WebKit Bugzilla
Attachment 348574 Details for
Bug 188564
: Storage Access API: Maintain access through same-site navigations
Home
|
New
|
Browse
|
Search
|
[?]
|
Reports
|
Requests
|
Help
|
New Account
|
Log In
Remember
[x]
|
Forgot Password
Login:
[x]
[patch]
Patch
bug-188564-20180830172839.patch (text/plain), 31.95 KB, created by
John Wilander
on 2018-08-30 17:28:40 PDT
(
hide
)
Description:
Patch
Filename:
MIME Type:
Creator:
John Wilander
Created:
2018-08-30 17:28:40 PDT
Size:
31.95 KB
patch
obsolete
>Subversion Revision: 235517 >diff --git a/Source/WebCore/ChangeLog b/Source/WebCore/ChangeLog >index 05033cb290180f2a412c1ed8ffe73dfadd1a7454..6aab590bd411cbc47272acef59b85ec3cb038d6c 100644 >--- a/Source/WebCore/ChangeLog >+++ b/Source/WebCore/ChangeLog >@@ -1,3 +1,18 @@ >+2018-08-30 John Wilander <wilander@apple.com> >+ >+ Storage Access API: Maintain access through same-site navigations >+ https://bugs.webkit.org/show_bug.cgi?id=188564 >+ <rdar://problem/43445160> >+ >+ Reviewed by NOBODY (OOPS!). >+ >+ Tests: http/tests/storageAccess/request-and-grant-access-then-navigate-cross-site-should-not-have-access.html >+ http/tests/storageAccess/request-and-grant-access-then-navigate-same-site-should-have-access.html >+ >+ * loader/DocumentLoader.cpp: >+ (WebCore::DocumentLoader::willSendRequest): >+ * loader/FrameLoaderClient.h: >+ > 2018-08-30 Brent Fulgham <bfulgham@apple.com> > > The width of a nullptr TextRun should be zero >diff --git a/Source/WebKit/ChangeLog b/Source/WebKit/ChangeLog >index 9688a9a162ecff3a44cf3f9c04f504f350383387..89c809289ceaffdbc43bcf47cba5cf63f747e880 100644 >--- a/Source/WebKit/ChangeLog >+++ b/Source/WebKit/ChangeLog >@@ -1,3 +1,18 @@ >+2018-08-30 John Wilander <wilander@apple.com> >+ >+ Storage Access API: Maintain access through same-site navigations >+ https://bugs.webkit.org/show_bug.cgi?id=188564 >+ <rdar://problem/43445160> >+ >+ Reviewed by NOBODY (OOPS!). >+ >+ * WebProcess/WebCoreSupport/WebFrameLoaderClient.cpp: >+ (WebKit::WebFrameLoaderClient::dispatchWillChangeDocument): >+ Now takes the current URL and the new URL as parameters >+ and only clears out storage access if the navigation is >+ cross-site, i.e. with differing eTLD+1s. >+ * WebProcess/WebCoreSupport/WebFrameLoaderClient.h: >+ > 2018-08-30 Eric Carlson <eric.carlson@apple.com> > > Mock video devices should only support discrete sizes >diff --git a/Source/WebCore/loader/DocumentLoader.cpp b/Source/WebCore/loader/DocumentLoader.cpp >index 234749f1f6749fa4e9bfb442c22f018b4d126c6c..43060692cdb60e72e88c941ad488b278f59431fc 100644 >--- a/Source/WebCore/loader/DocumentLoader.cpp >+++ b/Source/WebCore/loader/DocumentLoader.cpp >@@ -600,7 +600,7 @@ void DocumentLoader::willSendRequest(ResourceRequest&& newRequest, const Resourc > FrameLoader::addSameSiteInfoToRequestIfNeeded(newRequest, m_frame->document()); > > if (!didReceiveRedirectResponse) >- frameLoader()->client().dispatchWillChangeDocument(); >+ frameLoader()->client().dispatchWillChangeDocument(m_frame->document()->url(), newRequest.url()); > > // If we're fielding a redirect in response to a POST, force a load from origin, since > // this is a common site technique to return to a page viewing some data that the POST >diff --git a/Source/WebCore/loader/FrameLoaderClient.h b/Source/WebCore/loader/FrameLoaderClient.h >index 074e541f3bca5a1adffb51665154edaffe53c2be..1ba916247b61dbee82262946f0974f191fdc18c3 100644 >--- a/Source/WebCore/loader/FrameLoaderClient.h >+++ b/Source/WebCore/loader/FrameLoaderClient.h >@@ -166,7 +166,7 @@ public: > virtual void dispatchDidCancelClientRedirect() = 0; > virtual void dispatchWillPerformClientRedirect(const URL&, double interval, WallTime fireDate) = 0; > virtual void dispatchDidChangeMainDocument() { } >- virtual