Changeset 263736 in webkit

Timestamp:

Jun 30, 2020 2:26:57 AM (4 years ago)

Author:

commit-queue@webkit.org

Message:

Unreviewed, reverting r263724.
​https://bugs.webkit.org/show_bug.cgi?id=213781

Reverted changeset:

"Make _WKWebsiteDataStoreConfiguration SPI for HSTS storage to
replace _WKProcessPoolConfiguration.hstsStorageDirectory"
​https://bugs.webkit.org/show_bug.cgi?id=213048
​https://trac.webkit.org/changeset/263724

Location:

trunk/Source

Files:

• WTF/ChangeLog (modified) (1 diff)
• WTF/wtf/PlatformHave.h (modified) (1 diff)
• WebCore/PAL/ChangeLog (modified) (1 diff)
• WebCore/PAL/pal/spi/cf/CFNetworkSPI.h (modified) (2 diffs)
• WebKit/ChangeLog (modified) (1 diff)
• WebKit/NetworkProcess/NetworkProcess.cpp (modified) (5 diffs)
• WebKit/NetworkProcess/NetworkProcess.h (modified) (1 diff)
• WebKit/NetworkProcess/NetworkSessionCreationParameters.cpp (modified) (3 diffs)
• WebKit/NetworkProcess/NetworkSessionCreationParameters.h (modified) (1 diff)
• WebKit/NetworkProcess/cocoa/NetworkProcessCocoa.mm (modified) (2 diffs)
• WebKit/NetworkProcess/cocoa/NetworkSessionCocoa.h (modified) (2 diffs)
• WebKit/NetworkProcess/cocoa/NetworkSessionCocoa.mm (modified) (3 diffs)
• WebKit/NetworkProcess/soup/NetworkProcessSoup.cpp (modified) (1 diff)
• WebKit/UIProcess/API/C/mac/WKContextPrivateMac.h (modified) (2 diffs)
• WebKit/UIProcess/API/C/mac/WKContextPrivateMac.mm (modified) (1 diff)
• WebKit/UIProcess/API/Cocoa/_WKProcessPoolConfiguration.h (modified) (1 diff)
• WebKit/UIProcess/API/Cocoa/_WKWebsiteDataStoreConfiguration.h (modified) (1 diff)
• WebKit/UIProcess/API/Cocoa/_WKWebsiteDataStoreConfiguration.mm (modified) (1 diff)
• WebKit/UIProcess/Cocoa/WebProcessPoolCocoa.mm (modified) (2 diffs)
• WebKit/UIProcess/WebProcessPool.h (modified) (1 diff)
• WebKit/UIProcess/WebsiteData/WebsiteDataStore.cpp (modified) (3 diffs)
• WebKit/UIProcess/WebsiteData/WebsiteDataStore.h (modified) (1 diff)
• WebKit/UIProcess/WebsiteData/WebsiteDataStoreConfiguration.cpp (modified) (1 diff)
• WebKit/UIProcess/WebsiteData/WebsiteDataStoreConfiguration.h (modified) (2 diffs)

trunk/Source/WTF/ChangeLog

@@ +1 @@
+2020-06-30  Commit Queue  <commit-queue@webkit.org>
+
+        Unreviewed, reverting r263724.
+        https://bugs.webkit.org/show_bug.cgi?id=213781
+
+
+        Reverted changeset:
+
+        "Make _WKWebsiteDataStoreConfiguration SPI for HSTS storage to
+        replace _WKProcessPoolConfiguration.hstsStorageDirectory"
+        https://bugs.webkit.org/show_bug.cgi?id=213048
+        https://trac.webkit.org/changeset/263724
+
 2020-06-29  Geoffrey Garen  <ggaren@apple.com>
 

trunk/Source/WTF/wtf/PlatformHave.h

@@ -408 +408 @@
 #endif
 
-#if (PLATFORM(MAC) && __MAC_OS_X_VERSION_MIN_REQUIRED >= 101600) \
-    || ((PLATFORM(IOS) || PLATFORM(MACCATALYST)) && __IPHONE_OS_VERSION_MIN_REQUIRED >= 140000) \
-    || (PLATFORM(WATCHOS) && __WATCH_OS_VERSION_MIN_REQUIRED >= 70000) \
-    || (PLATFORM(APPLETV) && __TV_OS_VERSION_MIN_REQUIRED >= 140000)
-#define HAVE_HSTS_STORAGE 1
-#endif
-
 #if (PLATFORM(MAC) && __MAC_OS_X_VERSION_MIN_REQUIRED >= 101600) || (PLATFORM(IOS_FAMILY) && __IPHONE_OS_VERSION_MIN_REQUIRED >= 140000)
 #define HAVE_CFNETWORK_METRICS_APIS_V4 1

