Attachment 340536 Details for Bug 185615 – Patch

[patch] Patch

bug-185615-20180516155936.patch (text/plain), 14.90 KB, created by Brent Fulgham on 2018-05-16 15:59:37 PDT

(hide)

Description:

Filename:

MIME Type:

Creator: Brent Fulgham

Created: 2018-05-16 15:59:37 PDT

Size: 14.90 KB

patch

obsolete

>Subversion Revision: 231864
>diff --git a/Source/WebCore/ChangeLog b/Source/WebCore/ChangeLog
>index 0e02f8dc80c84a372940552e2858f5591e780fcd..8b6a988767fe885ed1932a7dea1d933f39eba7ea 100644
>--- a/Source/WebCore/ChangeLog
>+++ b/Source/WebCore/ChangeLog
>@@ -1,3 +1,20 @@
>+2018-05-16  Brent Fulgham  <bfulgham@apple.com>
>+
>+        Storage Access API: Allow documents that have been granted storage access to also do a popup
>+        https://bugs.webkit.org/show_bug.cgi?id=185615
>+        <rdar://problem/39105791>
>+
>+        Reviewed by NOBODY (OOPS!).
>+
>+        * dom/Document.cpp:
>+        (WebCore::Document::consumeTemporaryUserGesture): Added. Clear the document's active one-time user
>+        activity (for window opening) state.
>+        (WebCore::Document::enableTemporaryUserGesture): Added. Establish a new active one-time user
>+        activity (for window opening) state.
>+        (WebCore::Document::requestStorageAccess): If the user approves Storage Access, establish a new
>+        UserInteraction scope, then resolve the promise. Also post a task to clear the one-time user
>+        gesture state.
>+
> 2018-05-16  Daniel Bates  <dabates@apple.com>
> 
>         Attempt to fix the WinCairo build following r231859
>diff --git a/Source/WebKit/ChangeLog b/Source/WebKit/ChangeLog
>index dc16f3a81414c2eae51349212589f6e34328bf04..f732b5f14abb6e263fb557b8c5110d7f663cbfd3 100644
>--- a/Source/WebKit/ChangeLog
>+++ b/Source/WebKit/ChangeLog
>@@ -1,3 +1,15 @@
>+2018-05-11  Brent Fulgham  <bfulgham@apple.com>
>+
>+        Allow the WebContent process to read global ViewBridge preferences
>+        https://bugs.webkit.org/show_bug.cgi?id=185569
>+        <rdar://problem/40164339>
>+
>+        Reviewed by Eric Carlson.
>+
>+        Allow reads of the global /Library/Preferences/com.apple.ViewBridge.plist preference file.
>+
>+        * WebProcess/com.apple.WebProcess.sb.in:
>+
> 2018-05-16  Andy Estes  <aestes@apple.com>
> 
>         [Wi-Fi Assertions] Adopt WiFiAssertionHolderAdditions
>diff --git a/Source/WebCore/dom/Document.cpp b/Source/WebCore/dom/Document.cpp
>index ce96ae1d3eeb0827f052549f29d29e3d0d7536f9..cceab71df637099c3f8af97158f5e9b6a96d62b3 100644
>--- a/Source/WebCore/dom/Document.cpp
>+++ b/Source/WebCore/dom/Document.cpp
>@@ -122,6 +122,7 @@
> #include "MediaQueryList.h"
> #include "MediaQueryMatcher.h"
> #include "MessageEvent.h"
>+#include "Microtasks.h"
> #include "MouseEventWithHitTestResults.h"
> #include "MutationEvent.h"
> #include "NameNodeList.h"
>@@ -7609,14 +7610,22 @@ void Document::requestStorageAccess(Ref<DeferredPromise>&& promise)
>         return;
>     }
> 
>-    page->chrome().client().requestStorageAccess(WTFMove(iframeHost), WTFMove(topHost), frameID.value(), pageID.value(), [documentReference = m_weakFactory.createWeakPtr(*this), promise = WTFMove(promise)] (bool wasGranted) {
>+    page->chrome().client().requestStorageAccess(WTFMove(iframeHost), WTFMove(topHost), frameID.value(), pageID.value(), [documentReference = m_weakFactory.createWeakPtr(*this), promise = WTFMove(promise)] (bool wasGranted) mutable {
>         Document* document = documentReference.get();
>         if (!document)
>             return;
>         
>         if (wasGranted) {
>             document->setHasFrameSpecificStorageAccess(true);
>+            MicrotaskQueue::mainThreadQueue().append(std::make_unique<VoidMicrotask>([documentReference = document->m_weakFactory.createWeakPtr(*document)] () {
>+                if (auto* document = documentReference.get())
>+                    document->enableTemporaryTimeUserGesture();
>+            }));
>             promise->resolve();
