Bug 35942

Summary: [GTK] Fails http/tests/plugins/third-party-cookie-accept-policy.html
Product: WebKit Reporter: Gustavo Noronha (kov) <gns>
Component: WebKitGTKAssignee: Nobody <webkit-unassigned>
Status: RESOLVED FIXED    
Severity: Normal CC: abarth, beidson, commit-queue, danw, gns, webkit.review.bot, xan.lopez
Priority: P2 Keywords: Gtk, Soup
Version: 528+ (Nightly build)   
Hardware: PC   
OS: OS X 10.5   
Attachments:
Description Flags
fix
abarth: review-
updated fix which should be out-of-date-build-bot-safe gns: review+, commit-queue: commit-queue-

Description Gustavo Noronha (kov) 2010-03-09 13:27:46 PST
Apparently we're accepting to set a cookie when we should not. Likely a soup bug?
Comment 1 Gustavo Noronha (kov) 2010-03-09 13:29:35 PST
Skipped in r55744.
Comment 2 Dan Winship 2010-03-09 17:55:00 PST
Created attachment 50363 [details]
fix

"Likely a soup bug?" :-P !
Comment 3 WebKit Review Bot 2010-03-09 17:59:06 PST
Attachment 50363 [details] did not build on gtk:
Build output: http://webkit-commit-queue.appspot.com/results/547002
Comment 4 Adam Barth 2010-03-09 23:28:15 PST
Comment on attachment 50363 [details]
fix

What does SOUP_COOKIE_JAR_ACCEPT_NO_THIRD_PARTY mean?  Getting the proper behavior here (i.e., matching new-Safari) is somewhat subtle.

What cookie policy does Gtk want by default?  Is that cookie policy configurable by clients?
Comment 5 Adam Barth 2010-03-09 23:29:24 PST
Adding Brady because he added this test.
Comment 6 Xan Lopez 2010-03-10 01:27:10 PST
(In reply to comment #4)
> (From update of attachment 50363 [details])
> What does SOUP_COOKIE_JAR_ACCEPT_NO_THIRD_PARTY mean?  Getting the proper
> behavior here (i.e., matching new-Safari) is somewhat subtle.
> 
> What cookie policy does Gtk want by default?  Is that cookie policy
> configurable by clients?

It means the cookie jar will only accept cookies coming from the "first party", which is supposed to be the URI of the main document we are loading. To figure out who is who the application is supposed to set for each HTTP request its first party URI, so that libsoup can know decide if it's third party or not (by comparing it with the resource URI, which obviously must be set).

About the patch, I'm not sure why it's stopping calling setDefaultCookieJar on the jar it creates, not sure that's right.
Comment 7 Dan Winship 2010-03-10 05:40:54 PST
(In reply to comment #4)
> (From update of attachment 50363 [details])
> What does SOUP_COOKIE_JAR_ACCEPT_NO_THIRD_PARTY mean?  Getting the proper
> behavior here (i.e., matching new-Safari) is somewhat subtle.
> 
> What cookie policy does Gtk want by default?  Is that cookie policy
> configurable by clients?

Sorry, didn't explain in detail because I figured Xan or Gustavo would be the one reviewing it.

The issue here is that the cookie jar returned by defaultCookieJar() is really only used by GtkLauncher and DumpRenderTree, because "real" apps (epiphany, midori, etc) will call setDefaultCookieJar() to override it. So while epiphany and midori were already providing a configurable no-third-party-cookie option, the tests were still getting run with an accept-all-cookies policy.

(In reply to comment #6)
> About the patch, I'm not sure why it's stopping calling setDefaultCookieJar on
> the jar it creates, not sure that's right.

If you look at the old code, if you called defaultCookieJar(), and then called setDefaultCookieJar() with a different cookie jar, the original default would get leaked. The change makes it not leak.

(In reply to comment #3)
> Attachment 50363 [details] did not build on gtk:
> Build output: http://webkit-commit-queue.appspot.com/results/547002

> checking for LIBSOUP_2_29_90... no
> ...
> ../../WebCore/platform/network/soup/CookieJarSoup.cpp:41: error: ‘soup_cookie_jar_set_accept_policy’ was not declared in this scope

so, I guess the build would be fixed by adding some #ifdef HAVE_LIBSOUP_2_29_90 to the patch, but assuming that this is the build that would get used for the tests, the test would still fail because it was using a pre-cookie-policy version of libsoup. So I don't think we can unskip the test until the build/test machines have a newer libsoup.
Comment 8 Xan Lopez 2010-03-10 05:52:05 PST
(In reply to comment #7)
> (In reply to comment #6)
> > About the patch, I'm not sure why it's stopping calling setDefaultCookieJar on
> > the jar it creates, not sure that's right.
> 
> If you look at the old code, if you called defaultCookieJar(), and then called
> setDefaultCookieJar() with a different cookie jar, the original default would
> get leaked. The change makes it not leak.

