From fec4d1198a9d724073f59b0d6a35f3bc9a6de765 Mon Sep 17 00:00:00 2001 From: Martin Robinson Date: Wed, 9 Dec 2020 10:55:54 +0100 Subject: [PATCH 1/4] Only activate ephemeral storage for otherwise blocked storage Instead of using ephemeral storage for all unblocked third-party frame storage, only use ephemeral storage when third-party storage is blocked. This means that turning on the ephemeral storage flag will always replaced blocked storage in third-party frames with an ephemeral version, regardless of other settings. --- .../core/common/cookie_settings_base.cc | 14 +++++++ .../core/common/cookie_settings_base.h | 18 +++++---- .../net/url_request/url_request_http_job.cc | 38 +++++++++++++++++-- .../net/url_request/url_request_http_job.h | 20 ++++++++++ .../network/restricted_cookie_manager.cc | 26 +++++++++---- ...-url_request-url_request_http_job.cc.patch | 12 +++++- 6 files changed, 108 insertions(+), 20 deletions(-) create mode 100644 chromium_src/net/url_request/url_request_http_job.h diff --git a/chromium_src/components/content_settings/core/common/cookie_settings_base.cc b/chromium_src/components/content_settings/core/common/cookie_settings_base.cc index 8c44afcdd554..65d385da564c 100644 --- a/chromium_src/components/content_settings/core/common/cookie_settings_base.cc +++ b/chromium_src/components/content_settings/core/common/cookie_settings_base.cc @@ -11,6 +11,7 @@ #include "components/content_settings/core/common/content_settings.h" #include "components/content_settings/core/common/content_settings_pattern.h" #include "components/content_settings/core/common/features.h" +#include "net/base/features.h" #include "net/base/registry_controlled_domains/registry_controlled_domain.h" #include "url/gurl.h" #include "url/origin.h" @@ -171,6 +172,19 @@ bool CookieSettingsBase::IsCookieAccessAllowed( return IsChromiumCookieAccessAllowed(url, site_for_cookies, top_frame_origin); } +bool CookieSettingsBase::IsCookieAccessOrEphemeralCookiesAccessAllowed( + const GURL& url, + const GURL& site_for_cookies, + const base::Optional& top_frame_origin) const { + if (IsCookieAccessAllowed(url, site_for_cookies, top_frame_origin)) + return true; + if (!base::FeatureList::IsEnabled(net::features::kBraveEphemeralStorage)) + return false; + if (!top_frame_origin.has_value()) + return false; + return *top_frame_origin != url::Origin::Create(url); +} + } // namespace content_settings #define IsCookieAccessAllowed IsChromiumCookieAccessAllowed diff --git a/chromium_src/components/content_settings/core/common/cookie_settings_base.h b/chromium_src/components/content_settings/core/common/cookie_settings_base.h index 1ba8ef436568..6447200e5c61 100644 --- a/chromium_src/components/content_settings/core/common/cookie_settings_base.h +++ b/chromium_src/components/content_settings/core/common/cookie_settings_base.h @@ -6,13 +6,17 @@ #ifndef BRAVE_CHROMIUM_SRC_COMPONENTS_CONTENT_SETTINGS_CORE_COMMON_COOKIE_SETTINGS_BASE_H_ #define BRAVE_CHROMIUM_SRC_COMPONENTS_CONTENT_SETTINGS_CORE_COMMON_COOKIE_SETTINGS_BASE_H_ -#define BRAVE_COOKIE_SETTINGS_BASE_H \ - private: \ - bool IsChromiumCookieAccessAllowed(const GURL& url, \ - const GURL& first_party_url) const; \ - bool IsChromiumCookieAccessAllowed( \ - const GURL& url, \ - const GURL& site_for_cookies, \ +#define BRAVE_COOKIE_SETTINGS_BASE_H \ + private: \ + bool IsChromiumCookieAccessAllowed(const GURL& url, \ + const GURL& first_party_url) const; \ + bool IsChromiumCookieAccessAllowed( \ + const GURL& url, const GURL& site_for_cookies, \ + const base::Optional& top_frame_origin) const; \ + \ + public: \ + bool IsCookieAccessOrEphemeralCookiesAccessAllowed( \ + const GURL& url, const GURL& site_for_cookies, \ const base::Optional& top_frame_origin) const; #include "../../../../../../components/content_settings/core/common/cookie_settings_base.h" diff --git a/chromium_src/net/url_request/url_request_http_job.cc b/chromium_src/net/url_request/url_request_http_job.cc index 20b503402524..1acb1a6e5b32 100644 --- a/chromium_src/net/url_request/url_request_http_job.cc +++ b/chromium_src/net/url_request/url_request_http_job.cc @@ -11,9 +11,11 @@ #include "net/cookies/cookie_monster.h" #include "net/url_request/url_request.h" +namespace