Only use ephemeral storage when storage would otherwise be blocked #7207
Conversation
mrobinson
changed the title
|
This PR will need to be rebased and also include support for network cookies and |
cathiechen
force-pushed
the
ephemeral-dom-storage-flag
branch
from
e28d018
to
3ab6e3e
Compare
Instead of using ephemeral storage for all unblocked third-party frame storage, only use ephemeral storage when third-party storage is blocked. This means that turning on the ephemeral storage flag will always replaced blocked storage in third-party frames with an ephemeral version, regardless of other settings.
cathiechen
force-pushed
the
ephemeral-dom-storage-flag
branch
from
98c6a1e
to
34d0708
Compare
|
Hi @bridiver @iefremov @mrobinson, I think this patch is ready to review now. |
|
|
||
| #define BRAVE_STORAGE_CONTROLLER_H \ | ||
| public: \ | ||
| static bool CanAccessStorageAreaWithoutEphemeralStorage( \ |
There was a problem hiding this comment.
why is this a static method on StorageController? I can't see any reason for it to be part of StorageController and seems like it would work just as well as an anonymous method added to dom_window_storage.cc
There was a problem hiding this comment.
Hmm, IIUC, CanAccessStorageAreaWithoutEphemeralStorage replaces the original CanAccessStorageArea in storage_controller.h. And the current CanAccessStorageArea returns true if cookie allowed or ephemeral flag enabled.
It seems we can't move this to dom_window_storage.cc, for the StorageArea::CanAccessStorage() needs it.
There was a problem hiding this comment.
then it can just be a regular method and not a static method on a class that requires a patch
There was a problem hiding this comment.
OK, this change has been removed in the new patch.
| return task_runner_; | ||
| } | ||
|
|
||
| + BRAVE_STORAGE_CONTROLLER_H |
There was a problem hiding this comment.
| } | ||
| }; | ||
|
|
||
| IN_PROC_BROWSER_TEST_F(EphemeralStorageDisabledBrowserTest, |
There was a problem hiding this comment.
you have two tests with the same name ThirdPartyCookiesEnabled
There was a problem hiding this comment.
They are distinguished by the test class names (EphemeralStorageBrowserTest and EphemeralStorageDisabledBrowserTest). So do you prefer to point out the ephemeral flag values explicitly in the test names?
| EXPECT_EQ("from=b.com", site_a_tab_values.iframe_2.cookies); | ||
| } | ||
|
|
||
| IN_PROC_BROWSER_TEST_F(EphemeralStorageBrowserTest, |
There was a problem hiding this comment.
I don't know what "NavigateCookies" is supposed to mean here or "Enabled". Does "Enabled" mean the setting is enabled or that third party cookies are allowed? Using "Blocked" or "Allowed" I think is more useful here. Also it's helpful if you describe the behavior like "UseEphemeralStorageWhenThirdPartyCookiesAreBlocked"
| return task_runner_; | ||
| } | ||
|
|
||
| + BRAVE_STORAGE_CONTROLLER_H |
There was a problem hiding this comment.
@bridiver suggested that this might be able to be removed entirely by just moving CanAccessStorageAreaWithoutEphemeralStorage into chromium_src/third_party/blink/renderer/modules/storage/dom_window_storage.cc.
There was a problem hiding this comment.
Made an explanation in https://github.com/brave/brave-core/pull/7207/files#r546193351
| EXPECT_EQ("from=b.com", site_a_tab_values.iframe_2.cookies); | ||
| } | ||
|
|
||
| IN_PROC_BROWSER_TEST_F(EphemeralStorageDisabledBrowserTest, |
There was a problem hiding this comment.
this also looks like a duplicate test name
| @@ -554,3 +584,212 @@ IN_PROC_BROWSER_TEST_F(EphemeralStorageBrowserTest, | |||
| EXPECT_EQ("third-party-a.com", third_party_values.session_storage); | |||
| EXPECT_EQ("name=third-party-a.com", third_party_values.cookies); | |||
| } | |||
|
|
|||
There was a problem hiding this comment.
you also need to test shield and chromium site overrides for block all and block 3p based on the discussion we had with @pes10k about that behavior
There was a problem hiding this comment.
also you don't have any tests for BlockAll and I'm fairly certain they won't work correctly with these changes
There was a problem hiding this comment.
So all storage should not be accessible when BlockAll cookies, no matter ephemeral flags on or off?
OK, will do.
|
|
||
| bool can_get_cookies = | ||
| (request_info_.privacy_mode == PRIVACY_MODE_DISABLED && CanGetCookies()); | ||
| + BRAVE_SETCOOKIEHEADERANDSTART |
There was a problem hiding this comment.
this patch can probably be eliminated by changing the subclass of URLRequestHttpJob and overriding CanGetCookies
There was a problem hiding this comment.
CanGetCookies probably cannot be overridden since it isn't virtual, but I guess it's possible to create a new version of this function or a new method, perhaps with the preprocessor.
There was a problem hiding this comment.
It seems that putting this in url_request_http_job.cc is sufficient to remove the patch.
+#define CanGetCookies() \
+ (CanGetCookies() || CanUseEphemeralStorage(this))
+Then, of course, #undef CanGetCookies at the end of the file.
There was a problem hiding this comment.
@mrobinson that would also work, but I think you still have the problem discussed in slack of differentiating between block 3p and block all
There was a problem hiding this comment.
@mrobinson that is a good idea though and I think we can still use it per the dm discussion with || true
…ges including ephemeral ones
|
Hi, PTAL, thanks! |
|
Hi,
|
|
closed in favor of #7647 |
Resolves brave/brave-browser#12789
Submitter Checklist:
QA/YesorQA/No;release-notes/includeorrelease-notes/exclude;OS/...) to the associated issuenpm run test -- brave_browser_tests,npm run test -- brave_unit_tests,npm run lint,npm run gn_check,npm run tslintgit rebase master(if needed).Reviewer Checklist:
gnAfter-merge Checklist:
changes has landed on.
Test Plan: