RESOLVED FIXED 210776
sessionStorage is not isolated by site 
https://bugs.webkit.org/show_bug.cgi?id=210776
Summary sessionStorage is not isolated by site
Steven Englehardt
Reported 2020-04-20 17:48:29 PDT
window.sessionStorage is not isolated by the top-level site, and thus is a cross-site tracking vector. Example: 1. A user visits example.com which embeds tracker.example 2. tracker.example checks window.sessionStorage. If empty it reads an ID from persistent, site-isolated storage (e.g., localStorage) and writes it to sessionStorage. 3. The user visits news.example, which also embeds tracker.example. 4. tracker.example checks window.sessionStorage, sees the unique ID, and writes it out to persistent site-isolated storage under news.example. 5. Repeat as the user browsers the web.
Attachments
test.html (1.08 KB, text/html)
2022-07-08 19:45 PDT, Sihui Liu 		no flags
Details
View All Add attachment proposed patch, testcase, etc.
Radar WebKit Bug Importer
Comment 1 2020-04-22 15:34:19 PDT
<rdar://problem/62215013>
Brent Fulgham
Comment 2 2022-02-12 21:03:22 PST
This is actually: <rdar://57674840>
Matthew Finkel
Comment 3 2022-07-05 20:35:55 PDT
Pull request: https://github.com/webkit/WebKit/pull/2109
Sihui Liu
Comment 4 2022-07-08 19:45:21 PDT
Created attachment 460774 [details] test.html
Sihui Liu
Comment 5 2022-07-09 10:24:22 PDT
(In reply to Sihui Liu from comment #4) > Created attachment 460774 [details] > test.html (you can use run-webkit-httpd in Tools/Scripts to launch http server and open the test in MiniBrowser)
EWS
Comment 6 2022-08-24 18:50:43 PDT
Committed 253762@main (d5739b8e0974): <https://commits.webkit.org/253762@main> Reviewed commits have been landed. Closing PR #2109 and removing active labels.
Karl Rackler
Comment 7 2022-08-25 12:03:26 PDT
I have marked this test as a flaky failure while this issue is investigated.
Note You need to log in before you can comment on or make changes to this bug.