trunk/Source/WebCore/PAL/ChangeLog

@@ +1 @@
+2020-06-30  Commit Queue  <commit-queue@webkit.org>
+
+        Unreviewed, reverting r263724.
+        https://bugs.webkit.org/show_bug.cgi?id=213781
+
+
+        Reverted changeset:
+
+        "Make _WKWebsiteDataStoreConfiguration SPI for HSTS storage to
+        replace _WKProcessPoolConfiguration.hstsStorageDirectory"
+        https://bugs.webkit.org/show_bug.cgi?id=213048
+        https://trac.webkit.org/changeset/263724
+
 2020-06-29  Alex Christensen  <achristensen@webkit.org>
 

trunk/Source/WebCore/PAL/pal/spi/cf/CFNetworkSPI.h

@@ -408 +408 @@
 Boolean _CFNetworkSetATSContext(CFDataRef);
 
-#if PLATFORM(COCOA) && !HAVE(HSTS_STORAGE)
+#if PLATFORM(COCOA)
 extern const CFStringRef _kCFNetworkHSTSPreloaded;
 CFDictionaryRef _CFNetworkCopyHSTSPolicies(CFURLStorageSessionRef);
@@ -459 +459 @@
 @end
 
-#if HAVE(HSTS_STORAGE)
-@interface _NSHSTSStorage : NSObject
--(instancetype)initPersistentStoreWithURL:(nullable NSURL*)path;
--(BOOL)shouldPromoteHostToHTTPS:(NSString *)host;
--(NSArray<NSString *> *)nonPreloadedHosts;
--(void)resetHSTSForHost:(NSString *)host;
--(void)resetHSTSHostsSinceDate:(NSDate *)date;
-@end
-#endif
-
 @interface NSURLSessionConfiguration ()
 // FIXME: Remove this once rdar://problem/40650244 is in a build.
 @property (copy) NSDictionary *_socketStreamProperties;
-#if HAVE(HSTS_STORAGE)
-@property (nullable, retain) _NSHSTSStorage *_hstsStorage;
-#endif
 @end
 

trunk/Source/WebKit/ChangeLog

@@ +1 @@
+2020-06-30  Commit Queue  <commit-queue@webkit.org>
+
+        Unreviewed, reverting r263724.
+        https://bugs.webkit.org/show_bug.cgi?id=213781
+
+
+        Reverted changeset:
+
+        "Make _WKWebsiteDataStoreConfiguration SPI for HSTS storage to
+        replace _WKProcessPoolConfiguration.hstsStorageDirectory"
+        https://bugs.webkit.org/show_bug.cgi?id=213048
+        https://trac.webkit.org/changeset/263724
+
 2020-06-30  Youenn Fablet  <youenn@apple.com>
 

trunk/Source/WebKit/NetworkProcess/NetworkProcess.cpp

@@ -1535 +1535 @@
 
 #if PLATFORM(COCOA) || USE(SOUP)
-    if (websiteDataTypes.contains(WebsiteDataType::HSTSCache))
-        callbackAggregator->m_websiteData.hostNamesWithHSTSCache = hostNamesWithHSTSCache(sessionID);
+    if (websiteDataTypes.contains(WebsiteDataType::HSTSCache)) {
+        if (auto* networkStorageSession = storageSession(sessionID))
+            getHostNamesWithHSTSCache(*networkStorageSession, callbackAggregator->m_websiteData.hostNamesWithHSTSCache);
+    }
 #endif
 
@@ -1595 +1597 @@
 {
 #if PLATFORM(COCOA) || USE(SOUP)
-    if (websiteDataTypes.contains(WebsiteDataType::HSTSCache))
-        clearHSTSCache(sessionID, modifiedSince);
+    if (websiteDataTypes.contains(WebsiteDataType::HSTSCache)) {
+        if (auto* networkStorageSession = storageSession(sessionID))
+            clearHSTSCache(*networkStorageSession, modifiedSince);
+    }
 #endif
 
