Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Add support for partitioned cookies to CookieStore. #206

Merged
merged 9 commits into from
Aug 4, 2023

Conversation

DCtheTall
Copy link
Member

@DCtheTall DCtheTall commented Sep 15, 2021

@DCtheTall
Copy link
Member Author

This PR is a change to the CookieStore API spec to support partitioned cookies.

These changes could be used to support the Partitioned attribute, a.k.a. CHIPS.

There is an open PR in the CHIPS repository adding a note about these changes to the explainer.

index.bs Outdated Show resolved Hide resolved
@DCtheTall
Copy link
Member Author

DCtheTall commented Sep 16, 2021

One quick addendum: if user agents implement service worker partitioning (ref) then the cookie's partition key should be the site of the worker's partition key.

If user agents don't implement storage partitioning, then partitioned cookies may need to be blocked in service workers. Otherwise, service workers could use partitioned cookies as a cross-site identifier. See the CHIPS explainer for more detail.

Service worker partitioning is also mentioned in more detail in this proposal.

@DCtheTall DCtheTall marked this pull request as ready for review October 7, 2021 21:38
@DCtheTall
Copy link
Member Author

DCtheTall commented Oct 7, 2021

I put together a CL that implements these changes in Chromium.

chromium-wpt-export-bot pushed a commit to web-platform-tests/wpt that referenced this pull request Oct 25, 2021
This CL adds support for Partitioned cookies* to the CookieStore API.
It implements the changes proposed in
WICG/cookie-store#206 in Chromium.

Cookie partitioning will only be active and the `partitioned` field
is only considered by `CookieStore.set` or `CookieStore.delete` when
the --partitioned-cookies flag is set.

*: see https://github.com/WICG/CHIPS

Bug:1225444
Change-Id: I4bdde833c28fa192bb0b5e011a6005a45029b481
chromium-wpt-export-bot pushed a commit to web-platform-tests/wpt that referenced this pull request Oct 25, 2021
This CL adds support for Partitioned cookies* to the CookieStore API.
It implements the changes proposed in
WICG/cookie-store#206 in Chromium.

Cookie partitioning will only be active and the `partitioned` field
is only considered by `CookieStore.set` or `CookieStore.delete` when
the --partitioned-cookies flag is set.

*: see https://github.com/WICG/CHIPS

Bug:1225444
Change-Id: I4bdde833c28fa192bb0b5e011a6005a45029b481
chromium-wpt-export-bot pushed a commit to web-platform-tests/wpt that referenced this pull request Oct 25, 2021
This CL adds support for Partitioned cookies* to the CookieStore API.
It implements the changes proposed in
WICG/cookie-store#206 in Chromium.

Cookie partitioning will only be active and the `partitioned` field
is only considered by `CookieStore.set` or `CookieStore.delete` when
the --partitioned-cookies flag is set.

*: see https://github.com/WICG/CHIPS

Bug:1225444
Change-Id: I4bdde833c28fa192bb0b5e011a6005a45029b481
chromium-wpt-export-bot pushed a commit to web-platform-tests/wpt that referenced this pull request Oct 26, 2021
This CL adds support for Partitioned cookies* to the CookieStore API.
It implements the changes proposed in
WICG/cookie-store#206 in Chromium.

Cookie partitioning will only be active and the `partitioned` field
is only considered by `CookieStore.set` or `CookieStore.delete` when
the --partitioned-cookies flag is set.

*: see https://github.com/WICG/CHIPS

Bug:1225444
Change-Id: I4bdde833c28fa192bb0b5e011a6005a45029b481
chromium-wpt-export-bot pushed a commit to web-platform-tests/wpt that referenced this pull request Oct 26, 2021
This CL adds support for Partitioned cookies* to the CookieStore API.
It implements the changes proposed in
WICG/cookie-store#206 in Chromium.

Cookie partitioning will only be active and the `partitioned` field
is only considered by `CookieStore.set` or `CookieStore.delete` when
the --partitioned-cookies flag is set.

*: see https://github.com/WICG/CHIPS

Bug:1225444
Change-Id: I4bdde833c28fa192bb0b5e011a6005a45029b481
chromium-wpt-export-bot pushed a commit to web-platform-tests/wpt that referenced this pull request Oct 26, 2021
This CL adds support for Partitioned cookies* to the CookieStore API.
It implements the changes proposed in
WICG/cookie-store#206 in Chromium.

