers/same-cookie-lax.https.html
+
+        * loader/cache/CachedResource.cpp:
+
+2021-12-08  Youenn Fablet  <[email protected]>
+
         Safari Bug "no-cache" network error
         https://bugs.webkit.org/show_bug.cgi?id=233916

Modified: trunk/Source/WebCore/loader/FrameLoader.cpp (286655 => 286656)


--- trunk/Source/WebCore/loader/FrameLoader.cpp	2021-12-08 15:59:47 UTC (rev 286655)
+++ trunk/Source/WebCore/loader/FrameLoader.cpp	2021-12-08 16:27:03 UTC (rev 286656)
@@ -2899,8 +2899,10 @@
     return ResourceRequestCachePolicy::UseProtocolCachePolicy;
 }
 
-void FrameLoader::updateRequestAndAddExtraFields(ResourceRequest& request, IsMainResource mainResource, FrameLoadType loadType, ShouldUpdateAppInitiatedValue shouldUpdate)
+void FrameLoader::updateRequestAndAddExtraFields(ResourceRequest& request, IsMainResource mainResource, FrameLoadType loadType, ShouldUpdateAppInitiatedValue shouldUpdate, IsServiceWorkerNavigationLoad isServiceWorkerNavigationLoad)
 {
+    ASSERT(isServiceWorkerNavigationLoad == IsServiceWorkerNavigationLoad::No || mainResource != IsMainResource::Yes);
+
     // If the request came from a previous process due to process-swap-on-navigation then we should not modify the request.
     if (m_currentLoadContinuingState == LoadContinuingState::ContinuingWithRequest)
         return;
@@ -2928,8 +2930,11 @@
         }
         addSameSiteInfoToRequestIfNeeded(request, initiator);
     }
-    request.setIsTopSite(isMainFrameMainResource);
 
+    // In case of service worker navigation load, we inherit isTopSite from the FetchEvent request directly.
+    if (isServiceWorkerNavigationLoad == IsServiceWorkerNavigationLoad::No)
+        request.setIsTopSite(isMainFrameMainResource);
+
     Page* page = frame().page();
     bool hasSpecificCachePolicy = request.cachePolicy() != ResourceRequestCachePolicy::UseProtocolCachePolicy;

Modified: trunk/Source/WebCore/loader/FrameLoader.h (286655 => 286656)


--- trunk/Source/WebCore/loader/FrameLoader.h	2021-12-08 15:59:47 UTC (rev 286655)
+++ trunk/Source/WebCore/loader/FrameLoader.h	2021-12-08 16:27:03 UTC (rev 286656)
@@ -317,8 +317,9 @@
     void setAlwaysAllowLocalWebarchive(bool alwaysAllowLocalWebarchive) { m_alwaysAllowLocalWebarchive = alwaysAllowLocalWebarchive; }
     bool alwaysAllowLocalWebarchive() const { return m_alwaysAllowLocalWebarchive; }
 
+    enum class IsServiceWorkerNavigationLoad : bool { No, Yes };
     // For subresource requests the FrameLoadType parameter has no effect and can be skipped.
-    void updateRequestAndAddExtraFields(ResourceRequest&, IsMainResource, FrameLoadType = FrameLoadType::Standard, ShouldUpdateAppInitiatedValue = ShouldUpdateAppInitiatedValue::Yes);
+    void updateRequestAndAddExtraFields(ResourceRequest&, IsMainResource, FrameLoadType = FrameLoadType::Standard, ShouldUpdateAppInitiatedValue = ShouldUpdateAppInitiatedValue::Yes, IsServiceWorkerNavigationLoad = IsServiceWorkerNavigationLoad::No);
 
     void scheduleRefreshIfNeeded(Document&, const String& content, IsMetaRefresh);

Modified: trunk/Source/WebCore/loader/cache/CachedResource.cpp (286655 => 286656)


--- trunk/Source/WebCore/loader/cache/CachedResource.cpp	2021-12-08 15:59:47 UTC (rev 286655)
+++ trunk/Source/WebCore/loader/cache/CachedResource.cpp	2021-12-08 16:27:03 UTC (rev 286656)
@@ -241,8 +241,10 @@
 