void dispatchWillChangeDocument() { } >+ virtual void dispatchWillChangeDocument(const URL&, const URL&) { } > virtual void dispatchDidNavigateWithinPage() { } > virtual void dispatchDidChangeLocationWithinPage() = 0; > virtual void dispatchDidPushStateWithinPage() = 0; >diff --git a/Source/WebKit/WebProcess/WebCoreSupport/WebFrameLoaderClient.cpp b/Source/WebKit/WebProcess/WebCoreSupport/WebFrameLoaderClient.cpp >index 1b94bbc70ad7a814349bc87f4815bc3b4f63c0c9..2587a3cc7b4dac4b6171b677581f6c439e0b4129 100644 >--- a/Source/WebKit/WebProcess/WebCoreSupport/WebFrameLoaderClient.cpp >+++ b/Source/WebKit/WebProcess/WebCoreSupport/WebFrameLoaderClient.cpp >@@ -83,6 +83,7 @@ > #include <WebCore/PolicyChecker.h> > #include <WebCore/ProgressTracker.h> > #include <WebCore/ResourceError.h> >+#include <WebCore/ResourceRequest.h> > #include <WebCore/ScriptController.h> > #include <WebCore/SecurityOriginData.h> > #include <WebCore/Settings.h> >@@ -383,7 +384,7 @@ void WebFrameLoaderClient::dispatchDidChangeMainDocument() > webPage->send(Messages::WebPageProxy::DidChangeMainDocument(m_frame->frameID())); > } > >-void WebFrameLoaderClient::dispatchWillChangeDocument() >+void WebFrameLoaderClient::dispatchWillChangeDocument(const URL& currentUrl, const URL& newUrl) > { > #if HAVE(CFNETWORK_STORAGE_PARTITIONING) > if (m_frame->isMainFrame()) >@@ -393,7 +394,7 @@ void WebFrameLoaderClient::dispatchWillChangeDocument() > if (!webPage) > return; > >- if (m_hasFrameSpecificStorageAccess) { >+ if (m_hasFrameSpecificStorageAccess && !WebCore::registrableDomainsAreEqual(currentUrl, newUrl)) { > WebProcess::singleton().ensureNetworkProcessConnection().connection().send(Messages::NetworkConnectionToWebProcess::RemoveStorageAccessForFrame(sessionID(), frameID().value(), pageID().value()), 0); > m_hasFrameSpecificStorageAccess = false; > } >diff --git a/Source/WebKit/WebProcess/WebCoreSupport/WebFrameLoaderClient.h b/Source/WebKit/WebProcess/WebCoreSupport/WebFrameLoaderClient.h >index 254568e427d14274de2405235f3a9da4d5062ea1..0dde7bd7d9c57cca61b4bf84b65a9ff09876ec4d 100644 >--- a/Source/WebKit/WebProcess/WebCoreSupport/WebFrameLoaderClient.h >+++ b/Source/WebKit/WebProcess/WebCoreSupport/WebFrameLoaderClient.h >@@ -97,7 +97,7 @@ private: > void dispatchDidFinishDataDetection(NSArray *detectionResults) final; > #endif > void dispatchDidChangeMainDocument() final; >- void dispatchWillChangeDocument() final; >+ void dispatchWillChangeDocument(const WebCore::URL& currentUrl, const WebCore::URL& newUrl) final; > > void dispatchDidDispatchOnloadEvents() final; > void dispatchDidReceiveServerRedirectForProvisionalLoad() final; >diff --git a/LayoutTests/ChangeLog b/LayoutTests/ChangeLog >index f0eb45e779eff394cd8f4a16ad6e559cfc581e9d..c57afb45561e5dc7a6eab2994324c2848a5bac6f 100644 >--- a/LayoutTests/ChangeLog >+++ b/LayoutTests/ChangeLog >@@ -1,3 +1,23 @@ >+2018-08-30 John Wilander <wilander@apple.com> >+ >+ Storage Access API: Maintain access through same-site navigations >+ https://bugs.webkit.org/show_bug.cgi?id=188564 >+ <rdar://problem/43445160> >+ >+ Reviewed by NOBODY (OOPS!). >+ >+ * http/tests/storageAccess/request-and-grant-access-cross-origin-sandboxed-iframe-from-prevalent-domain-with-user-interaction-and-access-from-right-frame-expected.txt: >+ * http/tests/storageAccess/request-and-grant-access-cross-origin-sandboxed-iframe-from-prevalent-domain-with-user-interaction-and-access-from-right-frame.html: >+ Added a cross-site navigation to the sub frame so that the final test result stays the same. >+ * http/tests/storageAccess/request-and-grant-access-then-navigate-cross-site-should-not-have-access-expected.txt: Copied from LayoutTests/http/tests/storageAccess/request-and-grant-access-then-navigate-should-not-have-access-expected.txt. >+ * http/tests/storageAccess/request-and-grant-access-then-navigate-cross-site-should-not-have-access.html: Copied from LayoutTests/http/tests/storageAccess/request-and-grant-access-then-navigate-should-not-have-access.html. >+ * http/tests/storageAccess/request-and-grant-access-then-navigate-same-site-should-have-access-expected.txt: Renamed from LayoutTests/http/tests/storageAccess/request-and-grant-access-then-navigate-should-not-have-access-expected.txt. >+ * http/tests/storageAccess/request-and-grant-access-then-navigate-same-site-should-have-access.html: Renamed from LayoutTests/http/tests/storageAccess/request-and-grant-access-then-navigate-should-not-have-access.html. >+ * http/tests/storageAccess/resources/self-navigating-frame-after-granted-access.html: >+ Support for the new test scenarios. >+ * platform/mac-wk2/TestExpectations: >+ Marked the new and the renamed tests as [ Pass ]. >+ > 2018-08-30 Brent Fulgham <bfulgham@apple.com> > > The width of a nullptr TextRun should be zero >diff --git a/LayoutTests/http/tests/storageAccess/request-and-grant-access-cross-origin-sandboxed-iframe-from-prevalent-domain-with-user-interaction-and-access-from-right-frame-expected.txt b/LayoutTests/http/tests/storageAccess/request-and-grant-access-cross-origin-sandboxed-iframe-from-prevalent-domain-with-user-interaction-and-access-from-right-frame-expected.txt >index d6bc7775375013db38f604e62b2551e9c68f873f..a39470f9d7831fcc2ef4e0fa2e36d276102f02ee 100644 >--- a/LayoutTests/http/tests/storageAccess/request-and-grant-access-cross-origin-sandboxed-iframe-from-prevalent-domain-with-user-interaction-and-access-from-right-frame-expected.txt >+++ b/LayoutTests/http/tests/storageAccess/request-and-grant-access-cross-origin-sandboxed-iframe-from-prevalent-domain-with-user-interaction-and-access-from-right-frame-expected.txt >@@ -42,7 +42,7 @@ Client-side document.cookie: > -------- > Frame: '<!--frame5-->' > -------- >-After the top frame navigates the sub frame, the sub frame should no longer have access to cookies. >+After the top frame navigates the sub frame cross-site and back, the sub frame should no longer have access to cookies. > Did not receive cookie named 'firstPartyCookie'. > Did not receive cookie named 'partitionedCookie'. > Client-side document.cookie: >diff --git a/LayoutTests/http/tests/storageAccess/request-and-grant-access-cross-origin-sandboxed-iframe-from-prevalent-domain-with-user-interaction-and-access-from-right-frame.html b/LayoutTests/http/tests/storageAccess/request-and-grant-access-cross-origin-sandboxed-iframe-from-prevalent-domain-with-user-interaction-and-access-from-right-frame.html >index f16010390a94437697a04f4c0fefc04f6968e0d4..6f27f0248941824e9bbb8f2d647f04b5cfcc6f85 100644 >--- a/LayoutTests/http/tests/storageAccess/request-and-grant-access-cross-origin-sandboxed-iframe-from-prevalent-domain-with-user-interaction-and-access-from-right-frame.html >+++ b/LayoutTests/http/tests/storageAccess/request-and-grant-access-cross-origin-sandboxed-iframe-from-prevalent-domain-with-user-interaction-and-access-from-right-frame.html >@@ -119,12 +119,19 @@ > break; > case "#step7": > document.location.hash = "step8"; >- // Check that no cookie gets sent for localhost under 127.0.0.1 since we're opening in the frame that was granted access. >+ // Navigate the frame cross-site. > let existingIframe = document.getElementById("TheIframeThatRequestsStorageAccess"); > existingIframe.onload = runTest; >- existingIframe.src = thirdPartyBaseUrl + subPathToGetCookies + "&message=After the top frame navigates the sub frame, the sub frame should no longer have access to cookies."; >+ existingIframe.src = "http://" + partitionHost; > break; > case "#step8": >+ document.location.hash = "step9"; >+ // Again open localhost in the existing frame and check that no cookie gets sent for localhost under 127.0.0.1 since it has been navigated cross-site. >+ let existingIframeAgain = document.getElementById("TheIframeThatRequestsStorageAccess"); >+ existingIframeAgain.onload = runTest; >+ existingIframeAgain.src = thirdPartyBaseUrl + subPathToGetCookies + "&message=After the top frame navigates the sub frame cross-site and back, the sub frame should no longer have access to cookies."; >+ break; >+ case "#step9": > setEnableFeature(false, finishJSTest); > break; > } >diff --git a/LayoutTests/http/tests/storageAccess/request-and-grant-access-then-navigate-cross-site-should-not-have-access-expected.txt b/LayoutTests/http/tests/storageAccess/request-and-grant-access-then-navigate-cross-site-should-not-have-access-expected.txt >new file mode 100644 >index 0000000000000000000000000000000000000000..890f4d906015b4a34fac678ce76382fcb6935003 >--- /dev/null >+++ b/LayoutTests/http/tests/storageAccess/request-and-grant-access-then-navigate-cross-site-should-not-have-access-expected.txt >@@ -0,0 +1,13 @@ >+Tests that a cross-origin iframe from a prevalent domain that is granted storage access and then navigates itself cross-site does not have storage access. >+ >+On success, you will see a series of "PASS" messages, followed by "TEST COMPLETE". >+ >+ >+PASS document.cookie == >+PASS Storage access was granted. >+PASS document.cookie == cookieSetClientSideAfterGrantedStorageAccess=value; firstPartyCookie=value >+PASS No storage access. document.cookie == , cookies seen server-side == "No cookies" >+PASS successfullyParsed is true >+ >+TEST COMPLETE >+ >diff --git a/LayoutTests/http/tests/storageAccess/request-and-grant-access-then-navigate-cross-site-should-not-have-access.html b/LayoutTests/http/tests/storageAccess/request-and-grant-access-then-navigate-cross-site-should-not-have-access.html >new file mode 100644 >index 0000000000000000000000000000000000000000..25f1bf75bfe0b9689323095c5764b17d8f7927b4 >--- /dev/null >+++ b/LayoutTests/http/tests/storageAccess/request-and-grant-access-then-navigate-cross-site-should-not-have-access.html >@@ -0,0 +1,90 @@ >+<!DOCTYPE html> >+<html> >+<head> >+ <script src="/js-test-resources/js-test.js"></script> >+ <script src="/js-test-resources/ui-helper.js"></script> >+ <script src="/resourceLoadStatistics/resources/util.js"></script> >+ <script> >+ description("Tests that a cross-origin iframe from a prevalent domain that is granted storage access and then navigates itself cross-site does not have storage access."); >+ jsTestIsAsync = true; >+ >+ window.addEventListener("message", receiveMessage, false); >+ >+ function finishTest() { >+ setEnableFeature(false, finishJSTest); >+ } >+ >+ const expectedPassMessages = 2; >+ var passMessagesReceived = 0; >+ function receiveMessage(event) { >+ if (event.origin === "http://localhost:8000") { >+ if (event.data.indexOf("document.cookie") === 0) { >+ testPassed(event.data); >+ } else if (event.data.indexOf("PASS") !== -1) { >+ testPassed(event.data.replace("PASS ", "")); >+ passMessagesReceived++; >+ if (passMessagesReceived >= expectedPassMessages) >+ finishTest(); >+ } else { >+ testFailed(event.data); >+ finishTest(); >+ } >+ } else { >+ testFailed("Received a message from an unexpected origin: " + event.origin); >+ finishTest(); >+ } >+ } >+ >+ function activateElement(elementId) { >+ var element = document.getElementById(elementId); >+ var centerX = element.offsetLeft + element.offsetWidth / 2; >+ var centerY = element.offsetTop + element.offsetHeight / 2; >+ UIHelper.activateAt(centerX, centerY).then( >+ function () { >+ if (window.eventSender) >+ eventSender.keyDown("escape"); >+ else { >+ testFailed("No eventSender."); >+ finishTest(); >+ } >+ }, >+ function () { >+ testFailed("Promise rejected."); >+ finishTest(); >+ } >+ ); >+ } >+ >+ function runTest() { >+ activateElement("TheIframeThatRequestsStorageAccess"); >+ } >+ >+ const hostUnderTest = "localhost:8000"; >+ const statisticsUrl = "http://" + hostUnderTest; >+ if (document.location.hash !