@@ -1698 +1702 @@
 
 #if PLATFORM(COCOA) || USE(SOUP)
-    if (websiteDataTypes.contains(WebsiteDataType::HSTSCache))
-        deleteHSTSCacheForHostNames(sessionID, HSTSCacheHostNames);
+    if (websiteDataTypes.contains(WebsiteDataType::HSTSCache)) {
+        if (auto* networkStorageSession = storageSession(sessionID))
+            deleteHSTSCacheForHostNames(*networkStorageSession, HSTSCacheHostNames);
+    }
 #endif
 
@@ -1867 +1873 @@
 #if PLATFORM(COCOA) || USE(SOUP)
     if (websiteDataTypes.contains(WebsiteDataType::HSTSCache)) {
-        hostNamesWithHSTSCache = this->hostNamesWithHSTSCache(sessionID);
-        hostnamesWithHSTSToDelete = filterForRegistrableDomains(domainsToDeleteAllNonCookieWebsiteDataFor, hostNamesWithHSTSCache);
-
-        for (const auto& host : hostnamesWithHSTSToDelete)
-            callbackAggregator->m_domains.add(RegistrableDomain::uncheckedCreateFromHost(host));
-
-        deleteHSTSCacheForHostNames(sessionID, hostnamesWithHSTSToDelete);
+        if (auto* networkStorageSession = storageSession(sessionID)) {
+            getHostNamesWithHSTSCache(*networkStorageSession, hostNamesWithHSTSCache);
+            hostnamesWithHSTSToDelete = filterForRegistrableDomains(domainsToDeleteAllNonCookieWebsiteDataFor, hostNamesWithHSTSCache);
+
+            for (const auto& host : hostnamesWithHSTSToDelete)
+                callbackAggregator->m_domains.add(RegistrableDomain::uncheckedCreateFromHost(host));
+
+            deleteHSTSCacheForHostNames(*networkStorageSession, hostnamesWithHSTSToDelete);
+        }
     }
 #endif
@@ -2050 +2058 @@
     }));
     
-    auto& websiteData = callbackAggregator->m_websiteData;
+    auto& websiteDataStore = callbackAggregator->m_websiteData;
     
     if (websiteDataTypes.contains(WebsiteDataType::Cookies)) {
         if (auto* networkStorageSession = storageSession(sessionID))
-            networkStorageSession->getHostnamesWithCookies(websiteData.hostNamesWithCookies);
+            networkStorageSession->getHostnamesWithCookies(websiteDataStore.hostNamesWithCookies);
     }
     
 #if PLATFORM(COCOA) || USE(SOUP)
-    if (websiteDataTypes.contains(WebsiteDataType::HSTSCache))
-        websiteData.hostNamesWithHSTSCache = hostNamesWithHSTSCache(sessionID);
+    if (websiteDataTypes.contains(WebsiteDataType::HSTSCache)) {
+        if (auto* networkStorageSession = storageSession(sessionID))
+            getHostNamesWithHSTSCache(*networkStorageSession, websiteDataStore.hostNamesWithHSTSCache);
+    }
 #endif
 

trunk/Source/WebKit/NetworkProcess/NetworkProcess.h

@@ -194 +194 @@
 #endif
 #if PLATFORM(COCOA) || USE(SOUP)
-    HashSet<String> hostNamesWithHSTSCache(PAL::SessionID) const;
-    void deleteHSTSCacheForHostNames(PAL::SessionID, const Vector<String>&);
-    void clearHSTSCache(PAL::SessionID, WallTime modifiedSince);
+    void getHostNamesWithHSTSCache(WebCore::NetworkStorageSession&, HashSet<String>&);
+    void deleteHSTSCacheForHostNames(WebCore::NetworkStorageSession&, const Vector<String>&);
+    void clearHSTSCache(WebCore::NetworkStorageSession&, WallTime modifiedSince);
 #endif
 

trunk/Source/WebKit/NetworkProcess/NetworkSessionCreationParameters.cpp

@@ -58 +58 @@
     encoder << http3Enabled;
 #endif
-    encoder << hstsStorageDirectory;
-    encoder << hstsStorageDirectoryExtensionHandle;
 #if USE(SOUP)
     encoder << cookiePersistentStoragePath;
@@ -156 +154 @@
 #endif
 