>+            MicrotaskQueue::mainThreadQueue().append(std::make_unique<VoidMicrotask>([documentReference = WTFMove(documentReference)] () {
>+                if (auto* document = documentReference.get())
>+                    document->consumeTemporaryTimeUserGesture();
>+            }));
>         } else
>             promise->reject();
>     });
>@@ -7625,6 +7634,16 @@ void Document::requestStorageAccess(Ref<DeferredPromise>&& promise)
> #endif
> }
> 
>+void Document::enableTemporaryTimeUserGesture()
>+{
>+    m_temporaryUserGesture = std::make_unique<UserGestureIndicator>(ProcessingUserGesture, this);
>+}
>+
>+void Document::consumeTemporaryTimeUserGesture()
>+{
>+    m_temporaryUserGesture = nullptr;
>+}
>+
> #if HAVE(CFNETWORK_STORAGE_PARTITIONING)
> bool Document::hasFrameSpecificStorageAccess() const
> {
>diff --git a/Source/WebCore/dom/Document.h b/Source/WebCore/dom/Document.h
>index 8e8cab95a7fa5ea112224145c4f48d06937fad62..b002cac07eec6fbe94e28f2f5340a22fcf407a80 100644
>--- a/Source/WebCore/dom/Document.h
>+++ b/Source/WebCore/dom/Document.h
>@@ -1429,6 +1429,8 @@ public:
> 
>     String signedPublicKeyAndChallengeString(unsigned keySizeIndex, const String& challengeString, const URL&);
> 
>+    void consumeTemporaryTimeUserGesture();
>+
> protected:
>     enum ConstructionFlags { Synthesized = 1, NonRenderedPlaceholder = 1 << 1 };
>     Document(Frame*, const URL&, unsigned = DefaultDocumentClass, unsigned constructionFlags = 0);
>@@ -1542,6 +1544,8 @@ private:
> 
>     bool domainIsRegisterable(const String&) const;
> 
>+    void enableTemporaryTimeUserGesture();
>+
>     const Ref<Settings> m_settings;
> 
>     std::unique_ptr<StyleResolver> m_userAgentShadowTreeStyleResolver;
>@@ -1919,6 +1923,8 @@ private:
> #if HAVE(CFNETWORK_STORAGE_PARTITIONING)
>     String m_primaryDomainRequestedPageSpecificStorageAccessWithUserInteraction { };
> #endif
>+    
>+    std::unique_ptr<UserGestureIndicator> m_temporaryUserGesture;
> };
> 
> Element* eventTargetElementForDocument(Document*);
>diff --git a/LayoutTests/ChangeLog b/LayoutTests/ChangeLog
>index 70d6b6a6a3f2f6855606843f3a9896068313d0e9..2e9a6d7d02582356d1096c0a559387e7b0b7dc02 100644
>--- a/LayoutTests/ChangeLog
>+++ b/LayoutTests/ChangeLog
>@@ -1,3 +1,16 @@
>+2018-05-16  Brent Fulgham  <bfulgham@apple.com>
>+
>+        Storage Access API: Allow documents that have been granted storage access to also do a popup
>+        https://bugs.webkit.org/show_bug.cgi?id=185615
>+        <rdar://problem/39105791>
>+
>+        Reviewed by NOBODY (OOPS!).
>+
>+        * http/tests/storageAccess/request-and-grant-storage-access-cross-origin-non-sandboxed-iframe-pop-window-expected.txt: Added.
>+        * http/tests/storageAccess/request-and-grant-storage-access-cross-origin-non-sandboxed-iframe-pop-window.html: Added.
>+        * http/tests/storageAccess/resources/request-storage-access-iframe-and-pop-window.html: Added.
>+        * http/tests/storageAccess/resources/request-storage-access-second-window.html: Added.
>+
> 2018-05-16  Youenn Fablet  <youenn@apple.com>
> 
>         REGRESSION (r229735): LayoutTest http/wpt/service-workers/third-party-registration.html is a flaky timeout
>diff --git a/LayoutTests/http/tests/storageAccess/request-and-grant-storage-access-cross-origin-non-sandboxed-iframe-pop-window-expected.txt b/LayoutTests/http/tests/storageAccess/request-and-grant-storage-access-cross-origin-non-sandboxed-iframe-pop-window-expected.txt
>new file mode 100644
>index 0000000000000000000000000000000000000000..d7ec4cf7f7841d57c68ddb5fa66cb5634b31da3b
>--- /dev/null
>+++ b/LayoutTests/http/tests/storageAccess/request-and-grant-storage-access-cross-origin-non-sandboxed-iframe-pop-window-expected.txt
>@@ -0,0 +1,10 @@
>+Tests that cross-origin iframe can display a window if storage access is granted.
>+
>+On success, you will see a series of "PASS" messages, followed by "TEST COMPLETE".
>+
>+
>+PASS Window was successfully opened with user interaction.
>+PASS successfullyParsed is true
>+
>+TEST COMPLETE
>+
