Bug 232668

Summary: Clicking a link should preconnect to destination as first party
Product: WebKit Reporter: Chris Dumez <cdumez>
Component: WebCore Misc.Assignee: Chris Dumez <cdumez>
Status: RESOLVED FIXED    
Severity: Normal CC: achristensen, changseok, esprehn+autocc, ews-watchlist, ggaren, gyuyoung.kim, japhet, nham, webkit-bug-importer
Priority: P2 Keywords: InRadar
Version: WebKit Nightly Build   
Hardware: Unspecified   
OS: Unspecified   
Bug Depends on:    
Bug Blocks: 232147    
Attachments:
Description Flags
Patch none

Description Chris Dumez 2021-11-03 07:44:16 PDT 
Clicking a link should preconnect to destination as first party, not third-party. Otherwise, the preconnect is wasted when session isolation based on registrable domain is enabled.
Comment 1 Chris Dumez 2021-11-03 07:46:33 PDT 
Created attachment 443200 [details]
Patch
Comment 2 Alex Christensen 2021-11-03 08:55:54 PDT 
Comment on attachment 443200 [details]
Patch

View in context: https://bugs.webkit.org/attachment.cgi?id=443200&action=review

Does this make it so that script can use a.click() to preconnect in the context of another page?

> Source/WebCore/html/HTMLAnchorElement.cpp:544
> +    if (completedURL.protocolIsInHTTPFamily() && ((frame->isMainFrame() && isSelfTargetFrameName(effectiveTarget)) || isBlankTargetFrameName(effectiveTarget))) {

I assume this makes it so that we don't preconnect for a link that is supposed to open in an iframe, right?
Comment 3 Chris Dumez 2021-11-03 08:58:55 PDT 
(In reply to Alex Christensen from comment #2)
> Comment on attachment 443200 [details]
> Patch
> 
> View in context:
> https://bugs.webkit.org/attachment.cgi?id=443200&action=review
> 
> Does this make it so that script can use a.click() to preconnect in the
> context of another page?

I think it does. But since this will cause a top-level navigation, we would anyway connect to that server as first party, no?

> 
> > Source/WebCore/html/HTMLAnchorElement.cpp:544
> > +    if (completedURL.protocolIsInHTTPFamily() && ((frame->isMainFrame() && isSelfTargetFrameName(effectiveTarget)) || isBlankTargetFrameName(effectiveTarget))) {
> 
> I assume this makes it so that we don't preconnect for a link that is
> supposed to open in an iframe, right?

Yes, since we are now preconnecting as first party and since we want session partitioning, it only makes sense to preconnect if clicking the link is going to cause a top frame navigation.
Comment 4 EWS 2021-11-03 13:24:51 PDT 
Committed r285224 (243848@main): <https://commits.webkit.org/243848@main>

All reviewed patches have been landed. Closing bug and clearing flags on attachment 443200 [details].
Comment 5 Radar WebKit Bug Importer 2021-11-03 13:25:25 PDT 
<rdar://problem/84988999>