Changeset 248273 in webkit

Timestamp:

Aug 5, 2019 2:33:51 PM (5 years ago)

Author:

wilander@apple.com

Message:

Resource Load Statistics: Re-introduce latch mode for subresource cookie blocking
​https://bugs.webkit.org/show_bug.cgi?id=200395
<rdar://problem/53869611>

Reviewed by Darin Adler.

Back when we had a relaxation of cookie blocking 24 hours after first-party user
interaction, we made sure cookie blocking could be turned on and off in subresource
redirect chains. The 24 hour window is now long gone. This patch simplifies the
cookie blocking so that once a subresource request is denied cookies, any
subsequent redirect of that request will also be denied cookies, regardless of the
classification status of the domains involved. I call it latch mode.

Source/WebKit:

• NetworkProcess/cocoa/NetworkDataTaskCocoa.h:
• NetworkProcess/cocoa/NetworkDataTaskCocoa.mm:

(WebKit::NetworkDataTaskCocoa::blockCookies):
(WebKit::NetworkDataTaskCocoa::NetworkDataTaskCocoa):
(WebKit::NetworkDataTaskCocoa::willPerformHTTPRedirection):
(WebKit::NetworkDataTaskCocoa::applyCookieBlockingPolicy): Deleted.

LayoutTests:

• http/tests/resourceLoadStatistics/do-not-remove-blocking-in-redirect-expected.txt: Renamed from LayoutTests/http/tests/resourceLoadStatistics/remove-blocking-in-redirect-expected.txt.
• http/tests/resourceLoadStatistics/do-not-remove-blocking-in-redirect.html: Renamed from LayoutTests/http/tests/resourceLoadStatistics/remove-blocking-in-redirect.html.

Changed to expect no removal of blocking in the redirect and renamed accordingly.

• platform/ios/TestExpectations:

Renamed.

• platform/mac-wk2/TestExpectations:

Renamed.

• platform/wk2/TestExpectations:

Renamed.

Location:

trunk

Files:

• LayoutTests/ChangeLog (modified) (1 diff)
• LayoutTests/http/tests/resourceLoadStatistics/do-not-remove-blocking-in-redirect-expected.txt (moved) (moved from trunk/LayoutTests/http/tests/resourceLoadStatistics/remove-blocking-in-redirect-expected.txt) (2 diffs)
• LayoutTests/http/tests/resourceLoadStatistics/do-not-remove-blocking-in-redirect.html (moved) (moved from trunk/LayoutTests/http/tests/resourceLoadStatistics/remove-blocking-in-redirect.html) (3 diffs)
• LayoutTests/platform/ios/TestExpectations (modified) (1 diff)
• LayoutTests/platform/mac-wk2/TestExpectations (modified) (1 diff)
• LayoutTests/platform/wk2/TestExpectations (modified) (1 diff)
• Source/WebKit/ChangeLog (modified) (1 diff)
• Source/WebKit/NetworkProcess/cocoa/NetworkDataTaskCocoa.h (modified) (1 diff)
• Source/WebKit/NetworkProcess/cocoa/NetworkDataTaskCocoa.mm (modified) (3 diffs)

trunk/LayoutTests/ChangeLog

@@ +1 @@
+2019-08-05  John Wilander  <wilander@apple.com>
+
+        Resource Load Statistics: Re-introduce latch mode for subresource cookie blocking
+        https://bugs.webkit.org/show_bug.cgi?id=200395
+        <rdar://problem/53869611>
+
+        Reviewed by Darin Adler.
+
+        Back when we had a relaxation of cookie blocking 24 hours after first-party user
+        interaction, we made sure cookie blocking could be turned on and off in subresource
+        redirect chains. The 24 hour window is now long gone. This patch simplifies the
+        cookie blocking so that once a subresource request is denied cookies, any
+        subsequent redirect of that request will also be denied cookies, regardless of the
+        classification status of the domains involved. I call it latch mode.
+
+        * http/tests/resourceLoadStatistics/do-not-remove-blocking-in-redirect-expected.txt: Renamed from LayoutTests/http/tests/resourceLoadStatistics/remove-blocking-in-redirect-expected.txt.
+        * http/tests/resourceLoadStatistics/do-not-remove-blocking-in-redirect.html: Renamed from LayoutTests/http/tests/resourceLoadStatistics/remove-blocking-in-redirect.html.
+            Changed to expect no removal of blocking in the redirect and renamed accordingly.
+        * platform/ios/TestExpectations:
+            Renamed.
+        * platform/mac-wk2/TestExpectations:
+            Renamed.
+        * platform/wk2/TestExpectations:
+            Renamed.
+
 2019-08-05  Youenn Fablet  <youenn@apple.com>
 

