Changeset 231524 in webkit

Timestamp:

May 8, 2018 4:59:29 PM (6 years ago)

Author:

wilander@apple.com

Message:

Storage Access API: Make user opt-in sticky
​https://bugs.webkit.org/show_bug.cgi?id=185454
<rdar://problem/40003946>

Reviewed by Alex Christensen.

This patch persists the user's choice to opt-in to access under specific domains.
Such storage access should age out with the accessing domain's cookies and website
data. The opt-in prompt is still an experimental feature.

• UIProcess/WebResourceLoadStatisticsStore.cpp:

(WebKit::WebResourceLoadStatisticsStore::hasStorageAccess):
(WebKit::WebResourceLoadStatisticsStore::requestStorageAccess):
(WebKit::WebResourceLoadStatisticsStore::requestStorageAccessUnderOpener):
(WebKit::WebResourceLoadStatisticsStore::grantStorageAccess):
(WebKit::WebResourceLoadStatisticsStore::grantStorageAccessInternal):
(WebKit::WebResourceLoadStatisticsStore::hasUserGrantedStorageAccessThroughPrompt const):
(WebKit::WebResourceLoadStatisticsStore::hasHadUnexpiredRecentUserInteraction const):

• UIProcess/WebResourceLoadStatisticsStore.h:

Location:

trunk/Source/WebKit

Files:

• ChangeLog (modified) (1 diff)
• UIProcess/WebResourceLoadStatisticsStore.cpp (modified) (8 diffs)
• UIProcess/WebResourceLoadStatisticsStore.h (modified) (3 diffs)

trunk/Source/WebKit/ChangeLog

@@ +1 @@
+2018-05-08  John Wilander  <wilander@apple.com>
+
+        Storage Access API: Make user opt-in sticky
+        https://bugs.webkit.org/show_bug.cgi?id=185454
+        <rdar://problem/40003946>
+
+        Reviewed by Alex Christensen.
+
+        This patch persists the user's choice to opt-in to access under specific domains.
+        Such storage access should age out with the accessing domain's cookies and website
+        data. The opt-in prompt is still an experimental feature.
+
+        * UIProcess/WebResourceLoadStatisticsStore.cpp:
+        (WebKit::WebResourceLoadStatisticsStore::hasStorageAccess):
+        (WebKit::WebResourceLoadStatisticsStore::requestStorageAccess):
+        (WebKit::WebResourceLoadStatisticsStore::requestStorageAccessUnderOpener):
+        (WebKit::WebResourceLoadStatisticsStore::grantStorageAccess):
+        (WebKit::WebResourceLoadStatisticsStore::grantStorageAccessInternal):
+        (WebKit::WebResourceLoadStatisticsStore::hasUserGrantedStorageAccessThroughPrompt const):
+        (WebKit::WebResourceLoadStatisticsStore::hasHadUnexpiredRecentUserInteraction const):
+        * UIProcess/WebResourceLoadStatisticsStore.h:
+
 2018-05-08  Daniel Bates  <dabates@apple.com>
 

trunk/Source/WebKit/UIProcess/WebResourceLoadStatisticsStore.cpp

@@ -343 +343 @@
         auto& subFrameStatistic = ensureResourceStatisticsForPrimaryDomain(subFramePrimaryDomain);
         if (shouldBlockCookies(subFrameStatistic)) {
-            callback(false);
+            RunLoop::main().dispatch([callback = WTFMove(callback)] {
+                callback(false);
+            });
             return;
         }
 
         if (!shouldPartitionCookies(subFrameStatistic)) {
-            callback(true);
+            RunLoop::main().dispatch([callback = WTFMove(callback)] {
+                callback(true);
+            });
             return;
         }
 
-        m_hasStorageAccessForFrameHandler(subFramePrimaryDomain, topFramePrimaryDomain, frameID, pageID, WTFMove(callback));
+        m_hasStorageAccessForFrameHandler(subFramePrimaryDomain, topFramePrimaryDomain, frameID, pageID, [callback = WTFMove(callback)] (bool value) mutable {
+            RunLoop::main().dispatch([callback = WTFMove(callback), value] () mutable {
+                callback(value);
+            });
+        });
     });
 }
@@ -385 +393 @@
         }
 
-        if (promptEnabled) {
+        auto userWasPromptedEarlier = promptEnabled && hasUserGrantedStorageAccessThroughPrompt(subFrameStatistic, topFramePrimaryDomain);
+        if (promptEnabled && !userWasPromptedEarlier) {
             RunLoop::main().dispatch([callback = WTFMove(callback)] {
                 callback(StorageAccessStatus::RequiresUserPrompt);
@@ -394 +403 @@
         subFrameStatistic.timesAccessedAsFirstPartyDueToStorageAccessAPI++;
 
