Changeset 225383 in webkit

Timestamp:

Nov 30, 2017 9:32:11 PM (6 years ago)

Author:

achristensen@apple.com

Message:

REGRESSION (r224791): cookies are shared between ephemeral sessions in the same process pool
​https://bugs.webkit.org/show_bug.cgi?id=180235

Reviewed by Joseph Pecoraro.

Source/WebKit:

In r224791 I assumed that uiProcessCookieStorageIdentifier would be empty in the ephemeral session initialization message.
This is not the case. We did not catch this because almost all of our ephemeral session testing uses the legacyPrivateSessionID.
I add checks for if the SessionID is ephemeral like we already have in WebFrameNetworkingContext::ensureWebsiteDataStoreSession.
I also add an API test that makes sure cookies are not shared between ephemeral sessions the way they are made through the API.

• NetworkProcess/mac/RemoteNetworkingContext.mm:

(WebKit::RemoteNetworkingContext::ensureWebsiteDataStoreSession):

Tools:

• TestWebKitAPI/TestWebKitAPI.xcodeproj/project.pbxproj:
• TestWebKitAPI/Tests/WebKitCocoa/CookiePrivateBrowsing.mm: Added.

(-[CookiePrivateBrowsingDelegate webView:runJavaScriptAlertPanelWithMessage:initiatedByFrame:completionHandler:]):
(TEST):

Location:

trunk

Files:

• Source/WebKit/ChangeLog (modified) (1 diff)
• Source/WebKit/NetworkProcess/mac/RemoteNetworkingContext.mm (modified) (2 diffs)
• Tools/ChangeLog (modified) (1 diff)
• Tools/TestWebKitAPI/TestWebKitAPI.xcodeproj/project.pbxproj (modified) (4 diffs)
• Tools/TestWebKitAPI/Tests/WebKitCocoa/CookiePrivateBrowsing.mm (added)

trunk/Source/WebKit/ChangeLog

@@ +1 @@
+2017-11-30  Alex Christensen  <achristensen@webkit.org>
+
+        REGRESSION (r224791): cookies are shared between ephemeral sessions in the same process pool
+        https://bugs.webkit.org/show_bug.cgi?id=180235
+
+        Reviewed by Joseph Pecoraro.
+
+        In r224791 I assumed that uiProcessCookieStorageIdentifier would be empty in the ephemeral session initialization message.
+        This is not the case.  We did not catch this because almost all of our ephemeral session testing uses the legacyPrivateSessionID.
+        I add checks for if the SessionID is ephemeral like we already have in WebFrameNetworkingContext::ensureWebsiteDataStoreSession.
+        I also add an API test that makes sure cookies are not shared between ephemeral sessions the way they are made through the API.
+
+        * NetworkProcess/mac/RemoteNetworkingContext.mm:
+        (WebKit::RemoteNetworkingContext::ensureWebsiteDataStoreSession):
+
 2017-11-30  Stephan Szabo  <stephan.szabo@sony.com>
 

trunk/Source/WebKit/NetworkProcess/mac/RemoteNetworkingContext.mm

@@ -98 +98 @@
 
     RetainPtr<CFHTTPCookieStorageRef> uiProcessCookieStorage;
-    if (!parameters.uiProcessCookieStorageIdentifier.isEmpty())
+    if (!sessionID.isEphemeral() && !parameters.uiProcessCookieStorageIdentifier.isEmpty())
         uiProcessCookieStorage = cookieStorageFromIdentifyingData(parameters.uiProcessCookieStorageIdentifier);
 
@@ -107 +107 @@
         session->setCookie(cookie);
 
