WebKit Bugzilla
Attachment 338765 Details for
Bug 184948
: Don't Block First Party Cookies on Redirects
Home
|
New
|
Browse
|
Search
|
[?]
|
Reports
|
Requests
|
Help
|
New Account
|
Log In
Remember
[x]
|
Forgot Password
Login:
[x]
[patch]
Patch for landing
bug-184948-20180425115614.patch (text/plain), 31.87 KB, created by
Brent Fulgham
on 2018-04-25 11:56:15 PDT
(
hide
)
Description:
Patch for landing
Filename:
MIME Type:
Creator:
Brent Fulgham
Created:
2018-04-25 11:56:15 PDT
Size:
31.87 KB
patch
obsolete
>Index: Source/WebCore/ChangeLog >=================================================================== >--- Source/WebCore/ChangeLog (revision 230983) >+++ Source/WebCore/ChangeLog (working copy) >@@ -1,3 +1,17 @@ >+2018-04-25 Brent Fulgham <bfulgham@apple.com> >+ >+ Don't Block First Party Cookies on Redirects >+ https://bugs.webkit.org/show_bug.cgi?id=184948 >+ <rdar://problem/39534099> >+ >+ Reviewed by Youenn Fablet. >+ >+ The Navigation scheduler looses the 'requester' value when performing a ScheduledRedirect. >+ >+ Test: http/tests/resourceLoadStatistics/do-not-block-top-level-navigation-redirect.html >+ >+ * loader/NavigationScheduler.cpp: >+ > 2018-04-24 Ryosuke Niwa <rniwa@webkit.org> > > Release assert in ScriptController::canExecuteScripts via CachedSVGFont::ensureCustomFontData during >Index: Source/WebCore/loader/NavigationScheduler.cpp >=================================================================== >--- Source/WebCore/loader/NavigationScheduler.cpp (revision 230983) >+++ Source/WebCore/loader/NavigationScheduler.cpp (working copy) >@@ -183,6 +183,8 @@ public: > > bool refresh = equalIgnoringFragmentIdentifier(frame.document()->url(), url()); > ResourceRequest resourceRequest { url(), referrer(), refresh ? ReloadIgnoringCacheData : UseProtocolCachePolicy }; >+ if (initiatedByMainFrame() == InitiatedByMainFrame::Yes) >+ resourceRequest.setRequester(ResourceRequest::Requester::Main); > FrameLoadRequest frameLoadRequest { initiatingDocument(), *securityOrigin(), resourceRequest, "_self", lockHistory(), lockBackForwardList(), MaybeSendReferrer, AllowNavigationToInvalidURL::No, NewFrameOpenerPolicy::Allow, shouldOpenExternalURLs(), initiatedByMainFrame() }; > > frame.loader().changeLocation(WTFMove(frameLoadRequest)); >Index: Source/WebKit/ChangeLog >=================================================================== >--- Source/WebKit/ChangeLog (revision 230994) >+++ Source/WebKit/ChangeLog (working copy) >@@ -1,3 +1,49 @@ >+2018-04-25 Brent Fulgham <bfulgham@apple.com> >+ >+ Don't Block First Party Cookies on Redirects >+ https://bugs.webkit.org/show_bug.cgi?id=184948 >+ <rdar://problem/39534099> >+ >+ Reviewed by Youenn Fablet. >+ >+ Top-level navigations should not be subject to cookie blocking behavior. When performing redirects for main frame >+ navigation we are blocking cookies, leading to site breakage. >+ >+ We need to keep track of which NetworkDataTasks are due to a main frame navigation. When a redirect is performed >+ on the main frame, we should treat the new origin as the 'first party for cookies' and avoid blocking cookies for >+ that URL. >+ >+ * NetworkProcess/NetworkConnectionToWebProcess.cpp: >+ (WebKit::NetworkConnectionToWebProcess::preconnectTo): Use the correct parameter type. We actually serialize >+ NetworkResourceLoadParameters over IPC, so we should get access to all the members of this child class. >+ * NetworkProcess/NetworkConnectionToWebProcess.h: >+ * NetworkProcess/NetworkDataTask.cpp: >+ (WebKit::NetworkDataTask::create): Pass new 'loadIsForNavigation' flag to create methods. >+ (WebKit::NetworkDataTask::NetworkDataTask): Capture 'loadIsForNavigation' in constructor. >+ * NetworkProcess/NetworkDataTask.h: >+ (WebKit::NetworkDataTask::isTopLevelNavigation const): Added. >+ * NetworkProcess/NetworkDataTaskBlob.cpp: >+ (WebKit::NetworkDataTaskBlob::NetworkDataTaskBlob): Accept new constructor argument. >+ * NetworkProcess/NetworkDataTaskBlob.h: >+ * NetworkProcess/NetworkLoad.cpp: >+ (WebKit::NetworkLoad::willPerformHTTPRedirection): Retain requester value from old request during