[Webkit-unassigned] [Bug 149873] [Content Extensions] Content blocking rules are not consulted for pings (<a ping>)
bugzilla-daemon at webkit.org
bugzilla-daemon at webkit.org
Tue Oct 13 08:49:41 PDT 2015
https://bugs.webkit.org/show_bug.cgi?id=149873
Roopesh Chander <roop+webkit at roopc.net> changed:
What |Removed |Added
----------------------------------------------------------------------------
Attachment #262754|0 |1
is obsolete| |
--- Comment #12 from Roopesh Chander <roop+webkit at roopc.net> ---
Created attachment 262988
--> https://bugs.webkit.org/attachment.cgi?id=262988&action=review
Patch (fails one test)
On the code changes:
1. I created a new function in ContentExtensionsBackend.cpp called processContentExtensionRulesForPing() for handling pings, but it turned out to have a lot in common with processContentExtensionRulesForLoad(), so I've refactored out the common parts into a private method called processContentExtensionRules().
2. In PingLoader::sendViolationReport(), I changed the existing code that roughly translates to (pseudocode):
request.setAllowCookies(isSameSchemeHostPort(securityOriginOfURL))
to something like (pseudocode):
if (!isSameSchemeHostPort(securityOriginOfURL) || isCookiesBlocked) {
request.setAllowCookies(false)
}
because it appears that the default allowCookies value could be false in iOS, which the earlier version could inadvertently turn on.
3. Hiding content ("css-display-none") on an <a ping> is not working. I don't know why at present. I'm submitting this patch anyway so I can get an early feedback, and maybe some insight into why it might not be working.
On the tests:
1. There are 3 types of pings (loadImage(), sendPing(), sendViolationReport()), and 3 actions ("block", "block-cookies", "css-display-none"), resulting in 9 scenarios to test. However, I can't think of a good way to test the combination of loadImage() + css-display-none (the ping is sent when the page is unloaded, so is it possible / useful to test hiding of an element in an unloaded page?), so that is excluded.
2. The hide-on-ping.html test fails because of #3 above. So, I've not marked this for review.
--
You are receiving this mail because:
You are the assignee for the bug.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.webkit.org/pipermail/webkit-unassigned/attachments/20151013/4252e4e4/attachment.html>
More information about the webkit-unassigned
mailing list