[webkit-changes] [WebKit/WebKit] 5e4c68: REGRESSION (252706 at main): zillow.com shows a Recap...
Wenson Hsieh
noreply at github.com
Wed Jan 18 10:49:08 PST 2023
Branch: refs/heads/main
Home: https://github.com/WebKit/WebKit
Commit: 5e4c68005fe4b76b61be2e90bb7064226ce1f69d
https://github.com/WebKit/WebKit/commit/5e4c68005fe4b76b61be2e90bb7064226ce1f69d
Author: Wenson Hsieh <wenson_hsieh at apple.com>
Date: 2023-01-18 (Wed, 18 Jan 2023)
Changed paths:
A LayoutTests/http/tests/permissions/permission-state-for-notifications-in-ephemeral-session-expected.txt
A LayoutTests/http/tests/permissions/permission-state-for-notifications-in-ephemeral-session.html
M LayoutTests/http/tests/push-api/permissions-ephemeral-expected.txt
M LayoutTests/http/tests/push-api/permissions-ephemeral.html
M Source/WebKit/UIProcess/WebPageProxy.cpp
M Source/WebKit/WebProcess/WebCoreSupport/WebNotificationClient.cpp
Log Message:
-----------
REGRESSION (252706 at main): zillow.com shows a Recaptcha interstitial in private browsing mode
https://bugs.webkit.org/show_bug.cgi?id=250686
rdar://103905006
Reviewed by Youenn Fablet and Ben Nham.
Currently, in private browsing mode (i.e. when using an ephemeral session) `Notification.permission`
unconditionally returns `"denied"` (with `Notification.requestPermission` also unconditionally
denying the request). However, the Permissions API (i.e. `navigator.permissions.query`) implements
inconsistent behavior, and instead returns `"prompt"` in this scenario. On zillow.com, this causes
a bot detection script to erroneously flag the UA as non-human in private browsing, and present
interstitial Recaptcha UI to the user.
Fix this by making the heuristics for "notifications" in `WebPageProxy::queryPermission` consistent
with the Notifications API, such that in an ephemeral session, we return "default" or "prompt"
unless the page has requested access (in which case we'll deny access, and then subsequently return
"denied").
Test: http/tests/permissions/permission-state-for-notifications-in-ephemeral-session.html
* LayoutTests/http/tests/permissions/permission-state-for-notifications-in-ephemeral-session-expected.txt:
* LayoutTests/http/tests/permissions/permission-state-for-notifications-in-ephemeral-session.html:
* LayoutTests/http/tests/push-api/permissions-ephemeral-expected.txt:
* LayoutTests/http/tests/push-api/permissions-ephemeral.html:
Rebaseline an existing layout test.
* Source/WebKit/UIProcess/WebPageProxy.cpp:
(WebKit::WebPageProxy::queryPermission):
* Source/WebKit/WebProcess/WebCoreSupport/WebNotificationClient.cpp:
(WebKit::WebNotificationClient::checkPermission):
Canonical link: https://commits.webkit.org/259040@main
More information about the webkit-changes
mailing list