Cookie partitioning will only be active and the `partitioned` field
is only considered by `CookieStore.set` or `CookieStore.delete` when
the --partitioned-cookies flag is set.

*: see https://github.com/WICG/CHIPS

Bug:1225444
Change-Id: I4bdde833c28fa192bb0b5e011a6005a45029b481
chromium-wpt-export-bot pushed a commit to web-platform-tests/wpt that referenced this pull request Oct 27, 2021
This CL adds support for Partitioned cookies* to the CookieStore API.
It implements the changes proposed in
WICG/cookie-store#206 in Chromium.

Cookie partitioning will only be active and the `partitioned` field
is only considered by `CookieStore.set` or `CookieStore.delete` when
the --partitioned-cookies flag is set.

*: see https://github.com/WICG/CHIPS

Bug:1225444
Change-Id: I4bdde833c28fa192bb0b5e011a6005a45029b481
chromium-wpt-export-bot pushed a commit to web-platform-tests/wpt that referenced this pull request Oct 31, 2021
This CL adds support for Partitioned cookies* to the CookieStore API.
It implements the changes proposed in
WICG/cookie-store#206 in Chromium.

Cookie partitioning will only be active and the `partitioned` field
is only considered by `CookieStore.set` or `CookieStore.delete` when
the --partitioned-cookies flag is set.

*: see https://github.com/WICG/CHIPS

Bug:1225444
Change-Id: I4bdde833c28fa192bb0b5e011a6005a45029b481
chromium-wpt-export-bot pushed a commit to web-platform-tests/wpt that referenced this pull request Nov 1, 2021
This CL adds support for Partitioned cookies* to the CookieStore API.
It implements the changes proposed in
WICG/cookie-store#206 in Chromium.

Cookie partitioning will only be active and the `partitioned` field
is only considered by `CookieStore.set` or `CookieStore.delete` when
the --partitioned-cookies flag is set.

*: see https://github.com/WICG/CHIPS

Bug:1225444
Change-Id: I4bdde833c28fa192bb0b5e011a6005a45029b481
chromium-wpt-export-bot pushed a commit to web-platform-tests/wpt that referenced this pull request Nov 1, 2021
This CL adds support for Partitioned cookies* to the CookieStore API.
It implements the changes proposed in
WICG/cookie-store#206 in Chromium.

Cookie partitioning will only be active and the `partitioned` field
is only considered by `CookieStore.set` or `CookieStore.delete` when
the --partitioned-cookies flag is set.

*: see https://github.com/WICG/CHIPS

Bug:1225444
Change-Id: I4bdde833c28fa192bb0b5e011a6005a45029b481
chromium-wpt-export-bot pushed a commit to web-platform-tests/wpt that referenced this pull request Nov 1, 2021
This CL adds support for Partitioned cookies* to the CookieStore API.
It implements the changes proposed in
WICG/cookie-store#206 in Chromium.

Cookie partitioning will only be active and the `partitioned` field
is only considered by `CookieStore.set` or `CookieStore.delete` when
the --partitioned-cookies flag is set.

*: see https://github.com/WICG/CHIPS

Bug:1225444
Change-Id: I4bdde833c28fa192bb0b5e011a6005a45029b481
chromium-wpt-export-bot pushed a commit to web-platform-tests/wpt that referenced this pull request Nov 2, 2021
This CL adds support for Partitioned cookies* to the CookieStore API.
It implements the changes proposed in
WICG/cookie-store#206 in Chromium.

Cookie partitioning will only be active and the `partitioned` field
is only considered by `CookieStore.set` or `CookieStore.delete` when
the --partitioned-cookies flag is set.

*: see https://github.com/WICG/CHIPS

Bug:1225444
Change-Id: I4bdde833c28fa192bb0b5e011a6005a45029b481
chromium-wpt-export-bot pushed a commit to web-platform-tests/wpt that referenced this pull request Nov 2, 2021
This CL adds support for Partitioned cookies* to the CookieStore API.
It implements the changes proposed in
WICG/cookie-store#206 in Chromium.

Cookie partitioning will only be active and the `partitioned` field
is only considered by `CookieStore.set` or `CookieStore.delete` when
the --partitioned-cookies flag is set.

