<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.1//EN"
"http://www.w3.org/TR/xhtml11/DTD/xhtml11.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head><meta http-equiv="content-type" content="text/html; charset=utf-8" />
<title>[248273] trunk</title>
</head>
<body>

<style type="text/css"><!--
#msg dl.meta { border: 1px #006 solid; background: #369; padding: 6px; color: #fff; }
#msg dl.meta dt { float: left; width: 6em; font-weight: bold; }
#msg dt:after { content:':';}
#msg dl, #msg dt, #msg ul, #msg li, #header, #footer, #logmsg { font-family: verdana,arial,helvetica,sans-serif; font-size: 10pt;  }
#msg dl a { font-weight: bold}
#msg dl a:link    { color:#fc3; }
#msg dl a:active  { color:#ff0; }
#msg dl a:visited { color:#cc6; }
h3 { font-family: verdana,arial,helvetica,sans-serif; font-size: 10pt; font-weight: bold; }
#msg pre { overflow: auto; background: #ffc; border: 1px #fa0 solid; padding: 6px; }
#logmsg { background: #ffc; border: 1px #fa0 solid; padding: 1em 1em 0 1em; }
#logmsg p, #logmsg pre, #logmsg blockquote { margin: 0 0 1em 0; }
#logmsg p, #logmsg li, #logmsg dt, #logmsg dd { line-height: 14pt; }
#logmsg h1, #logmsg h2, #logmsg h3, #logmsg h4, #logmsg h5, #logmsg h6 { margin: .5em 0; }
#logmsg h1:first-child, #logmsg h2:first-child, #logmsg h3:first-child, #logmsg h4:first-child, #logmsg h5:first-child, #logmsg h6:first-child { margin-top: 0; }
#logmsg ul, #logmsg ol { padding: 0; list-style-position: inside; margin: 0 0 0 1em; }
#logmsg ul { text-indent: -1em; padding-left: 1em; }#logmsg ol { text-indent: -1.5em; padding-left: 1.5em; }
#logmsg > ul, #logmsg > ol { margin: 0 0 1em 0; }
#logmsg pre { background: #eee; padding: 1em; }
#logmsg blockquote { border: 1px solid #fa0; border-left-width: 10px; padding: 1em 1em 0 1em; background: white;}
#logmsg dl { margin: 0; }
#logmsg dt { font-weight: bold; }
#logmsg dd { margin: 0; padding: 0 0 0.5em 0; }
#logmsg dd:before { content:'\00bb';}
#logmsg table { border-spacing: 0px; border-collapse: collapse; border-top: 4px solid #fa0; border-bottom: 1px solid #fa0; background: #fff; }
#logmsg table th { text-align: left; font-weight: normal; padding: 0.2em 0.5em; border-top: 1px dotted #fa0; }
#logmsg table td { text-align: right; border-top: 1px dotted #fa0; padding: 0.2em 0.5em; }
#logmsg table thead th { text-align: center; border-bottom: 1px solid #fa0; }
#logmsg table th.Corner { text-align: left; }
#logmsg hr { border: none 0; border-top: 2px dashed #fa0; height: 1px; }
#header, #footer { color: #fff; background: #636; border: 1px #300 solid; padding: 6px; }
#patch { width: 100%; }
#patch h4 {font-family: verdana,arial,helvetica,sans-serif;font-size:10pt;padding:8px;background:#369;color:#fff;margin:0;}
#patch .propset h4, #patch .binary h4 {margin:0;}
#patch pre {padding:0;line-height:1.2em;margin:0;}
#patch .diff {width:100%;background:#eee;padding: 0 0 10px 0;overflow:auto;}
#patch .propset .diff, #patch .binary .diff  {padding:10px 0;}
#patch span {display:block;padding:0 10px;}
#patch .modfile, #patch .addfile, #patch .delfile, #patch .propset, #patch .binary, #patch .copfile {border:1px solid #ccc;margin:10px 0;}
#patch ins {background:#dfd;text-decoration:none;display:block;padding:0 10px;}
#patch del {background:#fdd;text-decoration:none;display:block;padding:0 10px;}
#patch .lines, .info {color:#888;background:#fff;}
--></style>
<div id="msg">
<dl class="meta">
<dt>Revision</dt> <dd><a href="http://trac.webkit.org/projects/webkit/changeset/248273">248273</a></dd>
<dt>Author</dt> <dd>wilander@apple.com</dd>
<dt>Date</dt> <dd>2019-08-05 14:33:51 -0700 (Mon, 05 Aug 2019)</dd>
</dl>

<h3>Log Message</h3>
<pre>Resource Load Statistics: Re-introduce latch mode for subresource cookie blocking
https://bugs.webkit.org/show_bug.cgi?id=200395
<rdar://problem/53869611>

Reviewed by Darin Adler.

Back when we had a relaxation of cookie blocking 24 hours after first-party user
interaction, we made sure cookie blocking could be turned on and off in subresource
redirect chains. The 24 hour window is now long gone. This patch simplifies the
cookie blocking so that once a subresource request is denied cookies, any
subsequent redirect of that request will also be denied cookies, regardless of the
classification status of the domains involved. I call it latch mode.

Source/WebKit:

* NetworkProcess/cocoa/NetworkDataTaskCocoa.h:
* NetworkProcess/cocoa/NetworkDataTaskCocoa.mm:
(WebKit::NetworkDataTaskCocoa::blockCookies):
(WebKit::NetworkDataTaskCocoa::NetworkDataTaskCocoa):
(WebKit::NetworkDataTaskCocoa::willPerformHTTPRedirection):
(WebKit::NetworkDataTaskCocoa::applyCookieBlockingPolicy): Deleted.