redirect. >+ * NetworkProcess/NetworkResourceLoadParameters.cpp: >+ (NetworkResourceLoadParameters::decode): Update to pass new flag. >+ (NetworkResourceLoadParameters::encode): Ditto. >+ * NetworkProcess/NetworkLoadParameters.h: >+ * NetworkProcess/capture/NetworkDataTaskReplay.cpp: >+ (WebKit::NetworkCapture::NetworkDataTaskReplay::NetworkDataTaskReplay): Accept new constructor argument. >+ * NetworkProcess/cocoa/NetworkDataTaskCocoa.h: >+ * NetworkProcess/cocoa/NetworkDataTaskCocoa.mm: >+ (WebKit::NetworkDataTaskCocoa::NetworkDataTaskCocoa): Accept new constructor argument. >+ (WebKit::NetworkDataTaskCocoa::willPerformHTTPRedirection): >+ * NetworkProcess/curl/NetworkDataTaskCurl.cpp: >+ (WebKit::NetworkDataTaskCurl::NetworkDataTaskCurl): Accept new constructor argument. >+ * NetworkProcess/curl/NetworkDataTaskCurl.h: >+ * NetworkProcess/soup/NetworkDataTaskSoup.cpp: >+ (WebKit::NetworkDataTaskSoup::NetworkDataTaskSoup): Accept new constructor argument. >+ * NetworkProcess/soup/NetworkDataTaskSoup.h: >+ > 2018-04-25 Dean Jackson <dino@apple.com> > > Make a better flag for system preview, and disable it where necessary >Index: Source/WebKit/NetworkProcess/NetworkConnectionToWebProcess.cpp >=================================================================== >--- Source/WebKit/NetworkProcess/NetworkConnectionToWebProcess.cpp (revision 230983) >+++ Source/WebKit/NetworkProcess/NetworkConnectionToWebProcess.cpp (working copy) >@@ -301,7 +301,7 @@ void NetworkConnectionToWebProcess::pref > NetworkProcess::singleton().prefetchDNS(hostname); > } > >-void NetworkConnectionToWebProcess::preconnectTo(uint64_t preconnectionIdentifier, NetworkLoadParameters&& parameters) >+void NetworkConnectionToWebProcess::preconnectTo(uint64_t preconnectionIdentifier, NetworkResourceLoadParameters&& parameters) > { > #if ENABLE(SERVER_PRECONNECT) > new PreconnectTask(WTFMove(parameters), [this, protectedThis = makeRef(*this), identifier = preconnectionIdentifier] (const ResourceError& error) { >Index: Source/WebKit/NetworkProcess/NetworkConnectionToWebProcess.h >=================================================================== >--- Source/WebKit/NetworkProcess/NetworkConnectionToWebProcess.h (revision 230983) >+++ Source/WebKit/NetworkProcess/NetworkConnectionToWebProcess.h (working copy) >@@ -130,7 +130,7 @@ private: > void performSynchronousLoad(NetworkResourceLoadParameters&&, Ref<Messages::NetworkConnectionToWebProcess::PerformSynchronousLoad::DelayedReply>&&); > void loadPing(NetworkResourceLoadParameters&&); > void prefetchDNS(const String&); >- void preconnectTo(uint64_t preconnectionIdentifier, NetworkLoadParameters&&); >+ void preconnectTo(uint64_t preconnectionIdentifier, NetworkResourceLoadParameters&&); > > void removeLoadIdentifier(ResourceLoadIdentifier); > void setDefersLoading(ResourceLoadIdentifier, bool); >Index: Source/WebKit/NetworkProcess/NetworkDataTask.cpp >=================================================================== >--- Source/WebKit/NetworkProcess/NetworkDataTask.cpp (revision 230983) >+++ Source/WebKit/NetworkProcess/NetworkDataTask.cpp (working copy) >@@ -51,20 +51,20 @@ namespace WebKit { > Ref<NetworkDataTask> NetworkDataTask::create(NetworkSession& session, NetworkDataTaskClient& client, const NetworkLoadParameters& parameters) > { > if (parameters.request.url().protocolIsBlob()) >- return NetworkDataTaskBlob::create(session, client, parameters.request, parameters.contentSniffingPolicy, parameters.blobFileReferences); >+ return NetworkDataTaskBlob::create(session, client, parameters.request, parameters.contentSniffingPolicy, parameters.blobFileReferences, parameters.isMainFrameNavigation); > > #if PLATFORM(COCOA) >- return NetworkDataTaskCocoa::create(session, client, parameters.request, parameters.webFrameID, parameters.webPageID, parameters.storedCredentialsPolicy, parameters.contentSniffingPolicy, parameters.contentEncodingSniffingPolicy, parameters.shouldClearReferrerOnHTTPSToHTTPRedirect, parameters.shouldPreconnectOnly); >+ return