*: see https://github.com/WICG/CHIPS

Bug:1225444
Change-Id: I4bdde833c28fa192bb0b5e011a6005a45029b481
chromium-wpt-export-bot pushed a commit to web-platform-tests/wpt that referenced this pull request Nov 3, 2021
This CL adds support for Partitioned cookies* to the CookieStore API.
It implements the changes proposed in
WICG/cookie-store#206 in Chromium.

Cookie partitioning will only be active and the `partitioned` field
is only considered by `CookieStore.set` or `CookieStore.delete` when
the --partitioned-cookies flag is set.

*: see https://github.com/WICG/CHIPS

Bug: 1225444
Change-Id: I4bdde833c28fa192bb0b5e011a6005a45029b481
Reviewed-on: https://chromium-review.googlesource.com/c/chromium/src/+/3212611
Commit-Queue: Dylan Cutler <dylancutler@google.com>
Reviewed-by: Ayu Ishii <ayui@chromium.org>
Reviewed-by: Charlie Harrison <csharrison@chromium.org>
Reviewed-by: Emily Stark <estark@chromium.org>
Reviewed-by: Maksim Orlovich <morlovich@chromium.org>
Cr-Commit-Position: refs/heads/main@{#937656}
chromium-wpt-export-bot pushed a commit to web-platform-tests/wpt that referenced this pull request Nov 3, 2021
This CL adds support for Partitioned cookies* to the CookieStore API.
It implements the changes proposed in
WICG/cookie-store#206 in Chromium.

Cookie partitioning will only be active and the `partitioned` field
is only considered by `CookieStore.set` or `CookieStore.delete` when
the --partitioned-cookies flag is set.

*: see https://github.com/WICG/CHIPS

Bug: 1225444
Change-Id: I4bdde833c28fa192bb0b5e011a6005a45029b481
Reviewed-on: https://chromium-review.googlesource.com/c/chromium/src/+/3212611
Commit-Queue: Dylan Cutler <dylancutler@google.com>
Reviewed-by: Ayu Ishii <ayui@chromium.org>
Reviewed-by: Charlie Harrison <csharrison@chromium.org>
Reviewed-by: Emily Stark <estark@chromium.org>
Reviewed-by: Maksim Orlovich <morlovich@chromium.org>
Cr-Commit-Position: refs/heads/main@{#937656}
blueboxd pushed a commit to blueboxd/chromium-legacy that referenced this pull request Nov 3, 2021
This CL adds support for Partitioned cookies* to the CookieStore API.
It implements the changes proposed in
WICG/cookie-store#206 in Chromium.

Cookie partitioning will only be active and the `partitioned` field
is only considered by `CookieStore.set` or `CookieStore.delete` when
the --partitioned-cookies flag is set.

*: see https://github.com/WICG/CHIPS

Bug: 1225444
Change-Id: I4bdde833c28fa192bb0b5e011a6005a45029b481
Reviewed-on: https://chromium-review.googlesource.com/c/chromium/src/+/3212611
Commit-Queue: Dylan Cutler <dylancutler@google.com>
Reviewed-by: Ayu Ishii <ayui@chromium.org>
Reviewed-by: Charlie Harrison <csharrison@chromium.org>
Reviewed-by: Emily Stark <estark@chromium.org>
Reviewed-by: Maksim Orlovich <morlovich@chromium.org>
Cr-Commit-Position: refs/heads/main@{#937656}
moz-v2v-gh pushed a commit to mozilla/gecko-dev that referenced this pull request Nov 10, 2021
…Store API, a=testonly

Automatic update from web-platform-tests
Add Partitioned cookie support to CookieStore API

This CL adds support for Partitioned cookies* to the CookieStore API.
It implements the changes proposed in
WICG/cookie-store#206 in Chromium.

Cookie partitioning will only be active and the `partitioned` field
is only considered by `CookieStore.set` or `CookieStore.delete` when
the --partitioned-cookies flag is set.