-    Optional<String> hstsStorageDirectory;
-    decoder >> hstsStorageDirectory;
-    if (!hstsStorageDirectory)
-        return WTF::nullopt;
-
-    Optional<SandboxExtension::Handle> hstsStorageDirectoryExtensionHandle;
-    decoder >> hstsStorageDirectoryExtensionHandle;
-    if (!hstsStorageDirectoryExtensionHandle)
-        return WTF::nullopt;
-    
 #if USE(SOUP)
     Optional<String> cookiePersistentStoragePath;
@@ -288 +276 @@
         , WTFMove(*http3Enabled)
 #endif
-        , WTFMove(*hstsStorageDirectory)
-        , WTFMove(*hstsStorageDirectoryExtensionHandle)
 #if USE(SOUP)
         , WTFMove(*cookiePersistentStoragePath)

trunk/Source/WebKit/NetworkProcess/NetworkSessionCreationParameters.h

@@ -70 +70 @@
     bool http3Enabled { false };
 #endif
-    String hstsStorageDirectory;
-    SandboxExtension::Handle hstsStorageDirectoryExtensionHandle;
 #if USE(SOUP)
     String cookiePersistentStoragePath;

trunk/Source/WebKit/NetworkProcess/cocoa/NetworkProcessCocoa.mm

@@ -135 +135 @@
 }
 
-#if !HAVE(HSTS_STORAGE)
 static void filterPreloadHSTSEntry(const void* key, const void* value, void* context)
 {
@@ -154 +153 @@
         hostnames->add((CFStringRef)key);
 }
-#endif
-
-HashSet<String> NetworkProcess::hostNamesWithHSTSCache(PAL::SessionID sessionID) const
-{
-    HashSet<String> hostNames;
-#if HAVE(HSTS_STORAGE)
-    if (auto* networkSession = static_cast<NetworkSessionCocoa*>(this->networkSession(sessionID))) {
-        for (NSString *host in networkSession->hstsStorage().nonPreloadedHosts)
-            hostNames.add(host);
+
+void NetworkProcess::getHostNamesWithHSTSCache(WebCore::NetworkStorageSession& session, HashSet<String>& hostNames)
+{
+    if (auto HSTSPolicies = adoptCF(_CFNetworkCopyHSTSPolicies(session.platformSession())))
+        CFDictionaryApplyFunction(HSTSPolicies.get(), filterPreloadHSTSEntry, &hostNames);
+}
+
+void NetworkProcess::deleteHSTSCacheForHostNames(WebCore::NetworkStorageSession& session, const Vector<String>& hostNames)
+{
+    for (auto& hostName : hostNames) {
+        auto url = URL({ }, makeString("https://", hostName));
+        _CFNetworkResetHSTS(url.createCFURL().get(), session.platformSession());
     }
-#else
-    if (auto* session = storageSession(sessionID)) {
-        if (auto HSTSPolicies = adoptCF(_CFNetworkCopyHSTSPolicies(session->platformSession())))
-            CFDictionaryApplyFunction(HSTSPolicies.get(), filterPreloadHSTSEntry, &hostNames);
-    }
-#endif
-    return hostNames;
-}
-
-void NetworkProcess::deleteHSTSCacheForHostNames(PAL::SessionID sessionID, const Vector<String>& hostNames)
-{
-#if HAVE(HSTS_STORAGE)
-    if (auto* networkSession = static_cast<NetworkSessionCocoa*>(this->networkSession(sessionID))) {
-        for (auto& hostName : hostNames)
-            [networkSession->hstsStorage() resetHSTSForHost:hostName];
-    }
-#else
-    if (auto* session = storageSession(sessionID)) {
-        for (auto& hostName : hostNames) {
-            auto url = URL({ }, makeString("https://", hostName));
-            _CFNetworkResetHSTS(url.createCFURL().get(), session->platformSession());
-        }
-    }
-#endif
-}
-
-void NetworkProcess::clearHSTSCache(PAL::SessionID sessionID, WallTime modifiedSince)
+}
+
+void NetworkProcess::clearHSTSCache(WebCore::NetworkStorageSession& session, WallTime modifiedSince)
 {
     NSTimeInterval timeInterval = modifiedSince.secondsSinceEpoch().seconds();
     NSDate *date = [NSDate dateWithTimeIntervalSince1970:timeInterval];
-#if HAVE(HSTS_STORAGE)
-    if (auto* networkSession = static_cast<NetworkSessionCocoa*>(this->networkSession(sessionID)))
-        [networkSession->hstsStorage() resetHSTSHostsSinceDate:date];
-#else
-    if (auto* session = storageSession(sessionID))
-        _CFNetworkResetHSTSHostsSinceDate(session->platformSession(), (__bridge CFDateRef)date);
-#endif
+
+    _CFNetworkResetHSTSHostsSinceDate(session.platformSession(), (__bridge CFDateRef)date);
 }
 

