Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Let document.hasStorageAccess check whether the Document already has unpartitioned data access #174

Merged
merged 21 commits into from
Aug 21, 2023

Conversation

shuranhuang
Copy link
Contributor

@shuranhuang shuranhuang commented Jun 13, 2023

This commits tries to make hSA match the description in the spec that “This specification defines a method to query whether or not a Document currently has access to its unpartitioned data (hasStorageAccess()) …” by including a check of whether the user agent allows the document to access unpartitioned data based on user settings.

Fixes #171

(See WHATWG Working Mode: Changes for more details.)


Preview | Diff

@shuranhuang shuranhuang marked this pull request as ready for review June 13, 2023 19:36
chromium-wpt-export-bot pushed a commit to web-platform-tests/wpt that referenced this pull request Jun 13, 2023
This change is based on spec PR
privacycg/storage-access#174.

Bug: 1433013
Change-Id: I6c29b2a2afddb288d40d946040dc73fbe76b6fcb
Copy link
Collaborator

@annevk annevk left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Thanks for tackling this, but I think this needs a bit more work.

storage-access.bs Outdated Show resolved Hide resolved
storage-access.bs Outdated Show resolved Hide resolved
storage-access.bs Outdated Show resolved Hide resolved
storage-access.bs Outdated Show resolved Hide resolved
storage-access.bs Outdated Show resolved Hide resolved
chromium-wpt-export-bot pushed a commit to web-platform-tests/wpt that referenced this pull request Jun 14, 2023
This change is based on spec PR
privacycg/storage-access#174.

Bug: 1433013
Change-Id: I6c29b2a2afddb288d40d946040dc73fbe76b6fcb
chromium-wpt-export-bot pushed a commit to web-platform-tests/wpt that referenced this pull request Jun 14, 2023
This change is based on spec PR
privacycg/storage-access#174.

Bug: 1433013
Change-Id: I6c29b2a2afddb288d40d946040dc73fbe76b6fcb
Copy link
Collaborator

@annevk annevk left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

This looks better, but:

  1. The state you grab from the global you could grab directly in the steps of the task. With what you do now you look at a cached value, which I guess theoretically could have changed. If you meant to do that, a note would help.
  2. The user agent settings shouldn't be grabbed as part of the task steps. You want to grab them while in parallel.
  3. Is "unpartitioned data" correct? We're just dealing with cookies here, right?

@shuranhuang
Copy link
Contributor Author

Thanks!
I used "unpartitioned data" here to align with the description of the API definition:

This specification defines a method to query whether or not a {{Document}} currently has access to its [=unpartitioned data=] ({{Document/hasStorageAccess()}}), and a method that can be used to request access to its [=unpartitioned data=] ({{Document/requestStorageAccess()}}).
. But you are right that we are just dealing with cookies for this change. Changed it to use "unpartitioned cookie" in the latest commit. PTAL!

storage-access.bs Outdated Show resolved Hide resolved
storage-access.bs Outdated Show resolved Hide resolved
chromium-wpt-export-bot pushed a commit to web-platform-tests/wpt that referenced this pull request Jun 15, 2023
…n hasStorageAccess()

This change is based on spec PR
privacycg/storage-access#174.

Bug: 1433013
Change-Id: I6c29b2a2afddb288d40d946040dc73fbe76b6fcb
storage-access.bs Outdated Show resolved Hide resolved
chromium-wpt-export-bot pushed a commit to web-platform-tests/wpt that referenced this pull request Jun 16, 2023
…n hasStorageAccess()

This change is based on spec PR
privacycg/storage-access#174.

Bug: 1433013
Change-Id: I6c29b2a2afddb288d40d946040dc73fbe76b6fcb
@Rickyoperio

This comment was marked as spam.

@shuranhuang shuranhuang requested review from annevk and johannhof June 21, 2023 14:26
chromium-wpt-export-bot pushed a commit to web-platform-tests/wpt that referenced this pull request Jun 23, 2023
This change is based on spec PR
privacycg/storage-access#174.

Bug: 1433013
Change-Id: I6c29b2a2afddb288d40d946040dc73fbe76b6fcb
aarongable pushed a commit to chromium/chromium that referenced this pull request Jun 23, 2023
This change is based on spec PR
privacycg/storage-access#174.

Bug: 1433013
Change-Id: I6c29b2a2afddb288d40d946040dc73fbe76b6fcb
Reviewed-on: https://chromium-review.googlesource.com/c/chromium/src/+/4611289
Reviewed-by: Mason Freed <[email protected]>
Commit-Queue: Shuran Huang <[email protected]>
Reviewed-by: Chris Fredrickson <[email protected]>
Cr-Commit-Position: refs/heads/main@{#1161766}
chromium-wpt-export-bot pushed a commit to web-platform-tests/wpt that referenced this pull request Jun 23, 2023
This change is based on spec PR
privacycg/storage-access#174.