-        grantStorageAccessInternal(WTFMove(subFramePrimaryDomain), WTFMove(topFramePrimaryDomain), frameID, pageID, false, [callback = WTFMove(callback)] (bool wasGrantedAccess) mutable {
+        grantStorageAccessInternal(WTFMove(subFramePrimaryDomain), WTFMove(topFramePrimaryDomain), frameID, pageID, userWasPromptedEarlier, [callback = WTFMove(callback)] (bool wasGrantedAccess) mutable {
             RunLoop::main().dispatch([callback = WTFMove(callback), wasGrantedAccess] () mutable {
                 callback(wasGrantedAccess ? StorageAccessStatus::HasAccess : StorageAccessStatus::CannotRequestAccess);
@@ -402 +411 @@
 }
 
-void WebResourceLoadStatisticsStore::requestStorageAccessUnderOpener(String&& domainInNeedOfStorageAccess, uint64_t openerPageID, String&& openerDomain, bool isTriggeredByUserGesture)
-{
-    ASSERT(domainInNeedOfStorageAccess != openerDomain);
-    ASSERT(!RunLoop::isMain());
-
-    if (domainInNeedOfStorageAccess == openerDomain)
-        return;
-
-    auto& domainInNeedOfStorageAccessStatistic = ensureResourceStatisticsForPrimaryDomain(domainInNeedOfStorageAccess);
+void WebResourceLoadStatisticsStore::requestStorageAccessUnderOpener(String&& primaryDomainInNeedOfStorageAccess, uint64_t openerPageID, String&& openerPrimaryDomain, bool isTriggeredByUserGesture)
+{
+    ASSERT(primaryDomainInNeedOfStorageAccess != openerPrimaryDomain);
+    ASSERT(!RunLoop::isMain());
+
+    if (primaryDomainInNeedOfStorageAccess == openerPrimaryDomain)
+        return;
+
+    auto& domainInNeedOfStorageAccessStatistic = ensureResourceStatisticsForPrimaryDomain(primaryDomainInNeedOfStorageAccess);
     auto cookiesBlocked = shouldBlockCookies(domainInNeedOfStorageAccessStatistic);
 
@@ -421 +430 @@
         return;
 
-    grantStorageAccessInternal(WTFMove(domainInNeedOfStorageAccess), WTFMove(openerDomain), std::nullopt, openerPageID, false, [](bool) { });
 #if !RELEASE_LOG_DISABLED
-    RELEASE_LOG_INFO_IF(m_debugLoggingEnabled, ResourceLoadStatisticsDebug, "Grant storage access for %{public}s under opener %{public}s, %{public}s user interaction.", domainInNeedOfStorageAccess.utf8().data(), openerDomain.utf8().data(), (isTriggeredByUserGesture ? "with" : "without"));
+    RELEASE_LOG_INFO_IF(m_debugLoggingEnabled, ResourceLoadStatisticsDebug, "Grant storage access for %{public}s under opener %{public}s, %{public}s user interaction.", primaryDomainInNeedOfStorageAccess.utf8().data(), openerPrimaryDomain.utf8().data(), (isTriggeredByUserGesture ? "with" : "without"));
 #endif
-}
-
-void WebResourceLoadStatisticsStore::grantStorageAccess(String&& subFrameHost, String&& topFrameHost, uint64_t frameID, uint64_t pageID, bool userWasPrompted, CompletionHandler<void(bool)>&& callback)
+    grantStorageAccessInternal(WTFMove(primaryDomainInNeedOfStorageAccess), WTFMove(openerPrimaryDomain), std::nullopt, openerPageID, false, [](bool) { });
+}
+
+void WebResourceLoadStatisticsStore::grantStorageAccess(String&& subFrameHost, String&& topFrameHost, uint64_t frameID, uint64_t pageID, bool userWasPromptedNow, CompletionHandler<void(bool)>&& callback)
 {
     ASSERT(RunLoop::isMain());
-    m_statisticsQueue->dispatch([this, protectedThis = makeRef(*this), subFrameHost = crossThreadCopy(subFrameHost), topFrameHost = crossThreadCopy(topFrameHost), frameID, pageID, userWasPrompted, callback = WTFMove(callback)] () mutable {
-        grantStorageAccessInternal(WTFMove(subFrameHost), WTFMove(topFrameHost), frameID, pageID, userWasPrompted, [callback = WTFMove(callback)] (bool wasGrantedAccess) mutable {
+    m_statisticsQueue->dispatch([this, protectedThis = makeRef(*this), subFrameHost = crossThreadCopy(subFrameHost), topFrameHost = crossThreadCopy(topFrameHost), frameID, pageID, userWasPromptedNow, callback = WTFMove(callback)] () mutable {
+        auto subFramePrimaryDomain = isolatedPrimaryDomain(subFrameHost);
+        auto topFramePrimaryDomain = isolatedPrimaryDomain(topFrameHost);
+        if (userWasPromptedNow) {
+            auto& subFrameStatistic = ensureResourceStatisticsForPrimaryDomain(subFramePrimaryDomain);
+            ASSERT(subFrameStatistic.hadUserInteraction);
+            subFrameStatistic.storageAccessUnderTopFrameOrigins.add(topFramePrimaryDomain);
+        }
+        grantStorageAccessInternal(WTFMove(subFrameHost), WTFMove(topFrameHost), frameID, pageID, userWasPromptedNow, [callback = WTFMove(callback)] (bool wasGrantedAccess) mutable {
             RunLoop::main().dispatch([callback = WTFMove(callback), wasGrantedAccess] () mutable {
                 callback(wasGrantedAccess);
@@ -439 +455 @@
 }
 
