Branch: refs/heads/main
Home: https://github.com/WebKit/WebKit
Commit: d0bd5b24d0d4cb28c69784f4b7789ae885e997d0
https://github.com/WebKit/WebKit/commit/d0bd5b24d0d4cb28c69784f4b7789ae885e997d0
Author: Matthew Finkel <[email protected]>
Date: 2026-02-18 (Wed, 18 Feb 2026)
Changed paths:
M Source/WebKit/Platform/cocoa/WebPrivacyHelpers.h
M Source/WebKit/Platform/cocoa/WebPrivacyHelpers.mm
M Source/WebKit/Shared/ScriptTrackingPrivacyFilter.cpp
M Tools/TestWebKitAPI/Tests/WebKitCocoa/ScriptTrackingPrivacyTests.mm
Log Message:
-----------
Improve isTaintedScriptURLBlockable when ADVANCED_PRIVACY_PROTECTIONS and
TRACKER_NETWORK_REQUEST_BLOCKING isn't defined
https://bugs.webkit.org/show_bug.cgi?id=308012
rdar://170510641
Reviewed by Pascoe.
This patch provides a default implementation of
WebKit::isTaintedScriptURLBlockable when ADVANCED_PRIVACY_PROTECTIONS isn't
defined, and checked against a testing domain when
TRACKER_NETWORK_REQUEST_BLOCKING isn't defined. This implementation uses
tainted.example because it is not a registrable domain (therefore safe to use
in production). As such, I am changing all of the API tests to use
tainted.example instead of tainted.net.
* Source/WebKit/Platform/cocoa/WebPrivacyHelpers.h:
* Source/WebKit/Platform/cocoa/WebPrivacyHelpers.mm:
(WebKit::isTaintedScriptURLBlockable):
* Source/WebKit/Shared/ScriptTrackingPrivacyFilter.cpp:
(WebKit::ScriptTrackingPrivacyFilter::shouldAllowAccess):
(WebKit::ScriptTrackingPrivacyFilter::shouldBlockRequest):
* Tools/TestWebKitAPI/Tests/WebKitCocoa/ScriptTrackingPrivacyTests.mm:
(TestWebKitAPI::(ScriptTrackingPrivacyTests, Referrer)):
(TestWebKitAPI::(ScriptTrackingPrivacyTests, QueryParameters)):
(TestWebKitAPI::(ScriptTrackingPrivacyTests, ConsistentQueryParameters)):
(TestWebKitAPI::(ScriptTrackingPrivacyTests, Canvas2D)):
(TestWebKitAPI::(ScriptTrackingPrivacyTests, AudioSamples)):
(TestWebKitAPI::(ScriptTrackingPrivacyTests, ScreenMetrics)):
(TestWebKitAPI::(ScriptTrackingPrivacyTests, ScriptWrittenCookies)):
(TestWebKitAPI::(ScriptTrackingPrivacyTests, LocalStorage)):
(TestWebKitAPI::(ScriptTrackingPrivacyTests, HardwareConcurrency)):
(TestWebKitAPI::(ScriptTrackingPrivacyTests, SpeechSynthesisGetVoices)):
(TestWebKitAPI::(ScriptTrackingPrivacyTests, DirectFormFieldAccess)):
(TestWebKitAPI::(ScriptTrackingPrivacyTests, ScriptAccessCategories)):
(TestWebKitAPI::(ScriptTrackingPrivacyTests,
ScriptAccessCategoriesAppendTaintedInlineScript)):
(TestWebKitAPI::(ScriptTrackingPrivacyTests,
ScriptAccessCategoriesWithTimeout)):
(TestWebKitAPI::(ScriptTrackingPrivacyTests, FetchBlocked)):
(TestWebKitAPI::(ScriptTrackingPrivacyTests, XHRBlocked)):
(TestWebKitAPI::(ScriptTrackingPrivacyTests, SyncXHRBlocked)):
(TestWebKitAPI::(ScriptTrackingPrivacyTests, ImgElementLoadBlocked)):
(TestWebKitAPI::(ScriptTrackingPrivacyTests, BlockSubsequentFetch)):
(TestWebKitAPI::(ScriptTrackingPrivacyTests, ScriptElementLoadBlocked)):
(TestWebKitAPI::(ScriptTrackingPrivacyTests, BlockSubsequentElement)):
(TestWebKitAPI::(ScriptTrackingPrivacyTests, BlockSubsequent2Element)):
Canonical link: https://commits.webkit.org/307771@main
To unsubscribe from these emails, change your notification settings at
https://github.com/WebKit/WebKit/settings/notifications
