[Webkit-unassigned] [Bug 173844] New: Intelligent Tracking Prevention removes first party cookie on iOS11 beta v2, not on macOS beta v2

bugzilla-daemon at webkit.org bugzilla-daemon at webkit.org
Mon Jun 26 11:43:00 PDT 2017


            Bug ID: 173844
           Summary: Intelligent Tracking Prevention removes first party
                    cookie on iOS11 beta v2, not on macOS beta v2
           Product: WebKit
           Version: WebKit Nightly Build
          Hardware: iPhone / iPad
                OS: iOS 11
            Status: NEW
          Severity: Normal
          Priority: P2
         Component: WebKit Misc.
          Assignee: webkit-unassigned at lists.webkit.org
          Reporter: kirk.elliott at oracle.com

ITP = Intelligent Tracking Prevention

@johnwilander asked me to mention him here https://twitter.com/johnwilander/status/879404760473808896

I'm presenting a perceived bug and a follow up question in iOS11 beta v2, and an contrasting observation about ITP behavior in macOS HighSierra beta v2:

WHERE client.com is a first-party loaded domain which loads an iframe with src=tools.com that reads tools.com cookie 
AND the tools.com cookie value is a unique uid (XXX e.g. 001)
AND after tools.com has been visited first-party, setting the cookie

In iOS11 it appears that when ITP "kicks in", or shortly thereafter, that the first party tools.com cookie is removed until the next time it is visited and set. The "bug" is that there is a point in time where the uid is expected but missing. So tools.com has a period where its first-party uid cookie is missing, then afterwards the value is different than its original version.

After setting tools.com cookie again (after ITP is invoked), what I imagine to be "normal" ITP behavior starts. That is, after revisiting tools.com and setting a cookie, client.com sets a new cookie for tools.com different from the previous tools.com value and also different from the new tools.com value. The "question" is: Is this "normal" ITP behavior?

Additionally running the same test in macOS I am having trouble getting ITP to "kick in", even with many client.com-similar domains loading the tools.com cookie.

You are receiving this mail because:
You are the assignee for the bug.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.webkit.org/pipermail/webkit-unassigned/attachments/20170626/2dbd9731/attachment-0001.html>

More information about the webkit-unassigned mailing list