NetworkDataTaskCocoa::create(session, client, parameters.request, parameters.webFrameID, parameters.webPageID, parameters.storedCredentialsPolicy, parameters.contentSniffingPolicy, parameters.contentEncodingSniffingPolicy, parameters.shouldClearReferrerOnHTTPSToHTTPRedirect, parameters.shouldPreconnectOnly, parameters.isMainFrameNavigation); > #endif > #if USE(SOUP) >- return NetworkDataTaskSoup::create(session, client, parameters.request, parameters.storedCredentialsPolicy, parameters.contentSniffingPolicy, parameters.contentEncodingSniffingPolicy, parameters.shouldClearReferrerOnHTTPSToHTTPRedirect); >+ return NetworkDataTaskSoup::create(session, client, parameters.request, parameters.storedCredentialsPolicy, parameters.contentSniffingPolicy, parameters.contentEncodingSniffingPolicy, parameters.shouldClearReferrerOnHTTPSToHTTPRedirect, parameters.isMainFrameNavigation); > #endif > #if USE(CURL) >- return NetworkDataTaskCurl::create(session, client, parameters.request, parameters.storedCredentialsPolicy, parameters.contentSniffingPolicy, parameters.contentEncodingSniffingPolicy, parameters.shouldClearReferrerOnHTTPSToHTTPRedirect); >+ return NetworkDataTaskCurl::create(session, client, parameters.request, parameters.storedCredentialsPolicy, parameters.contentSniffingPolicy, parameters.contentEncodingSniffingPolicy, parameters.shouldClearReferrerOnHTTPSToHTTPRedirect, parameters.isMainFrameNavigation); > #endif > } > >-NetworkDataTask::NetworkDataTask(NetworkSession& session, NetworkDataTaskClient& client, const ResourceRequest& requestWithCredentials, StoredCredentialsPolicy storedCredentialsPolicy, bool shouldClearReferrerOnHTTPSToHTTPRedirect) >+NetworkDataTask::NetworkDataTask(NetworkSession& session, NetworkDataTaskClient& client, const ResourceRequest& requestWithCredentials, StoredCredentialsPolicy storedCredentialsPolicy, bool shouldClearReferrerOnHTTPSToHTTPRedirect, bool dataTaskIsForMainFrameNavigation) > : m_failureTimer(*this, &NetworkDataTask::failureTimerFired) > , m_session(session) > , m_client(&client) >@@ -73,6 +73,7 @@ NetworkDataTask::NetworkDataTask(Network > , m_lastHTTPMethod(requestWithCredentials.httpMethod()) > , m_firstRequest(requestWithCredentials) > , m_shouldClearReferrerOnHTTPSToHTTPRedirect(shouldClearReferrerOnHTTPSToHTTPRedirect) >+ , m_dataTaskIsForMainFrameNavigation(dataTaskIsForMainFrameNavigation) > { > ASSERT(RunLoop::isMain()); > >Index: Source/WebKit/NetworkProcess/NetworkDataTask.h >=================================================================== >--- Source/WebKit/NetworkProcess/NetworkDataTask.h (revision 230983) >+++ Source/WebKit/NetworkProcess/NetworkDataTask.h (working copy) >@@ -1,5 +1,5 @@ > /* >- * Copyright (C) 2016 Apple Inc. All rights reserved. >+ * Copyright (C) 2016-2018 Apple Inc. All rights reserved. > * > * Redistribution and use in source and binary forms, with or without > * modification, are permitted provided that the following conditions >@@ -126,8 +126,10 @@ public: > void setSuggestedFilename(const String& suggestedName) { m_suggestedFilename = suggestedName; } > const String& partition() { return m_partition; } > >+ bool isTopLevelNavigation() const { return m_dataTaskIsForMainFrameNavigation; } >+ > protected: >- NetworkDataTask(NetworkSession&, NetworkDataTaskClient&, const WebCore::ResourceRequest&, WebCore::StoredCredentialsPolicy, bool shouldClearReferrerOnHTTPSToHTTPRedirect); >+ NetworkDataTask(NetworkSession&, NetworkDataTaskClient&, const WebCore::ResourceRequest&, WebCore::StoredCredentialsPolicy, bool shouldClearReferrerOnHTTPSToHTTPRedirect, bool dataTaskIsForMainFrameNavigation); > > enum FailureType { > NoFailure, >@@ -155,6 +157,7 @@ protected: > WebCore::ResourceRequest m_firstRequest; > bool m_shouldClearReferrerOnHTTPSToHTTPRedirect { true }; > String m_suggestedFilename; >+ bool m_dataTaskIsForMainFrameNavigation { false }; > }; > > } // namespace WebKit >Index: Source/WebKit/NetworkProcess/NetworkDataTaskBlob.cpp >=================================================================== >--- Source/WebKit/NetworkProcess/NetworkDataTaskBlob.cpp (revision 230983) >+++ Source/WebKit/NetworkProcess/NetworkDataTaskBlob.cpp (working copy) >@@ -72,7 +72,7 @@ static const char* httpInternalErrorText > static const char* const webKitBlobResourceDomain = "WebKitBlobResource"; > > NetworkDataTaskBlob::NetworkDataTaskBlob(NetworkSession& session, NetworkDataTaskClient& client, const ResourceRequest& request, ContentSniffingPolicy shouldContentSniff, const Vector<RefPtr<WebCore::BlobDataFileReference>>& fileReferences) >- : NetworkDataTask(session, client, request, StoredCredentialsPolicy::DoNotUse, false) >+ : NetworkDataTask(session, client, request, StoredCredentialsPolicy::DoNotUse, false, false) > , m_stream(std::make_unique<AsyncFileStream>(*this)) > , m_fileReferences(fileReferences) > { >Index: Source/WebKit/NetworkProcess/NetworkLoad.cpp >=================================================================== >--- Source/WebKit/NetworkProcess/NetworkLoad.cpp (revision 230983) >+++ Source/WebKit/NetworkProcess/NetworkLoad.cpp (working copy) >@@ -247,6 +247,8 @@ void NetworkLoad::willPerformHTTPRedirec > #endif > > auto oldRequest = WTFMove(m_currentRequest); >+ request.setRequester(oldRequest.requester()); >+ > m_currentRequest = request; > m_client.get().willSendRedirectedRequest(WTFMove(oldRequest), WTFMove(request), WTFMove(redirectResponse)); > } >Index: Source/WebKit/NetworkProcess/NetworkLoadParameters.h >=================================================================== >--- Source/WebKit/NetworkProcess/NetworkLoadParameters.h (revision 230983) >+++ Source/WebKit/NetworkProcess/NetworkLoadParameters.h (working copy) >@@ -48,6 +48,7 @@ public: > bool shouldClearReferrerOnHTTPSToHTTPRedirect { true }; > bool defersLoading { false }; > bool needsCertificateInfo { false }; >+ bool isMainFrameNavigation { false }; > Vector<RefPtr<WebCore::BlobDataFileReference>> blobFileReferences; > PreconnectOnly shouldPreconnectOnly { PreconnectOnly::No }; > }; >Index: Source/WebKit/NetworkProcess/NetworkResourceLoadParameters.cpp >=================================================================== >--- Source/WebKit/NetworkProcess/NetworkResourceLoadParameters.cpp (revision 230983) >+++ Source/WebKit/NetworkProcess/NetworkResourceLoadParameters.cpp (working copy) >@@ -82,6 +82,7 @@ void NetworkResourceLoadParameters::enco > encoder << shouldClearReferrerOnHTTPSToHTTPRedirect; > encoder << defersLoading; > encoder << needsCertificateInfo; >+ encoder << isMainFrameNavigation; > encoder << maximumBufferingTime; > encoder << derivedCachedDataTypesToRetrieve; > >@@ -168,6 +169,8 @@ bool NetworkResourceLoadParameters::deco > return false; > if (!decoder.decode(result.needsCertificateInfo)) > return false; >+ if (!decoder.decode(result.isMainFrameNavigation)) >+ return false; > if (!decoder.decode(result.maximumBufferingTime)) > return false; > if (!decoder.decode(result.derivedCachedDataTypesToRetrieve)) >Index: Source/WebKit/NetworkProcess/capture/NetworkDataTaskReplay.cpp >=================================================================== >--- Source/WebKit/NetworkProcess/capture/NetworkDataTaskReplay.cpp (revision 230983) >+++ Source/WebKit/NetworkProcess/capture/NetworkDataTaskReplay.cpp (working copy) >@@ -1,5 +1,5 @@ > /* >- * Copyright (C) 2016 Apple Inc. All rights reserved. >+ * Copyright (C) 2016-2018 Apple Inc. All rights reserved. > * > * Redistribution and use in source and binary forms, with or without > * modification, are permitted provided that the following conditions >@@ -46,7 +46,7 @@ namespace NetworkCapture { > static const char* const webKitRelayDomain = "WebKitReplay"; > > NetworkDataTaskReplay::NetworkDataTaskReplay(NetworkSession& session, NetworkDataTaskClient& client, const NetworkLoadParameters& parameters, Resource* resource) >- : NetworkDataTask(session, client, parameters.request, parameters.storedCredentialsPolicy, parameters.shouldClearReferrerOnHTTPSToHTTPRedirect) >+ : NetworkDataTask(session, client, parameters.request, parameters.storedCredentialsPolicy, parameters.shouldClearReferrerOnHTTPSToHTTPRedirect, parameters.isMainFrameNavigation) > , m_currentRequest(m_firstRequest) > , m_resource(resource) > { >Index: Source/WebKit/NetworkProcess/cocoa/NetworkDataTaskCocoa.h >=================================================================== >--- Source/WebKit/NetworkProcess/cocoa/NetworkDataTaskCocoa.h (revision 230983) >+++ Source/WebKit/NetworkProcess/cocoa/NetworkDataTaskCocoa.h (working copy) >@@ -41,9 +41,9 @@ class NetworkSessionCocoa; > class NetworkDataTaskCocoa final : public NetworkDataTask { > friend class NetworkSessionCocoa; > public: >- static Ref<NetworkDataTask> create(NetworkSession& session, NetworkDataTaskClient& client, const WebCore::ResourceRequest& request, uint64_t frameID, uint64_t pageID, WebCore::StoredCredentialsPolicy storedCredentialsPolicy, WebCore::ContentSniffingPolicy shouldContentSniff, WebCore::ContentEncodingSniffingPolicy shouldContentEncodingSniff, bool shouldClearReferrerOnHTTPSToHTTPRedirect, PreconnectOnly shouldPreconnectOnly) >+ static Ref<NetworkDataTask> create(NetworkSession& session, NetworkDataTaskClient& client, const WebCore::ResourceRequest& request, uint64_t frameID, uint64_t pageID, WebCore::StoredCredentialsPolicy storedCredentialsPolicy, WebCore::ContentSniffingPolicy shouldContentSniff, WebCore::ContentEncodingSniffingPolicy shouldContentEncodingSniff, bool shouldClearReferrerOnHTTPSToHTTPRedirect, PreconnectOnly shouldPreconnectOnly, bool dataTaskIsForMainFrameNavigation) > { >- return adoptRef(*new NetworkDataTaskCocoa(session, client, request, frameID, pageID, storedCredentialsPolicy, shouldContentSniff, shouldContentEncodingSniff, shouldClearReferrerOnHTTPSToHTTPRedirect, shouldPreconnectOnly)); >+ return adoptRef(*new NetworkDataTaskCocoa(session, client, request, frameID, pageID, storedCredentialsPolicy, shouldContentSniff, shouldContentEncodingSniff, shouldClearReferrerOnHTTPSToHTTPRedirect, shouldPreconnectOnly, dataTaskIsForMainFrameNavigation)); > } > > ~NetworkDataTaskCocoa(); >@@ -81,7 +81,7 @@ public: > #endif > > private: >- NetworkDataTaskCocoa(NetworkSession&, NetworkDataTaskClient&, const WebCore::ResourceRequest&, uint64_t frameID, uint64_t pageID, WebCore::StoredCredentialsPolicy, WebCore::ContentSniffingPolicy, WebCore::ContentEncodingSniffingPolicy, bool shouldClearReferrerOnHTTPSToHTTPRedirect, PreconnectOnly); >+ NetworkDataTaskCocoa(NetworkSession&, NetworkDataTaskClient&, const WebCore::ResourceRequest&, uint64_t frameID, uint64_t pageID, WebCore::StoredCredentialsPolicy, WebCore::ContentSniffingPolicy, WebCore::ContentEncodingSniffingPolicy, bool shouldClearReferrerOnHTTPSToHTTPRedirect, PreconnectOnly, bool dataTaskIsForMainFrameNavigation); > > bool tryPasswordBasedAuthentication(const WebCore::AuthenticationChallenge&, ChallengeCompletionHandler&); > void applySniffingPoliciesAndBindRequestToInferfaceIfNeeded(NSURLRequest*&, bool shouldContentSniff, bool shouldContentEncodingSniff); >Index: Source/WebKit/NetworkProcess/cocoa/NetworkDataTaskCocoa.mm >=================================================================== >--- Source/WebKit/NetworkProcess/cocoa/NetworkDataTaskCocoa.mm (revision 230983) >+++ Source/WebKit/NetworkProcess/cocoa/NetworkDataTaskCocoa.mm (working copy) >@@ -175,8 +175,8 @@ static void updateTaskWithFirstPartyForS > #endif > } > >-NetworkDataTaskCocoa::NetworkDataTaskCocoa(NetworkSession& session, NetworkDataTaskClient& client, const WebCore::ResourceRequest& requestWithCredentials, uint64_t frameID, uint64_t pageID, WebCore::StoredCredentialsPolicy storedCredentialsPolicy, WebCore::ContentSniffingPolicy shouldContentSniff, WebCore::ContentEncodingSniffingPolicy shouldContentEncodingSniff, bool shouldClearReferrerOnHTTPSToHTTPRedirect, PreconnectOnly shouldPreconnectOnly) >- : NetworkDataTask(session, client, requestWithCredentials, storedCredentialsPolicy, shouldClearReferrerOnHTTPSToHTTPRedirect) >+NetworkDataTaskCocoa::NetworkDataTaskCocoa(NetworkSession& session, NetworkDataTaskClient& client, const WebCore::ResourceRequest& requestWithCredentials, uint64_t frameID, uint64_t pageID, WebCore::StoredCredentialsPolicy storedCredentialsPolicy, WebCore::ContentSniffingPolicy shouldContentSniff, WebCore::ContentEncodingSniffingPolicy shouldContentEncodingSniff, bool