WebKit Bugzilla
Attachment 362282 Details for
Bug 191645
: [Curl] Implement Cookie Accept Policy.
Home
|
New
|
Browse
|
Search
|
[?]
|
Reports
|
Requests
|
Help
|
New Account
|
Log In
Remember
[x]
|
Forgot Password
Login:
[x]
[patch]
Patch
bug-191645-20190218194227.patch (text/plain), 30.21 KB, created by
Takashi Komori
on 2019-02-18 02:45:16 PST
(
hide
)
Description:
Patch
Filename:
MIME Type:
Creator:
Takashi Komori
Created:
2019-02-18 02:45:16 PST
Size:
30.21 KB
patch
obsolete
>Subversion Revision: 241602 >diff --git a/Source/WebCore/ChangeLog b/Source/WebCore/ChangeLog >index 4696195a13f8ec94c61b8fcb17ca6661d2e16118..eea360633aed962721fc7cdb8e1509ca8f26afdd 100644 >--- a/Source/WebCore/ChangeLog >+++ b/Source/WebCore/ChangeLog >@@ -1,3 +1,37 @@ >+2019-02-18 Takashi Komori <Takashi.Komori@sony.com> >+ >+ [Curl] Implement Cookie Accept Policy. >+ https://bugs.webkit.org/show_bug.cgi?id=191645 >+ >+ Reviewed by NOBODY (OOPS!). >+ >+ No new tests (OOPS!). >+ >+ * platform/network/curl/CookieJarCurl.cpp: >+ (WebCore::cookiesForSession): >+ (WebCore::CookieJarCurl::setCookiesFromDOM const): >+ (WebCore::CookieJarCurl::setCookiesFromHTTPResponse const): >+ (WebCore::CookieJarCurl::setCookieAcceptPolicy const): >+ (WebCore::CookieJarCurl::cookieAcceptPolicy const): >+ (WebCore::CookieJarCurl::getRawCookies const): >+ * platform/network/curl/CookieJarCurl.h: >+ * platform/network/curl/CookieJarDB.cpp: >+ (WebCore::CookieJarDB::isEnabled const): >+ (WebCore::CookieJarDB::checkCookieAcceptPolicy): >+ (WebCore::CookieJarDB::searchCookies): >+ (WebCore::CookieJarDB::canAcceptCookie): >+ (WebCore::CookieJarDB::setCookie): >+ (WebCore::CookieJarDB::setEnabled): Deleted. >+ * platform/network/curl/CookieJarDB.h: >+ (WebCore::CookieJarDB::setAcceptPolicy): >+ (WebCore::CookieJarDB::acceptPolicy const): >+ * platform/network/curl/CookieUtil.cpp: >+ (WebCore::CookieUtil::isFirstPartyDomain): >+ * platform/network/curl/CookieUtil.h: >+ * platform/network/curl/CurlResourceHandleDelegate.cpp: >+ (WebCore::handleCookieHeaders): >+ (WebCore::CurlResourceHandleDelegate::curlDidReceiveResponse): >+ > 2019-02-15 Youenn Fablet <youenn@apple.com> > > Make navigator.mediaDevices SecureContext >diff --git a/Source/WebKit/ChangeLog b/Source/WebKit/ChangeLog >index 7994b6f5d19b6e72ea534154ca1a28eb340165a8..6d88996020fa9f016b04b8f1a550de69bd6ac535 100644 >--- a/Source/WebKit/ChangeLog >+++ b/Source/WebKit/ChangeLog >@@ -1,3 +1,18 @@ >+2019-02-18 Takashi Komori <Takashi.Komori@sony.com> >+ >+ [Curl] Implement Cookie Accept Policy. >+ https://bugs.webkit.org/show_bug.cgi?id=191645 >+ >+ Reviewed by NOBODY (OOPS!). >+ >+ * NetworkProcess/Cookies/curl/WebCookieManagerCurl.cpp: >+ (WebKit::WebCookieManager::platformSetHTTPCookieAcceptPolicy): >+ (WebKit::WebCookieManager::platformGetHTTPCookieAcceptPolicy): >+ * NetworkProcess/curl/NetworkDataTaskCurl.cpp: >+ (WebKit::NetworkDataTaskCurl::curlDidReceiveResponse): >+ (WebKit::NetworkDataTaskCurl::handleCookieHeaders): >+ * NetworkProcess/curl/NetworkDataTaskCurl.h: >+ > 2019-02-15 Brian Burg <bburg@apple.com> > > [Mac] WebInspectorUI.framework does not need to be soft-linked anymore >diff --git a/Source/WebCore/platform/network/curl/CookieJarCurl.cpp b/Source/WebCore/platform/network/curl/CookieJarCurl.cpp >index f9b45e8b506e765941214f59a937579ba910dbe0..48930ffa2a26a7fb0b4b99e80e754f33c61958bc 100644 >--- a/Source/WebCore/platform/network/curl/CookieJarCurl.cpp >+++ b/Source/WebCore/platform/network/curl/CookieJarCurl.cpp >@@ -39,7 +39,7 @@ > > namespace WebCore { > >-static String cookiesForSession(const NetworkStorageSession& session, const URL&, const URL& url, bool forHTTPHeader) >+static String cookiesForSession(const NetworkStorageSession& session, const URL& firstParty, const URL& url, bool forHTTPHeader) > { > StringBuilder cookies; > >@@ -47,7 +47,7 @@ static String