Bug 232668

Summary: Clicking a link should preconnect to destination as first party
Product: WebKit Reporter: Chris Dumez <cdumez>
Component: WebCore Misc.Assignee: Chris Dumez <cdumez>
Status: RESOLVED FIXED    
Severity: Normal CC: achristensen, changseok, esprehn+autocc, ews-watchlist, ggaren, gyuyoung.kim, japhet, nham, webkit-bug-importer
Priority: P2 Keywords: InRadar
Version: WebKit Nightly Build   
Hardware: Unspecified   
OS: Unspecified   
Bug Depends on:    
Bug Blocks: 232147    
Attachments:
Description Flags
Patch none

Chris Dumez
Reported 2021-11-03 07:44:16 PDT
Clicking a link should preconnect to destination as first party, not third-party. Otherwise, the preconnect is wasted when session isolation based on registrable domain is enabled.
Attachments
Patch (12.06 KB, patch)
2021-11-03 07:46 PDT, Chris Dumez 		no flags
DetailsFormatted DiffDiff
View All Add attachment proposed patch, testcase, etc.
Chris Dumez
Comment 1 2021-11-03 07:46:33 PDT
Created attachment 443200 [details] Patch
Alex Christensen
Comment 2 2021-11-03 08:55:54 PDT
Comment on attachment 443200 [details] Patch View in context: https://bugs.webkit.org/attachment.cgi?id=443200&action=review Does this make it so that script can use a.click() to preconnect in the context of another page? > Source/WebCore/html/HTMLAnchorElement.cpp:544 > + if (completedURL.protocolIsInHTTPFamily() && ((frame->isMainFrame() && isSelfTargetFrameName(effectiveTarget)) || isBlankTargetFrameName(effectiveTarget))) { I assume this makes it so that we don't preconnect for a link that is supposed to open in an iframe, right?
Chris Dumez
Comment 3 2021-11-03 08:58:55 PDT
(In reply to Alex Christensen from comment #2) > Comment on attachment 443200 [details] > Patch > > View in context: > https://bugs.webkit.org/attachment.cgi?id=443200&action=review > > Does this make it so that script can use a.click() to preconnect in the > context of another page? I think it does. But since this will cause a top-level navigation, we would anyway connect to that server as first party, no? > > > Source/WebCore/html/HTMLAnchorElement.cpp:544 > > + if (completedURL.protocolIsInHTTPFamily() && ((frame->isMainFrame() && isSelfTargetFrameName(effectiveTarget)) || isBlankTargetFrameName(effectiveTarget))) { > > I assume this makes it so that we don't preconnect for a link that is > supposed to open in an iframe, right? Yes, since we are now preconnecting as first party and since we want session partitioning, it only makes sense to preconnect if clicking the link is going to cause a top frame navigation.
EWS
Comment 4 2021-11-03 13:24:51 PDT
Committed r285224 (243848@main): <https://commits.webkit.org/243848@main> All reviewed patches have been landed. Closing bug and clearing flags on attachment 443200 [details].
Radar WebKit Bug Importer
Comment 5 2021-11-03 13:25:25 PDT
<rdar://problem/84988999>
Note You need to log in before you can comment on or make changes to this bug.