LayoutTests:

* http/tests/resourceLoadStatistics/do-not-remove-blocking-in-redirect-expected.txt: Renamed from LayoutTests/http/tests/resourceLoadStatistics/remove-blocking-in-redirect-expected.txt.
* http/tests/resourceLoadStatistics/do-not-remove-blocking-in-redirect.html: Renamed from LayoutTests/http/tests/resourceLoadStatistics/remove-blocking-in-redirect.html.
    Changed to expect no removal of blocking in the redirect and renamed accordingly.
* platform/ios/TestExpectations:
    Renamed.
* platform/mac-wk2/TestExpectations:
    Renamed.
* platform/wk2/TestExpectations:
    Renamed.</pre>

<h3>Modified Paths</h3>
<ul>
<li><a href="#trunkLayoutTestsChangeLog">trunk/LayoutTests/ChangeLog</a></li>
<li><a href="#trunkLayoutTestsplatformiosTestExpectations">trunk/LayoutTests/platform/ios/TestExpectations</a></li>
<li><a href="#trunkLayoutTestsplatformmacwk2TestExpectations">trunk/LayoutTests/platform/mac-wk2/TestExpectations</a></li>
<li><a href="#trunkLayoutTestsplatformwk2TestExpectations">trunk/LayoutTests/platform/wk2/TestExpectations</a></li>
<li><a href="#trunkSourceWebKitChangeLog">trunk/Source/WebKit/ChangeLog</a></li>
<li><a href="#trunkSourceWebKitNetworkProcesscocoaNetworkDataTaskCocoah">trunk/Source/WebKit/NetworkProcess/cocoa/NetworkDataTaskCocoa.h</a></li>
<li><a href="#trunkSourceWebKitNetworkProcesscocoaNetworkDataTaskCocoamm">trunk/Source/WebKit/NetworkProcess/cocoa/NetworkDataTaskCocoa.mm</a></li>
</ul>

<h3>Added Paths</h3>
<ul>
<li><a href="#trunkLayoutTestshttptestsresourceLoadStatisticsdonotremoveblockinginredirectexpectedtxt">trunk/LayoutTests/http/tests/resourceLoadStatistics/do-not-remove-blocking-in-redirect-expected.txt</a></li>
<li><a href="#trunkLayoutTestshttptestsresourceLoadStatisticsdonotremoveblockinginredirecthtml">trunk/LayoutTests/http/tests/resourceLoadStatistics/do-not-remove-blocking-in-redirect.html</a></li>
</ul>

<h3>Removed Paths</h3>
<ul>
<li><a href="#trunkLayoutTestshttptestsresourceLoadStatisticsremoveblockinginredirectexpectedtxt">trunk/LayoutTests/http/tests/resourceLoadStatistics/remove-blocking-in-redirect-expected.txt</a></li>
<li><a href="#trunkLayoutTestshttptestsresourceLoadStatisticsremoveblockinginredirecthtml">trunk/LayoutTests/http/tests/resourceLoadStatistics/remove-blocking-in-redirect.html</a></li>
</ul>

</div>
<div id="patch">
<h3>Diff</h3>
<a id="trunkLayoutTestsChangeLog"></a>
<div class="modfile"><h4>Modified: trunk/LayoutTests/ChangeLog (248272 => 248273)</h4>
<pre class="diff"><span>
<span class="info">--- trunk/LayoutTests/ChangeLog      2019-08-05 21:24:52 UTC (rev 248272)
+++ trunk/LayoutTests/ChangeLog 2019-08-05 21:33:51 UTC (rev 248273)
</span><span class="lines">@@ -1,3 +1,28 @@
</span><ins>+2019-08-05  John Wilander  <wilander@apple.com>
+
+        Resource Load Statistics: Re-introduce latch mode for subresource cookie blocking
+        https://bugs.webkit.org/show_bug.cgi?id=200395
+        <rdar://problem/53869611>
+
+        Reviewed by Darin Adler.
+
+        Back when we had a relaxation of cookie blocking 24 hours after first-party user
+        interaction, we made sure cookie blocking could be turned on and off in subresource
+        redirect chains. The 24 hour window is now long gone. This patch simplifies the
+        cookie blocking so that once a subresource request is denied cookies, any
+        subsequent redirect of that request will also be denied cookies, regardless of the
+        classification status of the domains involved. I call it latch mode.
+
+        * http/tests/resourceLoadStatistics/do-not-remove-blocking-in-redirect-expected.txt: Renamed from LayoutTests/http/tests/resourceLoadStatistics/remove-blocking-in-redirect-expected.txt.
+        * http/tests/resourceLoadStatistics/do-not-remove-blocking-in-redirect.html: Renamed from LayoutTests/http/tests/resourceLoadStatistics/remove-blocking-in-redirect.html.
+            Changed to expect no removal of blocking in the redirect and renamed accordingly.
+        * platform/ios/TestExpectations:
+            Renamed.
+        * platform/mac-wk2/TestExpectations:
+            Renamed.
+        * platform/wk2/TestExpectations:
+            Renamed.
