WebKit Bugzilla
Attachment 347929 Details for
Bug 188852
: Improve compatibility with hyperlink auditing spec
Home
|
New
|
Browse
|
Search
|
[?]
|
Reports
|
Requests
|
Help
|
New Account
|
Log In
Remember
[x]
|
Forgot Password
Login:
[x]
[patch]
Patch
bug-188852-20180823100526.patch (text/plain), 8.99 KB, created by
Brent Fulgham
on 2018-08-23 10:05:27 PDT
(
hide
)
Description:
Patch
Filename:
MIME Type:
Creator:
Brent Fulgham
Created:
2018-08-23 10:05:27 PDT
Size:
8.99 KB
patch
obsolete
>Subversion Revision: 235132 >diff --git a/Source/WebKit/ChangeLog b/Source/WebKit/ChangeLog >index 57b3451b1bc4b1035edcd9a6fa043238ac6e5a6d..01b2a444cb65feb8ae5cb2f5e60f38c0868317f9 100644 >--- a/Source/WebKit/ChangeLog >+++ b/Source/WebKit/ChangeLog >@@ -1,3 +1,22 @@ >+2018-08-22 Brent Fulgham <bfulgham@apple.com> >+ >+ Improve compatibility with hyperlink auditing spec >+ https://bugs.webkit.org/show_bug.cgi?id=188852 >+ <rdar://problem/42572559> >+ >+ Reviewed by NOBODY (OOPS!). >+ >+ Implement the optional behavior to ignore hyperlink auditing directives. If the resource being >+ pinged has been previously flagged as prevalent, ignore the ping request. If the target URL >+ has been granted Storage Access API permissions, allow the ping. >+ >+ Test: http/tests/resourceLoadStatistics/ping-to-prevalent-resource.html >+ >+ * NetworkProcess/PingLoad.cpp: >+ (WebKit::PingLoad::loadIsForPrevalentDomain const): >+ (WebKit::PingLoad::willPerformHTTPRedirection): >+ * NetworkProcess/PingLoad.h: >+ > 2018-08-21 Brent Fulgham <bfulgham@apple.com> > > Remove experimental affiliated domain code now that StorageAccess API is available >diff --git a/Source/WebKit/NetworkProcess/PingLoad.cpp b/Source/WebKit/NetworkProcess/PingLoad.cpp >index bdb4123c17527b676a692f2d9ccafd137878ae4f..1b794bd18c6fac8ad811e42e9691580ed0363200 100644 >--- a/Source/WebKit/NetworkProcess/PingLoad.cpp >+++ b/Source/WebKit/NetworkProcess/PingLoad.cpp >@@ -31,6 +31,7 @@ > #include "NetworkLoadChecker.h" > #include "SessionTracker.h" > #include "WebErrors.h" >+#include <WebCore/PublicSuffix.h> > > #define RELEASE_LOG_IF_ALLOWED(fmt, ...) RELEASE_LOG_IF(m_parameters.sessionID.isAlwaysOnLoggingAllowed(), Network, "%p - PingLoad::" fmt, this, ##__VA_ARGS__) > >@@ -60,6 +61,10 @@ PingLoad::PingLoad(NetworkResourceLoadParameters&& parameters, WTF::CompletionHa > this->didFinish(result.error()); > return; > } >+ if (this->loadIsForPrevalentDomain(this->m_parameters.request.url())) { >+ this->didFinish(ResourceError { String { }, 0, this->m_parameters.request.url(), "Ping request to prevalent Domain"_s, ResourceError::Type::AccessControl }); >+ return; >+ } > this->loadRequest(WTFMove(result.value())); > }); > } >@@ -73,6 +78,23 @@ PingLoad::~PingLoad() > } > } > >+bool PingLoad::loadIsForPrevalentDomain(const URL& url) const >+{ >+#if HAVE(CFNETWORK_STORAGE_PARTITIONING) >+ if (auto* networkSession = SessionTracker::networkSession(m_parameters.sessionID)) { >+ ASSERT(m_parameters.sourceOrigin); >+ URL sourceOrigin(URL(), m_parameters.sourceOrigin->host()); >+ sourceOrigin.setProtocol(m_parameters.sourceOrigin->protocol()); >+ >+ return networkSession->networkStorageSession().shouldBlockCookies(sourceOrigin, url, m_parameters.webFrameID, m_parameters.webPageID); >+ } >+ >+ ASSERT_NOT_REACHED(); >+#endif >+ >+ return false; >+} >+ > void PingLoad::didFinish(const ResourceError& error, const ResourceResponse& response) > { > m_completionHandler(error, response); >@@ -107,6 +129,11 @@ void PingLoad::willPerformHTTPRedirection(ResourceResponse&& redirectResponse, R > return; > } > >+ if (this->loadIsForPrevalentDomain(request.url())) { >+ this->didFinish(ResourceError { String { }, 0, request.url(), "Redirection to prevalent domain"_s, ResourceError::Type::AccessControl }); >+ return; >+ } >+ > completionHandler(WTFMove(request)); > }); > } >diff --git a/Source/WebKit/NetworkProcess/PingLoad.h b/Source/WebKit/NetworkProcess/PingLoad.h >index e47bf1733121b710beb5e5b3ff1ae61d8c4ebffe..98d25065a995387af6289a3bd69308e759fe1239 100644 >--- a/Source/WebKit/NetworkProcess/PingLoad.h >+++ b/Source/WebKit/NetworkProcess/PingLoad.h >@@ -67,7 +67,9 @@ private: > void loadRequest(WebCore::ResourceRequest&&); > > void didFinish(const WebCore::ResourceError& = { }, const WebCore::ResourceResponse& response = { }); >- >+ >+ bool loadIsForPrevalentDomain(const URL&) const; >+ > NetworkResourceLoadParameters m_parameters; > WTF::CompletionHandler<void(const WebCore::ResourceError&, const WebCore::ResourceResponse&)> m_completionHandler; > RefPtr<NetworkDataTask> m_task; >diff --git a/LayoutTests/ChangeLog b/LayoutTests/ChangeLog >index b54f89ec9ec11605cccaaa5fe035bd400cba76f7..881f1e9e5404afc9d2728ec4be9c9bb1f0953e95 100644 >--- a/LayoutTests/ChangeLog >+++ b/LayoutTests/ChangeLog >@@ -1,3 +1,14 @@ >+2018-08-23 Brent Fulgham <bfulgham@apple.com> >+ >+ Improve compatibility with hyperlink auditing spec >+ https://bugs.webkit.org/show_bug.cgi?id=188852 >+ <rdar://problem/42572559> >+ >+ Reviewed by NOBODY (OOPS!). >+ >+ * http/tests/resourceLoadStatistics/ping-to-prevalent-resource-expected.txt: Added. >+ * http/tests/resourceLoadStatistics/ping-to-prevalent-resource.html: Added. >+ > 2018-08-21 Yusuke Suzuki <yusukesuzuki@slowstart.org> > > Support "name" option for dedicated workers >diff --git a/LayoutTests/http/tests/resourceLoadStatistics/ping-to-prevalent-resource-expected.txt b/LayoutTests/http/tests/resourceLoadStatistics/ping-to-prevalent-resource-expected.txt >new file mode 100644 >index 0000000000000000000000000000000000000000..b4b214b37aae341625c554b9c6c88595f32d0346 >--- /dev/null >+++ b/LayoutTests/http/tests/resourceLoadStatistics/ping-to-prevalent-resource-expected.txt >@@ -0,0 +1,20 @@ >+Tests that ping operations are not performed for prevalent domains. >+ >+On success, you will see a series of "PASS" messages, followed by "TEST COMPLETE". >+ >+ >+PASS successfullyParsed is true >+ >+TEST COMPLETE >+PASS Localhost was marked as a prevalent domain. >+This test follows a link with a ping attribute where the ping URL is a prevalent domain. >+ >+-------- >+Frame: 'link_frame' >+-------- >+Link with ping was clicked. >+ >+-------- >+Frame: 'result_frame' >+-------- >+Ping not received - timed out. >diff --git a/LayoutTests/http/tests/resourceLoadStatistics/ping-to-prevalent-resource.html b/LayoutTests/http/tests/resourceLoadStatistics/ping-to-prevalent-resource.html >new file mode 100644 >index 