Bug: 1433013
Change-Id: I6c29b2a2afddb288d40d946040dc73fbe76b6fcb
Reviewed-on: https://chromium-review.googlesource.com/c/chromium/src/+/4611289
Reviewed-by: Mason Freed <[email protected]>
Commit-Queue: Shuran Huang <[email protected]>
Reviewed-by: Chris Fredrickson <[email protected]>
Cr-Commit-Position: refs/heads/main@{#1161766}
chromium-wpt-export-bot pushed a commit to web-platform-tests/wpt that referenced this pull request Jun 23, 2023
This change is based on spec PR
privacycg/storage-access#174.

Bug: 1433013
Change-Id: I6c29b2a2afddb288d40d946040dc73fbe76b6fcb
Reviewed-on: https://chromium-review.googlesource.com/c/chromium/src/+/4611289
Reviewed-by: Mason Freed <[email protected]>
Commit-Queue: Shuran Huang <[email protected]>
Reviewed-by: Chris Fredrickson <[email protected]>
Cr-Commit-Position: refs/heads/main@{#1161766}
storage-access.bs Outdated Show resolved Hide resolved
storage-access.bs Outdated Show resolved Hide resolved
storage-access.bs Outdated Show resolved Hide resolved
storage-access.bs Outdated Show resolved Hide resolved
storage-access.bs Outdated Show resolved Hide resolved
shuranhuang and others added 2 commits June 29, 2023 10:22
Co-authored-by: Johann Hofmann <[email protected]>
Co-authored-by: Johann Hofmann <[email protected]>
shuranhuang and others added 5 commits July 5, 2023 22:22
@shuranhuang shuranhuang requested a review from johannhof July 6, 2023 02:28
Copy link
Member

@johannhof johannhof left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

LGTM but would like to wait on @annevk's review before merging.

storage-access.bs Show resolved Hide resolved

1. If the user agent does not have explicit settings for unpartitioned cookie access for |tuple|, return "none".
1. If the user agent's settings explicitly allow unpartitioned cookie access for |tuple|, return "allow".
1. If the user agent's settings explicitly disallow unpartitioned cookie access for |tuple|, return "disallow".
Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I guess "disallow" is unused here now, but we might use it if we re-use this algorithm for rSA later?

Copy link
Contributor Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

That's right. "disallow" is not checked here explicitly, but we can add

  1. If |explicitSetting| is "disallow", [=/resolve=] |p| with false.

if that's clearer/preferred.

Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Hmm not sure, it seems unnecessary to add there. It's probably fine like this? Maybe @annevk has a preference...

Copy link
Collaborator

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I'm somewhat surprised this has explicit "allow". I thought that was always subject to requestStorageAccess() for child frames?

Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

There are user agent settings that disable 3PC blocking (e.g. in Safari IIRC) or allow-list specific sites (e.g. in Firefox and Chrome), how else would we represent those?

moz-v2v-gh pushed a commit to mozilla/gecko-dev that referenced this pull request Jul 6, 2023
…y check in hasStorageAccess(), a=testonly

Automatic update from web-platform-tests
Include unpartitioned cookie availability check in hasStorageAccess()

This change is based on spec PR
privacycg/storage-access#174.

Bug: 1433013
Change-Id: I6c29b2a2afddb288d40d946040dc73fbe76b6fcb
Reviewed-on: https://chromium-review.googlesource.com/c/chromium/src/+/4611289
Reviewed-by: Mason Freed <[email protected]>
Commit-Queue: Shuran Huang <[email protected]>
Reviewed-by: Chris Fredrickson <[email protected]>
Cr-Commit-Position: refs/heads/main@{#1161766}

--

wpt-commits: 2cf035c769f58ead31c5c11c737b4b5c6e6aed88
wpt-pr: 40531
msizanoen1 pushed a commit to qtmlabs/chromium that referenced this pull request Jul 7, 2023
…rageAccess()

This change is based on spec PR
privacycg/storage-access#174.