+
</ins><span class="cx"> 2019-08-05  Youenn Fablet  <youenn@apple.com>
</span><span class="cx"> 
</span><span class="cx">         Disable speculative loading if cache is not to be used for the load
</span></span></pre></div>
<a id="trunkLayoutTestshttptestsresourceLoadStatisticsdonotremoveblockinginredirectexpectedtxtfromrev248272trunkLayoutTestshttptestsresourceLoadStatisticsremoveblockinginredirectexpectedtxt"></a>
<div class="copfile"><h4>Copied: trunk/LayoutTests/http/tests/resourceLoadStatistics/do-not-remove-blocking-in-redirect-expected.txt (from rev 248272, trunk/LayoutTests/http/tests/resourceLoadStatistics/remove-blocking-in-redirect-expected.txt) (0 => 248273)</h4>
<pre class="diff"><span>
<span class="info">--- trunk/LayoutTests/http/tests/resourceLoadStatistics/do-not-remove-blocking-in-redirect-expected.txt                              (rev 0)
+++ trunk/LayoutTests/http/tests/resourceLoadStatistics/do-not-remove-blocking-in-redirect-expected.txt 2019-08-05 21:33:51 UTC (rev 248273)
</span><span class="lines">@@ -0,0 +1,51 @@
</span><ins>+Tests that blocking is not removed mid-flight in redirects.
+
+On success, you will see a series of "PASS" messages, followed by "TEST COMPLETE".
+
+
+PASS successfullyParsed is true
+
+TEST COMPLETE
+  
+
+--------
+Frame: '<!--frame1-->'
+--------
+Should receive first-party cookie for localhost.
+Did not receive cookie named 'firstPartyCookieIP'.
+Received cookie named 'firstPartyCookieLocalhost'.
+Did not receive cookie named 'thirdPartyCookie'.
+Client-side document.cookie: firstPartyCookieLocalhost=localhost
+
+--------
+Frame: '<!--frame2-->'
+--------
+Redirect case 1, should receive first-party cookie for 127.0.0.1.
+Received cookie named 'firstPartyCookieIP'.
+Did not receive cookie named 'firstPartyCookieLocalhost'.
+Did not receive cookie named 'thirdPartyCookie'.
+Client-side document.cookie: firstPartyCookieIP=127.0.0.1
+
+--------
+Frame: '<!--frame3-->'
+--------
+Try to set third-party cookie for localhost in blocked mode.
+
+
+--------
+Frame: '<!--frame4-->'
+--------
+Should receive no cookie.
+Did not receive cookie named 'firstPartyCookieIP'.
+Did not receive cookie named 'firstPartyCookieLocalhost'.
+Did not receive cookie named 'thirdPartyCookie'.
+Client-side document.cookie:
+
+--------
+Frame: '<!--frame5-->'
+--------
+Redirect case 2, should not receive first-party cookie for 127.0.0.1.
+Did not receive cookie named 'firstPartyCookieIP'.
+Did not receive cookie named 'firstPartyCookieLocalhost'.
+Did not receive cookie named 'thirdPartyCookie'.
+Client-side document.cookie: firstPartyCookieIP=127.0.0.1
</ins></span></pre></div>
<a id="trunkLayoutTestshttptestsresourceLoadStatisticsdonotremoveblockinginredirecthtmlfromrev248272trunkLayoutTestshttptestsresourceLoadStatisticsremoveblockinginredirecthtml"></a>
<div class="copfile"><h4>Copied: trunk/LayoutTests/http/tests/resourceLoadStatistics/do-not-remove-blocking-in-redirect.html (from rev 248272, trunk/LayoutTests/http/tests/resourceLoadStatistics/remove-blocking-in-redirect.html) (0 => 248273)</h4>
<pre class="diff"><span>
<span class="info">--- trunk/LayoutTests/http/tests/resourceLoadStatistics/do-not-remove-blocking-in-redirect.html                              (rev 0)
+++ trunk/LayoutTests/http/tests/resourceLoadStatistics/do-not-remove-blocking-in-redirect.html 2019-08-05 21:33:51 UTC (rev 248273)
</span><span class="lines">@@ -0,0 +1,99 @@
</span><ins>+<!DOCTYPE html>
+<html lang="en">
+<head>
+    <meta charset="UTF-8">
+    <script src="/js-test-resources/js-test.js"></script>
+    <script src="resources/util.js"></script>
+</head>
+<body>
+<script>
+    description("Tests that blocking is not removed mid-flight in redirects.");
+    jsTestIsAsync = true;
+
+    const partitionHost = "127.0.0.1:8000";
+    const thirdPartyOrigin = "http://localhost:8000";
+    const resourcePath = "/resourceLoadStatistics/resources";
+    const thirdPartyBaseUrl = thirdPartyOrigin + resourcePath;
+    const firstPartyCookieNamePrefix = "firstPartyCookie";
+    const firstPartyCookieNameIP = firstPartyCookieNamePrefix + "IP";
+    const firstPartyCookieNameLocalhost = firstPartyCookieNamePrefix + "Localhost";
+    const thirdPartyCookieName = "thirdPartyCookie";
+    const subPathToSetThirdPartyCookie = "/set-cookie.php?name=" + thirdPartyCookieName + "&value=value";
+    const subPathToGetCookies = "/get-cookies.php?name1=" + firstPartyCookieNameIP + "&name2=" + firstPartyCookieNameLocalhost + "&name3=" + thirdPartyCookieName;
+    const redirectChainUrl = thirdPartyOrigin + resourcePath + "/redirect.php?redirectTo=http://" + partitionHost + resourcePath + subPathToGetCookies;
+
+    function openIframe(url, onLoadHandler) {
+        const element = document.createElement("iframe");
+        element.src = url;
+        if (onLoadHandler) {
+            element.onload = onLoadHandler;
+        }
+        document.body.appendChild(element);
+    }
+
+    function runTest() {
+        switch (document.location.hash) {
+            case "#step1":
+                // Set first-party cookies for 127.0.0.1 and localhost.