shouldClearReferrerOnHTTPSToHTTPRedirect, PreconnectOnly shouldPreconnectOnly, bool dataTaskIsForMainFrameNavigation) >+ : NetworkDataTask(session, client, requestWithCredentials, storedCredentialsPolicy, shouldClearReferrerOnHTTPSToHTTPRedirect, dataTaskIsForMainFrameNavigation) > , m_frameID(frameID) > , m_pageID(pageID) > { >@@ -359,6 +359,9 @@ void NetworkDataTaskCocoa::willPerformHT > #endif > } > >+ if (isTopLevelNavigation()) >+ request.setFirstPartyForCookies(request.url()); >+ > bool shouldBlockCookies = false; > #if HAVE(CFNETWORK_STORAGE_PARTITIONING) > shouldBlockCookies = m_session->networkStorageSession().shouldBlockCookies(request); >Index: Source/WebKit/NetworkProcess/curl/NetworkDataTaskCurl.cpp >=================================================================== >--- Source/WebKit/NetworkProcess/curl/NetworkDataTaskCurl.cpp (revision 230983) >+++ Source/WebKit/NetworkProcess/curl/NetworkDataTaskCurl.cpp (working copy) >@@ -40,8 +40,8 @@ using namespace WebCore; > > namespace WebKit { > >-NetworkDataTaskCurl::NetworkDataTaskCurl(NetworkSession& session, NetworkDataTaskClient& client, const ResourceRequest& requestWithCredentials, StoredCredentialsPolicy storedCredentialsPolicy, ContentSniffingPolicy shouldContentSniff, ContentEncodingSniffingPolicy, bool shouldClearReferrerOnHTTPSToHTTPRedirect) >- : NetworkDataTask(session, client, requestWithCredentials, storedCredentialsPolicy, shouldClearReferrerOnHTTPSToHTTPRedirect) >+NetworkDataTaskCurl::NetworkDataTaskCurl(NetworkSession& session, NetworkDataTaskClient& client, const ResourceRequest& requestWithCredentials, StoredCredentialsPolicy storedCredentialsPolicy, ContentSniffingPolicy shouldContentSniff, ContentEncodingSniffingPolicy, bool shouldClearReferrerOnHTTPSToHTTPRedirect, bool dataTaskIsForMainFrameNavigation) >+ : NetworkDataTask(session, client, requestWithCredentials, storedCredentialsPolicy, shouldClearReferrerOnHTTPSToHTTPRedirect, dataTaskIsForMainFrameNavigation) > { > if (m_scheduledFailureType != NoFailure) > return; >Index: Source/WebKit/NetworkProcess/curl/NetworkDataTaskCurl.h >=================================================================== >--- Source/WebKit/NetworkProcess/curl/NetworkDataTaskCurl.h (revision 230983) >+++ Source/WebKit/NetworkProcess/curl/NetworkDataTaskCurl.h (working copy) >@@ -38,9 +38,9 @@ namespace WebKit { > > class NetworkDataTaskCurl final : public NetworkDataTask, public WebCore::CurlRequestClient { > public: >- static Ref<NetworkDataTask> create(NetworkSession& session, NetworkDataTaskClient& client, const WebCore::ResourceRequest& request, WebCore::StoredCredentialsPolicy storedCredentialsPolicy, WebCore::ContentSniffingPolicy shouldContentSniff, WebCore::ContentEncodingSniffingPolicy shouldContentEncodingSniff, bool shouldClearReferrerOnHTTPSToHTTPRedirect) >+ static Ref<NetworkDataTask> create(NetworkSession& session, NetworkDataTaskClient& client, const WebCore::ResourceRequest& request, WebCore::StoredCredentialsPolicy storedCredentialsPolicy, WebCore::ContentSniffingPolicy shouldContentSniff, WebCore::ContentEncodingSniffingPolicy shouldContentEncodingSniff, bool shouldClearReferrerOnHTTPSToHTTPRedirect, bool dataTaskIsForMainFrameNavigation) > { >- return adoptRef(*new NetworkDataTaskCurl(session, client, request, storedCredentialsPolicy, shouldContentSniff, shouldContentEncodingSniff, shouldClearReferrerOnHTTPSToHTTPRedirect)); >+ return adoptRef(*new NetworkDataTaskCurl(session, client, request, storedCredentialsPolicy, shouldContentSniff, shouldContentEncodingSniff, shouldClearReferrerOnHTTPSToHTTPRedirect, dataTaskIsForMainFrameNavigation)); > } > > ~NetworkDataTaskCurl(); >@@ -54,7 +54,7 @@ private: > Yes = true > }; > >- NetworkDataTaskCurl(NetworkSession&, NetworkDataTaskClient&, const WebCore::ResourceRequest&, WebCore::StoredCredentialsPolicy, WebCore::ContentSniffingPolicy, WebCore::ContentEncodingSniffingPolicy, bool shouldClearReferrerOnHTTPSToHTTPRedirect); >+ NetworkDataTaskCurl(NetworkSession&, NetworkDataTaskClient&, const WebCore::ResourceRequest&, WebCore::StoredCredentialsPolicy, WebCore::ContentSniffingPolicy, WebCore::ContentEncodingSniffingPolicy, bool