cookiesForSession(const NetworkStorageSession& session, const URL& > auto searchHTTPOnly = (forHTTPHeader ? WTF::nullopt : Optional<bool> {false}); > auto secure = url.protocolIs("https") ? WTF::nullopt : Optional<bool> {false}; > >- if (auto result = cookieJarDB.searchCookies(url.string(), searchHTTPOnly, secure, WTF::nullopt)) { >+ if (auto result = cookieJarDB.searchCookies(firstParty.string(), url.string(), searchHTTPOnly, secure, WTF::nullopt)) { > for (auto& cookie : *result) { > if (!cookies.isEmpty()) > cookies.append("; "); >@@ -63,16 +63,15 @@ void CookieJarCurl::setCookiesFromDOM(const NetworkStorageSession& session, cons > { > UNUSED_PARAM(frameID); > UNUSED_PARAM(pageID); >- UNUSED_PARAM(firstParty); > > CookieJarDB& cookieJarDB = session.cookieDatabase(); >- cookieJarDB.setCookie(url.string(), value, CookieJarDB::Source::Script); >+ cookieJarDB.setCookie(firstParty.string(), url.string(), value, CookieJarDB::Source::Script); > } > >-void CookieJarCurl::setCookiesFromHTTPResponse(const NetworkStorageSession& session, const URL& url, const String& value) const >+void CookieJarCurl::setCookiesFromHTTPResponse(const NetworkStorageSession& session, const URL& firstParty, const URL& url, const String& value) const > { > CookieJarDB& cookieJarDB = session.cookieDatabase(); >- cookieJarDB.setCookie(url.string(), value, CookieJarDB::Source::Network); >+ cookieJarDB.setCookie(firstParty.string(), url.string(), value, CookieJarDB::Source::Network); > } > > std::pair<String, bool> CookieJarCurl::cookiesForDOM(const NetworkStorageSession& session, const URL& firstParty, const SameSiteInfo&, const URL& url, Optional<uint64_t> frameID, Optional<uint64_t> pageID, IncludeSecureCookies) const >@@ -98,6 +97,17 @@ std::pair<String, bool> CookieJarCurl::cookieRequestHeaderFieldValue(const Netwo > return cookieRequestHeaderFieldValue(session, headerFieldProxy.firstParty, headerFieldProxy.sameSiteInfo, headerFieldProxy.url, headerFieldProxy.frameID, headerFieldProxy.pageID, headerFieldProxy.includeSecureCookies); > } > >+void CookieJarCurl::setCookieAcceptPolicy(const NetworkStorageSession& session, CookieAcceptPolicy policy) const >+{ >+ auto& cookieJarDB = session.cookieDatabase(); >+ cookieJarDB.setAcceptPolicy(policy); >+} >+ >+CookieAcceptPolicy CookieJarCurl::cookieAcceptPolicy(const NetworkStorageSession& session) const >+{ >+ return session.cookieDatabase().acceptPolicy(); >+} >+ > bool CookieJarCurl::cookiesEnabled(const NetworkStorageSession& session) const > { > return session.cookieDatabase().isEnabled(); >@@ -109,7 +119,7 @@ bool CookieJarCurl::getRawCookies(const NetworkStorageSession& session, const UR > UNUSED_PARAM(pageID); > > CookieJarDB& cookieJarDB = session.cookieDatabase(); >- if (auto cookies = cookieJarDB.searchCookies(firstParty.string(), WTF::nullopt, WTF::nullopt, WTF::nullopt)) { >+ if (auto cookies = cookieJarDB.searchCookies(firstParty.string())) { > rawCookies = WTFMove(*cookies); > return true; > } >diff --git a/Source/WebCore/platform/network/curl/CookieJarCurl.h b/Source/WebCore/platform/network/curl/CookieJarCurl.h >index f1a4c789579d01e3b01376ae94d04d0cdc448dc6..8941023f8068ea7480b7c50d5ce6f8df55ce2b93 100644 >--- a/Source/WebCore/platform/network/curl/CookieJarCurl.h >+++ b/Source/WebCore/platform/network/curl/CookieJarCurl.h >@@ -37,12 +37,15 @@ enum class IncludeSecureCookies : bool; > struct Cookie; > struct CookieRequestHeaderFieldProxy; > struct SameSiteInfo; >+enum class CookieAcceptPolicy; > > class CookieJarCurl { > public: > std::pair<String, bool> cookiesForDOM(const NetworkStorageSession&, const URL& firstParty, const SameSiteInfo&, const URL&, Optional<uint64_t> frameID, Optional<uint64_t> pageID, IncludeSecureCookies) const; > void setCookiesFromDOM(const NetworkStorageSession&, const URL& firstParty, const SameSiteInfo&, const URL&, Optional<uint64_t> frameID, Optional<uint64_t> pageID, const