NEW 167302
[SOUP] DNS prefetch is always done in the default session 
https://bugs.webkit.org/show_bug.cgi?id=167302
Summary [SOUP] DNS prefetch is always done in the default session
Carlos Garcia Campos
Reported 2017-01-23 02:43:55 PST
DNS::prefetchDNS() should receive a SessionID.
Attachments
Patch (21.46 KB, patch)
2017-01-23 02:58 PST, Carlos Garcia Campos 		no flags
DetailsFormatted DiffDiff
View All Add attachment proposed patch, testcase, etc.
Carlos Garcia Campos
Comment 1 2017-01-23 02:58:01 PST
Created attachment 299510 [details] Patch
WebKit Commit Bot
Comment 2 2017-01-23 03:00:20 PST
Thanks for the patch. If this patch contains new public API please make sure it follows the guidelines for new WebKit2 GTK+ API. See http://trac.webkit.org/wiki/WebKitGTK/AddingNewWebKit2API
Sergio Villar Senin
Comment 3 2017-01-23 06:42:35 PST
Comment on attachment 299510 [details] Patch Not sure we want to enable dns prefetch for private sessions for example. It might be a way to fingerprint users, something that goes against the purpose of private sessions.
Michael Catanzaro
Comment 4 2017-01-23 06:48:02 PST
Yes, we should not prefetch at all in ephemeral sessions.
Carlos Garcia Campos
Comment 5 2017-01-23 07:06:51 PST
Godd point, then we should still receive the session id to check if it's ephemeral and do nothing, there's no point of prefetch on the default session when in private session, no?
Michael Catanzaro
Comment 6 2017-01-23 07:11:32 PST
(In reply to comment #5) > there's no point of prefetch on the default > session when in private session, no? The point is to not leak hosts that have not even been visited via DNS. So yes, I would not do it at all.
Michael Catanzaro
Comment 7 2017-01-23 07:12:16 PST
(I don't think the session the prefetch occurs in matters at all, by the way, since the DNS cache is system-wide.)
Carlos Garcia Campos
Comment 8 2017-01-23 07:13:41 PST
(In reply to comment #7) > (I don't think the session the prefetch occurs in matters at all, by the > way, since the DNS cache is system-wide.) Ah! I thought it was per session.
Note You need to log in before you can comment on or make changes to this bug.