>diff --git a/LayoutTests/http/tests/storageAccess/request-and-grant-storage-access-cross-origin-non-sandboxed-iframe-pop-window.html b/LayoutTests/http/tests/storageAccess/request-and-grant-storage-access-cross-origin-non-sandboxed-iframe-pop-window.html
>new file mode 100644
>index 0000000000000000000000000000000000000000..d1e18138c5f2bd95c25bba2402ebcd80c66fda43
>--- /dev/null
>+++ b/LayoutTests/http/tests/storageAccess/request-and-grant-storage-access-cross-origin-non-sandboxed-iframe-pop-window.html
>@@ -0,0 +1,83 @@
>+<!DOCTYPE html>
>+<html>
>+<head>
>+    <script src="/js-test-resources/js-test.js"></script>
>+    <script src="/js-test-resources/ui-helper.js"></script>
>+    <script>
>+        description("Tests that cross-origin iframe can display a window if storage access is granted.");
>+        jsTestIsAsync = true;
>+
>+        const hostUnderTest = "localhost:8000";
>+        const statisticsUrl = "http://" + hostUnderTest + "/temp";
>+
>+        window.addEventListener("message", receiveMessage, false);
>+
>+        function setEnableFeature(enable) {
>+            if (!window.testRunner)
>+                return;
>+
>+            if (!enable)
>+                testRunner.statisticsResetToConsistentState();
>+            internals.setResourceLoadStatisticsEnabled(enable);
>+            testRunner.setCookieStoragePartitioningEnabled(enable);
>+            testRunner.setStorageAccessAPIEnabled(enable);
>+        }
>+
>+        function receiveMessage(event) {
>+            if (event.origin === "http://localhost:8000") {
>+                if (event.data.indexOf("PASS ") !== -1)
>+                    testPassed(event.data.replace("PASS ", ""));
>+                else
>+                    testFailed(event.data);
>+            } else
>+                testFailed("Received a message from an unexpected origin: " + event.origin);
>+            finishJSTest();
>+            setEnableFeature(false);
>+        }
>+
>+        function activateElement(elementId) {
>+            var element = document.getElementById(elementId);
>+            var centerX = element.offsetLeft + element.offsetWidth / 2;
>+            var centerY = element.offsetTop + element.offsetHeight / 2;
>+            UIHelper.activateAt(centerX, centerY).then(
>+                function () {
>+                    if (window.eventSender)
>+                        eventSender.keyDown("escape");
>+                    else {
>+                        testFailed("No eventSender.");
>+                        finishJSTest();
>+                        setEnableFeature(false);
>+                    }
>+                },
>+                function () {
>+                    testFailed("Promise rejected.");
>+                    finishJSTest();
>+                    setEnableFeature(false);
>+                }
>+            );
>+        }
>+
>+        function runTest() {
>+            setEnableFeature(true);
>+
>+            if (!window.testRunner)
>+                return;
>+
>+            testRunner.setCanOpenWindows(false);
>+            testRunner.setPopupBlockingEnabled(true);
>+            testRunner.setStatisticsPrevalentResource(statisticsUrl, true);
>+            if (!testRunner.isStatisticsPrevalentResource(statisticsUrl))
>+                testFailed("Host did not get set as prevalent resource.");
>+            testRunner.setStatisticsHasHadNonRecentUserInteraction(statisticsUrl);
>+            if (!testRunner.isStatisticsHasHadUserInteraction(statisticsUrl))
>+                testFailed("Host did not get logged for user interaction.");
>+            testRunner.statisticsUpdateCookiePartitioning();
>+ 
>+            activateElement("theIframe");
>+        }
>+    </script>
>+</head>
>+<body>
>+    <iframe onload="runTest()" id="theIframe" src="http://localhost:8000/storageAccess/resources/request-storage-access-iframe-and-pop-window.html#userShouldGrantAccess,userShouldBeConsulted,policyShouldGrantAccess,isNotSameOriginIframe"></iframe>
>+</body>
>+</html>
