Bug 196927

Summary:

Web Inspector: SameSite parsing should be stricter

Product:

WebKit

Reporter:

Joseph Pecoraro <joepeck>

Component:

Web Inspector

Assignee:

Joseph Pecoraro <joepeck>

Status:

RESOLVED FIXED

Severity:

Normal

CC:

commit-queue, ews-watchlist, hi, inspector-bugzilla-changes, joepeck, rniwa, sroberts, webkit-bug-importer

Priority:

Keywords:

InRadar

Version:

WebKit Nightly Build

Hardware:

All

OS:

All

Attachments:

Description	Flags
[PATCH] Proposed Fix	hi: review+, hi: commit-queue-
[PATCH] For Landing	none
[PATCH] For Landing	none
Archive of layout-test-results from ews101 for mac-highsierra	none
Archive of layout-test-results from ews116 for mac-highsierra	none

Joseph Pecoraro

Reported 2019-04-15 13:00:36 PDT

SameSite parsing should be stricter: https://httpwg.org/http-extensions/rfc6265bis.html#the-samesite-attribute-1 SameSite=lax => Lax SameSite=strict => Strict SameSite => Ignore SameSite=unknown => Ignore

Attachments
[PATCH] Proposed Fix (7.97 KB, patch) 2019-04-15 13:10 PDT, Joseph Pecoraro	hi: review+ hi: commit-queue-	Details Formatted Diff Diff
[PATCH] For Landing (17.86 KB, patch) 2019-04-15 13:26 PDT, Joseph Pecoraro	no flags	Details Formatted Diff Diff
[PATCH] For Landing (14.23 KB, patch) 2019-04-15 13:34 PDT, Joseph Pecoraro	no flags	Details Formatted Diff Diff
Archive of layout-test-results from ews101 for mac-highsierra (3.43 MB, application/zip) 2019-04-15 13:52 PDT, EWS Watchlist	no flags	Details
Archive of layout-test-results from ews116 for mac-highsierra (2.87 MB, application/zip) 2019-04-15 14:49 PDT, EWS Watchlist	no flags	Details
Show Obsolete (3) View All Add attachment proposed patch, testcase, etc.

Joseph Pecoraro

Comment 1 2019-04-15 13:02:43 PDT

<rdar://problem/42291601>

Joseph Pecoraro

Comment 2 2019-04-15 13:10:42 PDT

Created attachment 367445 [details] [PATCH] Proposed Fix

Devin Rousso

Comment 3 2019-04-15 13:23:01 PDT

Comment on attachment 367445 [details] [PATCH] Proposed Fix r=me, please update the expected result for `inspector/unit-tests/cookie.html` :)

Joseph Pecoraro

Comment 4 2019-04-15 13:26:27 PDT

Created attachment 367449 [details] [PATCH] For Landing

Joseph Pecoraro

Comment 5 2019-04-15 13:34:23 PDT

Created attachment 367452 [details] [PATCH] For Landing

EWS Watchlist

Comment 6 2019-04-15 13:52:37 PDT Comment hidden (obsolete)

Comment on attachment 367445 [details] [PATCH] Proposed Fix Attachment 367445 [details] did not pass mac-ews (mac): Output: https://webkit-queues.webkit.org/results/11874748 New failing tests: inspector/unit-tests/cookie.html

EWS Watchlist

Comment 7 2019-04-15 13:52:39 PDT Comment hidden (obsolete)

Created attachment 367454 [details] Archive of layout-test-results from ews101 for mac-highsierra The attached test failures were seen while running run-webkit-tests on the mac-ews. Bot: ews101 Port: mac-highsierra Platform: Mac OS X 10.13.6

EWS Watchlist

Comment 8 2019-04-15 14:49:54 PDT

Comment on attachment 367445 [details] [PATCH] Proposed Fix Attachment 367445 [details] did not pass mac-debug-ews (mac): Output: https://webkit-queues.webkit.org/results/11875103 New failing tests: inspector/unit-tests/cookie.html

EWS Watchlist

Comment 9 2019-04-15 14:49:55 PDT

Created attachment 367463 [details] Archive of layout-test-results from ews116 for mac-highsierra The attached test failures were seen while running run-webkit-tests on the mac-debug-ews. Bot: ews116 Port: mac-highsierra Platform: Mac OS X 10.13.6

WebKit Commit Bot

Comment 10 2019-04-15 14:53:53 PDT

Comment on attachment 367452 [details] [PATCH] For Landing Clearing flags on attachment: 367452 Committed r244294: <https://trac.webkit.org/changeset/244294>

Shawn Roberts

Comment 11 2019-04-16 10:53:25 PDT

After changes in https://trac.webkit.org/changeset/244294 http/tests/inspector/network/har/har-page.html is failing on WK2 Release and Debug builds. https://webkit-test-results.webkit.org/dashboards/flakiness_dashboard.html#showAllRuns=true&tests=http%2Ftests%2Finspector%2Fnetwork%2Fhar%2Fhar-page.html Was a flaky timeout/failure in previous revisions. Diff: --- /Volumes/Data/slave/mojave-release-tests-wk2/build/layout-test-results/http/tests/inspector/network/har/har-page-expected.txt +++ /Volumes/Data/slave/mojave-release-tests-wk2/build/layout-test-results/http/tests/inspector/network/har/har-page-actual.txt @@ -588,8 +588,7 @@ "path": "/", "expires": "", "httpOnly": false, - "secure": false, - "sameSite": "Strict" + "secure": false } ], "headers": "<filtered>", @@ -661,8 +660,7 @@ "path": "/", "expires": "", "httpOnly": false, - "secure": false, - "sameSite": "Strict" + "secure": false } ], "headers": "<filtered>",

Joseph Pecoraro

Comment 12 2019-04-16 11:09:59 PDT

(In reply to Shawn Roberts from comment #11) > After changes in https://trac.webkit.org/changeset/244294 > > http/tests/inspector/network/har/har-page.html is failing on WK2 Release and > Debug builds. > > https://webkit-test-results.webkit.org/dashboards/flakiness_dashboard. > html#showAllRuns=true&tests=http%2Ftests%2Finspector%2Fnetwork%2Fhar%2Fhar- > page.html > > Was a flaky timeout/failure in previous revisions. > > Diff: > > --- > /Volumes/Data/slave/mojave-release-tests-wk2/build/layout-test-results/http/ > tests/inspector/network/har/har-page-expected.txt > +++ > /Volumes/Data/slave/mojave-release-tests-wk2/build/layout-test-results/http/ > tests/inspector/network/har/har-page-actual.txt > @@ -588,8 +588,7 @@ > "path": "/", > "expires": "", > "httpOnly": false, > - "secure": false, > - "sameSite": "Strict" > + "secure": false > } > ], > "headers": "<filtered>", > @@ -661,8 +660,7 @@ > "path": "/", > "expires": "", > "httpOnly": false, > - "secure": false, > - "sameSite": "Strict" > + "secure": false > } > ], > "headers": "<filtered>", Oops, yes updating now.

Joseph Pecoraro

Comment 13 2019-04-16 11:20:02 PDT

> Oops, yes updating now. Test + Expectations updated in: https://trac.webkit.org/r244345

Note You need to log in before you can comment on or make changes to this bug.