+                if (document.location.origin === thirdPartyOrigin) {
+                    document.cookie = firstPartyCookieNameLocalhost + "=localhost;path='/'";
+                    document.location.href = "http://127.0.0.1:8000/resourceLoadStatistics/do-not-remove-blocking-in-redirect.html#step2";
+                } else {
+                    document.cookie = firstPartyCookieNameIP + "=127.0.0.1;path='/'";
+                    document.location.href = "http://localhost:8000/resourceLoadStatistics/do-not-remove-blocking-in-redirect.html#step1";
+                }
+                break;
+            case "#step2":
+                // Check that the cookie gets sent for localhost under 127.0.0.1 since localhost is not prevalent.
+                document.location.hash = "step3";
+                openIframe(thirdPartyBaseUrl + subPathToGetCookies + "&message=Should receive first-party cookie for localhost.", runTest);
+                break;
+            case "#step3":
+                document.location.hash = "step4";
+                // Load an iframe in a redirect chain that starts with localhost and ends with 127.0.0.1. Expect a cookie for 127.0.0.1.
+                openIframe(redirectChainUrl + "&message=Redirect case 1, should receive first-party cookie for 127.0.0.1.", runTest);
+                break;
+            case "#step4":
+                // Set localhost as prevalent to put it in the blocking category.
+                document.location.hash = "step5";
+                testRunner.setStatisticsPrevalentResource(thirdPartyOrigin, true, function() {
+                    if (!testRunner.isStatisticsPrevalentResource(thirdPartyOrigin))
+                        testFailed("Host did not get set as prevalent resource.");
+                    testRunner.statisticsUpdateCookieBlocking(runTest);
+                });
+                break;
+            case "#step5":
+                // Try to set partitioned cookie for localhost under 127.0.0.1.
+                document.location.hash = "step6";
+                openIframe(thirdPartyBaseUrl + subPathToSetThirdPartyCookie + "&message=Try to set third-party cookie for localhost in blocked mode.", runTest);
+                break;
+            case "#step6":
+                // Check that no cookie gets sent for localhost under 127.0.0.1 since localhost's cookies are blocked.
+                document.location.hash = "step7";
+                openIframe(thirdPartyBaseUrl + subPathToGetCookies +  "&message=Should receive no cookie.", runTest);
+                break;
+            case "#step7":
+                // Load an iframe in a redirect chain that starts with localhost and ends with 127.0.0.1. Expect a cookie for 127.0.0.1.
+                document.location.hash = "step8";
+                openIframe(redirectChainUrl + "&message=Redirect case 2, should not receive first-party cookie for 127.0.0.1.", runTest);
+                break;
+            case "#step8":
+                setEnableFeature(false, finishJSTest);
+                break;
+        }
+    }
+
+    if (document.location.hash === "") {
+        setEnableFeature(true, function() {
+            if (testRunner.isStatisticsPrevalentResource(thirdPartyOrigin))
+                testFailed("Localhost was classified as prevalent resource before the test starts.");
+            testRunner.dumpChildFramesAsText();
+            document.location.hash = "step1";
+            runTest();
+        });
+    } else {
+        runTest();
+    }
+</script>
+</body>
+</html>
</ins></span></pre></div>
<a id="trunkLayoutTestshttptestsresourceLoadStatisticsremoveblockinginredirectexpectedtxt"></a>
<div class="delfile"><h4>Deleted: trunk/LayoutTests/http/tests/resourceLoadStatistics/remove-blocking-in-redirect-expected.txt (248272 => 248273)</h4>
<pre class="diff"><span>
<span class="info">--- trunk/LayoutTests/http/tests/resourceLoadStatistics/remove-blocking-in-redirect-expected.txt     2019-08-05 21:24:52 UTC (rev 248272)
+++ trunk/LayoutTests/http/tests/resourceLoadStatistics/remove-blocking-in-redirect-expected.txt        2019-08-05 21:33:51 UTC (rev 248273)
</span><span class="lines">@@ -1,51 +0,0 @@
</span><del>-Tests that blocking is removed mid-flight in redirects.
-
-On success, you will see a series of "PASS" messages, followed by "TEST COMPLETE".
-
-
-PASS successfullyParsed is true
-
-TEST COMPLETE
-  
-
---------
-Frame: '<!--frame1-->'
---------
-Should receive first-party cookie for localhost.
-Did not receive cookie named 'firstPartyCookieIP'.
-Received cookie named 'firstPartyCookieLocalhost'.
-Did not receive cookie named 'thirdPartyCookie'.
-Client-side document.cookie: firstPartyCookieLocalhost=localhost
-
---------
-Frame: '<!--frame2-->'
---------
-Redirect case 1, should receive first-party cookie for 127.0.0.1.
-Received cookie named 'firstPartyCookieIP'.
-Did not receive cookie named 'firstPartyCookieLocalhost'.
-Did not receive cookie named 'thirdPartyCookie'.