     // Navigation algorithm is setting up the request before sending it to CachedResourceLoader?CachedResource.
     // So no need for extra fields for MainResource.
-    if (type() != Type::MainResource)
-        frameLoader.updateRequestAndAddExtraFields(m_resourceRequest, IsMainResource::No);
+    if (type() != Type::MainResource) {
+        bool isServiceWorkerNavigationLoad = type() != Type::SVGDocumentResource && m_options.serviceWorkersMode == ServiceWorkersMode::None && (m_options.destination == FetchOptions::Destination::Document || m_options.destination == FetchOptions::Destination::Iframe);
+        frameLoader.updateRequestAndAddExtraFields(m_resourceRequest, IsMainResource::No, FrameLoadType::Standard, ShouldUpdateAppInitiatedValue::Yes, isServiceWorkerNavigationLoad ? FrameLoader::IsServiceWorkerNavigationLoad::Yes : FrameLoader::IsServiceWorkerNavigationLoad::No);
+    }
 
     // FIXME: It's unfortunate that the cache layer and below get to know anything about fragment identifiers.
     // We should look into removing the expectation of that knowledge from the platform network stacks.

Modified: trunk/Source/WebKit/ChangeLog (286655 => 286656)


--- trunk/Source/WebKit/ChangeLog	2021-12-08 15:59:47 UTC (rev 286655)
+++ trunk/Source/WebKit/ChangeLog	2021-12-08 16:27:03 UTC (rev 286656)
@@ -1,5 +1,18 @@
 2021-12-08  Youenn Fablet  <[email protected]>
 
+        Same-site lax cookies not sent by fetch event handler after page reload
+        https://bugs.webkit.org/show_bug.cgi?id=226386
+        <rdar://problem/78878853>
+
+        Reviewed by Chris Dumez.
+
+        StorageBlockingPolicy handling is not covered by generated code so explicit update StorageBlockingPolicy setting from preference store.
+        This impacts the computation of cookie/cache partitioning.
+
+        * WebProcess/Storage/WebSWContextManagerConnection.cpp:
+
+2021-12-08  Youenn Fablet  <[email protected]>
+
         Let RemoteAudioMediaStreamTrackRendererInternalUnitManager::Unit switch to VPIO unit if VPIO is running
         https://bugs.webkit.org/show_bug.cgi?id=233316

Modified: trunk/Source/WebKit/WebProcess/Storage/WebSWContextManagerConnection.cpp (286655 => 286656)


--- trunk/Source/WebKit/WebProcess/Storage/WebSWContextManagerConnection.cpp	2021-12-08 15:59:47 UTC (rev 286655)
+++ trunk/Source/WebKit/WebProcess/Storage/WebSWContextManagerConnection.cpp	2021-12-08 16:27:03 UTC (rev 286656)
@@ -167,8 +167,10 @@
     
     auto lastNavigationWasAppInitiated = contextData.lastNavigationWasAppInitiated;
     auto page = makeUniqueRef<Page>(WTFMove(pageConfiguration));
-    if (m_preferencesStore)
+    if (m_preferencesStore) {
         WebPage::updateSettingsGenerated(*m_preferencesStore, page->settings());
+        page->settings().setStorageBlockingPolicy(static_cast<StorageBlockingPolicy>(m_preferencesStore->getUInt32ValueForKey(WebPreferencesKey::storageBlockingPolicyKey())));
+    }
     ServiceWorkerThreadProxy::setupPageForServiceWorker(page.get(), contextData);
     auto serviceWorkerThreadProxy = ServiceWorkerThreadProxy::create(WTFMove(page), WTFMove(contextData), WTFMove(workerData), WTFMove(effectiveUserAgent), workerThreadMode, WebProcess::singleton().cacheStorageProvider());
 

_______________________________________________
webkit-changes mailing list
[email protected]
https://lists.webkit.org/mailman/listinfo/webkit-changes

Reply via email to