== "#firstPartyCookieSet") { >+ setEnableFeature(true, function() { >+ document.location.href = statisticsUrl + "/storageAccess/resources/set-cookie.php?name=firstPartyCookie&value=value#http://127.0.0.1:8000/storageAccess/request-and-grant-access-then-navigate-cross-site-should-not-have-access.html#firstPartyCookieSet"; >+ }); >+ } else { >+ testRunner.setStatisticsPrevalentResource(statisticsUrl, true, function() { >+ if (!testRunner.isStatisticsPrevalentResource(statisticsUrl)) >+ testFailed("Host did not get set as prevalent resource."); >+ testRunner.setStatisticsHasHadUserInteraction(statisticsUrl, true, function() { >+ if (!testRunner.isStatisticsHasHadUserInteraction(statisticsUrl)) >+ testFailed("Host did not get logged for user interaction."); >+ testRunner.statisticsUpdateCookieBlocking(function() { >+ let iframeElement = document.createElement("iframe"); >+ iframeElement.setAttribute("sandbox", "allow-storage-access-by-user-activation allow-scripts allow-same-origin allow-modals"); >+ iframeElement.onload = runTest; >+ iframeElement.id = "TheIframeThatRequestsStorageAccess"; >+ iframeElement.src = "http://localhost:8000/storageAccess/resources/self-navigating-frame-after-granted-access.html#userShouldGrantAccess,userShouldBeConsulted,policyShouldGrantAccess,crossSiteNavigation"; >+ document.body.appendChild(iframeElement); >+ }); >+ }); >+ }); >+ } >+ </script> >+</head> >+<body> >+</body> >+</html> >\ No newline at end of file >diff --git a/LayoutTests/http/tests/storageAccess/request-and-grant-access-then-navigate-same-site-should-have-access-expected.txt b/LayoutTests/http/tests/storageAccess/request-and-grant-access-then-navigate-same-site-should-have-access-expected.txt >new file mode 100644 >index 0000000000000000000000000000000000000000..2745db594e9cf830a28c461210f78e49158e9044 >--- /dev/null >+++ b/LayoutTests/http/tests/storageAccess/request-and-grant-access-then-navigate-same-site-should-have-access-expected.txt >@@ -0,0 +1,13 @@ >+Tests that a cross-origin iframe from a prevalent domain that is granted storage access and then navigates itself same-site still has storage access. >+ >+On success, you will see a series of "PASS" messages, followed by "TEST COMPLETE". >+ >+ >+PASS document.cookie == >+PASS Storage access was granted. >+PASS document.cookie == cookieSetClientSideAfterGrantedStorageAccess=value; firstPartyCookie=value >+PASS Has storage access. document.cookie == cookieSetClientSideAfterGrantedStorageAccess=value; firstPartyCookie=value, cookies seen server-side == {"cookieSetClientSideAfterGrantedStorageAccess":"value","firstPartyCookie":"value"} >+PASS successfullyParsed is true >+ >+TEST COMPLETE >+ >diff --git a/LayoutTests/http/tests/storageAccess/request-and-grant-access-then-navigate-same-site-should-have-access.html b/LayoutTests/http/tests/storageAccess/request-and-grant-access-then-navigate-same-site-should-have-access.html >new file mode 100644 >index 0000000000000000000000000000000000000000..1fa4fed5231fa1aca3640c1bd8fa951bc2ff005b >--- /dev/null >+++ b/LayoutTests/http/tests/storageAccess/request-and-grant-access-then-navigate-same-site-should-have-access.html >@@ -0,0 +1,90 @@ >+<!DOCTYPE html> >+<html> >+<head> >+ <script src="/js-test-resources/js-test.js"></script> >+ <script src="/js-test-resources/ui-helper.js"></script> >+ <script