shouldClearReferrerOnHTTPSToHTTPRedirect, bool dataTaskIsForMainFrameNavigation); > > void suspend() override; > void cancel() override; >Index: Source/WebKit/NetworkProcess/soup/NetworkDataTaskSoup.cpp >=================================================================== >--- Source/WebKit/NetworkProcess/soup/NetworkDataTaskSoup.cpp (revision 230983) >+++ Source/WebKit/NetworkProcess/soup/NetworkDataTaskSoup.cpp (working copy) >@@ -48,8 +48,8 @@ using namespace WebCore; > > static const size_t gDefaultReadBufferSize = 8192; > >-NetworkDataTaskSoup::NetworkDataTaskSoup(NetworkSession& session, NetworkDataTaskClient& client, const ResourceRequest& requestWithCredentials, StoredCredentialsPolicy storedCredentialsPolicy, ContentSniffingPolicy shouldContentSniff, WebCore::ContentEncodingSniffingPolicy, bool shouldClearReferrerOnHTTPSToHTTPRedirect) >- : NetworkDataTask(session, client, requestWithCredentials, storedCredentialsPolicy, shouldClearReferrerOnHTTPSToHTTPRedirect) >+NetworkDataTaskSoup::NetworkDataTaskSoup(NetworkSession& session, NetworkDataTaskClient& client, const ResourceRequest& requestWithCredentials, StoredCredentialsPolicy storedCredentialsPolicy, ContentSniffingPolicy shouldContentSniff, WebCore::ContentEncodingSniffingPolicy, bool shouldClearReferrerOnHTTPSToHTTPRedirect, bool dataTaskIsForMainFrameNavigation) >+ : NetworkDataTask(session, client, requestWithCredentials, storedCredentialsPolicy, shouldClearReferrerOnHTTPSToHTTPRedirect, dataTaskIsForMainFrameNavigation) > , m_shouldContentSniff(shouldContentSniff) > , m_timeoutSource(RunLoop::main(), this, &NetworkDataTaskSoup::timeoutFired) > { >Index: Source/WebKit/NetworkProcess/soup/NetworkDataTaskSoup.h >=================================================================== >--- Source/WebKit/NetworkProcess/soup/NetworkDataTaskSoup.h (revision 230983) >+++ Source/WebKit/NetworkProcess/soup/NetworkDataTaskSoup.h (working copy) >@@ -36,15 +36,15 @@ namespace WebKit { > > class NetworkDataTaskSoup final : public NetworkDataTask { > public: >- static Ref<NetworkDataTask> create(NetworkSession& session, NetworkDataTaskClient& client, const WebCore::ResourceRequest& request, WebCore::StoredCredentialsPolicy storedCredentialsPolicy, WebCore::ContentSniffingPolicy shouldContentSniff, WebCore::ContentEncodingSniffingPolicy shouldContentEncodingSniff, bool shouldClearReferrerOnHTTPSToHTTPRedirect) >+ static Ref<NetworkDataTask> create(NetworkSession& session, NetworkDataTaskClient& client, const WebCore::ResourceRequest& request, WebCore::StoredCredentialsPolicy storedCredentialsPolicy, WebCore::ContentSniffingPolicy shouldContentSniff, WebCore::ContentEncodingSniffingPolicy shouldContentEncodingSniff, bool shouldClearReferrerOnHTTPSToHTTPRedirect, bool dataTaskIsForMainFrameNavigation) > { >- return adoptRef(*new NetworkDataTaskSoup(session, client, request, storedCredentialsPolicy, shouldContentSniff, shouldContentEncodingSniff, shouldClearReferrerOnHTTPSToHTTPRedirect)); >+ return adoptRef(*new NetworkDataTaskSoup(session, client, request, storedCredentialsPolicy, shouldContentSniff, shouldContentEncodingSniff, shouldClearReferrerOnHTTPSToHTTPRedirect, dataTaskIsForMainFrameNavigation)); > } > > ~NetworkDataTaskSoup(); > > private: >- NetworkDataTaskSoup(NetworkSession&, NetworkDataTaskClient&, const WebCore::ResourceRequest&, WebCore::StoredCredentialsPolicy, WebCore::ContentSniffingPolicy, WebCore::ContentEncodingSniffingPolicy, bool shouldClearReferrerOnHTTPSToHTTPRedirect); >+ NetworkDataTaskSoup(NetworkSession&, NetworkDataTaskClient&, const WebCore::ResourceRequest&, WebCore::StoredCredentialsPolicy, WebCore::ContentSniffingPolicy, WebCore::ContentEncodingSniffingPolicy, bool shouldClearReferrerOnHTTPSToHTTPRedirect, bool dataTaskIsForMainFrameNavigation); > > void suspend() override; > void cancel() override; >Index: Source/WebKit/WebProcess/Network/WebLoaderStrategy.cpp >=================================================================== >--- Source/WebKit/WebProcess/Network/WebLoaderStrategy.cpp (revision 