Changeset 286656 in webkit

Timestamp:

Dec 8, 2021 8:27:03 AM (7 months ago)

Author:

youenn@apple.com

Message:

Same-site lax cookies not sent by fetch event handler after page reload
​https://bugs.webkit.org/show_bug.cgi?id=226386
<rdar://problem/78878853>

Reviewed by Chris Dumez.

Source/WebCore:

When a service worker fetches a navigation request exposed from the fetch event, we need to keep isTopSite intact as
the service worker does not really have the information of which frame is actually loaded and whether it is a main frame or not.

Tests: http/wpt/service-workers/cross-site-navigation-same-cookie-lax.https.html

http/wpt/service-workers/same-cookie-lax.https.html

• loader/cache/CachedResource.cpp:

Source/WebKit:

StorageBlockingPolicy handling is not covered by generated code so explicit update StorageBlockingPolicy setting from preference store.
This impacts the computation of cookie/cache partitioning.

• WebProcess/Storage/WebSWContextManagerConnection.cpp:

LayoutTests:

• http/wpt/service-workers/cross-site-navigation-same-cookie-lax.https-expected.txt: Added.
• http/wpt/service-workers/cross-site-navigation-same-cookie-lax.https.html: Added.
• http/wpt/service-workers/resources/get-cookie.py: Added.
• http/wpt/service-workers/resources/get-document-cookie.py: Added.
• http/wpt/service-workers/resources/set-cookie-lax.py: Added.
• http/wpt/service-workers/same-cookie-lax-worker.js: Added.
• http/wpt/service-workers/same-cookie-lax.https-expected.txt: Added.
• http/wpt/service-workers/same-cookie-lax.https.html: Added.

Location:

trunk

Files:

• LayoutTests/ChangeLog (modified) (1 diff)
• LayoutTests/http/wpt/service-workers/cross-site-navigation-same-cookie-lax.https-expected.txt (added)
• LayoutTests/http/wpt/service-workers/cross-site-navigation-same-cookie-lax.https.html (added)
• LayoutTests/http/wpt/service-workers/resources/get-cookie.py (added)
• LayoutTests/http/wpt/service-workers/resources/get-document-cookie.py (added)
• LayoutTests/http/wpt/service-workers/resources/set-cookie-lax.py (added)
• LayoutTests/http/wpt/service-workers/same-cookie-lax-worker.js (added)
• LayoutTests/http/wpt/service-workers/same-cookie-lax.https-expected.txt (added)
• LayoutTests/http/wpt/service-workers/same-cookie-lax.https.html (added)
• Source/WebCore/ChangeLog (modified) (1 diff)
• Source/WebCore/loader/FrameLoader.cpp (modified) (2 diffs)
• Source/WebCore/loader/FrameLoader.h (modified) (1 diff)
• Source/WebCore/loader/cache/CachedResource.cpp (modified) (1 diff)
• Source/WebKit/ChangeLog (modified) (1 diff)
• Source/WebKit/WebProcess/Storage/WebSWContextManagerConnection.cpp (modified) (1 diff)

trunk/LayoutTests/ChangeLog

@@ +1 @@
+2021-12-08  Youenn Fablet  <youenn@apple.com>
+
+        Same-site lax cookies not sent by fetch event handler after page reload
+        https://bugs.webkit.org/show_bug.cgi?id=226386
+        <rdar://problem/78878853>
+
+        Reviewed by Chris Dumez.
+
+        * http/wpt/service-workers/cross-site-navigation-same-cookie-lax.https-expected.txt: Added.
+        * http/wpt/service-workers/cross-site-navigation-same-cookie-lax.https.html: Added.
+        * http/wpt/service-workers/resources/get-cookie.py: Added.
+        * http/wpt/service-workers/resources/get-document-cookie.py: Added.
+        * http/wpt/service-workers/resources/set-cookie-lax.py: Added.
+        * http/wpt/service-workers/same-cookie-lax-worker.js: Added.
+        * http/wpt/service-workers/same-cookie-lax.https-expected.txt: Added.
+        * http/wpt/service-workers/same-cookie-lax.https.html: Added.
+
 2021-12-08  Youenn Fablet  <youenn@apple.com>
 

trunk/Source/WebCore/ChangeLog

@@ +1 @@
+2021-12-08  Youenn Fablet  <youenn@apple.com>
+
+        Same-site lax cookies not sent by fetch event handler after page reload
+        https://bugs.webkit.org/show_bug.cgi?id=226386
+        <rdar://problem/78878853>
+
+        Reviewed by Chris Dumez.
+
+        When a service worker fetches a navigation request exposed from the fetch event, we need to keep isTopSite intact as
+        the service worker does not really have the information of which frame is actually loaded and whether it is a main frame or not.
+
+        Tests: http/wpt/service-workers/cross-site-navigation-same-cookie-lax.https.html
+               http/wpt/service-workers/same-cookie-lax.https.html
+
+        * loader/cache/CachedResource.cpp:
+
 2021-12-08  Youenn Fablet  <youenn@apple.com>
 