trunk/Source/WebKit/NetworkProcess/cocoa/NetworkSessionCocoa.h

@@ -34 +34 @@
 OBJC_CLASS WKNetworkSessionDelegate;
 OBJC_CLASS WKNetworkSessionWebSocketDelegate;
-OBJC_CLASS _NSHSTSStorage;
 
 #include "DownloadID.h"
@@ -106 +105 @@
     void taskFailed(NetworkDataTaskCocoa::TaskIdentifier);
     NSURLCredential *successfulClientCertificateForHost(const String& host, uint16_t port) const;
-    _NSHSTSStorage *hstsStorage() const;
 
 private:

trunk/Source/WebKit/NetworkProcess/cocoa/NetworkSessionCocoa.mm

@@ -68 +68 @@
 
 #import "DeviceManagementSoftLink.h"
-
-// FIXME: Remove this soft link once rdar://problem/50109631 is in a build and bots are updated.
-SOFT_LINK_FRAMEWORK(CFNetwork)
-SOFT_LINK_CLASS_OPTIONAL(CFNetwork, _NSHSTSStorage)
 
 using namespace WebKit;
@@ -1097 +1093 @@
 }
 
-_NSHSTSStorage *NetworkSessionCocoa::hstsStorage() const
-{
-#if HAVE(HSTS_STORAGE)
-    NSURLSessionConfiguration *configuration = m_sessionWithCredentialStorage.session.get().configuration;
-    // FIXME: Remove this respondsToSelector check once rdar://problem/50109631 is in a build and bots are updated.
-    if ([configuration respondsToSelector:@selector(_hstsStorage)])
-        return m_sessionWithCredentialStorage.session.get().configuration._hstsStorage;
-#endif
-    return nil;
-}
-
 const String& NetworkSessionCocoa::boundInterfaceIdentifier() const
 {
@@ -1187 +1172 @@
 
     NSURLSessionConfiguration *configuration = configurationForSessionID(m_sessionID);
-
-#if HAVE(HSTS_STORAGE)
-    if (!!parameters.hstsStorageDirectory && !m_sessionID.isEphemeral()) {
-        SandboxExtension::consumePermanently(parameters.hstsStorageDirectoryExtensionHandle);
-        // FIXME: Remove this respondsToSelector check once rdar://problem/50109631 is in a build and bots are updated.
-        if ([configuration respondsToSelector:@selector(_hstsStorage)])
-            configuration._hstsStorage = [[alloc_NSHSTSStorageInstance() initPersistentStoreWithURL:[NSURL fileURLWithPath:parameters.hstsStorageDirectory isDirectory:YES]] autorelease];
-    }
-#endif
 
 #if HAVE(APP_SSO) || PLATFORM(MACCATALYST)