-Client-side document.cookie: firstPartyCookieIP=127.0.0.1
-
---------
-Frame: '<!--frame3-->'
---------
-Try to set third-party cookie for localhost in blocked mode.
-
-
---------
-Frame: '<!--frame4-->'
---------
-Should receive no cookie.
-Did not receive cookie named 'firstPartyCookieIP'.
-Did not receive cookie named 'firstPartyCookieLocalhost'.
-Did not receive cookie named 'thirdPartyCookie'.
-Client-side document.cookie:
-
---------
-Frame: '<!--frame5-->'
---------
-Redirect case 2, should receive first-party cookie for 127.0.0.1.
-Received cookie named 'firstPartyCookieIP'.
-Did not receive cookie named 'firstPartyCookieLocalhost'.
-Did not receive cookie named 'thirdPartyCookie'.
-Client-side document.cookie: firstPartyCookieIP=127.0.0.1
</del></span></pre></div>
<a id="trunkLayoutTestshttptestsresourceLoadStatisticsremoveblockinginredirecthtml"></a>
<div class="delfile"><h4>Deleted: trunk/LayoutTests/http/tests/resourceLoadStatistics/remove-blocking-in-redirect.html (248272 => 248273)</h4>
<pre class="diff"><span>
<span class="info">--- trunk/LayoutTests/http/tests/resourceLoadStatistics/remove-blocking-in-redirect.html     2019-08-05 21:24:52 UTC (rev 248272)
+++ trunk/LayoutTests/http/tests/resourceLoadStatistics/remove-blocking-in-redirect.html        2019-08-05 21:33:51 UTC (rev 248273)
</span><span class="lines">@@ -1,99 +0,0 @@
</span><del>-<!DOCTYPE html>
-<html lang="en">
-<head>
-    <meta charset="UTF-8">
-    <script src="/js-test-resources/js-test.js"></script>
-    <script src="resources/util.js"></script>
-</head>
-<body>
-<script>
-    description("Tests that blocking is removed mid-flight in redirects.");
-    jsTestIsAsync = true;
-
-    const partitionHost = "127.0.0.1:8000";
-    const thirdPartyOrigin = "http://localhost:8000";
-    const resourcePath = "/resourceLoadStatistics/resources";
-    const thirdPartyBaseUrl = thirdPartyOrigin + resourcePath;
-    const firstPartyCookieNamePrefix = "firstPartyCookie";
-    const firstPartyCookieNameIP = firstPartyCookieNamePrefix + "IP";
-    const firstPartyCookieNameLocalhost = firstPartyCookieNamePrefix + "Localhost";
-    const thirdPartyCookieName = "thirdPartyCookie";
-    const subPathToSetThirdPartyCookie = "/set-cookie.php?name=" + thirdPartyCookieName + "&value=value";
-    const subPathToGetCookies = "/get-cookies.php?name1=" + firstPartyCookieNameIP + "&name2=" + firstPartyCookieNameLocalhost + "&name3=" + thirdPartyCookieName;
-    const redirectChainUrl = thirdPartyOrigin + resourcePath + "/redirect.php?redirectTo=http://" + partitionHost + resourcePath + subPathToGetCookies;
-
-    function openIframe(url, onLoadHandler) {
-        const element = document.createElement("iframe");
-        element.src = url;
-        if (onLoadHandler) {
-            element.onload = onLoadHandler;
-        }
-        document.body.appendChild(element);
-    }
-
-    function runTest() {
-        switch (document.location.hash) {
-            case "#step1":
-                // Set first-party cookies for 127.0.0.1 and localhost.
-                if (document.location.origin === thirdPartyOrigin) {
-                    document.cookie = firstPartyCookieNameLocalhost + "=localhost;path='/'";
-                    document.location.href = "http://127.0.0.1:8000/resourceLoadStatistics/remove-blocking-in-redirect.html#step2";
-                } else {
-                    document.cookie = firstPartyCookieNameIP + "=127.0.0.1;path='/'";
-                    document.location.href = "http://localhost:8000/resourceLoadStatistics/remove-blocking-in-redirect.html#step1";
-                }
-                break;
-            case "#step2":
-                // Check that the cookie gets sent for localhost under 127.0.0.1 since localhost is not prevalent.
-                document.location.hash = "step3";
-                openIframe(thirdPartyBaseUrl + subPathToGetCookies + "&message=Should receive first-party cookie for localhost.", runTest);
-                break;
-            case "#step3":
-                document.location.hash = "step4";
-                // Load an iframe in a redirect chain that starts with localhost and ends with 127.0.0.1. Expect a cookie for 127.0.0.1.
-                openIframe(redirectChainUrl + "&message=Redirect case 1, should receive first-party cookie for 127.0.0.1.", runTest);
-                break;
-            case "#step4":
-                // Set localhost as prevalent to put it in the blocking category.
-                document.location.hash = "step5";
-                testRunner.setStatisticsPrevalentResource(thirdPartyOrigin, true, function() {
-                    if (!testRunner.isStatisticsPrevalentResource(thirdPartyOrigin))
-                        testFailed("Host did not get set as prevalent resource.");
-                    testRunner.statisticsUpdateCookieBlocking(runTest);
-                });
-                break;
-            case "#step5":
-                // Try to set partitioned cookie for localhost under 127.0.0.1.
-                document.location.hash = "step6";
-                openIframe(thirdPartyBaseUrl + subPathToSetThirdPartyCookie + "&message=Try to set third-party cookie for localhost in blocked mode.", runTest);
-                break;
-            case "#step6":
-                // Check that no cookie gets sent for localhost under 127.0.0.1 since localhost's cookies are blocked.