-void WebResourceLoadStatisticsStore::grantStorageAccessInternal(String&& subFrameHost, String&& topFrameHost, std::optional<uint64_t> frameID, uint64_t pageID, bool userWasPrompted, CompletionHandler<void(bool)>&& callback)
-{
-    ASSERT(!RunLoop::isMain());
-    auto subFramePrimaryDomain = isolatedPrimaryDomain(subFrameHost);
-    auto topFramePrimaryDomain = isolatedPrimaryDomain(topFrameHost);
+void WebResourceLoadStatisticsStore::grantStorageAccessInternal(String&& subFramePrimaryDomain, String&& topFramePrimaryDomain, std::optional<uint64_t> frameID, uint64_t pageID, bool userWasPromptedNowOrEarlier, CompletionHandler<void(bool)>&& callback)
+{
+    UNUSED_PARAM(userWasPromptedNowOrEarlier);
+    ASSERT(!RunLoop::isMain());
+
     if (subFramePrimaryDomain == topFramePrimaryDomain) {
         callback(true);
         return;
     }
-    
+
     m_grantStorageAccessHandler(subFramePrimaryDomain, topFramePrimaryDomain, frameID, pageID, WTFMove(callback));
 }
@@ -1046 +1062 @@
 }
 
+bool WebResourceLoadStatisticsStore::hasUserGrantedStorageAccessThroughPrompt(const ResourceLoadStatistics& statistic, const String& firstPartyPrimaryDomain) const
+{
+    return statistic.storageAccessUnderTopFrameOrigins.contains(firstPartyPrimaryDomain);
+}
+
 void WebResourceLoadStatisticsStore::updateCookiePartitioning(CompletionHandler<void()>&& callback)
 {
@@ -1194 +1215 @@
         // it has been reset as opposed to its default -1.
         resourceStatistic.mostRecentUserInteractionTime = { };
+        resourceStatistic.storageAccessUnderTopFrameOrigins.clear();
         resourceStatistic.hadUserInteraction = false;
     }

trunk/Source/WebKit/UIProcess/WebResourceLoadStatisticsStore.h

@@ -92 +92 @@
     void hasStorageAccess(String&& subFrameHost, String&& topFrameHost, uint64_t frameID, uint64_t pageID, WTF::CompletionHandler<void (bool)>&& callback);
     void requestStorageAccess(String&& subFrameHost, String&& topFrameHost, uint64_t frameID, uint64_t pageID, bool promptEnabled, CompletionHandler<void(StorageAccessStatus)>&&);
-    void requestStorageAccessUnderOpener(String&& domainInNeedOfStorageAccess, uint64_t openerPageID, String&& openerDomain, bool isTriggeredByUserGesture);
-    void grantStorageAccess(String&& subFrameHost, String&& topFrameHost, uint64_t frameID, uint64_t pageID, bool userWasPrompted, CompletionHandler<void(bool)>&&);
+    void requestStorageAccessUnderOpener(String&& primaryDomainInNeedOfStorageAccess, uint64_t openerPageID, String&& openerPrimaryDomain, bool isTriggeredByUserGesture);
+    void grantStorageAccess(String&& subFrameHost, String&& topFrameHost, uint64_t frameID, uint64_t pageID, bool userWasPromptedNow, CompletionHandler<void(bool)>&&);
     void requestStorageAccessCallback(bool wasGranted, uint64_t contextId);
 
@@ -172 +172 @@
     bool shouldPartitionCookies(const WebCore::ResourceLoadStatistics&) const;
     bool shouldBlockCookies(const WebCore::ResourceLoadStatistics&) const;
+    bool hasUserGrantedStorageAccessThroughPrompt(const WebCore::ResourceLoadStatistics&, const String& firstPartyPrimaryDomain) const;
     bool hasStatisticsExpired(const WebCore::ResourceLoadStatistics&) const;
     bool hasHadUnexpiredRecentUserInteraction(WebCore::ResourceLoadStatistics&) const;
@@ -186 +187 @@
 
     void resetCookiePartitioningState();
-    void grantStorageAccessInternal(String&& subFrameHost, String&& topFrameHost, std::optional<uint64_t> frameID, uint64_t pageID, bool userWasPrompted, CompletionHandler<void(bool)>&&);
+    StorageAccessStatus storageAccessStatus(const String& subFramePrimaryDomain, const String& topFramePrimaryDomain);
+    void grantStorageAccessInternal(String&& subFrameHost, String&& topFrameHost, std::optional<uint64_t> frameID, uint64_t pageID, bool userWasPromptedNowOrEarlier, CompletionHandler<void(bool)>&&);
     void removeAllStorageAccess();