230983) >+++ Source/WebKit/WebProcess/Network/WebLoaderStrategy.cpp (working copy) >@@ -325,9 +325,9 @@ void WebLoaderStrategy::scheduleLoadFrom > // FIXME: We should also sanitize redirect response for navigations. > loadParameters.shouldRestrictHTTPResponseAccess = RuntimeEnabledFeatures::sharedFeatures().restrictedHTTPResponseAccess() && resourceLoader.options().mode != FetchOptions::Mode::Navigate; > >- bool isMainFrameNavigation = resourceLoader.frame() && resourceLoader.frame()->isMainFrame() && resourceLoader.options().mode == FetchOptions::Mode::Navigate; >+ loadParameters.isMainFrameNavigation = resourceLoader.frame() && resourceLoader.frame()->isMainFrame() && resourceLoader.options().mode == FetchOptions::Mode::Navigate; > >- loadParameters.shouldEnableFromOriginResponseHeader = RuntimeEnabledFeatures::sharedFeatures().fromOriginResponseHeaderEnabled() && !isMainFrameNavigation; >+ loadParameters.shouldEnableFromOriginResponseHeader = RuntimeEnabledFeatures::sharedFeatures().fromOriginResponseHeaderEnabled() && !loadParameters.isMainFrameNavigation; > if (loadParameters.shouldEnableFromOriginResponseHeader) { > Vector<RefPtr<WebCore::SecurityOrigin>> frameAncestorOrigins; > for (auto* frame = resourceLoader.frame(); frame; frame = frame->tree().parent()) { >Index: LayoutTests/ChangeLog >=================================================================== >--- LayoutTests/ChangeLog (revision 231001) >+++ LayoutTests/ChangeLog (working copy) >@@ -1,3 +1,14 @@ >+2018-04-25 Brent Fulgham <bfulgham@apple.com> >+ >+ Don't Block First Party Cookies on Redirects >+ https://bugs.webkit.org/show_bug.cgi?id=184948 >+ <rdar://problem/39534099> >+ >+ Reviewed by Youenn Fablet. >+ >+ * http/tests/resourceLoadStatistics/do-not-block-top-level-navigation-redirect-expected.txt: Added. >+ * http/tests/resourceLoadStatistics/do-not-block-top-level-navigation-redirect.html: Added. >+ > 2018-04-25 Youenn Fablet <youenn@apple.com> > > Make DocumentThreadableLoader error logging more consistent >Index: LayoutTests/http/tests/resourceLoadStatistics/do-not-block-top-level-navigation-redirect-expected.txt >=================================================================== >--- LayoutTests/http/tests/resourceLoadStatistics/do-not-block-top-level-navigation-redirect-expected.txt (nonexistent) >+++ LayoutTests/http/tests/resourceLoadStatistics/do-not-block-top-level-navigation-redirect-expected.txt (working copy) >@@ -0,0 +1 @@ >+PASSED: Cookie successfully set >Index: LayoutTests/http/tests/resourceLoadStatistics/do-not-block-top-level-navigation-redirect.html >=================================================================== >--- LayoutTests/http/tests/resourceLoadStatistics/do-not-block-top-level-navigation-redirect.html (nonexistent) >+++ LayoutTests/http/tests/resourceLoadStatistics/do-not-block-top-level-navigation-redirect.html (working copy) >@@ -0,0 +1,27 @@ >+<!DOCTYPE html> >+<html lang="en"> >+<head> >+ <meta charset="UTF-8"> >+ <script src="/js-test-resources/js-test.js"></script> >+<script> >+ description("Tests that blocking is not applied to top-level navigation redirects."); >+ jsTestIsAsync = true; >+ >+ internals.setResourceLoadStatisticsEnabled(true); >+ testRunner.setCookieStoragePartitioningEnabled(true); >+ >+ function doRedirect() >+ { >+ testRunner.setStatisticsPrevalentResource("http://localhost", true); >+ if (!testRunner.isStatisticsPrevalentResource("http://localhost")) { >+ testFailed("Host did not get set as prevalent resource."); >+ finishJSTest(); >+ } >+ else >+ window.location = "http://localhost:8000/cookies/resources/set-cookie-on-redirect.php?step=1"; >+ } >+</script> >+</head> >+<body onload="doRedirect()"> >+</body> >+</html>
<b>You cannot view the attachment while viewing its details because your browser does not support IFRAMEs. <a href="attachment.cgi?id=338765">View the attachment on a separate page</a>.</b>
View Attachment As Diff
View Attachment As Raw
Flags:
dbates
:
commit-queue-
Actions:
View
|
Formatted Diff
|
Diff
Attachments on
bug 184948
:
338704
|
338741
|
338743
|
338746
|
338753
|
338761
| 338765