*: see https://github.com/WICG/CHIPS

Bug: 1225444
Change-Id: I4bdde833c28fa192bb0b5e011a6005a45029b481
Reviewed-on: https://chromium-review.googlesource.com/c/chromium/src/+/3212611
Commit-Queue: Dylan Cutler <dylancutler@google.com>
Reviewed-by: Ayu Ishii <ayui@chromium.org>
Reviewed-by: Charlie Harrison <csharrison@chromium.org>
Reviewed-by: Emily Stark <estark@chromium.org>
Reviewed-by: Maksim Orlovich <morlovich@chromium.org>
Cr-Commit-Position: refs/heads/main@{#937656}

--

wpt-commits: bb30d118adc1c7154c548a28e81d30723e0aaaa8
wpt-pr: 31374
jamienicol pushed a commit to jamienicol/gecko that referenced this pull request Nov 10, 2021
…Store API, a=testonly

Automatic update from web-platform-tests
Add Partitioned cookie support to CookieStore API

This CL adds support for Partitioned cookies* to the CookieStore API.
It implements the changes proposed in
WICG/cookie-store#206 in Chromium.

Cookie partitioning will only be active and the `partitioned` field
is only considered by `CookieStore.set` or `CookieStore.delete` when
the --partitioned-cookies flag is set.

*: see https://github.com/WICG/CHIPS

Bug: 1225444
Change-Id: I4bdde833c28fa192bb0b5e011a6005a45029b481
Reviewed-on: https://chromium-review.googlesource.com/c/chromium/src/+/3212611
Commit-Queue: Dylan Cutler <dylancutler@google.com>
Reviewed-by: Ayu Ishii <ayui@chromium.org>
Reviewed-by: Charlie Harrison <csharrison@chromium.org>
Reviewed-by: Emily Stark <estark@chromium.org>
Reviewed-by: Maksim Orlovich <morlovich@chromium.org>
Cr-Commit-Position: refs/heads/main@{#937656}

--

wpt-commits: bb30d118adc1c7154c548a28e81d30723e0aaaa8
wpt-pr: 31374
Gabisampaio pushed a commit to Gabisampaio/wpt that referenced this pull request Nov 18, 2021
This CL adds support for Partitioned cookies* to the CookieStore API.
It implements the changes proposed in
WICG/cookie-store#206 in Chromium.

Cookie partitioning will only be active and the `partitioned` field
is only considered by `CookieStore.set` or `CookieStore.delete` when
the --partitioned-cookies flag is set.

*: see https://github.com/WICG/CHIPS

Bug: 1225444
Change-Id: I4bdde833c28fa192bb0b5e011a6005a45029b481
Reviewed-on: https://chromium-review.googlesource.com/c/chromium/src/+/3212611
Commit-Queue: Dylan Cutler <dylancutler@google.com>
Reviewed-by: Ayu Ishii <ayui@chromium.org>
Reviewed-by: Charlie Harrison <csharrison@chromium.org>
Reviewed-by: Emily Stark <estark@chromium.org>
Reviewed-by: Maksim Orlovich <morlovich@chromium.org>
Cr-Commit-Position: refs/heads/main@{#937656}
mjfroman pushed a commit to mjfroman/moz-libwebrtc-third-party that referenced this pull request Oct 14, 2022
This CL adds support for Partitioned cookies* to the CookieStore API.
It implements the changes proposed in
WICG/cookie-store#206 in Chromium.

Cookie partitioning will only be active and the `partitioned` field
is only considered by `CookieStore.set` or `CookieStore.delete` when
the --partitioned-cookies flag is set.

*: see https://github.com/WICG/CHIPS

Bug: 1225444
Change-Id: I4bdde833c28fa192bb0b5e011a6005a45029b481
Reviewed-on: https://chromium-review.googlesource.com/c/chromium/src/+/3212611
Commit-Queue: Dylan Cutler <dylancutler@google.com>
Reviewed-by: Ayu Ishii <ayui@chromium.org>
Reviewed-by: Charlie Harrison <csharrison@chromium.org>
Reviewed-by: Emily Stark <estark@chromium.org>
Reviewed-by: Maksim Orlovich <morlovich@chromium.org>
Cr-Commit-Position: refs/heads/main@{#937656}
NOKEYCHECK=True
GitOrigin-RevId: 4a461f1bb88cd8e12231512641dafcfa7f1cd48b
@inexorabletash
Copy link
Member

Wow, this fell off my radar. Is this just waiting for final review/merge, or is there further discussion that should happen first?