String&) const; >- void setCookiesFromHTTPResponse(const NetworkStorageSession&, const URL&, const String&) const; >+ void setCookiesFromHTTPResponse(const NetworkStorageSession&, const URL& firstParty, const URL&, const String&) const; >+ void setCookieAcceptPolicy(const NetworkStorageSession&, CookieAcceptPolicy) const; >+ CookieAcceptPolicy cookieAcceptPolicy(const NetworkStorageSession&) const; > bool cookiesEnabled(const NetworkStorageSession&) const; > std::pair<String, bool> cookieRequestHeaderFieldValue(const NetworkStorageSession&, const URL& firstParty, const SameSiteInfo&, const URL&, Optional<uint64_t> frameID, Optional<uint64_t> pageID, IncludeSecureCookies) const; > std::pair<String, bool> cookieRequestHeaderFieldValue(const NetworkStorageSession&, const CookieRequestHeaderFieldProxy&) const; >diff --git a/Source/WebCore/platform/network/curl/CookieJarDB.cpp b/Source/WebCore/platform/network/curl/CookieJarDB.cpp >index eec951ef69c8f72a9591e074eab83528de4c6d00..f55bf8f6caf00de900b47459c9a2768627975727 100644 >--- a/Source/WebCore/platform/network/curl/CookieJarDB.cpp >+++ b/Source/WebCore/platform/network/curl/CookieJarDB.cpp >@@ -82,11 +82,6 @@ namespace WebCore { > static constexpr int schemaVersion = 1; > > >-void CookieJarDB::setEnabled(bool enable) >-{ >- m_isEnabled = enable; >-} >- > CookieJarDB::CookieJarDB(const String& databasePath) > : m_databasePath(databasePath) > { >@@ -309,14 +304,49 @@ bool CookieJarDB::isEnabled() const > if (m_databasePath.isEmpty()) > return false; > >- return m_isEnabled; >+ return (m_acceptPolicy == CookieAcceptPolicy::Always || m_acceptPolicy == CookieAcceptPolicy::OnlyFromMainDocumentDomain || m_acceptPolicy == CookieAcceptPolicy::ExclusivelyFromMainDocumentDomain); > } > >-Optional<Vector<Cookie>> CookieJarDB::searchCookies(const String& requestUrl, const Optional<bool>& httpOnly, const Optional<bool>& secure, const Optional<bool>& session) >+bool CookieJarDB::checkCookieAcceptPolicy(const String& firstParty, const String& url) >+{ >+ if (m_acceptPolicy == CookieAcceptPolicy::Always) >+ return true; >+ >+ // See https://bugs.webkit.org/show_bug.cgi?id=193458#c0 >+ if (m_acceptPolicy == CookieAcceptPolicy::OnlyFromMainDocumentDomain || m_acceptPolicy == CookieAcceptPolicy::ExclusivelyFromMainDocumentDomain) { >+ if (firstParty == url) >+ return true; >+ >+ String firstPartyHost = URL({ }, firstParty).host().toString(); >+ String urlHost = URL({ }, url).host().toString(); >+ if (CookieUtil::isFirstPartyDomain(firstPartyHost, urlHost)) >+ return true; >+ >+ // If we have third-party cookie already, we can read and write. >+ if (m_acceptPolicy == CookieAcceptPolicy::OnlyFromMainDocumentDomain) { >+ auto result = searchCookies(url); >+ if (result && result->size()) >+ return true; >+ } >+ } >+ >+ return false; >+} >+ >+Optional<Vector<Cookie>> CookieJarDB::searchCookies(const String& url) >+{ >+ // Set same url not to call checkCookieAcceptPolicy() infinitely. >+ return searchCookies(url, url, WTF::nullopt, WTF::nullopt, WTF::nullopt); >+} >+ >+Optional<Vector<Cookie>> CookieJarDB::searchCookies(const String& firstParty, const String& requestUrl, const Optional<bool>& httpOnly, const Optional<bool>& secure, const Optional<bool>& session) > { > if (!isEnabled() || !m_database.isOpen()) > return WTF::nullopt; > >+ if (!checkCookieAcceptPolicy(firstParty, requestUrl)) >+ return WTF::nullopt; >+ > URL requestUrlObj({ }, requestUrl); > String requestHost(requestUrlObj.host().toString().convertToASCIILowercase()); > String requestPath(requestUrlObj.path().convertToASCIILowercase()); >@@ -424,7 +454,7 @@ bool CookieJarDB::hasHttpOnlyCookie(const String& name, const String& domain, co > return statement.step() == SQLITE_ROW; > } > >-bool CookieJarDB::canAcceptCookie(const Cookie& cookie, const String& host, CookieJarDB::Source