trunk/Source/WebKit/NetworkProcess/soup/NetworkProcessSoup.cpp

@@ -95 +95 @@
 }
 
-HashSet<String> NetworkProcess::hostNamesWithHSTSCache(PAL::SessionID sessionID) const
-{
-    HashSet<String> hostNames;
-    const auto* session = static_cast<NetworkSessionSoup*>(networkSession(sessionID));
+void NetworkProcess::getHostNamesWithHSTSCache(WebCore::NetworkStorageSession& storageSession, HashSet<String>& hostNames)
+{
+    const auto* session = static_cast<NetworkSessionSoup*>(networkSession(storageSession.sessionID()));
     session->soupNetworkSession().getHostNamesWithHSTSCache(hostNames);
-    return hostNames;
-}
-
-void NetworkProcess::deleteHSTSCacheForHostNames(PAL::SessionID sessionID, const Vector<String>& hostNames)
-{
-    const auto* session = static_cast<NetworkSessionSoup*>(networkSession(sessionID));
+}
+
+void NetworkProcess::deleteHSTSCacheForHostNames(WebCore::NetworkStorageSession& storageSession, const Vector<String>& hostNames)
+{
+    const auto* session = static_cast<NetworkSessionSoup*>(networkSession(storageSession.sessionID()));
     session->soupNetworkSession().deleteHSTSCacheForHostNames(hostNames);
 }
 
-void NetworkProcess::clearHSTSCache(PAL::SessionID sessionID, WallTime modifiedSince)
-{
-    const auto* session = static_cast<NetworkSessionSoup*>(networkSession(sessionID));
+void NetworkProcess::clearHSTSCache(WebCore::NetworkStorageSession& storageSession, WallTime modifiedSince)
+{
+    const auto* session = static_cast<NetworkSessionSoup*>(networkSession(storageSession.sessionID()));
     session->soupNetworkSession().clearHSTSCache(modifiedSince);
 }

trunk/Source/WebKit/UIProcess/API/C/mac/WKContextPrivateMac.h

@@ -28 +28 @@
 
 #include <WebKit/WKBase.h>
-#include <WebKit/WKDeprecated.h>
 #include <WebKit/WKPluginLoadPolicy.h>
 
@@ -45 +44 @@
 WK_EXPORT void WKContextGetInfoForInstalledPlugIns(WKContextRef context, WKContextGetInfoForInstalledPlugInsBlock block);
 
-WK_EXPORT void WKContextResetHSTSHosts(WKContextRef context) WK_C_API_DEPRECATED;
-WK_EXPORT void WKContextResetHSTSHostsAddedAfterDate(WKContextRef context, double startDateIntervalSince1970) WK_C_API_DEPRECATED;
+WK_EXPORT void WKContextResetHSTSHosts(WKContextRef context);
+
+// The time here is relative to the Unix epoch.
+WK_EXPORT void WKContextResetHSTSHostsAddedAfterDate(WKContextRef context, double startDateIntervalSince1970);
 
 WK_EXPORT void WKContextRegisterSchemeForCustomProtocol(WKContextRef context, WKStringRef scheme);

trunk/Source/WebKit/UIProcess/API/C/mac/WKContextPrivateMac.mm

@@ -102 +102 @@
 }
 
-void WKContextResetHSTSHosts(WKContextRef)
+void WKContextResetHSTSHosts(WKContextRef context)
 {
+    return WebKit::toImpl(context)->resetHSTSHosts();
 }
 
-void WKContextResetHSTSHostsAddedAfterDate(WKContextRef, double)
+void WKContextResetHSTSHostsAddedAfterDate(WKContextRef context, double startDateIntervalSince1970)
 {
+    return WebKit::toImpl(context)->resetHSTSHostsAddedAfterDate(startDateIntervalSince1970);
 }
 

trunk/Source/WebKit/UIProcess/API/Cocoa/_WKProcessPoolConfiguration.h

@@ -69 +69 @@
 @property (nonatomic) BOOL pageCacheEnabled WK_API_AVAILABLE(macos(10.14), ios(12.0));
 @property (nonatomic, getter=isJITEnabled) BOOL JITEnabled WK_API_AVAILABLE(macos(10.14.4), ios(12.2));
-@property (nonatomic, nullable, copy, setter=setHSTSStorageDirectory:) NSURL *hstsStorageDirectory WK_API_DEPRECATED_WITH_REPLACEMENT("_WKWebsiteDataStoreConfiguration.hstsStorageDirectory", macos(10.15, WK_MAC_TBA), ios(13.0, WK_IOS_TBA));
+@property (nonatomic, nullable, copy, setter=setHSTSStorageDirectory:) NSURL *hstsStorageDirectory WK_API_AVAILABLE(macos(10.15), ios(13.0));
 