-                document.location.hash = "step7";
-                openIframe(thirdPartyBaseUrl + subPathToGetCookies +  "&message=Should receive no cookie.", runTest);
-                break;
-            case "#step7":
-                // Load an iframe in a redirect chain that starts with localhost and ends with 127.0.0.1. Expect a cookie for 127.0.0.1.
-                document.location.hash = "step8";
-                openIframe(redirectChainUrl + "&message=Redirect case 2, should receive first-party cookie for 127.0.0.1.", runTest);
-                break;
-            case "#step8":
-                setEnableFeature(false, finishJSTest);
-                break;
-        }
-    }
-
-    if (document.location.hash === "") {
-        setEnableFeature(true, function() {
-            if (testRunner.isStatisticsPrevalentResource(thirdPartyOrigin))
-                testFailed("Localhost was classified as prevalent resource before the test starts.");
-            testRunner.dumpChildFramesAsText();
-            document.location.hash = "step1";
-            runTest();
-        });
-    } else {
-        runTest();
-    }
-</script>
-</body>
-</html>
</del></span></pre></div>
<a id="trunkLayoutTestsplatformiosTestExpectations"></a>
<div class="modfile"><h4>Modified: trunk/LayoutTests/platform/ios/TestExpectations (248272 => 248273)</h4>
<pre class="diff"><span>
<span class="info">--- trunk/LayoutTests/platform/ios/TestExpectations  2019-08-05 21:24:52 UTC (rev 248272)
+++ trunk/LayoutTests/platform/ios/TestExpectations     2019-08-05 21:33:51 UTC (rev 248273)
</span><span class="lines">@@ -2783,7 +2783,7 @@
</span><span class="cx"> http/tests/resourceLoadStatistics/cookies-with-and-without-user-interaction.html [ Pass ]
</span><span class="cx"> http/tests/resourceLoadStatistics/non-prevalent-resources-can-access-cookies-in-a-third-party-context.html [ Pass ]
</span><span class="cx"> http/tests/resourceLoadStatistics/add-blocking-to-redirect.html [ Pass ]
</span><del>-http/tests/resourceLoadStatistics/remove-blocking-in-redirect.html [ Pass ]
</del><ins>+http/tests/resourceLoadStatistics/do-not-remove-blocking-in-redirect.html [ Pass ]
</ins><span class="cx"> http/tests/resourceLoadStatistics/grandfathering.html [ Pass ]
</span><span class="cx"> http/tests/resourceLoadStatistics/clear-in-memory-and-persistent-store.html [ Pass ]
</span><span class="cx"> http/tests/resourceLoadStatistics/clear-in-memory-and-persistent-store-one-hour.html [ Pass ]
</span></span></pre></div>
<a id="trunkLayoutTestsplatformmacwk2TestExpectations"></a>
<div class="modfile"><h4>Modified: trunk/LayoutTests/platform/mac-wk2/TestExpectations (248272 => 248273)</h4>
<pre class="diff"><span>
<span class="info">--- trunk/LayoutTests/platform/mac-wk2/TestExpectations      2019-08-05 21:24:52 UTC (rev 248272)
+++ trunk/LayoutTests/platform/mac-wk2/TestExpectations 2019-08-05 21:33:51 UTC (rev 248273)
</span><span class="lines">@@ -791,7 +791,7 @@
</span><span class="cx"> [ HighSierra+ ] http/tests/resourceLoadStatistics/cookie-deletion.html [ Pass ]
</span><span class="cx"> [ HighSierra+ ] http/tests/resourceLoadStatistics/non-prevalent-resources-can-access-cookies-in-a-third-party-context.html [ Pass ]
</span><span class="cx"> [ HighSierra+ ] http/tests/resourceLoadStatistics/add-blocking-to-redirect.html [ Pass ]
</span><del>-[ HighSierra+ ] http/tests/resourceLoadStatistics/remove-blocking-in-redirect.html [ Pass ]
</del><ins>+[ HighSierra+ ] http/tests/resourceLoadStatistics/do-not-remove-blocking-in-redirect.html [ Pass ]
</ins><span class="cx"> [ HighSierra+ ] http/tests/resourceLoadStatistics/clear-in-memory-and-persistent-store.html [ Pass ]
</span><span class="cx"> [ HighSierra+ ] http/tests/resourceLoadStatistics/clear-in-memory-and-persistent-store-one-hour.html [ Pass ]
</span><span class="cx"> [ HighSierra+ ] http/tests/resourceLoadStatistics/grandfathering.html [ Pass ]
</span></span></pre></div>
<a id="trunkLayoutTestsplatformwk2TestExpectations"></a>
<div class="modfile"><h4>Modified: trunk/LayoutTests/platform/wk2/TestExpectations (248272 => 248273)</h4>
<pre class="diff"><span>
<span class="info">--- trunk/LayoutTests/platform/wk2/TestExpectations  2019-08-05 21:24:52 UTC (rev 248272)
+++ trunk/LayoutTests/platform/wk2/TestExpectations     2019-08-05 21:33:51 UTC (rev 248273)
</span><span class="lines">@@ -736,7 +736,7 @@
</span><span class="cx"> http/tests/resourceLoadStatistics/strip-referrer-to-origin-for-prevalent-subresource-redirects.html [ Skip ]