-    if (!parameters.cacheStorageDirectory.isNull()) {
+    if (!sessionID.isEphemeral() && !parameters.cacheStorageDirectory.isNull()) {
         SandboxExtension::consumePermanently(parameters.cacheStorageDirectoryExtensionHandle);
         session->setCacheStorageDirectory(WTFMove(parameters.cacheStorageDirectory));

trunk/Tools/ChangeLog

@@ +1 @@
+2017-11-30  Alex Christensen  <achristensen@webkit.org>
+
+        REGRESSION (r224791): cookies are shared between ephemeral sessions in the same process pool
+        https://bugs.webkit.org/show_bug.cgi?id=180235
+
+        Reviewed by Joseph Pecoraro.
+
+        * TestWebKitAPI/TestWebKitAPI.xcodeproj/project.pbxproj:
+        * TestWebKitAPI/Tests/WebKitCocoa/CookiePrivateBrowsing.mm: Added.
+        (-[CookiePrivateBrowsingDelegate webView:runJavaScriptAlertPanelWithMessage:initiatedByFrame:completionHandler:]):
+        (TEST):
+
 2017-11-30  Stephan Szabo  <stephan.szabo@sony.com>
 

trunk/Tools/TestWebKitAPI/TestWebKitAPI.xcodeproj/project.pbxproj

@@ -231 +231 @@
                 5C0BF8941DD599C900B00328 /* MenuTypesForMouseEvents.mm in Sources */ = {isa = PBXBuildFile; fileRef = 7A99D9931AD4A29D00373141 /* MenuTypesForMouseEvents.mm */; };
                 5C0BF8951DD599CD00B00328 /* NavigatorLanguage.mm in Sources */ = {isa = PBXBuildFile; fileRef = E19DB9781B32137C00DB38D4 /* NavigatorLanguage.mm */; };
+                5C19A5241FD0F60100EEA323 /* CookiePrivateBrowsing.mm in Sources */ = {isa = PBXBuildFile; fileRef = 5C19A5231FD0F32600EEA323 /* CookiePrivateBrowsing.mm */; };
                 5C2936931D5BF70D00DEAB1E /* CookieAcceptPolicy.mm in Sources */ = {isa = PBXBuildFile; fileRef = 5C2936911D5BF63E00DEAB1E /* CookieAcceptPolicy.mm */; };
                 5C2936961D5C00ED00DEAB1E /* CookieMessage.html in Copy Resources */ = {isa = PBXBuildFile; fileRef = 5C2936941D5BFD1900DEAB1E /* CookieMessage.html */; };
@@ -1368 +1369 @@
                 5C0BF88C1DD5957400B00328 /* MemoryPressureHandler.mm */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.cpp.objcpp; path = MemoryPressureHandler.mm; sourceTree = "<group>"; };
                 5C0BF88F1DD5999B00B00328 /* WebViewCanPasteZeroPng.mm */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.cpp.objcpp; path = WebViewCanPasteZeroPng.mm; sourceTree = "<group>"; };
+                5C19A5231FD0F32600EEA323 /* CookiePrivateBrowsing.mm */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.cpp.objcpp; path = CookiePrivateBrowsing.mm; sourceTree = "<group>"; };
                 5C2936911D5BF63E00DEAB1E /* CookieAcceptPolicy.mm */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.cpp.objcpp; path = CookieAcceptPolicy.mm; sourceTree = "<group>"; };
                 5C2936941D5BFD1900DEAB1E /* CookieMessage.html */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = text.html; path = CookieMessage.html; sourceTree = "<group>"; };
@@ -2015 +2017 @@
                                 5CA1DED81F74A87100E71BD3 /* ContentRuleListNotification.mm */,
                                 5C2936911D5BF63E00DEAB1E /* CookieAcceptPolicy.mm */,
+                                5C19A5231FD0F32600EEA323 /* CookiePrivateBrowsing.mm */,
                                 9B1056411F9045C700D5583F /* CopyHTML.mm */,
                                 9999108A1F393C8B008AD455 /* Copying.mm */,
@@ -3270 +3273 @@
                                 5C2936931D5BF70D00DEAB1E /* CookieAcceptPolicy.mm in Sources */,
                                 51D1249B1E785425002B2820 /* CookieManager.cpp in Sources */,
+                                5C19A5241FD0F60100EEA323 /* CookiePrivateBrowsing.mm in Sources */,
                                 9B1F6F781F90558400B55744 /* CopyHTML.mm in Sources */,
                                 9999108B1F393C96008AD455 /* Copying.mm in Sources */,