0000000000000000000000000000000000000000..75b31ee3ba5f3447723e91aba376342013493e53 >--- /dev/null >+++ b/LayoutTests/http/tests/resourceLoadStatistics/ping-to-prevalent-resource.html >@@ -0,0 +1,67 @@ >+<!DOCTYPE html> >+<html> >+<head> >+<script src="/js-test-resources/js-test.js"></script> >+<script> >+description("Tests that ping operations are not performed for prevalent domains."); >+ >+if (window.testRunner && window.internals) { >+ testRunner.dumpAsText(); >+ testRunner.dumpChildFramesAsText(); >+ internals.settings.setHyperlinkAuditingEnabled(true); >+ testRunner.waitUntilDone(); >+} >+ >+function loadLinkWithPing() { >+ testRunner.setStatisticsPrevalentResource("http://localhost", true, function() { >+ if (!testRunner.isStatisticsPrevalentResource("http://localhost")) >+ testFailed("Host did not get set as prevalent resource."); >+ >+ testPassed("Localhost was marked as a prevalent domain."); >+ >+ var iframe = document.getElementById("link_frame"); >+ var iframeDoc = iframe.contentDocument || iframe.contentWindow.document; >+ iframeDoc.write('' + >+ '<img src="../contentextensions/resources/delete-ping.php?test=ping-to-prevalent-resource" ' + >+ 'onerror="parent.clickOnLinkWithPing();">' + >+ '<a id="a" ' + >+ 'href="../contentextensions/resources/check-ping.html" ' + // check-ping.html calls showPingResult() >+ 'ping="http://localhost:8000/contentextensions/resources/save-ping.php?test=ping-to-prevalent-resource"> ' + >+ 'Link with ping' + >+ '</a>' >+ ); >+ }); >+} >+ >+function clickOnLinkWithPing() { >+ var iframe = document.getElementById("link_frame"); >+ var iframeDoc = iframe.contentDocument; >+ if (window.eventSender) { >+ var a = iframeDoc.getElementById("a"); >+ var x = iframe.offsetLeft + a.offsetLeft + 2; >+ var y = iframe.offsetTop + a.offsetTop + 2; >+ eventSender.mouseMoveTo(x, y); >+ eventSender.mouseDown(); >+ eventSender.mouseUp(); >+ } >+} >+ >+function showPingResult() { >+ var iframe = document.getElementById("result_frame"); >+ iframe.onload = function() { >+ if (window.testRunner) { testRunner.notifyDone(); } >+ } >+ iframe.src = "../contentextensions/resources/get-ping-data.php?test=ping-to-prevalent-resource&timeout_ms=1000"; >+ // Why timeout_ms=1000: >+ // To pass the test, the ping shouldn't arrive, so we need to >+ // timeout at some point. We don't have to wait too long because >+ // the console message can tell us whether the ping was blocked. >+} >+</script> >+</head> >+<body onload="loadLinkWithPing();"> >+This test follows a link with a ping attribute where the ping URL is a prevalent domain. >+<iframe id="link_frame" name="link_frame"><!-- Will contain link with ping --></iframe> >+<iframe id="result_frame" name="result_frame"><!-- Will contain ping data received by server --></iframe> >+</body> >+</html> >\ No newline at end of file
<b>You cannot view the attachment while viewing its details because your browser does not support IFRAMEs. <a href="attachment.cgi?id=347929">View the attachment on a separate page</a>.</b>
View Attachment As Diff
View Attachment As Raw
Actions:
View
|
Formatted Diff
|
Diff
Attachments on
bug 188852
:
347840
|
347842
|
347851
|
347866
|
347929
|
347945
|
347949
|
347954
|
347975
|
347977
|
348015
|
388786