Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Let document.hasStorageAccess check whether the Document already has unpartitioned data access #174

Merged
merged 21 commits into from
Aug 21, 2023
Merged

Let document.hasStorageAccess check whether the Document already has unpartitioned data access #174

Changes from 20 commits
Commits
Show all changes
21 commits
Select commit Hold shift + click to select a range
5555beb
Check whether the context already has unpartitioned data access in hSA
shuranhuang Jun 13, 2023
d5efb4d
Add implementation dfn of "whether the user agent allows unpartitione…
shuranhuang Jun 14, 2023
de02b69
Queue a global task for the algo
shuranhuang Jun 14, 2023
9191bee
Address comments
shuranhuang Jun 15, 2023
88d169e
Update inline algo definition
shuranhuang Jun 15, 2023
95261cc
Update the "user agent explicitly allows..." part
shuranhuang Jun 20, 2023
a8a08cc
Use (topLevelSite, embeddedSite) tuple for user agent's setting checks.
shuranhuang Jun 22, 2023
259ede3
Update storage-access.bs
shuranhuang Jun 29, 2023
2c68690
Update storage-access.bs
shuranhuang Jun 29, 2023
5140c14
Update storage-access.bs
shuranhuang Jun 29, 2023
971c279
Add non-normative note for user decission.
shuranhuang Jun 30, 2023
7a88f3e
Update storage-access.bs
shuranhuang Jul 6, 2023
bd288a1
Update storage-access.bs
shuranhuang Jul 6, 2023
9637c1c
Update storage-access.bs
shuranhuang Jul 6, 2023
a390040
Update storage-access.bs
shuranhuang Jul 6, 2023
f3aaccb
Update storage-access.bs
shuranhuang Jul 6, 2023
8f5dda8
Inline the sub step
shuranhuang Jul 6, 2023
4ad7a32
format string
shuranhuang Jul 12, 2023
10030f4
Remove early return for top-level document and same authority cases
shuranhuang Jul 21, 2023
3ef5060
Add back top-level and same authority checks and make sure they are c…
shuranhuang Jul 24, 2023
024f4b8
Resolve comments
shuranhuang Jul 25, 2023
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
33 changes: 27 additions & 6 deletions storage-access.bs
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -156,13 +156,34 @@ When invoked on {{Document}} |doc|, the <dfn export method for=Document><code>ha
1. If |doc|'s [=Document/origin=] is an [=opaque origin=], [=/resolve=] |p| with false and return |p|.
1. Let |global| be |doc|'s [=relevant global object=].
1. If |global| is not a [=secure context=], then [=/resolve=] |p| with false and return |p|.
1. If |doc|'s [=Document/browsing context=] is a [=top-level browsing context=], [=/resolve=] |p| with true and return |p|.
1. If the [=top-level origin=] of |doc|'s [=relevant settings object=] is an [=opaque origin=], [=/resolve=] |p| with false and return |p|.
1. If |doc| is same authority with |doc|'s [=Document/browsing context=]'s [=top-level browsing context=]'s [=active document=], [=/resolve=] |p| with true and return |p|.

ISSUE: "same authority" here is a placeholder for a future concept that allows user agents to perform [=same site=] checks while adhering to additional security aspects such as the presence of a cross-site parent document, see [whatwg/storage#142](https://github.com/whatwg/storage/issues/142#issuecomment-1122147159). In practice, this might involve comparing the [=site for cookies=] or performing a [=same site=] check with the top-level document.

1. [=Queue a global task=] on the [=permissions task source=] given |global| to [=/resolve=] |p| with |global|'s [=environment/has storage access=].
1. Let |browsingContext| be |doc|'s [=Document/browsing context=].
1. Let |topLevelSite| be the result of [=obtain a site|obtaining a site=] from the [=top-level origin=] of |doc|'s [=relevant settings object=].
1. Let |embeddedSite| be the result of [=obtain a site|obtaining a site=] from |doc|'s [=Document/origin=].
1. Run the following steps [=in parallel=]:
1. Let |whether the user agent explicitly allows unpartitioned cookie access| be an algorithm that, given a [=tuple=] |tuple| consisting of [=sites=], runs the following steps. This algorithm returns "`none`", "`allow`" or "`disallow`".
shuranhuang marked this conversation as resolved.
Show resolved Hide resolved

Note: A user agent's settings might explicitly allow or disallow unpartitioned cookie access through per-site allow-lists, the user changing global browser settings, or similar custom overrides.

1. If the user agent does not have explicit settings for unpartitioned cookie access for |tuple|, return "`none`".
1. If the user agent's settings explicitly allow unpartitioned cookie access for |tuple|, return "`allow`".
1. If the user agent's settings explicitly disallow unpartitioned cookie access for |tuple|, return "`disallow`".
1. Let |explicitSetting| be the result of determining |whether the user agent explicitly allows unpartitioned cookie access| with (|topLevelSite|, |embeddedSite|).
1. Let |permissionState| be the result of [=getting the current permission state=] given "<a permission><code>storage-access</code></a>" and |global|.
shuranhuang marked this conversation as resolved.
Show resolved Hide resolved
1. [=Queue a global task=] on the [=permissions task source=] given |global| to:
1. If |explicitSetting| is "`disallow`", [=/resolve=] |p| with false.
1. If |explicitSetting| is "`allow`", [=/resolve=] |p| with true.
1. If |explicitSetting| is "`none`":
1. If |browsingContext| is a [=top-level browsing context=], [=/resolve=] |p| with true.
Copy link
Collaborator

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I like this better. Does @johannhof agree with this change as well?

Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Yes, this still LGTM :)

1. If |browsingContext| is same authority with |browsingContext|'s [=top-level browsing context=]'s [=active document=], [=/resolve=] |p| with true.

ISSUE: "same authority" here is a placeholder for a future concept that allows user agents to perform [=same site=] checks while adhering to additional security aspects such as the presence of a cross-site parent document, see [whatwg/storage#142](https://github.com/whatwg/storage/issues/142#issuecomment-1122147159). In practice, this might involve comparing the [=site for cookies=] or performing a [=same site=] check with the top-level document.

1. If |permissionState| is [=permission/granted=], [=/resolve=] |p| with |global|'s [=environment/has storage access=].
shuranhuang marked this conversation as resolved.
Show resolved Hide resolved

Note: The global storage access permission state takes precedence over the local [=environment/has storage access=] flag here, in order to immediately reflect a possible user choice to revoke the permission in their settings.

1. [=/Resolve=] |p| with false.
1. Return |p|.

When invoked on {{Document}} |doc|, the <dfn export method for=Document><code>requestStorageAccess()</code></dfn> method must run these steps:
Expand Down