WebKit Bugzilla
Attachment 372576 Details for
Bug 199074
: Storage Access API: Cap the number of times an iframe document can request access
Home
|
New
|
Browse
|
Search
|
[?]
|
Reports
|
Requests
|
Help
|
New Account
|
Log In
Remember
[x]
|
Forgot Password
Login:
[x]
[patch]
Patch
bug-199074-20190620114656.patch (text/plain), 4.20 KB, created by
John Wilander
on 2019-06-20 11:46:57 PDT
(
hide
)
Description:
Patch
Filename:
MIME Type:
Creator:
John Wilander
Created:
2019-06-20 11:46:57 PDT
Size:
4.20 KB
patch
obsolete
>Subversion Revision: 246640 >diff --git a/Source/WebCore/ChangeLog b/Source/WebCore/ChangeLog >index f57a17d04d4bfc2dd98085169da69770bf82049b..104da6d35feaa28c038bbfc2e11423bc11fbbf5f 100644 >--- a/Source/WebCore/ChangeLog >+++ b/Source/WebCore/ChangeLog >@@ -1,3 +1,30 @@ >+2019-06-20 John Wilander <wilander@apple.com> >+ >+ Storage Access API: Cap the number of times an iframe document can request access >+ https://bugs.webkit.org/show_bug.cgi?id=199074 >+ <rdar://problem/51857195> >+ >+ Reviewed by NOBODY (OOPS!). >+ >+ Tested manually. >+ >+ This change just adds a counter to the number of times the user explicitly >+ denies storage access and returns early if the counter has reached the limit >+ of 2. >+ >+ We hoped that iframes that request storage access would count the number >+ of times the user has been asked and not repeat the request over and over. >+ However, we're seeing pretty aggressive use of the API and users are >+ complaining. Therefore, we need a cap on how many times an iframed >+ document can ask if it is explicitly denied access by the user. >+ >+ This is a first measure. If we see continued aggressive use of the API, >+ we'll have to consider more drastic measures. >+ >+ * dom/DocumentStorageAccess.cpp: >+ (WebCore::DocumentStorageAccess::requestStorageAccess): >+ * dom/DocumentStorageAccess.h: >+ > 2019-06-20 Saam Barati <sbarati@apple.com> > > Unreviewed. Speculative build fix for watchOS after r246631. >diff --git a/Source/WebCore/dom/DocumentStorageAccess.cpp b/Source/WebCore/dom/DocumentStorageAccess.cpp >index 4a33aa90f9d2fe47782bebd8be35784bc06e6d85..81efb10d5e76edb6f6d383530051d29c388eafdb 100644 >--- a/Source/WebCore/dom/DocumentStorageAccess.cpp >+++ b/Source/WebCore/dom/DocumentStorageAccess.cpp >@@ -128,7 +128,7 @@ void DocumentStorageAccess::requestStorageAccess(Ref<DeferredPromise>&& promise) > return; > } > >- if (!m_document.frame() || m_document.securityOrigin().isUnique()) { >+ if (!m_document.frame() || m_document.securityOrigin().isUnique() || !isAllowedToRequestFrameSpecificStorageAccess()) { > promise->reject(); > return; > } >@@ -192,8 +192,11 @@ void DocumentStorageAccess::requestStorageAccess(Ref<DeferredPromise>&& promise) > if (wasGranted == StorageAccessWasGranted::Yes) { > document->setHasFrameSpecificStorageAccess(true); > promise->resolve(); >- } else >+ } else { >+ if (promptWasShown == StorageAccessPromptWasShown::Yes) >+ document->setWasExplicitlyDeniedFrameSpecificStorageAccess(); > promise->reject(); >+ } > > if (shouldPreserveUserGesture) { > MicrotaskQueue::mainThreadQueue().append(std::make_unique<VoidMicrotask>([documentReference = WTFMove(documentReference)] () { >diff --git a/Source/WebCore/dom/DocumentStorageAccess.h b/Source/WebCore/dom/DocumentStorageAccess.h >index 6a6f8c19d38aac330cef5ad4d33875ae5315a45c..ce7f3100bbeea98795bf3c276f8c3e06fe04bd9b 100644 >--- a/Source/WebCore/dom/DocumentStorageAccess.h >+++ b/Source/WebCore/dom/DocumentStorageAccess.h >@@ -46,6 +46,8 @@ enum class StorageAccessPromptWasShown : bool { > Yes > }; > >+const unsigned maxNumberOfTimesExplicitlyDeniedFrameSpecificStorageAccess = 2; >+ > class DocumentStorageAccess final : public Supplement<Document>, public CanMakeWeakPtr<DocumentStorageAccess> { > WTF_MAKE_FAST_ALLOCATED; > public: >@@ -64,12 +66,16 @@ private: > static const char* supplementName(); > bool hasFrameSpecificStorageAccess() const; > void setHasFrameSpecificStorageAccess(bool); >+ void setWasExplicitlyDeniedFrameSpecificStorageAccess() { ++m_numberOfTimesExplicitlyDeniedFrameSpecificStorageAccess; }; >+ bool isAllowedToRequestFrameSpecificStorageAccess() { return m_numberOfTimesExplicitlyDeniedFrameSpecificStorageAccess < maxNumberOfTimesExplicitlyDeniedFrameSpecificStorageAccess; }; > void enableTemporaryTimeUserGesture(); > void consumeTemporaryTimeUserGesture(); > > std::unique_ptr<UserGestureIndicator> m_temporaryUserGesture; > > Document& m_document; >+ >+ uint8_t m_numberOfTimesExplicitlyDeniedFrameSpecificStorageAccess = 0; > }; > > } // namespace WebCore
<b>You cannot view the attachment while viewing its details because your browser does not support IFRAMEs. <a href="attachment.cgi?id=372576">View the attachment on a separate page</a>.</b>
View Attachment As Diff
View Attachment As Raw
Actions:
View
|
Formatted Diff
|
Diff
Attachments on
bug 199074
: 372576