(cherry picked from commit 120b35b)

Bug: 1433013
Change-Id: I6c29b2a2afddb288d40d946040dc73fbe76b6fcb
Reviewed-on: https://chromium-review.googlesource.com/c/chromium/src/+/4611289
Reviewed-by: Mason Freed <[email protected]>
Commit-Queue: Shuran Huang <[email protected]>
Reviewed-by: Chris Fredrickson <[email protected]>
Cr-Original-Commit-Position: refs/heads/main@{#1161766}
Reviewed-on: https://chromium-review.googlesource.com/c/chromium/src/+/4665808
Auto-Submit: Shuran Huang <[email protected]>
Reviewed-by: Dominic Farolino <[email protected]>
Commit-Queue: Dominic Farolino <[email protected]>
Cr-Commit-Position: refs/branch-heads/5845@{#322}
Cr-Branched-From: 5a5dff6-refs/heads/main@{#1160321}
ErichDonGubler pushed a commit to erichdongubler-mozilla/firefox that referenced this pull request Jul 7, 2023
…y check in hasStorageAccess(), a=testonly

Automatic update from web-platform-tests
Include unpartitioned cookie availability check in hasStorageAccess()

This change is based on spec PR
privacycg/storage-access#174.

Bug: 1433013
Change-Id: I6c29b2a2afddb288d40d946040dc73fbe76b6fcb
Reviewed-on: https://chromium-review.googlesource.com/c/chromium/src/+/4611289
Reviewed-by: Mason Freed <[email protected]>
Commit-Queue: Shuran Huang <[email protected]>
Reviewed-by: Chris Fredrickson <[email protected]>
Cr-Commit-Position: refs/heads/main@{#1161766}

--

wpt-commits: 2cf035c769f58ead31c5c11c737b4b5c6e6aed88
wpt-pr: 40531
@shuranhuang
Copy link
Contributor Author

Friendly ping on this @annevk :)

Copy link
Collaborator

@annevk annevk left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Didn't we want to make hasStorageAccess() reflect deny states for the top-level document as well? It seems earlier steps of hasStorageAccess() end up returning early with true.

storage-access.bs Outdated Show resolved Hide resolved

1. If the user agent does not have explicit settings for unpartitioned cookie access for |tuple|, return "none".
1. If the user agent's settings explicitly allow unpartitioned cookie access for |tuple|, return "allow".
1. If the user agent's settings explicitly disallow unpartitioned cookie access for |tuple|, return "disallow".
Copy link
Collaborator

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I'm somewhat surprised this has explicit "allow". I thought that was always subject to requestStorageAccess() for child frames?

@johannhof
Copy link
Member

Didn't we want to make hasStorageAccess() reflect deny states for the top-level document as well? It seems earlier steps of hasStorageAccess() end up returning early with true.

Hmm I don't think that was an expectation on my end. I do see SAA primarily as a mechanism governing cross-site data access, not same-site (or same authority). FWIW I'd be okay with punting on a follow-up.

@shuranhuang shuranhuang requested a review from annevk July 12, 2023 14:48
@shuranhuang
Copy link
Contributor Author

@annevk PTAL the latest version.

…hecked only if user settings do not explicitly allow/disallow
aarongable pushed a commit to chromium/chromium that referenced this pull request Jul 24, 2023
Since we should always take user settings into account.

This change is based on spec PR
privacycg/storage-access#174.

Bug: 1433013
Change-Id: I76a4fe5841c6ac1c566cbb2fa34298832a6f7da0
Reviewed-on: https://chromium-review.googlesource.com/c/chromium/src/+/4705048
Reviewed-by: Johann Hofmann <[email protected]>
Reviewed-by: Chris Fredrickson <[email protected]>
Commit-Queue: Shuran Huang <[email protected]>
Reviewed-by: Dominic Farolino <[email protected]>
Cr-Commit-Position: refs/heads/main@{#1174378}
storage-access.bs Outdated Show resolved Hide resolved
storage-access.bs Outdated Show resolved Hide resolved
1. If |explicitSetting| is "`disallow`", [=/resolve=] |p| with false.
1. If |explicitSetting| is "`allow`", [=/resolve=] |p| with true.
1. If |explicitSetting| is "`none`":
1. If |browsingContext| is a [=top-level browsing context=], [=/resolve=] |p| with true.
Copy link
Collaborator

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I like this better. Does @johannhof agree with this change as well?

Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Yes, this still LGTM :)

@shuranhuang shuranhuang requested a review from annevk July 25, 2023 14:31
@shuranhuang
Copy link
Contributor Author

@annevk does it look good with your suggestions applied?

@shuranhuang
Copy link
Contributor Author

@annevk Friendly ping:)

@johannhof
Copy link
Member

In the interest of moving things along on our graduation goals, I'll go ahead and merge this without @annevk's explicit sign-off, as there's been plenty of review (and a final positive note). I hope that works for you, Anne. I think @shuranhuang is happy to correct any remaining concerns you may have in another PR.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
None yet
Projects
None yet
Development

Successfully merging this pull request may close these issues.

Clarify intended semantics of document.hasStorageAccess
4 participants