trunk/Source/WebCore/loader/FrameLoader.cpp

@@ -2900 +2900 @@
 }
 
-void FrameLoader::updateRequestAndAddExtraFields(ResourceRequest& request, IsMainResource mainResource, FrameLoadType loadType, ShouldUpdateAppInitiatedValue shouldUpdate)
-{
+void FrameLoader::updateRequestAndAddExtraFields(ResourceRequest& request, IsMainResource mainResource, FrameLoadType loadType, ShouldUpdateAppInitiatedValue shouldUpdate, IsServiceWorkerNavigationLoad isServiceWorkerNavigationLoad)
+{
+    ASSERT(isServiceWorkerNavigationLoad == IsServiceWorkerNavigationLoad::No || mainResource != IsMainResource::Yes);
+
     // If the request came from a previous process due to process-swap-on-navigation then we should not modify the request.
     if (m_currentLoadContinuingState == LoadContinuingState::ContinuingWithRequest)
@@ -2929 +2931 @@
         addSameSiteInfoToRequestIfNeeded(request, initiator);
     }
-    request.setIsTopSite(isMainFrameMainResource);
+
+    // In case of service worker navigation load, we inherit isTopSite from the FetchEvent request directly.
+    if (isServiceWorkerNavigationLoad == IsServiceWorkerNavigationLoad::No)
+        request.setIsTopSite(isMainFrameMainResource);
 
     Page* page = frame().page();

trunk/Source/WebCore/loader/FrameLoader.h

@@ -318 +318 @@
     bool alwaysAllowLocalWebarchive() const { return m_alwaysAllowLocalWebarchive; }
 
+    enum class IsServiceWorkerNavigationLoad : bool { No, Yes };
     // For subresource requests the FrameLoadType parameter has no effect and can be skipped.
-    void updateRequestAndAddExtraFields(ResourceRequest&, IsMainResource, FrameLoadType = FrameLoadType::Standard, ShouldUpdateAppInitiatedValue = ShouldUpdateAppInitiatedValue::Yes);
+    void updateRequestAndAddExtraFields(ResourceRequest&, IsMainResource, FrameLoadType = FrameLoadType::Standard, ShouldUpdateAppInitiatedValue = ShouldUpdateAppInitiatedValue::Yes, IsServiceWorkerNavigationLoad = IsServiceWorkerNavigationLoad::No);
 
     void scheduleRefreshIfNeeded(Document&, const String& content, IsMetaRefresh);

trunk/Source/WebCore/loader/cache/CachedResource.cpp

@@ -242 +242 @@
     // Navigation algorithm is setting up the request before sending it to CachedResourceLoader?CachedResource.
     // So no need for extra fields for MainResource.
-    if (type() != Type::MainResource)
-        frameLoader.updateRequestAndAddExtraFields(m_resourceRequest, IsMainResource::No);
+    if (type() != Type::MainResource) {
+        bool isServiceWorkerNavigationLoad = type() != Type::SVGDocumentResource && m_options.serviceWorkersMode == ServiceWorkersMode::None && (m_options.destination == FetchOptions::Destination::Document || m_options.destination == FetchOptions::Destination::Iframe);
+        frameLoader.updateRequestAndAddExtraFields(m_resourceRequest, IsMainResource::No, FrameLoadType::Standard, ShouldUpdateAppInitiatedValue::Yes, isServiceWorkerNavigationLoad ? FrameLoader::IsServiceWorkerNavigationLoad::Yes : FrameLoader::IsServiceWorkerNavigationLoad::No);
+    }
 
     // FIXME: It's unfortunate that the cache layer and below get to know anything about fragment identifiers.

trunk/Source/WebKit/ChangeLog

@@ +1 @@
+2021-12-08  Youenn Fablet  <youenn@apple.com>
+
+        Same-site lax cookies not sent by fetch event handler after page reload
+        https://bugs.webkit.org/show_bug.cgi?id=226386
+        <rdar://problem/78878853>
+
+        Reviewed by Chris Dumez.
+
+        StorageBlockingPolicy handling is not covered by generated code so explicit update StorageBlockingPolicy setting from preference store.
+        This impacts the computation of cookie/cache partitioning.
+
+        * WebProcess/Storage/WebSWContextManagerConnection.cpp:
+
 2021-12-08  Youenn Fablet  <youenn@apple.com>
 

trunk/Source/WebKit/WebProcess/Storage/WebSWContextManagerConnection.cpp

@@ -168 +168 @@
     auto lastNavigationWasAppInitiated = contextData.lastNavigationWasAppInitiated;
     auto page = makeUniqueRef<Page>(WTFMove(pageConfiguration));
-    if (m_preferencesStore)
+    if (m_preferencesStore) {
         WebPage::updateSettingsGenerated(*m_preferencesStore, page->settings());
+        page->settings().setStorageBlockingPolicy(static_cast<StorageBlockingPolicy>(m_preferencesStore->getUInt32ValueForKey(WebPreferencesKey::storageBlockingPolicyKey())));
+    }
     ServiceWorkerThreadProxy::setupPageForServiceWorker(page.get(), contextData);
     auto serviceWorkerThreadProxy = ServiceWorkerThreadProxy::create(WTFMove(page), WTFMove(contextData), WTFMove(workerData), WTFMove(effectiveUserAgent), workerThreadMode, WebProcess::singleton().cacheStorageProvider());