trunk/LayoutTests/http/tests/resourceLoadStatistics/do-not-remove-blocking-in-redirect-expected.txt

@@ -1 @@
-Tests that blocking is removed mid-flight in redirects.
+Tests that blocking is not removed mid-flight in redirects.
 
 On success, you will see a series of "PASS" messages, followed by "TEST COMPLETE".
@@ -45 +45 @@
 Frame: '<!--frame5-->'
 --------
-Redirect case 2, should receive first-party cookie for 127.0.0.1.
-Received cookie named 'firstPartyCookieIP'.
+Redirect case 2, should not receive first-party cookie for 127.0.0.1.
+Did not receive cookie named 'firstPartyCookieIP'.
 Did not receive cookie named 'firstPartyCookieLocalhost'.
 Did not receive cookie named 'thirdPartyCookie'.

trunk/LayoutTests/http/tests/resourceLoadStatistics/do-not-remove-blocking-in-redirect.html

@@ -8 +8 @@
 <body>
 <script>
-    description("Tests that blocking is removed mid-flight in redirects.");
+    description("Tests that blocking is not removed mid-flight in redirects.");
     jsTestIsAsync = true;
 
@@ -38 +38 @@
                 if (document.location.origin === thirdPartyOrigin) {
                     document.cookie = firstPartyCookieNameLocalhost + "=localhost;path='/'";
-                    document.location.href = "http://127.0.0.1:8000/resourceLoadStatistics/remove-blocking-in-redirect.html#step2";
+                    document.location.href = "http://127.0.0.1:8000/resourceLoadStatistics/do-not-remove-blocking-in-redirect.html#step2";
                 } else {
                     document.cookie = firstPartyCookieNameIP + "=127.0.0.1;path='/'";
-                    document.location.href = "http://localhost:8000/resourceLoadStatistics/remove-blocking-in-redirect.html#step1";
+                    document.location.href = "http://localhost:8000/resourceLoadStatistics/do-not-remove-blocking-in-redirect.html#step1";
                 }
                 break;
@@ -76 +76 @@
                 // Load an iframe in a redirect chain that starts with localhost and ends with 127.0.0.1. Expect a cookie for 127.0.0.1.
                 document.location.hash = "step8";
-                openIframe(redirectChainUrl + "&message=Redirect case 2, should receive first-party cookie for 127.0.0.1.", runTest);
+                openIframe(redirectChainUrl + "&message=Redirect case 2, should not receive first-party cookie for 127.0.0.1.", runTest);
                 break;
             case "#step8":

trunk/LayoutTests/platform/ios/TestExpectations

@@ -2784 +2784 @@
 http/tests/resourceLoadStatistics/non-prevalent-resources-can-access-cookies-in-a-third-party-context.html [ Pass ]
 http/tests/resourceLoadStatistics/add-blocking-to-redirect.html [ Pass ]
-http/tests/resourceLoadStatistics/remove-blocking-in-redirect.html [ Pass ]
+http/tests/resourceLoadStatistics/do-not-remove-blocking-in-redirect.html [ Pass ]
 http/tests/resourceLoadStatistics/grandfathering.html [ Pass ]
 http/tests/resourceLoadStatistics/clear-in-memory-and-persistent-store.html [ Pass ]