src="/resourceLoadStatistics/resources/util.js"></script> >+ <script> >+ description("Tests that a cross-origin iframe from a prevalent domain that is granted storage access and then navigates itself same-site still has storage access."); >+ jsTestIsAsync = true; >+ >+ window.addEventListener("message", receiveMessage, false); >+ >+ function finishTest() { >+ setEnableFeature(false, finishJSTest); >+ } >+ >+ const expectedPassMessages = 2; >+ var passMessagesReceived = 0; >+ function receiveMessage(event) { >+ if (event.origin === "http://localhost:8000") { >+ if (event.data.indexOf("document.cookie") === 0) { >+ testPassed(event.data); >+ } else if (event.data.indexOf("PASS") !== -1) { >+ testPassed(event.data.replace("PASS ", "")); >+ passMessagesReceived++; >+ if (passMessagesReceived >= expectedPassMessages) >+ finishTest(); >+ } else { >+ testFailed(event.data); >+ finishTest(); >+ } >+ } else { >+ testFailed("Received a message from an unexpected origin: " + event.origin); >+ finishTest(); >+ } >+ } >+ >+ function activateElement(elementId) { >+ var element = document.getElementById(elementId); >+ var centerX = element.offsetLeft + element.offsetWidth / 2; >+ var centerY = element.offsetTop + element.offsetHeight / 2; >+ UIHelper.activateAt(centerX, centerY).then( >+ function () { >+ if (window.eventSender) >+ eventSender.keyDown("escape"); >+ else { >+ testFailed("No eventSender."); >+ finishTest(); >+ } >+ }, >+ function () { >+ testFailed("Promise rejected."); >+ finishTest(); >+ } >+ ); >+ } >+ >+ function runTest() { >+ activateElement("TheIframeThatRequestsStorageAccess"); >+ } >+ >+ const hostUnderTest = "localhost:8000"; >+ const statisticsUrl = "http://" + hostUnderTest; >+ if (document.location.hash !== "#firstPartyCookieSet") { >+ setEnableFeature(true, function() { >+ document.location.href = statisticsUrl + "/storageAccess/resources/set-cookie.php?name=firstPartyCookie&value=value#http://127.0.0.1:8000/storageAccess/request-and-grant-access-then-navigate-same-site-should-have-access.html#firstPartyCookieSet"; >+ }); >+ } else { >+ testRunner.setStatisticsPrevalentResource(statisticsUrl, true, function() { >+ if (!testRunner.isStatisticsPrevalentResource(statisticsUrl)) >+ testFailed("Host did not get set as prevalent resource."); >+ testRunner.setStatisticsHasHadUserInteraction(statisticsUrl, true, function() { >+ if (!testRunner.isStatisticsHasHadUserInteraction(statisticsUrl)) >+ testFailed("Host did not get logged for user interaction."); >+ testRunner.statisticsUpdateCookieBlocking(function() { >+ let iframeElement = document.createElement("iframe"); >+ iframeElement.setAttribute("sandbox", "allow-storage-access-by-user-activation allow-scripts allow-same-origin allow-modals"); >+ iframeElement.onload = runTest; >+ iframeElement.id = "TheIframeThatRequestsStorageAccess"; >+ iframeElement.src = "http://localhost:8000/storageAccess/resources/self-navigating-frame-after-granted-access.html#userShouldGrantAccess,userShouldBeConsulted,policyShouldGrantAccess,sameSiteNavigation"; >+ document.body.appendChild(iframeElement); >+ }); >+ }); >+ }); >+ } >+ </script> >+</head> >+<body> >+</body> >+</html> >\ No newline at end of file >diff --git a/LayoutTests/http/tests/storageAccess/request-and-grant-access-then-navigate-should-not-have-access-expected.txt b/LayoutTests/http/tests/storageAccess/request-and-grant-access-then-navigate-should-not-have-access-expected.txt >deleted file mode 100644 >index 409a2520c60dfbabea9008c18ae38c9bde5a1e64..0000000000000000000000000000000000000000 >--- a/LayoutTests/http/tests/storageAccess/request-and-grant-access-then-navigate-should-not-have-access-expected.txt >+++ /dev/null >@@ -1,13 +0,0 @@ >-Tests that a cross-origin iframe from