>\ No newline at end of file
>diff --git a/LayoutTests/http/tests/storageAccess/resources/request-storage-access-iframe-and-pop-window.html b/LayoutTests/http/tests/storageAccess/resources/request-storage-access-iframe-and-pop-window.html
>new file mode 100644
>index 0000000000000000000000000000000000000000..236478b92d126b51bcb33710bbf5318d6ffbe68e
>--- /dev/null
>+++ b/LayoutTests/http/tests/storageAccess/resources/request-storage-access-iframe-and-pop-window.html
>@@ -0,0 +1,64 @@
>+<html>
>+<head>
>+    <script>
>+        const hashArguments = document.location.hash.substring(1).split(",");
>+        const userShouldGrantAccess = hashArguments[0] === "userShouldGrantAccess";
>+        const userShouldBeConsulted = hashArguments[1] === "userShouldBeConsulted";
>+        const policyShouldGrantAccess = hashArguments[2] === "policyShouldGrantAccess";
>+        const isSameOriginIframe = hashArguments[3] === "isSameOriginIframe";
>+        const originIsNull = hashArguments[4] === "originIsNull";
>+
>+        if (window.internals) {
>+            internals.setUserGrantsStorageAccess(userShouldGrantAccess);
>+        }
>+
>+        if (window.testRunner) {
>+            testRunner.setCanOpenWindows(false);
>+            testRunner.setPopupBlockingEnabled(true);
>+            testRunner.setCloseRemainingWindowsWhenComplete(true);
>+        }
>+
>+        var requestStorageAccessResolved;
>+
>+        function messageToTop(message) {
>+            top.postMessage(message, "http://127.0.0.1:8000");
>+        }
>+
>+        function windowWasOpened()
>+        {
>+            if (userShouldGrantAccess)
>+                messageToTop("PASS Window was successfully opened with user interaction.");
>+            else
>+                messageToTop("Window was opened even though the user declined permission.");
>+        }
>+
>+        function makeRequestWithUserGesture() {
>+            var promise = document.requestStorageAccess();
>+            promise.then(
>+                function () {
>+                    requestStorageAccessResolved = true;
>+                    continueAfterRequestWithUserGesture();
>+                },
>+                function () {
>+                    requestStorageAccessResolved = false;
>+                    continueAfterRequestWithUserGesture();
>+                }
>+            );
>+        }
>+
>+        function continueAfterRequestWithUserGesture() {
>+            var win = window.open("http://localhost:8000/storageAccess/resources/request-storage-access-second-window.html", "test window");
>+            if (!win) {
>+                if (userShouldGrantAccess)
>+                    messageToTop("Window was not opened even though the user granted permission.");
>+                else
>+                    messageToTop("PASS Window was blocked from opening.");
>+            } else if (!userShouldGrantAccess) {
>+                messageToTop("Window was opened even though the user did not grant permission.");
>+            }
>+        }
>+    </script>
>+</head>
>+<body onclick="makeRequestWithUserGesture()">
>+</body>
>+</html>
>\ No newline at end of file
>diff --git a/LayoutTests/http/tests/storageAccess/resources/request-storage-access-second-window.html b/LayoutTests/http/tests/storageAccess/resources/request-storage-access-second-window.html
>new file mode 100644
>index 0000000000000000000000000000000000000000..adcc57623419e107bafdcea3f5fbc4e799c9d6f2
>--- /dev/null
>+++ b/LayoutTests/http/tests/storageAccess/resources/request-storage-access-second-window.html
>@@ -0,0 +1,13 @@
>+<!DOCTYPE html>
>+<html>
>+<title>Event handlers in isolated worlds for user gesture generated events should should the same permissions as handlers within the page (resource)</title>
>+<script>
>+
>+// success!
>+window.opener.windowWasOpened();
>+window.close();
>+
>+</script>
>+<body>
>+</body>
>+</html>

Actions: View | Formatted Diff | Diff

Attachments on bug 185615: 340346 | 340353 | 340462 | 340469 | 340518 | 340536 | 340596