trunk/LayoutTests/platform/mac-wk2/TestExpectations

@@ -792 +792 @@
 [ HighSierra+ ] http/tests/resourceLoadStatistics/non-prevalent-resources-can-access-cookies-in-a-third-party-context.html [ Pass ]
 [ HighSierra+ ] http/tests/resourceLoadStatistics/add-blocking-to-redirect.html [ Pass ]
-[ HighSierra+ ] http/tests/resourceLoadStatistics/remove-blocking-in-redirect.html [ Pass ]
+[ HighSierra+ ] http/tests/resourceLoadStatistics/do-not-remove-blocking-in-redirect.html [ Pass ]
 [ HighSierra+ ] http/tests/resourceLoadStatistics/clear-in-memory-and-persistent-store.html [ Pass ]
 [ HighSierra+ ] http/tests/resourceLoadStatistics/clear-in-memory-and-persistent-store-one-hour.html [ Pass ]

trunk/LayoutTests/platform/wk2/TestExpectations

@@ -737 +737 @@
 http/tests/resourceLoadStatistics/strip-referrer-to-origin-for-prevalent-subresource-requests.html [ Skip ]
 http/tests/resourceLoadStatistics/add-blocking-to-redirect.html [ Skip ]
-http/tests/resourceLoadStatistics/remove-blocking-in-redirect.html [ Skip ]
+http/tests/resourceLoadStatistics/do-not-remove-blocking-in-redirect.html [ Skip ]
 http/tests/resourceLoadStatistics/non-prevalent-resources-can-access-cookies-in-a-third-party-context.html [ Skip ]
 http/tests/resourceLoadStatistics/cap-cache-max-age-for-prevalent-resource.html [ Skip ]

trunk/Source/WebKit/ChangeLog

@@ +1 @@
+2019-08-05  John Wilander  <wilander@apple.com>
+
+        Resource Load Statistics: Re-introduce latch mode for subresource cookie blocking
+        https://bugs.webkit.org/show_bug.cgi?id=200395
+        <rdar://problem/53869611>
+
+        Reviewed by Darin Adler.
+
+        Back when we had a relaxation of cookie blocking 24 hours after first-party user
+        interaction, we made sure cookie blocking could be turned on and off in subresource
+        redirect chains. The 24 hour window is now long gone. This patch simplifies the
+        cookie blocking so that once a subresource request is denied cookies, any
+        subsequent redirect of that request will also be denied cookies, regardless of the
+        classification status of the domains involved. I call it latch mode.
+
+        * NetworkProcess/cocoa/NetworkDataTaskCocoa.h:
+        * NetworkProcess/cocoa/NetworkDataTaskCocoa.mm:
+        (WebKit::NetworkDataTaskCocoa::blockCookies):
+        (WebKit::NetworkDataTaskCocoa::NetworkDataTaskCocoa):
+        (WebKit::NetworkDataTaskCocoa::willPerformHTTPRedirection):
+        (WebKit::NetworkDataTaskCocoa::applyCookieBlockingPolicy): Deleted.
+
 2019-08-05  Youenn Fablet  <youenn@apple.com>
 

trunk/Source/WebKit/NetworkProcess/cocoa/NetworkDataTaskCocoa.h

@@ -85 +85 @@
 #if ENABLE(RESOURCE_LOAD_STATISTICS)
     static NSHTTPCookieStorage *statelessCookieStorage();
-    void applyCookieBlockingPolicy(bool shouldBlock);
+    void blockCookies();
 #endif
     bool isThirdPartyRequest(const WebCore::ResourceRequest&);

trunk/Source/WebKit/NetworkProcess/cocoa/NetworkDataTaskCocoa.mm

@@ -132 +132 @@
 }
 
-void NetworkDataTaskCocoa::applyCookieBlockingPolicy(bool shouldBlock)
+void NetworkDataTaskCocoa::blockCookies()
 {
     ASSERT(hasProcessPrivilege(ProcessPrivilege::CanAccessRawCookies));
 