index.bs Outdated
@@ -689,6 +692,9 @@ The <dfn method for=CookieStore>set(|options|)</dfn> method steps are:
|options|["{{CookieInit/domain}}"],
|options|["{{CookieInit/path}}"], and
|options|["{{CookieInit/sameSite}}"].
1. If the |options|["{{CookieInit/partitioned}}"] attribute is present and the user agent supports [cookie partitioning](https://github.com/WICG/CHIPS), then
1. If the current browsing context is a service worker, set the cookie's partition key be |origin|'s [=site=].
Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Should linkify "current browsing context" and "service worker"

Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Also.. this is run after the cookie is set, which seems unusual. ISTM the partition key should be captured before "set a cookie" and passed into it.

Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

And should we toss a definition of "partition key" into the cookie-concept section?

Copy link
Member Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I think the partition key can be up to RFC6265bis to define, since the CookieStore API is not actually concerned with partition key values and the cookie RFC will (some day) specify how to select which partitioned cookies to include in a request. So I do not think this spec needs to be concerned with that?

Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Yes... but https://wicg.github.io/cookie-store/#cookie-concept basically has "proxy" definitions for RFC6265bis terms, since I don't think we can link directly to them. We can add it later though.

explainer.md Outdated Show resolved Hide resolved
explainer.md Show resolved Hide resolved
explainer.md Show resolved Hide resolved
explainer.md Outdated Show resolved Hide resolved
explainer.md Outdated Show resolved Hide resolved
index.bs Outdated Show resolved Hide resolved
explainer.md Outdated Show resolved Hide resolved
index.bs Outdated Show resolved Hide resolved
explainer.md Show resolved Hide resolved
index.bs Outdated Show resolved Hide resolved
index.bs Outdated Show resolved Hide resolved
@DCtheTall DCtheTall requested a review from inexorabletash July 31, 2023 16:50
Copy link
Member

@inexorabletash inexorabletash left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Almost there! Just tiny nitpicks.

index.bs Outdated Show resolved Hide resolved
index.bs Outdated Show resolved Hide resolved
index.bs Outdated Show resolved Hide resolved
@inexorabletash
Copy link
Member

BTW, I was playing with cookieStore/document.cookie interop and it took me a while to realize that with document.cookie "partitioned" is ignored unless "path" and "secure" are also specified, which are the default with cookieStore but of course not document.cookie. Do you think we should add an example in the "Modifying Cookies" section, or is this well known?

@DCtheTall
Copy link
Member Author

DCtheTall commented Aug 4, 2023

BTW, I was playing with cookieStore/document.cookie interop and it took me a while to realize that with document.cookie "partitioned" is ignored unless "path" and "secure" are also specified

Tad correction, you only need the "secure" attribute set. The "path" attribute is not necessary 😄

Do you think we should add an example in the "Modifying Cookies" section, or is this well known?

The Secure requirement is a well-known part of the proposal for the definition of Partitioned for RFC6265bis.

@inexorabletash inexorabletash merged commit 880b5ea into WICG:main Aug 4, 2023
github-actions bot added a commit that referenced this pull request Aug 4, 2023
SHA: 880b5ea
Reason: push, by inexorabletash

Co-authored-by: github-actions[bot] <41898282+github-actions[bot]@users.noreply.github.com>
@inexorabletash
Copy link
Member

BTW, I was playing with cookieStore/document.cookie interop and it took me a while to realize that with document.cookie "partitioned" is ignored unless "path" and "secure" are also specified

Tad correction, you only need the "secure" attribute set. The "path" attribute is not necessary 😄

Thanks for clarifying! https://source.chromium.org/chromium/chromium/src/+/main:net/cookies/canonical_cookie_unittest.cc;l=731 mislead me a bit I guess.

@DCtheTall
Copy link
Member Author

Thanks for clarifying! source.chromium.org/chromium/chromium/src/+/main:net/cookies/canonical_cookie_unittest.cc;l=731 mislead me a bit I guess.

Ah, this is because Path=/ is required for the __Host- prefix, which that cookie also uses. I can see why that is initially confusing, especially considering Partitioned was originally designed to require __Host- but we loosened it to only require Secure 😄

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
None yet
Projects
None yet
Development

Successfully merging this pull request may close these issues.

4 participants