Oh, I see, because it has one extra reference right? OK. I was confused because I thought you meant the function didn't try to release it, but that it does.

> 
> (In reply to comment #3)
> > Attachment 50363 [details] [details] did not build on gtk:
> > Build output: http://webkit-commit-queue.appspot.com/results/547002
> 
> > checking for LIBSOUP_2_29_90... no
> > ...
> > ../../WebCore/platform/network/soup/CookieJarSoup.cpp:41: error: ‘soup_cookie_jar_set_accept_policy’ was not declared in this scope
> 
> so, I guess the build would be fixed by adding some #ifdef HAVE_LIBSOUP_2_29_90
> to the patch, but assuming that this is the build that would get used for the
> tests, the test would still fail because it was using a pre-cookie-policy
> version of libsoup. So I don't think we can unskip the test until the
> build/test machines have a newer libsoup.

Keep in mind that the bots without a new libsoup are the EWS ones, our own GTK+ bots do have a recent enough libsoup.
Comment 9 Dan Winship 2010-03-10 06:05:25 PST
Created attachment 50396 [details]
updated fix which should be out-of-date-build-bot-safe

This just adds an "#ifdef HAVE_LIBSOUP_2_29_90" to fix the build on the EWS bots.
Comment 10 Gustavo Noronha (kov) 2010-03-10 07:29:56 PST
(In reply to comment #2)
> Created an attachment (id=50363) [details]
> fix
> 
> "Likely a soup bug?" :-P !

\o/ my bad

Another option is to have DRT set the policy, but I agree with making this the default.
Comment 11 Gustavo Noronha (kov) 2010-03-10 07:31:30 PST
Comment on attachment 50396 [details]
updated fix which should be out-of-date-build-bot-safe

Looks good to me, thanks!
Comment 12 WebKit Commit Bot 2010-03-11 18:29:53 PST
Comment on attachment 50396 [details]
updated fix which should be out-of-date-build-bot-safe

Rejecting patch 50396 from commit-queue.

Failed to run "['/Users/eseidel/Projects/CommitQueue/WebKitTools/Scripts/svn-apply', '--reviewer', 'Gustavo Noronha Silva', '--force']" exit_code: 1
patching file LayoutTests/ChangeLog
Hunk #1 succeeded at 1 with fuzz 3.
patching file LayoutTests/platform/gtk/Skipped
Hunk #1 FAILED at 5821.
1 out of 1 hunk FAILED -- saving rejects to file LayoutTests/platform/gtk/Skipped.rej
patching file WebCore/ChangeLog
Hunk #1 succeeded at 1 with fuzz 3.
patching file WebCore/platform/network/soup/CookieJarSoup.cpp

Full output: http://webkit-commit-queue.appspot.com/results/613031
Comment 13 Gustavo Noronha (kov) 2010-03-12 07:55:04 PST
Landed as 55894.
Comment 14 Adam Barth 2010-03-12 08:03:21 PST
I still don't understand this change.  If it's meant just for DRT, then we should have DRT set the policy.
Comment 15 Gustavo Noronha (kov) 2010-03-12 12:43:22 PST
(In reply to comment #14)
> I still don't understand this change.  If it's meant just for DRT, then we
> should have DRT set the policy.

Let me try to clarify, then. We decided that the default cookie jar for WebKitGTK+ will have the "no third party" policy set. Most non-trivial applications will override the default cookie jar, and set their own policy (Epiphany already does this, for instance).

We thought this would be enough, but there are clearly some tests that need to set third party cookies, so we also implemented the DRT infrastructure to set the cookies acceptance policy: (see https://bugs.webkit.org/show_bug.cgi?id=36056).

The process was a bit convoluted, mostly because I failed to do a more appropriate research on how this was handled by other ports (mea culpa there), but I think we got what we need: our default policy is set to the value we want, applications can override it, the layoutTestController infrastructure is implemented, and is being used by DRT.
Comment 16 Adam Barth 2010-03-12 13:12:25 PST
IMHO, having the default cookie policy be to block third-party cookies is a mistake.  Blocking third-party cookies is a giant hack that doesn't really buy you much except complexity and flakiness in the web platform.