-    if (shouldBlock == m_hasBeenSetToUseStatelessCookieStorage)
-        return;
-
-    NSHTTPCookieStorage *storage = nil;
-    if (shouldBlock)
-        storage = statelessCookieStorage();
-    else if (auto* storageSession = m_session->networkStorageSession())
-        storage = storageSession->nsCookieStorage();
-    if (storage) {
-        [m_task _setExplicitCookieStorage:storage._cookieStorage];
-        m_hasBeenSetToUseStatelessCookieStorage = shouldBlock;
-    }
+    if (m_hasBeenSetToUseStatelessCookieStorage)
+        return;
+
+    [m_task _setExplicitCookieStorage:statelessCookieStorage()._cookieStorage];
+    m_hasBeenSetToUseStatelessCookieStorage = true;
 }
 #endif
@@ -262 +255 @@
         LOG(NetworkSession, "%llu Blocking cookies for URL %s", [m_task taskIdentifier], nsRequest.URL.absoluteString.UTF8String);
 #endif
-        applyCookieBlockingPolicy(shouldBlockCookies);
+        blockCookies();
     }
 #endif
@@ -385 +378 @@
 
 #if ENABLE(RESOURCE_LOAD_STATISTICS)
-    bool shouldBlockCookies = m_storedCredentialsPolicy == WebCore::StoredCredentialsPolicy::EphemeralStatelessCookieless
-        || (m_session->networkStorageSession() && m_session->networkStorageSession()->shouldBlockCookies(request, m_frameID, m_pageID));
+    if (!m_hasBeenSetToUseStatelessCookieStorage) {
+        if (m_storedCredentialsPolicy == WebCore::StoredCredentialsPolicy::EphemeralStatelessCookieless
+            || (m_session->networkStorageSession() && m_session->networkStorageSession()->shouldBlockCookies(request, m_frameID, m_pageID)))
+            blockCookies();
+    }
 #if !RELEASE_LOG_DISABLED
     if (m_session->shouldLogCookieInformation())
-        RELEASE_LOG_IF(isAlwaysOnLoggingAllowed(), Network, "%p - NetworkDataTaskCocoa::willPerformHTTPRedirection::logCookieInformation: pageID = %llu, frameID = %llu, taskID = %lu: %s cookies for redirect URL %s", this, m_pageID.toUInt64(), m_frameID, (unsigned long)[m_task taskIdentifier], (shouldBlockCookies ? "Blocking" : "Not blocking"), request.url().string().utf8().data());
+        RELEASE_LOG_IF(isAlwaysOnLoggingAllowed(), Network, "%p - NetworkDataTaskCocoa::willPerformHTTPRedirection::logCookieInformation: pageID = %llu, frameID = %llu, taskID = %lu: %s cookies for redirect URL %s", this, m_pageID.toUInt64(), m_frameID, (unsigned long)[m_task taskIdentifier], (m_hasBeenSetToUseStatelessCookieStorage ? "Blocking" : "Not blocking"), request.url().string().utf8().data());
 #else
-    LOG(NetworkSession, "%llu %s cookies for redirect URL %s", [m_task taskIdentifier], (shouldBlockCookies ? "Blocking" : "Not blocking"), request.url().string().utf8().data());
-#endif
-#endif
-
-#if ENABLE(RESOURCE_LOAD_STATISTICS)
-    // Always apply the policy since blocking may need to be turned on or off in a redirect.
-    applyCookieBlockingPolicy(shouldBlockCookies);
-
-    if (!shouldBlockCookies) {
-#if !RELEASE_LOG_DISABLED
-        if (m_session->shouldLogCookieInformation())
-            RELEASE_LOG_IF(isAlwaysOnLoggingAllowed(), Network, "%p - NetworkDataTaskCocoa::willPerformHTTPRedirection::logCookieInformation: pageID = %llu, frameID = %llu, taskID = %lu: Not partitioning cookies for redirect URL %s", this, m_pageID.toUInt64(), m_frameID, (unsigned long)[m_task taskIdentifier], request.url().string().utf8().data());
-#else
-        LOG(NetworkSession, "%llu Not partitioning cookies for redirect URL %s", [m_task taskIdentifier], request.url().string().utf8().data());
-#endif
-    }
+    LOG(NetworkSession, "%llu %s cookies for redirect URL %s", [m_task taskIdentifier], (m_hasBeenSetToUseStatelessCookieStorage ? "Blocking" : "Not blocking"), request.url().string().utf8().data());
+#endif
 #endif