RESOLVED FIXED 210347
Add capability to opt in specific domains into SameSite=strict bounce tracking protection 
https://bugs.webkit.org/show_bug.cgi?id=210347
Summary Add capability to opt in specific domains into SameSite=strict bounce trackin...
John Wilander
Reported 2020-04-10 11:03:23 PDT
We should add the capability to opt in specific domains into SameSite=strict bounce tracking protection. This way we can apply the new restriction to domains known to engage in bounce tracking while also getting frequent user interaction.
Attachments
Patch (9.84 KB, patch)
2020-04-10 11:39 PDT, John Wilander 		no flags
DetailsFormatted DiffDiff
View All Add attachment proposed patch, testcase, etc.
Radar WebKit Bug Importer
Comment 1 2020-04-10 11:04:34 PDT
<rdar://problem/61593323>
John Wilander
Comment 2 2020-04-10 11:39:54 PDT
Created attachment 396110 [details] Patch
Brent Fulgham
Comment 3 2020-04-10 13:11:48 PDT
Comment on attachment 396110 [details] Patch Looks good! r=me
John Wilander
Comment 4 2020-04-10 14:54:05 PDT
Comment on attachment 396110 [details] Patch Thanks, Brent!
EWS
Comment 5 2020-04-10 14:57:19 PDT
Committed r259906: <https://trac.webkit.org/changeset/259906> All reviewed patches have been landed. Closing bug and clearing flags on attachment 396110 [details].
Devin Rousso
Comment 6 2020-04-10 15:04:29 PDT
Comment on attachment 396110 [details] Patch View in context: https://bugs.webkit.org/attachment.cgi?id=396110&action=review > Source/WebKit/NetworkProcess/Classifier/ResourceLoadStatisticsDatabaseStore.cpp:1632 > + RELEASE_LOG_INFO_IF(debugLoggingEnabled(), ITPDebug, "Did set %" PUBLIC_LOG_STRING " as making a top frame redirect to %" PUBLIC_LOG_STRING ".", sourceDomain.string().utf8().data(), targetDomain.string().utf8().data()); Do you want these messages to also be sent to Web Inspector? If so, I'd rewrite this as: ``` if (UNLIKELY(debugLoggingEnabled()) { RELEASE_LOG_INFO(ITPDebug, "Did set %" PUBLIC_LOG_STRING " as making a top frame redirect to %" PUBLIC_LOG_STRING ".", sourceDomain.string().utf8().data(), targetDomain.string().utf8().data()); debugBroadcastConsoleMessage(MessageSource::ITPDebug, MessageLevel::Info, makeString("[ITP] Did set '"_s, sourceDomain.string(), "' as making a top frame redirect to '"_s, targetDomain.string(), "'."_s)); } ``` > Source/WebKit/NetworkProcess/Classifier/ResourceLoadStatisticsMemoryStore.cpp:479 > + RELEASE_LOG_INFO_IF(debugLoggingEnabled(), ITPDebug, "Did set %" PUBLIC_LOG_STRING " as making a top frame redirect to %" PUBLIC_LOG_STRING ".", sourceDomain.string().utf8().data(), targetDomain.string().utf8().data()); Ditto
Devin Rousso
Comment 7 2020-04-10 15:29:03 PDT
Comment on attachment 396110 [details] Patch View in context: https://bugs.webkit.org/attachment.cgi?id=396110&action=review >> Source/WebKit/NetworkProcess/Classifier/ResourceLoadStatisticsDatabaseStore.cpp:1632 >> + RELEASE_LOG_INFO_IF(debugLoggingEnabled(), ITPDebug, "Did set %" PUBLIC_LOG_STRING " as making a top frame redirect to %" PUBLIC_LOG_STRING ".", sourceDomain.string().utf8().data(), targetDomain.string().utf8().data()); > > Do you want these messages to also be sent to Web Inspector? If so, I'd rewrite this as: > ``` > if (UNLIKELY(debugLoggingEnabled()) { > RELEASE_LOG_INFO(ITPDebug, "Did set %" PUBLIC_LOG_STRING " as making a top frame redirect to %" PUBLIC_LOG_STRING ".", sourceDomain.string().utf8().data(), targetDomain.string().utf8().data()); > debugBroadcastConsoleMessage(MessageSource::ITPDebug, MessageLevel::Info, makeString("[ITP] Did set '"_s, sourceDomain.string(), "' as making a top frame redirect to '"_s, targetDomain.string(), "'."_s)); > } > ``` <https://webkit.org/b/210362> Web Inspector: add `broadcastConsoleMessage` calls for new ITPDebug logs after 259275
Note You need to log in before you can comment on or make changes to this bug.