Add ephemeral storage support for network cookies #7387
Conversation
|
Note that the first commit in this PR is: #7154 and this change will be rebased once that PR lands. |
mrobinson
force-pushed
the
ephemeral-cookie-storage-mimimal-network-cookies
branch
from
6ada214
to
4bdbfb4
Compare
mrobinson
changed the base branch from
master
to
ephemeral-cookie-storage-mimimal
mrobinson
force-pushed
the
ephemeral-cookie-storage-mimimal-network-cookies
branch
from
4bdbfb4
to
40ff9b3
Compare
mrobinson
changed the title
mrobinson
force-pushed
the
ephemeral-cookie-storage-mimimal
branch
from
4fa55ef
to
fe5a8ec
Compare
mrobinson
force-pushed
the
ephemeral-cookie-storage-mimimal-network-cookies
branch
from
40ff9b3
to
2695cfa
Compare
|
|
||
| #define BRAVE_ADDCOOKIEHEADERANDSTART \ | ||
| if (ShouldUseEphemeralStorage(this)) { \ | ||
| DCHECK(request()->isolation_info().top_frame_origin().has_value()); \ |
There was a problem hiding this comment.
I think it would be better to move this DCHECK here https://github.com/brave/brave-core/pull/7387/files#diff-2b849c37882ef112e7d503ffa24e13c9987f94b8f4cc5ee2870c4f87a357b8c4R24 so it doesn't have to be duplicated and also so you don't need the NOLINT for the weird parens
There was a problem hiding this comment.
I can remove the DCHECK, but:
- At line 24 we should have returned early if request()->isolation_info().top_frame_origin().has_value() so the assertion might be a bit redundant.
- I think that since the code in the first if-block spans multiple lines it still needs braces and the NOLINT continues to be unavoidable.
There was a problem hiding this comment.
braces are only needed if the there is more than one statement
There was a problem hiding this comment.
Okay. I've removed the DCHECK and the brace. Now the NOLINT statement is unnecessary.
| ui_test_utils::NavigateToURL(browser(), b_site_set_cookie_url); | ||
| ui_test_utils::NavigateToURL(browser(), a_site_ephemeral_storage_url_); | ||
|
|
||
| std::string a_cookie = |
There was a problem hiding this comment.
are we covering all the cases here? For instance what about verifying that 1st-party iframe does not use ephemeral storage with and without being nested in 3p domain?
There was a problem hiding this comment.
Are you referring to the following situation?
- Top frame:
- 3rd party iframe
- 1st party iframe
- 3rd party iframe
There was a problem hiding this comment.
I've added a new browsertest for this functionality.
There was a problem hiding this comment.
I'm not sure that was the only one that is missing, but please check with @pes10k and add any others in a follow-up
|
|
||
| IN_PROC_BROWSER_TEST_F(EphemeralStorageBrowserTest, | ||
| NavigationCookiesArePartitioned) { | ||
| AllowAllCookies(); |
There was a problem hiding this comment.
do we have a ticket for connecting this to block3p shield setting?
There was a problem hiding this comment.
Can you confirm whether or not one of these tickets is what you are referring to?
- Ephemeral storage should work when third-party cookies are blocked brave-browser#12789
- Do not use ephemeral storage for third-party domains that block cookies with a domain override brave-browser#12790
I believe that the first bug covers the situation where cookies are blocked in brave shield.
| if (!base::FeatureList::IsEnabled(net::features::kBraveEphemeralStorage)) | ||
| return false; | ||
|
|
||
| const net::IsolationInfo& isolation_info = |
There was a problem hiding this comment.
missing headers for isolation info, and request https://google.github.io/styleguide/cppguide.html#Include_What_You_Use
| ->SetEphemeralCanonicalCookieAsync( \ | ||
| std::move(cookie), request_->url(), \ | ||
| request()->isolation_info().top_frame_origin()->GetURL(), options, \ | ||
| base::BindOnce(&URLRequestHttpJob::OnSetCookieResult, \ |
There was a problem hiding this comment.
missing headers for BindOnce https://google.github.io/styleguide/cppguide.html#Include_What_You_Use
mrobinson
force-pushed
the
ephemeral-cookie-storage-mimimal-network-cookies
branch
from
2695cfa
to
f02a83a
Compare
|
@bridiver I've pushed a new version of the branch which I believe addresses all your review comments. Please take a look. |
|
Thanks very kindly for the reviews. The two failures look like an unrelated issue with the ios bot (a failure in |
mrobinson
deleted the
ephemeral-cookie-storage-mimimal-network-cookies
branch
This change adds ephemeral storage support for network cookies
which are cookies that set and sent via HTTP headers.
Resolves brave/brave-browser#12788
Submitter Checklist:
QA/YesorQA/No;release-notes/includeorrelease-notes/exclude;OS/...) to the associated issuenpm run test -- brave_browser_tests,npm run test -- brave_unit_tests,npm run lint,npm run gn_check,npm run tslintgit rebase master(if needed).Reviewer Checklist:
gnAfter-merge Checklist:
changes has landed on.
Test Plan:
This change relies on browsertests for functionality testing. Later changes enabling ephemeral storage will have a broader testing plan.