Bug 217544

Summary: Add debug logging for app-bound domains to gather telemetry on script evaluation
Product: WebKit Reporter: Kate Cheney <katherine_cheney>
Component: WebKit Misc.Assignee: Kate Cheney <katherine_cheney>
Status: NEW    
Severity: Normal CC: bfulgham, ddkilzer, krollin, sam, simon.fraser, webkit-bug-importer
Priority: P2 Keywords: InRadar
Version: WebKit Nightly Build   
Hardware: Unspecified   
OS: Unspecified   
Attachments:
Description Flags
Patch
ews-feeder: commit-queue-
Patch
none
Patch simon.fraser: review-

Kate Cheney
Reported 2020-10-09 17:33:07 PDT
We should add some logging to gather telemetry on script injection for app-bound domains.
Attachments
Patch (7.93 KB, patch)
2020-10-12 14:08 PDT, Kate Cheney 		ews-feeder: commit-queue-
DetailsFormatted DiffDiff
Patch (7.89 KB, patch)
2020-10-12 14:14 PDT, Kate Cheney 		no flags
DetailsFormatted DiffDiff
Patch (8.40 KB, patch)
2020-10-12 15:30 PDT, Kate Cheney 		simon.fraser: review-
DetailsFormatted DiffDiff
Show Obsolete (2) View All Add attachment proposed patch, testcase, etc.
Kate Cheney
Comment 1 2020-10-09 17:33:39 PDT
<rdar://problem/70111380>
Kate Cheney
Comment 2 2020-10-12 14:08:28 PDT
Created attachment 411152 [details] Patch
Kate Cheney
Comment 3 2020-10-12 14:14:14 PDT
Created attachment 411155 [details] Patch
Kate Cheney
Comment 4 2020-10-12 15:30:09 PDT
Created attachment 411171 [details] Patch
Simon Fraser (smfr)
Comment 5 2020-10-13 09:32:35 PDT
Comment on attachment 411171 [details] Patch I don't think it's necessary to land this in OpenSource.
Sam Weinig
Comment 6 2020-10-13 10:03:08 PDT
Comment on attachment 411171 [details] Patch View in context: https://bugs.webkit.org/attachment.cgi?id=411171&action=review > Source/WebKit/UIProcess/UserContent/WebUserContentControllerProxy.cpp:223 > + for (auto& process : m_processes) { > +#if ENABLE(APP_BOUND_DOMAINS) > + if (appBoundDomainsLoggingEnabled) > + logInBatches(process, userScript.userScript().source()); > +#endif > process.send(Messages::WebUserContentController::AddUserScripts({ { userScript.identifier(), world->identifier(), userScript.userScript() } }, immediately), identifier()); > + } Sounds like this might not actually need to get landed, but none-the-less, if you were going to land something like this, I would recommend going with something like this: static void logScriptIfAppropriate(const WeakHashSet<WebProcessProxy>& processes, StringView userScript) { #if ENABLE(APP_BOUND_DOMAINS) Boolean keyExistsAndHasValidFormat = false; if (!CFPreferencesGetAppBooleanValue(CFSTR("LogAppBoundDomains"), kCFPreferencesCurrentApplication, &keyExistsAndHasValidFormat)) return; bool anyProcessHasAlwaysOnLoggingAllowed = false; for (auto& process : m_processes) { if (process.websiteDataStore().sessionID().isAlwaysOnLoggingAllowed()) anyProcessHasAlwaysOnLoggingAllowed = true; break; } } if (!anyProcessHasAlwaysOnLoggingAllowed) return; static constexpr unsigned maxIndividualLogLength = 950; unsigned totalBatches = userScript.length() / maxIndividualLogLength; for (unsigned currentBatch = 0; currentBatch < totalBatches; ++currentBatch) auto toLog = userScript.substring(maxIndividualLogLength * currentBatch, maxIndividualLogLength); RELEASE_LOG(AppBoundDomains, "(%d/%d) %.*s", currentBatch + 1, totalBatches + 1, maxIndividualLogLength, toLog.utf8().data()); } #endif } ... void WebUserContentControllerProxy::addUserScript(API::UserScript& userScript, InjectUserScriptImmediately immediately) { logScriptIfAppropriate(m_processes, userScript.userScript().source()); ... (not tested, but something along this lines). This uses avoids potentially logging the same script multiple times if the multiple processes have isAlwaysOnLoggingAllowed enabled for their associated data stores, uses StringView to avoid unnecessary copies of the UserScript's source, and partitions the code in a single function, to be minimally invasive to the existing code.
Kate Cheney
Comment 7 2020-10-13 10:46:54 PDT
Thanks for the comments! If I post another patch, I'll align it with your suggestions Sam, it has a lot of improvements.
Note You need to log in before you can comment on or make changes to this bug.