a prevalent domain that is granted storage access and then navigates itself does not have storage access. >- >-On success, you will see a series of "PASS" messages, followed by "TEST COMPLETE". >- >- >-PASS document.cookie == >-PASS Storage access was granted. >-PASS document.cookie == cookieSetClientSideAfterGrantedStorageAccess=value; firstPartyCookie=value >-PASS No storage access. document.cookie == , cookies seen server-side == "No cookies" >-PASS successfullyParsed is true >- >-TEST COMPLETE >- >diff --git a/LayoutTests/http/tests/storageAccess/request-and-grant-access-then-navigate-should-not-have-access.html b/LayoutTests/http/tests/storageAccess/request-and-grant-access-then-navigate-should-not-have-access.html >deleted file mode 100644 >index b9310a6a1e608602a70b91b8efa7da823a316e4c..0000000000000000000000000000000000000000 >--- a/LayoutTests/http/tests/storageAccess/request-and-grant-access-then-navigate-should-not-have-access.html >+++ /dev/null >@@ -1,90 +0,0 @@ >-<!DOCTYPE html> >-<html> >-<head> >- <script src="/js-test-resources/js-test.js"></script> >- <script src="/js-test-resources/ui-helper.js"></script> >- <script src="/resourceLoadStatistics/resources/util.js"></script> >- <script> >- description("Tests that a cross-origin iframe from a prevalent domain that is granted storage access and then navigates itself does not have storage access."); >- jsTestIsAsync = true; >- >- window.addEventListener("message", receiveMessage, false); >- >- function finishTest() { >- setEnableFeature(false, finishJSTest); >- } >- >- const expectedPassMessages = 2; >- var passMessagesReceived = 0; >- function receiveMessage(event) { >- if (event.origin === "http://localhost:8000") { >- if (event.data.indexOf("document.cookie") === 0) { >- testPassed(event.data); >- } else if (event.data.indexOf("PASS") !== -1) { >- testPassed(event.data.replace("PASS ", "")); >- passMessagesReceived++; >- if (passMessagesReceived >= expectedPassMessages) >- finishTest(); >- } else { >- testFailed(event.data); >- finishTest(); >- } >- } else { >- testFailed("Received a message from an unexpected origin: " + event.origin); >- finishTest(); >- } >- } >- >- function activateElement(elementId) { >- var element = document.getElementById(elementId); >- var centerX = element.offsetLeft + element.offsetWidth / 2; >- var centerY = element.offsetTop + element.offsetHeight / 2; >- UIHelper.activateAt(centerX, centerY).then( >- function () { >- if (window.eventSender) >- eventSender.keyDown("escape"); >- else { >- testFailed("No eventSender."); >- finishTest(); >- } >- }, >- function () { >- testFailed("Promise rejected."); >- finishTest(); >- } >- ); >- } >- >- function runTest() { >- activateElement("TheIframeThatRequestsStorageAccess"); >- } >- >- const hostUnderTest = "localhost:8000"; >- const statisticsUrl = "http://" + hostUnderTest; >- if (document.location.hash !== "#firstPartyCookieSet") { >- setEnableFeature(true, function() { >- document.location.href = statisticsUrl + "/storageAccess/resources/set-cookie.php?name=firstPartyCookie&value=value#http://127.0.0.1:8000/storageAccess/request-and-grant-access-then-navigate-should-not-have-access.html#firstPartyCookieSet"; >- }); >- } else { >- testRunner.setStatisticsPrevalentResource(statisticsUrl, true, function() { >- if (!testRunner.isStatisticsPrevalentResource(statisticsUrl)) >- testFailed("Host did not get set as prevalent resource."); >- testRunner.setStatisticsHasHadUserInteraction(statisticsUrl, true, function() { >- if (!testRunner.isStatisticsHasHadUserInteraction(statisticsUrl)) >- testFailed("Host did not get logged for user interaction."); >- testRunner.statisticsUpdateCookieBlocking(function() { >- let iframeElement = document.createElement("iframe"); >- iframeElement.setAttribute("sandbox", "allow-storage-access-by-user-activation allow-scripts allow-same-origin allow-modals"); >- iframeElement.onload = runTest; >- iframeElement.id = "TheIframeThatRequestsStorageAccess"; >- iframeElement.src = "http://localhost:8000/storageAccess/resources/self-navigating-frame-after-granted-access.html#userShouldGrantAccess,userShouldBeConsulted,policyShouldGrantAccess"; >- document.body.appendChild(iframeElement); >- }); >- }); >- }); >- } >- </script> >-</head> >-<body> >-</body> >-</html> >\ No newline at end of file >diff --git a/LayoutTests/http/tests/storageAccess/resources/self-navigating-frame-after-granted-access.html b/LayoutTests/http/tests/storageAccess/resources/self-navigating-frame-after-granted-access.html >index 6481d59aeafb983153ebe600117ceaf2e81ff46d..dbda7ea2430b687acfd57fe353bc0448b85a37d3 100644 >--- a/LayoutTests/http/tests/storageAccess/resources/self-navigating-frame-after-granted-access.html >+++ b/LayoutTests/http/tests/storageAccess/resources/self-navigating-frame-after-granted-access.html >@@ -5,6 +5,7 @@ > const userShouldGrantAccess = hashArguments[0] === "userShouldGrantAccess"; > const userShouldBeConsulted = hashArguments[1] === "userShouldBeConsulted"; > const policyShouldGrantAccess = hashArguments[2] === "policyShouldGrantAccess"; >+ const sameSiteNavigation = hashArguments[3] === "sameSiteNavigation"; > > if (internals && userShouldGrantAccess) > internals.setUserGrantsStorageAccess(true); >@@ -26,7 +27,11 @@ > } > > function navigate() { >- document.location.href = "http://localhost:8000/storageAccess/resources/has-storage-access-iframe.html#policyShouldNotGrantAccess" >+ if (sameSiteNavigation) { >+ document.location.href = "http://localhost:8000/storageAccess/resources/has-storage-access-iframe.html#policyShouldGrantAccess"; >+ } else { >+ document.location.href = "http://127.0.0.1:8000/resourceLoadStatistics/resources/redirect.php?redirectTo=http://localhost:8000/storageAccess/resources/has-storage-access-iframe.html"; >+ } > } > > function setCookieAndNavigate() { >diff --git a/LayoutTests/platform/mac-wk2/TestExpectations b/LayoutTests/platform/mac-wk2/TestExpectations >index 8eebfdfff757c8c226aa1fc2b8f8c20c164395f2..0b24e8fe46cfd6c251464ff65c568b2614979180 100644 >--- a/LayoutTests/platform/mac-wk2/TestExpectations >+++ b/LayoutTests/platform/mac-wk2/TestExpectations >@@ -695,7 +695,8 @@ http/tests/resourceLoadStatistics/user-interaction-reported-after-website-data-r > [ HighSierra+ ] http/tests/storageAccess/request-storage-access-cross-origin-sandboxed-iframe-without-user-gesture.html [ Pass ] > [ HighSierra+ ] http/tests/storageAccess/has-storage-access-from-prevalent-domain-with-user-interaction.html [ Pass ] > [ HighSierra+ ] http/tests/storageAccess/request-and-grant-access-then-detach-should-not-have-access.html [ Pass ] >-[ HighSierra+ ] http/tests/storageAccess/request-and-grant-access-then-navigate-should-not-have-access.html [ Pass ] >+[ HighSierra+ ] http/tests/storageAccess/request-and-grant-access-then-navigate-cross-site-should-not-have-access.html [ Pass ] >+[ HighSierra+ ] http/tests/storageAccess/request-and-grant-access-then-navigate-same-site-should-have-access.html [ Pass ] > [ HighSierra+ ] http/tests/storageAccess/deny-storage-access-under-opener.html [ Pass ] > [ HighSierra+ ] http/tests/storageAccess/grant-storage-access-under-opener.html [ Pass ] >
<b>You cannot view the attachment while viewing its details because your browser does not support IFRAMEs. <a href="attachment.cgi?id=348574">View the attachment on a separate page</a>.</b>
View Attachment As Diff
View Attachment As Raw
Actions:
View
|
Formatted Diff
|
Diff
Attachments on
bug 188564
:
348574
|
348664