 @property (nonatomic) BOOL configureJSCForTesting WK_API_AVAILABLE(macos(WK_MAC_TBA), ios(WK_IOS_TBA));

trunk/Source/WebKit/UIProcess/API/Cocoa/_WKWebsiteDataStoreConfiguration.h

@@ -73 +73 @@
 @property (nonatomic) BOOL suppressesConnectionTerminationOnSystemChange WK_API_AVAILABLE(macos(WK_MAC_TBA), ios(WK_IOS_TBA));
 @property (nonatomic) BOOL allowsServerPreconnect WK_API_AVAILABLE(macos(WK_MAC_TBA), ios(WK_IOS_TBA));
-@property (nonatomic, nullable, copy, setter=setHSTSStorageDirectory:) NSURL *hstsStorageDirectory WK_API_AVAILABLE(macos(WK_MAC_TBA), ios(WK_IOS_TBA));
 
 @property (nonatomic, nullable, copy) NSURL *alternativeServicesStorageDirectory WK_API_AVAILABLE(macos(WK_MAC_TBA), ios(WK_IOS_TBA));

trunk/Source/WebKit/UIProcess/API/Cocoa/_WKWebsiteDataStoreConfiguration.mm

@@ -291 +291 @@
 }
 
-- (NSURL *)hstsStorageDirectory
-{
-    return [NSURL fileURLWithPath:_configuration->hstsStorageDirectory() isDirectory:YES];
-}
-
-- (void)setHSTSStorageDirectory:(NSURL *)url
-{
-    if (!_configuration->isPersistent())
-        [NSException raise:NSInvalidArgumentException format:@"Cannot set mediaKeysStorageDirectory on a non-persistent _WKWebsiteDataStoreConfiguration."];
-    checkURLArgument(url);
-    _configuration->setHSTSStorageDirectory(url.path);
-}
-
 - (NSURL *)alternativeServicesStorageDirectory
 {

trunk/Source/WebKit/UIProcess/Cocoa/WebProcessPoolCocoa.mm

@@ -729 +729 @@
 }
 
+static CFURLStorageSessionRef privateBrowsingSession()
+{
+    static CFURLStorageSessionRef session;
+    static dispatch_once_t once;
+    dispatch_once(&once, ^{
+        NSString *identifier = [NSString stringWithFormat:@"%@.PrivateBrowsing", [[NSBundle mainBundle] bundleIdentifier]];
+        session = createPrivateStorageSession((__bridge CFStringRef)identifier);
+    });
+
+    return session;
+}
+
 bool WebProcessPool::isURLKnownHSTSHost(const String& urlString) const
 {
@@ -734 +746 @@
 
     return _CFNetworkIsKnownHSTSHostWithSession(url.get(), nullptr);
+}
+
+void WebProcessPool::resetHSTSHosts()
+{
+    _CFNetworkResetHSTSHostsWithSession(nullptr);
+    _CFNetworkResetHSTSHostsWithSession(privateBrowsingSession());
+}
+
+void WebProcessPool::resetHSTSHostsAddedAfterDate(double startDateIntervalSince1970)
+{
+    NSDate *startDate = [NSDate dateWithTimeIntervalSince1970:startDateIntervalSince1970];
+    _CFNetworkResetHSTSHostsSinceDate(nullptr, (__bridge CFDateRef)startDate);
+    _CFNetworkResetHSTSHostsSinceDate(privateBrowsingSession(), (__bridge CFDateRef)startDate);
 }
 

trunk/Source/WebKit/UIProcess/WebProcessPool.h

@@ -423 +423 @@
 
     bool isURLKnownHSTSHost(const String& urlString) const;
+    void resetHSTSHosts();
+    void resetHSTSHostsAddedAfterDate(double startDateIntervalSince1970);
 
     static void registerGlobalURLSchemeAsHavingCustomProtocolHandlers(const String&);

trunk/Source/WebKit/UIProcess/WebsiteData/WebsiteDataStore.cpp

@@ -233 +233 @@
     if (!m_configuration->cacheStorageDirectory().isEmpty() && m_resolvedConfiguration->cacheStorageDirectory().isEmpty())
         m_resolvedConfiguration->setCacheStorageDirectory(resolvePathForSandboxExtension(m_configuration->cacheStorageDirectory()));
-    if (!m_configuration->hstsStorageDirectory().isEmpty() && m_resolvedConfiguration->hstsStorageDirectory().isEmpty())
-        m_resolvedConfiguration->setHSTSStorageDirectory(resolvePathForSandboxExtension(m_configuration->hstsStorageDirectory()));
 