source) >+bool CookieJarDB::canAcceptCookie(const Cookie& cookie, const String& firstParty, const String& host, CookieJarDB::Source source) > { > #if ENABLE(PUBLIC_SUFFIX_LIST) > if (isPublicSuffix(cookie.domain)) >@@ -438,6 +468,11 @@ bool CookieJarDB::canAcceptCookie(const Cookie& cookie, const String& host, Cook > if (!CookieUtil::domainMatch(cookie.domain, host)) > return false; > >+ String cookieDomain = cookie.domain.startsWith(".") ? cookie.domain.substring(1) : cookie.domain; >+ URL cookieDomainUrl({ }, makeString("http://", cookieDomain)); >+ if (!checkCookieAcceptPolicy(firstParty, cookieDomainUrl)) >+ return false; >+ > return true; > } > >@@ -461,7 +496,7 @@ bool CookieJarDB::setCookie(const Cookie& cookie) > return checkSQLiteReturnCode(statement.step()); > } > >-bool CookieJarDB::setCookie(const String& url, const String& body, CookieJarDB::Source source) >+bool CookieJarDB::setCookie(const String& firstParty, const String& url, const String& body, CookieJarDB::Source source) > { > if (!isEnabled() || !m_database.isOpen()) > return false; >@@ -483,7 +518,7 @@ bool CookieJarDB::setCookie(const String& url, const String& body, CookieJarDB:: > if (cookie->path.isEmpty()) > cookie->path = CookieUtil::defaultPathForURL(urlObj); > >- if (!canAcceptCookie(*cookie, host, source)) >+ if (!canAcceptCookie(*cookie, firstParty, host, source)) > return false; > > return setCookie(*cookie); >diff --git a/Source/WebCore/platform/network/curl/CookieJarDB.h b/Source/WebCore/platform/network/curl/CookieJarDB.h >index de58032e335ad89bb03893c30e0420a5665ee9e7..08f4f2c1491e81f14cd6e4b5ecba43413978ffb6 100644 >--- a/Source/WebCore/platform/network/curl/CookieJarDB.h >+++ b/Source/WebCore/platform/network/curl/CookieJarDB.h >@@ -36,6 +36,13 @@ > > namespace WebCore { > >+enum class CookieAcceptPolicy { >+ Always, >+ Never, >+ OnlyFromMainDocumentDomain, >+ ExclusivelyFromMainDocumentDomain >+}; >+ > class CookieJarDB { > WTF_MAKE_NONCOPYABLE(CookieJarDB); > >@@ -44,12 +51,16 @@ public: > Network, > Script > }; >+ > void open(); > bool isEnabled() const; >- void setEnabled(bool); > >- Optional<Vector<Cookie>> searchCookies(const String& requestUrl, const Optional<bool>& httpOnly, const Optional<bool>& secure, const Optional<bool>& session); >- bool setCookie(const String& url, const String& cookie, Source); >+ void setAcceptPolicy(CookieAcceptPolicy policy) { m_acceptPolicy = policy; } >+ CookieAcceptPolicy acceptPolicy() const { return m_acceptPolicy; } >+ >+ Optional<Vector<Cookie>> searchCookies(const String& url); >+ Optional<Vector<Cookie>> searchCookies(const String& firstParty, const String& requestUrl, const Optional<bool>& httpOnly, const Optional<bool>& secure, const Optional<bool>& session); >+ bool setCookie(const String& firstParty, const String& url, const String& cookie, Source); > bool setCookie(const Cookie&); > > bool deleteCookie(const String& url, const String& name); >@@ -60,8 +71,7 @@ public: > WEBCORE_EXPORT ~CookieJarDB(); > > private: >- >- bool m_isEnabled { true }; >+ CookieAcceptPolicy m_acceptPolicy { CookieAcceptPolicy::Always }; > String m_databasePath; > > bool m_detectedDatabaseCorruption { false }; >@@ -88,7 +98,8 @@ private: > > bool deleteCookieInternal(const String& name, const String& domain, const String& path); > bool hasHttpOnlyCookie(const String& name, const String& domain, const String& path); >- bool canAcceptCookie(const Cookie&, const String& host, CookieJarDB::Source); >+ bool canAcceptCookie(const Cookie&, const String& firstParty, const String& host, CookieJarDB::Source); >+ bool checkCookieAcceptPolicy(const String& firstParty, const String& url); > > SQLiteDatabase m_database; > HashMap<String, std::unique_ptr<SQLiteStatement>> m_statements; >diff --git a/Source/WebCore/platform/network/curl/CookieUtil.cpp b/Source/WebCore/platform/network/curl/CookieUtil.cpp >index 1bdb84c61bbab2591a1708987d195d5cbe40cf9d..ea576203c74c8c68c13ef539fd2bc378a9659d64 100644 >--- a/Source/WebCore/platform/network/curl/CookieUtil.cpp >+++ b/Source/WebCore/platform/network/curl/CookieUtil.cpp >@@ -33,6 +33,10 @@ > #include <wtf/Optional.h> > #include <wtf/text/WTFString.h> > >+#if ENABLE(PUBLIC_SUFFIX_LIST) >+#include "PublicSuffix.h" >+#endif >+ > /* This is the maximum line length we accept for a cookie line. RFC 2109 > section 6.3 says: > >@@ -79,6 +83,27 @@ bool domainMatch(const String& cookieDomain, const String& host) > return false; > } > >+bool isFirstPartyDomain(const String& firstPartyHost, const String& host) >+{ >+ if (firstPartyHost == host) >+ return true; >+ >+#if ENABLE(PUBLIC_SUFFIX_LIST) >+ String firstPartyDomain = topPrivatelyControlledDomain(firstPartyHost); >+#else >+ // FIXME: Can't get eTLD+1 correctly. >+ size_t topLevelSeparator = firstPartyHost.reverseFind('.'); >+ size_t secondLevelSeparator = topLevelSeparator != WTF::notFound ? firstPartyHost.reverseFind('.', topLevelSeparator - 1) : WTF::notFound; >+ String firstPartyDomain = secondLevelSeparator == WTF::notFound ? firstPartyHost : firstPartyHost.substring(secondLevelSeparator+1); >+#endif >+ >+ auto index = host.reverseFind(firstPartyDomain); >+ if (index != WTF::notFound && index + firstPartyDomain.length() == host.length()) >+ return true; >+ >+ return false; >+} >+ > static Optional<double> parseExpires(const char* expires) > { > double tmp = WTF::parseDateFromNullTerminatedCharacters(expires); >diff --git a/Source/WebCore/platform/network/curl/CookieUtil.h b/Source/WebCore/platform/network/curl/CookieUtil.h >index 956c153a93bf301743b8eeadc11900017f5123ec..67864dd3a98e0bce8561b77d24ae7394ec9f9019 100644 >--- a/Source/WebCore/platform/network/curl/CookieUtil.h >+++ b/Source/WebCore/platform/network/curl/CookieUtil.h >@@ -39,6 +39,7 @@ Optional<Cookie> parseCookieHeader(const String&); > bool isIPAddress(const String&); > > bool domainMatch(const String& cookieDomain, const String& host); >+bool isFirstPartyDomain(const String& firstPartyHost, const String& host); > > WEBCORE_EXPORT String defaultPathForURL(const URL&); > >diff --git a/Source/WebCore/platform/network/curl/CurlResourceHandleDelegate.cpp b/Source/WebCore/platform/network/curl/CurlResourceHandleDelegate.cpp >index 5bdafcda4fa3e2af5f6f15021a53f0abc970c1ce..e675f02665249da68e7a3e49ea2082140dfd6090 100644 >--- a/Source/WebCore/platform/network/curl/CurlResourceHandleDelegate.cpp >+++ b/Source/WebCore/platform/network/curl/CurlResourceHandleDelegate.cpp >@@ -85,7 +85,7 @@ void CurlResourceHandleDelegate::curlDidSendData(CurlRequest& request, unsigned > client()->didSendData(&m_handle, bytesSent, totalBytesToBeSent); > } > >-static void handleCookieHeaders(ResourceHandleInternal* d, const CurlResponse& response) >+static void handleCookieHeaders(ResourceHandleInternal* d, const ResourceRequest& request, const CurlResponse& response) > { > static const auto setCookieHeader = "set-cookie: "; > >@@ -94,7 +94,7 @@ static void handleCookieHeaders(ResourceHandleInternal* d, const CurlResponse& r > for (const auto& header : response.headers) { > if (header.startsWithIgnoringASCIICase(setCookieHeader)) { > const auto contents = header.right(header.length() - strlen(setCookieHeader)); >- cookieJar.setCookiesFromHTTPResponse(storageSession, response.url, contents); >+ cookieJar.setCookiesFromHTTPResponse(storageSession, request.firstPartyForCookies(), response.url, contents); > } > } > } >@@ -112,7 +112,7 @@ void CurlResourceHandleDelegate::curlDidReceiveResponse(CurlRequest& request, co > m_response.setCertificateInfo(request.certificateInfo().isolatedCopy()); > m_response.setDeprecatedNetworkLoadMetrics(request.networkLoadMetrics().isolatedCopy()); > >- handleCookieHeaders(d(), receivedResponse); >+ handleCookieHeaders(d(), request.resourceRequest(), receivedResponse); > > if (m_response.shouldRedirect()) { > m_handle.willSendRequest(); >diff --git a/Source/WebKit/NetworkProcess/Cookies/curl/WebCookieManagerCurl.cpp b/Source/WebKit/NetworkProcess/Cookies/curl/WebCookieManagerCurl.cpp >index eb6bff1fcae02bc50da7be5a4bc091cf67dc9b27..4a829c26461551a7bd5f2b00326db56c6139e360 100644 >--- a/Source/WebKit/NetworkProcess/Cookies/curl/WebCookieManagerCurl.cpp >+++ b/Source/WebKit/NetworkProcess/Cookies/curl/WebCookieManagerCurl.cpp >@@ -26,16 +26,51 @@ > #include "config.h" > #include "WebCookieManager.h" > >+#include "NetworkProcess.h" >+#include <WebCore/NetworkStorageSession.h> >+ > namespace WebKit { > > using namespace WebCore; > >-void WebCookieManager::platformSetHTTPCookieAcceptPolicy(HTTPCookieAcceptPolicy) >+void WebCookieManager::platformSetHTTPCookieAcceptPolicy(HTTPCookieAcceptPolicy policy) > { >+ CookieAcceptPolicy curlPolicy = CookieAcceptPolicy::OnlyFromMainDocumentDomain; >+ switch (policy) { >+ case HTTPCookieAcceptPolicyAlways: >+ curlPolicy = CookieAcceptPolicy::Always; >+ break; >+ case HTTPCookieAcceptPolicyNever: >+ curlPolicy = CookieAcceptPolicy::Never; >+ break; >+ case HTTPCookieAcceptPolicyOnlyFromMainDocumentDomain: >+ curlPolicy = CookieAcceptPolicy::OnlyFromMainDocumentDomain; >+ break; >+ case HTTPCookieAcceptPolicyExclusivelyFromMainDocumentDomain: >+ curlPolicy = CookieAcceptPolicy::ExclusivelyFromMainDocumentDomain; >+ break; >+ } >+ >+ m_process.forEachNetworkStorageSession([curlPolicy] (const auto& networkStorageSession) { >+ networkStorageSession.cookieStorage().setCookieAcceptPolicy(networkStorageSession, curlPolicy); >+ }); > } > > HTTPCookieAcceptPolicy WebCookieManager::platformGetHTTPCookieAcceptPolicy() > { >+ const auto& networkStorageSession = m_process.defaultStorageSession(); >+ switch (networkStorageSession.cookieStorage().cookieAcceptPolicy(networkStorageSession)) { >+ case CookieAcceptPolicy::Always: >+ return HTTPCookieAcceptPolicyAlways; >+ case CookieAcceptPolicy::Never: >+ return HTTPCookieAcceptPolicyNever; >+ case CookieAcceptPolicy::OnlyFromMainDocumentDomain: >+ return HTTPCookieAcceptPolicyOnlyFromMainDocumentDomain; >+ case CookieAcceptPolicy::ExclusivelyFromMainDocumentDomain: >+ return HTTPCookieAcceptPolicyExclusivelyFromMainDocumentDomain; >+ } >+ >+ ASSERT_NOT_REACHED(); > return HTTPCookieAcceptPolicyOnlyFromMainDocumentDomain; > } > >diff --git a/Source/WebKit/NetworkProcess/curl/NetworkDataTaskCurl.cpp b/Source/WebKit/NetworkProcess/curl/NetworkDataTaskCurl.cpp >index 67786fd9c20f1f37b036e4bb20fd28aa65cd4af9..5ee059e1530528b1b3fc7d486aeb94721ed7abd3 100644 >--- a/Source/WebKit/NetworkProcess/curl/NetworkDataTaskCurl.cpp >+++ b/Source/WebKit/NetworkProcess/curl/NetworkDataTaskCurl.cpp >@@ -149,7 +149,7 @@ void NetworkDataTaskCurl::curlDidReceiveResponse(CurlRequest& request, const Cur > m_response = ResourceResponse(receivedResponse); > m_response.setDeprecatedNetworkLoadMetrics(request.networkLoadMetrics().isolatedCopy()); > >- handleCookieHeaders(receivedResponse); >+ handleCookieHeaders(request.resourceRequest(), receivedResponse); > > if (m_response.shouldRedirect()) { > willPerformHTTPRedirection(); >@@ -436,7 +436,7 @@ void NetworkDataTaskCurl::appendCookieHeader(WebCore::ResourceRequest& request) > request.addHTTPHeaderField(HTTPHeaderName::Cookie, cookieHeaderField); > } > >-void NetworkDataTaskCurl::handleCookieHeaders(const CurlResponse& response) >+void NetworkDataTaskCurl::handleCookieHeaders(const WebCore::ResourceRequest& request, const CurlResponse& response) > { > static const auto setCookieHeader = "set-cookie: "; > >@@ -445,7 +445,7 @@ void NetworkDataTaskCurl::handleCookieHeaders(const CurlResponse& response) > for (auto header : response.headers) { > if (header.startsWithIgnoringASCIICase(setCookieHeader)) { > String setCookieString = header.right(header.length() - strlen(setCookieHeader)); >- cookieJar.setCookiesFromHTTPResponse(storageSession, response.url, setCookieString); >+ cookieJar.setCookiesFromHTTPResponse(storageSession, request.firstPartyForCookies(), response.url, setCookieString); > } > } > } >diff --git a/Source/WebKit/NetworkProcess/curl/NetworkDataTaskCurl.h b/Source/WebKit/NetworkProcess/curl/NetworkDataTaskCurl.h >index 3c07de5184998e4c158e9ef7bdafa83aea9eeba1..5fdb792d72f3ed859f05dffdd66c2c47886f5d62 100644 >--- a/Source/WebKit/NetworkProcess/curl/NetworkDataTaskCurl.h >+++ b/Source/WebKit/NetworkProcess/curl/NetworkDataTaskCurl.h >@@ -79,7 +79,7 @@ private: > void restartWithCredential(const WebCore::ProtectionSpace&, const WebCore::Credential&); > > void appendCookieHeader(WebCore::ResourceRequest&); >- void handleCookieHeaders(const WebCore::CurlResponse&); >+ void handleCookieHeaders(const WebCore::ResourceRequest&, const WebCore::CurlResponse&); > > State m_state { State::Suspended }; > >diff --git a/Tools/ChangeLog b/Tools/ChangeLog >index cbeaba2741cbb0d89f248c52b79443e90d950c68..f5ab1b7075f7e4436a79abd871de6fd629eb8980 100644 >--- a/Tools/ChangeLog >+++ b/Tools/ChangeLog >@@ -1,3 +1,13 @@ >+2019-02-18 Takashi Komori <Takashi.Komori@sony.com> >+ >+ [Curl] Implement Cookie Accept Policy. >+ https://bugs.webkit.org/show_bug.cgi?id=191645 >+ >+ Reviewed by NOBODY (OOPS!). >+ >+ * TestWebKitAPI/Tests/WebCore/curl/Cookies.cpp: >+ (TestWebKitAPI::Curl::TEST_F): >+ > 2019-02-15 Youenn Fablet <youenn@apple.com> > > Make navigator.mediaDevices SecureContext >diff --git a/Tools/TestWebKitAPI/Tests/WebCore/curl/Cookies.cpp b/Tools/TestWebKitAPI/Tests/WebCore/curl/Cookies.cpp >index b40b0d5a0a5e5fb5f4919a3da2c2fed6fcbc1c4e..b9ca699914d5800e2e8f68abac8de98f9537cd21 100644 >--- a/Tools/TestWebKitAPI/Tests/WebCore/curl/Cookies.cpp >+++ b/Tools/TestWebKitAPI/Tests/WebCore/curl/Cookies.cpp >@@ -46,7 +46,7 @@ public: > > m_cookieJar = std::make_unique<WebCore::CookieJarDB>(FileSystem::pathByAppendingComponent(m_cookieDirectory, "cookiedb.sql")); > m_cookieJar->open(); >- m_cookieJar->setEnabled(true); >+ m_cookieJar->setAcceptPolicy(CookieAcceptPolicy::Always); > } > > void TearDown() final >@@ -65,25 +65,25 @@ protected: > TEST_F(CurlCookies, RejectTailmatchFailureDomain) > { > // success: domain match >- EXPECT_TRUE(m_cookieJar->setCookie("http://example.com", "foo=bar; Domain=example.com", CookieJarDB::Source::Network)); >+ EXPECT_TRUE(m_cookieJar->setCookie("http://example.com", "http://example.com", "foo=bar; Domain=example.com", CookieJarDB::Source::Network)); > // success: wildcard of domains >- EXPECT_TRUE(m_cookieJar->setCookie("http://example.com", "foo=bar; Domain=.example.com", CookieJarDB::Source::Network)); >+ EXPECT_TRUE(m_cookieJar->setCookie("http://example.com", "http://example.com", "foo=bar; Domain=.example.com", CookieJarDB::Source::Network)); > // failure: specific sub domain >- EXPECT_FALSE(m_cookieJar->setCookie("http://example.com", "foo=bar; Domain=www.example.com", CookieJarDB::Source::Network)); >+ EXPECT_FALSE(m_cookieJar->setCookie("http://example.com", "http://example.com", "foo=bar; Domain=www.example.com", CookieJarDB::Source::Network)); > // failure: different domain >- EXPECT_FALSE(m_cookieJar->setCookie("http://example.com", "foo=bar; Domain=sample.com", CookieJarDB::Source::Network)); >+ EXPECT_FALSE(m_cookieJar->setCookie("http://example.com", "http://example.com", "foo=bar; Domain=sample.com", CookieJarDB::Source::Network)); > } > > TEST_F(CurlCookies, TestHttpOnlyCase) > { > // success: from network >- EXPECT_TRUE(m_cookieJar->setCookie("http://example.com", "foo=bar; HttpOnly", CookieJarDB::Source::Network)); >+ EXPECT_TRUE(m_cookieJar->setCookie("http://example.com", "http://example.com", "foo=bar; HttpOnly", CookieJarDB::Source::Network)); > // success: wildcard of domains >- EXPECT_TRUE(m_cookieJar->setCookie("http://example.com", "bingo=bongo;", CookieJarDB::Source::Script)); >+ EXPECT_TRUE(m_cookieJar->setCookie("http://example.com", "http://example.com", "bingo=bongo;", CookieJarDB::Source::Script)); > // failure: foo is already stored as HttpOnly >- EXPECT_FALSE(m_cookieJar->setCookie("http://example.com", "foo=bar;", CookieJarDB::Source::Script)); >+ EXPECT_FALSE(m_cookieJar->setCookie("http://example.com", "http://example.com", "foo=bar;", CookieJarDB::Source::Script)); > // failure: inconsistent. Source is Script, but attribute says HttpOnly >- EXPECT_FALSE(m_cookieJar->setCookie("http://example.com", "foo=bar; HttpOnly", CookieJarDB::Source::Script)); >+ EXPECT_FALSE(m_cookieJar->setCookie("http://example.com", "http://example.com", "foo=bar; HttpOnly", CookieJarDB::Source::Script)); > } > > } >diff --git a/LayoutTests/ChangeLog b/LayoutTests/ChangeLog >index 7ede490c37be87ce7d520182a0c39e53db63d898..4d8cd8a39adce98f1160d334a8ccb294a462a4d5 100644 >--- a/LayoutTests/ChangeLog >+++ b/LayoutTests/ChangeLog >@@ -1,3 +1,12 @@ >+2019-02-18 Takashi Komori <Takashi.Komori@sony.com> >+ >+ [Curl] Implement Cookie Accept Policy. >+ https://bugs.webkit.org/show_bug.cgi?id=191645 >+ >+ Reviewed by NOBODY (OOPS!). >+ >+ * platform/wincairo/TestExpectations: >+ > 2019-02-15 Per Arne Vollan <pvollan@apple.com> > > Layout Test accessibility/loading-iframe-sends-notification.html is timing out >diff --git a/LayoutTests/platform/wincairo/TestExpectations b/LayoutTests/platform/wincairo/TestExpectations >index 5a168dfafc11dcfdcdc38de720a0f8199d81f6c5..f53116e56518061b0f4d459731baf2778fab95bd 100644 >--- a/LayoutTests/platform/wincairo/TestExpectations >+++ b/LayoutTests/platform/wincairo/TestExpectations >@@ -862,6 +862,7 @@ http/tests/cookies/double-quoted-value-with-semi-colon.html [ Failure ] > http/tests/cookies/http-get-cookie-set-in-js.html [ Pass Failure ] > http/tests/cookies/multiple-cookies.html [ Pass Failure ] > http/tests/cookies/multiple-redirect-and-set-cookie.php [ Pass Failure ] >+http/tests/cookies/only-accept-first-party-cookies.html [ Pass Failure ] > http/tests/cookies/private-cookie-storage.html [ Skip ] > http/tests/cookies/same-site [ Skip ] > http/tests/cookies/set-cookie-on-redirect.html [ Pass Failure ] >@@ -869,7 +870,7 @@ http/tests/cookies/simple-cookies-expired.html [ Pass Failure ] > http/tests/cookies/simple-cookies-max-age.html [ Pass Failure ] > http/tests/cookies/single-quoted-value.html [ Pass Failure ] > http/tests/cookies/sync-xhr-set-cookie-invalidates-cache.html [ Pass Failure ] >-http/tests/cookies/third-party-cookie-relaxing.html [ Failure ] >+http/tests/cookies/third-party-cookie-relaxing.html [ Pass Failure ] > > [ Debug ] http/tests/cookies/js-get-and-set-http-only-cookie.html [ Skip ] > >@@ -930,7 +931,13 @@ http/tests/pointer-lock [ Skip ] > http/tests/preconnect [ Skip ] > http/tests/preload [ Skip ] > http/tests/quicklook [ Skip ] >+ > http/tests/security [ Skip ] >+http/tests/security/cookies/third-party-cookie-blocking-redirect.html [ Pass Failure ] >+http/tests/security/cookies/third-party-cookie-blocking-user-action.html [ Pass Failure ] >+http/tests/security/cookies/third-party-cookie-blocking-xslt.xml [ Pass Failure ] >+http/tests/security/cookies/third-party-cookie-blocking.html [ Pass Failure ] >+ > http/tests/ssl [ Skip ] > > [ Debug ] http/tests/storage/callbacks-are-called-in-correct-context.html [ Skip ]
<b>You cannot view the attachment while viewing its details because your browser does not support IFRAMEs. <a href="attachment.cgi?id=362282">View the attachment on a separate page</a>.</b>
View Attachment As Diff
View Attachment As Raw
Actions:
View
|
Formatted Diff
|
Diff
Attachments on
bug 191645
:
361383
|
362282
|
362283
|
362288
|
362484
|
362682
|
362684
|
362979
|
363211
|
363220
|
363499
|
363580
|
363593
|
363599
|
363614