</span><span class="cx"> http/tests/resourceLoadStatistics/strip-referrer-to-origin-for-prevalent-subresource-requests.html [ Skip ]
</span><span class="cx"> http/tests/resourceLoadStatistics/add-blocking-to-redirect.html [ Skip ]
</span><del>-http/tests/resourceLoadStatistics/remove-blocking-in-redirect.html [ Skip ]
</del><ins>+http/tests/resourceLoadStatistics/do-not-remove-blocking-in-redirect.html [ Skip ]
</ins><span class="cx"> http/tests/resourceLoadStatistics/non-prevalent-resources-can-access-cookies-in-a-third-party-context.html [ Skip ]
</span><span class="cx"> http/tests/resourceLoadStatistics/cap-cache-max-age-for-prevalent-resource.html [ Skip ]
</span><span class="cx"> 
</span></span></pre></div>
<a id="trunkSourceWebKitChangeLog"></a>
<div class="modfile"><h4>Modified: trunk/Source/WebKit/ChangeLog (248272 => 248273)</h4>
<pre class="diff"><span>
<span class="info">--- trunk/Source/WebKit/ChangeLog    2019-08-05 21:24:52 UTC (rev 248272)
+++ trunk/Source/WebKit/ChangeLog       2019-08-05 21:33:51 UTC (rev 248273)
</span><span class="lines">@@ -1,3 +1,25 @@
</span><ins>+2019-08-05  John Wilander  <wilander@apple.com>
+
+        Resource Load Statistics: Re-introduce latch mode for subresource cookie blocking
+        https://bugs.webkit.org/show_bug.cgi?id=200395
+        <rdar://problem/53869611>
+
+        Reviewed by Darin Adler.
+
+        Back when we had a relaxation of cookie blocking 24 hours after first-party user
+        interaction, we made sure cookie blocking could be turned on and off in subresource
+        redirect chains. The 24 hour window is now long gone. This patch simplifies the
+        cookie blocking so that once a subresource request is denied cookies, any
+        subsequent redirect of that request will also be denied cookies, regardless of the
+        classification status of the domains involved. I call it latch mode.
+
+        * NetworkProcess/cocoa/NetworkDataTaskCocoa.h:
+        * NetworkProcess/cocoa/NetworkDataTaskCocoa.mm:
+        (WebKit::NetworkDataTaskCocoa::blockCookies):
+        (WebKit::NetworkDataTaskCocoa::NetworkDataTaskCocoa):
+        (WebKit::NetworkDataTaskCocoa::willPerformHTTPRedirection):
+        (WebKit::NetworkDataTaskCocoa::applyCookieBlockingPolicy): Deleted.
+
</ins><span class="cx"> 2019-08-05  Youenn Fablet  <youenn@apple.com>
</span><span class="cx"> 
</span><span class="cx">         Disable speculative loading if cache is not to be used for the load
</span></span></pre></div>
<a id="trunkSourceWebKitNetworkProcesscocoaNetworkDataTaskCocoah"></a>
<div class="modfile"><h4>Modified: trunk/Source/WebKit/NetworkProcess/cocoa/NetworkDataTaskCocoa.h (248272 => 248273)</h4>
<pre class="diff"><span>
<span class="info">--- trunk/Source/WebKit/NetworkProcess/cocoa/NetworkDataTaskCocoa.h  2019-08-05 21:24:52 UTC (rev 248272)
+++ trunk/Source/WebKit/NetworkProcess/cocoa/NetworkDataTaskCocoa.h     2019-08-05 21:33:51 UTC (rev 248273)
</span><span class="lines">@@ -84,7 +84,7 @@
</span><span class="cx"> 
</span><span class="cx"> #if ENABLE(RESOURCE_LOAD_STATISTICS)
</span><span class="cx">     static NSHTTPCookieStorage *statelessCookieStorage();
</span><del>-    void applyCookieBlockingPolicy(bool shouldBlock);
</del><ins>+    void blockCookies();
</ins><span class="cx"> #endif
</span><span class="cx">     bool isThirdPartyRequest(const WebCore::ResourceRequest&);
</span><span class="cx">     bool isAlwaysOnLoggingAllowed() const;
</span></span></pre></div>
<a id="trunkSourceWebKitNetworkProcesscocoaNetworkDataTaskCocoamm"></a>
<div class="modfile"><h4>Modified: trunk/Source/WebKit/NetworkProcess/cocoa/NetworkDataTaskCocoa.mm (248272 => 248273)</h4>
<pre class="diff"><span>
<span class="info">--- trunk/Source/WebKit/NetworkProcess/cocoa/NetworkDataTaskCocoa.mm 2019-08-05 21:24:52 UTC (rev 248272)
+++ trunk/Source/WebKit/NetworkProcess/cocoa/NetworkDataTaskCocoa.mm    2019-08-05 21:33:51 UTC (rev 248273)
</span><span class="lines">@@ -131,22 +131,15 @@
</span><span class="cx">     return statelessCookieStorage.get().get();
</span><span class="cx"> }
</span><span class="cx"> 
</span><del>-void NetworkDataTaskCocoa::applyCookieBlockingPolicy(bool shouldBlock)
</del><ins>+void NetworkDataTaskCocoa::blockCookies()
</ins><span class="cx"> {
</span><span class="cx">     ASSERT(hasProcessPrivilege(ProcessPrivilege::CanAccessRawCookies));
</span><span class="cx"> 
</span><del>-    if (shouldBlock == m_hasBeenSetToUseStatelessCookieStorage)
</del><ins>+    if (m_hasBeenSetToUseStatelessCookieStorage)