     // Resolve directories for file paths.
@@ -2262 +2260 @@
         SandboxExtension::createHandleForReadWriteDirectory(networkCacheDirectory, networkCacheDirectoryExtensionHandle);
 
-    auto hstsStorageDirectory = resolvedHSTSStorageDirectory();
-    SandboxExtension::Handle hstsStorageDirectoryExtensionHandle;
-    if (!hstsStorageDirectory.isEmpty())
-        SandboxExtension::createHandleForReadWriteDirectory(hstsStorageDirectory, hstsStorageDirectoryExtensionHandle);
-
     bool shouldIncludeLocalhostInResourceLoadStatistics = false;
     bool enableResourceLoadStatisticsDebugMode = false;
@@ -2308 +2301 @@
     networkSessionParameters.networkCacheDirectory = WTFMove(networkCacheDirectory);
     networkSessionParameters.networkCacheDirectoryExtensionHandle = WTFMove(networkCacheDirectoryExtensionHandle);
-    networkSessionParameters.hstsStorageDirectory = WTFMove(hstsStorageDirectory);
-    networkSessionParameters.hstsStorageDirectoryExtensionHandle = WTFMove(hstsStorageDirectoryExtensionHandle);
     networkSessionParameters.dataConnectionServiceType = m_configuration->dataConnectionServiceType();
     networkSessionParameters.fastServerTrustEvaluationEnabled = m_configuration->fastServerTrustEvaluationEnabled();

trunk/Source/WebKit/UIProcess/WebsiteData/WebsiteDataStore.h

@@ -225 +225 @@
     const String& resolvedServiceWorkerRegistrationDirectory() const { return m_resolvedConfiguration->serviceWorkerRegistrationDirectory(); }
     const String& resolvedResourceLoadStatisticsDirectory() const { return m_resolvedConfiguration->resourceLoadStatisticsDirectory(); }
-    const String& resolvedHSTSStorageDirectory() const { return m_resolvedConfiguration->hstsStorageDirectory(); }
 
     DeviceIdHashSaltStorage& deviceIdHashSaltStorage() { return m_deviceIdHashSaltStorage.get(); }

trunk/Source/WebKit/UIProcess/WebsiteData/WebsiteDataStoreConfiguration.cpp

@@ -68 +68 @@
     copy->m_serviceWorkerRegistrationDirectory = this->m_serviceWorkerRegistrationDirectory;
     copy->m_webSQLDatabaseDirectory = this->m_webSQLDatabaseDirectory;
+#if USE(GLIB)
     copy->m_hstsStorageDirectory = this->m_hstsStorageDirectory;
+#endif
     copy->m_localStorageDirectory = this->m_localStorageDirectory;
     copy->m_mediaKeysStorageDirectory = this->m_mediaKeysStorageDirectory;

trunk/Source/WebKit/UIProcess/WebsiteData/WebsiteDataStoreConfiguration.h

@@ -67 +67 @@
     const String& webSQLDatabaseDirectory() const { return m_webSQLDatabaseDirectory; }
     void setWebSQLDatabaseDirectory(String&& directory) { m_webSQLDatabaseDirectory = WTFMove(directory); }
-
+#if USE(GLIB) // According to r245075 this will eventually move here.
     const String& hstsStorageDirectory() const { return m_hstsStorageDirectory; }
     void setHSTSStorageDirectory(String&& directory) { m_hstsStorageDirectory = WTFMove(directory); }
-
+#endif
     const String& localStorageDirectory() const { return m_localStorageDirectory; }
     void setLocalStorageDirectory(String&& directory) { m_localStorageDirectory = WTFMove(directory); }
@@ -175 +175 @@
     String m_serviceWorkerRegistrationDirectory;
     String m_webSQLDatabaseDirectory;
+#if USE(GLIB)
     String m_hstsStorageDirectory;
-#if USE(GLIB)
     bool m_networkCacheSpeculativeValidationEnabled { true };
 #else