</ins><span class="cx">         return;
</span><span class="cx"> 
</span><del>-    NSHTTPCookieStorage *storage = nil;
-    if (shouldBlock)
-        storage = statelessCookieStorage();
-    else if (auto* storageSession = m_session->networkStorageSession())
-        storage = storageSession->nsCookieStorage();
-    if (storage) {
-        [m_task _setExplicitCookieStorage:storage._cookieStorage];
-        m_hasBeenSetToUseStatelessCookieStorage = shouldBlock;
-    }
</del><ins>+    [m_task _setExplicitCookieStorage:statelessCookieStorage()._cookieStorage];
+    m_hasBeenSetToUseStatelessCookieStorage = true;
</ins><span class="cx"> }
</span><span class="cx"> #endif
</span><span class="cx"> 
</span><span class="lines">@@ -261,7 +254,7 @@
</span><span class="cx"> #else
</span><span class="cx">         LOG(NetworkSession, "%llu Blocking cookies for URL %s", [m_task taskIdentifier], nsRequest.URL.absoluteString.UTF8String);
</span><span class="cx"> #endif
</span><del>-        applyCookieBlockingPolicy(shouldBlockCookies);
</del><ins>+        blockCookies();
</ins><span class="cx">     }
</span><span class="cx"> #endif
</span><span class="cx"> 
</span><span class="lines">@@ -384,30 +377,19 @@
</span><span class="cx">         request.setFirstPartyForCookies(request.url());
</span><span class="cx"> 
</span><span class="cx"> #if ENABLE(RESOURCE_LOAD_STATISTICS)
</span><del>-    bool shouldBlockCookies = m_storedCredentialsPolicy == WebCore::StoredCredentialsPolicy::EphemeralStatelessCookieless
-        || (m_session->networkStorageSession() && m_session->networkStorageSession()->shouldBlockCookies(request, m_frameID, m_pageID));
</del><ins>+    if (!m_hasBeenSetToUseStatelessCookieStorage) {
+        if (m_storedCredentialsPolicy == WebCore::StoredCredentialsPolicy::EphemeralStatelessCookieless
+            || (m_session->networkStorageSession() && m_session->networkStorageSession()->shouldBlockCookies(request, m_frameID, m_pageID)))
+            blockCookies();
+    }
</ins><span class="cx"> #if !RELEASE_LOG_DISABLED
</span><span class="cx">     if (m_session->shouldLogCookieInformation())
</span><del>-        RELEASE_LOG_IF(isAlwaysOnLoggingAllowed(), Network, "%p - NetworkDataTaskCocoa::willPerformHTTPRedirection::logCookieInformation: pageID = %llu, frameID = %llu, taskID = %lu: %s cookies for redirect URL %s", this, m_pageID.toUInt64(), m_frameID, (unsigned long)[m_task taskIdentifier], (shouldBlockCookies ? "Blocking" : "Not blocking"), request.url().string().utf8().data());
</del><ins>+        RELEASE_LOG_IF(isAlwaysOnLoggingAllowed(), Network, "%p - NetworkDataTaskCocoa::willPerformHTTPRedirection::logCookieInformation: pageID = %llu, frameID = %llu, taskID = %lu: %s cookies for redirect URL %s", this, m_pageID.toUInt64(), m_frameID, (unsigned long)[m_task taskIdentifier], (m_hasBeenSetToUseStatelessCookieStorage ? "Blocking" : "Not blocking"), request.url().string().utf8().data());
</ins><span class="cx"> #else
</span><del>-    LOG(NetworkSession, "%llu %s cookies for redirect URL %s", [m_task taskIdentifier], (shouldBlockCookies ? "Blocking" : "Not blocking"), request.url().string().utf8().data());
</del><ins>+    LOG(NetworkSession, "%llu %s cookies for redirect URL %s", [m_task taskIdentifier], (m_hasBeenSetToUseStatelessCookieStorage ? "Blocking" : "Not blocking"), request.url().string().utf8().data());
</ins><span class="cx"> #endif
</span><span class="cx"> #endif
</span><span class="cx"> 
</span><del>-#if ENABLE(RESOURCE_LOAD_STATISTICS)
-    // Always apply the policy since blocking may need to be turned on or off in a redirect.
-    applyCookieBlockingPolicy(shouldBlockCookies);
-
-    if (!shouldBlockCookies) {
-#if !RELEASE_LOG_DISABLED
-        if (m_session->shouldLogCookieInformation())
-            RELEASE_LOG_IF(isAlwaysOnLoggingAllowed(), Network, "%p - NetworkDataTaskCocoa::willPerformHTTPRedirection::logCookieInformation: pageID = %llu, frameID = %llu, taskID = %lu: Not partitioning cookies for redirect URL %s", this, m_pageID.toUInt64(), m_frameID, (unsigned long)[m_task taskIdentifier], request.url().string().utf8().data());
-#else
-        LOG(NetworkSession, "%llu Not partitioning cookies for redirect URL %s", [m_task taskIdentifier], request.url().string().utf8().data());
-#endif
-    }
-#endif
-
</del><span class="cx">     updateTaskWithFirstPartyForSameSiteCookies(m_task.get(), request);
</span><span class="cx"> 
</span><span class="cx">     if (m_client)
</span></span></pre>
</div>
</div>

</body>
</html>