net { + namespace { -bool ShouldUseEphemeralStorage(net::URLRequestHttpJob* http_job) { +bool CanUseEphemeralStorage(net::URLRequestHttpJob* http_job) { if (!base::FeatureList::IsEnabled(net::features::kBraveEphemeralStorage)) return false; @@ -30,8 +32,29 @@ bool ShouldUseEphemeralStorage(net::URLRequestHttpJob* http_job) { } // namespace +bool URLRequestHttpJob::CanSetCookieIncludingEphemeral( + const net::CanonicalCookie& cookie, + CookieOptions* options) { + return CanUseEphemeralStorage(this) || + CanSetNonEphemeralCookie(cookie, options); +} + +bool URLRequestHttpJob::CanGetNonEphemeralCookies() { + // We cannot call CanGetCookies without first checking the privacy mode. + return request_info_.privacy_mode == PRIVACY_MODE_DISABLED && CanGetCookies(); +} + +bool URLRequestHttpJob::CanSetNonEphemeralCookie( + const net::CanonicalCookie& cookie, + CookieOptions* options) { + return CanSetCookie(cookie, options); +} + +} // namespace net + #define BRAVE_ADDCOOKIEHEADERANDSTART \ - if (ShouldUseEphemeralStorage(this)) \ + if (!CanGetNonEphemeralCookies()) { \ + DCHECK(request()->isolation_info().top_frame_origin().has_value()); \ static_cast(cookie_store) \ ->GetEphemeralCookieListWithOptionsAsync( \ request_->url(), \ @@ -40,8 +63,13 @@ bool ShouldUseEphemeralStorage(net::URLRequestHttpJob* http_job) { weak_factory_.GetWeakPtr(), options)); \ else +#define BRAVE_SETCOOKIEHEADERANDSTART \ + if (!can_get_cookies && CanUseEphemeralStorage(this)) \ + can_get_cookies = true; + #define BRAVE_SAVECOOKIESANDNOTIFYHEADERSCOMPLETE \ - if (ShouldUseEphemeralStorage(this)) \ + if (!CanSetNonEphemeralCookie(*cookie, &options)) { \ + DCHECK(request()->isolation_info().top_frame_origin().has_value()); \ static_cast(request_->context()->cookie_store()) \ ->SetEphemeralCanonicalCookieAsync( \ std::move(cookie), request_->url(), \ @@ -51,4 +79,8 @@ bool ShouldUseEphemeralStorage(net::URLRequestHttpJob* http_job) { cookie_to_return, cookie_string)); \ else +#define CanSetCookie CanSetCookieIncludingEphemeral + #include "../../../../../net/url_request/url_request_http_job.cc" + +#undef CanSetCookies diff --git a/chromium_src/net/url_request/url_request_http_job.h b/chromium_src/net/url_request/url_request_http_job.h new file mode 100644 index 000000000000..c826ead5b36e --- /dev/null +++ b/chromium_src/net/url_request/url_request_http_job.h @@ -0,0 +1,20 @@ +/* Copyright (c) 2020 The Brave Authors. All rights reserved. + * This Source Code Form is subject to the terms of the Mozilla Public + * License, v. 2.0. If a copy of the MPL was not distributed with this file, + * You can obtain one at http://mozilla.org/MPL/2.0/. */ + +#ifndef BRAVE_CHROMIUM_SRC_NET_URL_REQUEST_URL_REQUEST_HTTP_JOB_H_ +#define BRAVE_CHROMIUM_SRC_NET_URL_REQUEST_URL_REQUEST_HTTP_JOB_H_ + +#define ShouldFixMismatchedContentLength \ + CanGetNonEphemeralCookies(); \ + bool CanSetNonEphemeralCookie(const net::CanonicalCookie&, CookieOptions*); \ + bool CanSetCookieIncludingEphemeral(const net::CanonicalCookie&, \ + CookieOptions*); \ + bool ShouldFixMismatchedContentLength + +#include "../../../../net/url_request/url_request_http_job.h" + +#undef ShouldFixMismatchedContentLength + +#endif // BRAVE_CHROMIUM_SRC_NET_URL_REQUEST_URL_REQUEST_HTTP_JOB_H_ diff --git a/chromium_src/services/network/restricted_cookie_manager.cc b/chromium_src/services/network/restricted_cookie_manager.cc index e43a45bdc709..a14f1fb43eb0 100644 --- a/chromium_src/services/network/restricted_cookie_manager.cc +++ b/chromium_src/services/network/restricted_cookie_manager.cc @@ -7,22 +7,27 @@ #include "net/base/features.h" #include "net/cookies/cookie_monster.h" +#include "services/network/cookie_settings.h" + +namespace network { namespace { -bool ShouldUseEphemeralStorage(const GURL& url, +bool ShouldUseEphemeralStorage(const CookieSettings* cookie_settings, + const GURL& url, + const net::SiteForCookies& site_for_cookies, const url::Origin& top_frame_origin) { - if (!base::FeatureList::IsEnabled(net::features::kBraveEphemeralStorage)) - return false; - if (url::Origin::Create(url) == top_frame_origin) - return false; - return true; + return !cookie_settings->IsCookieAccessAllowed( + url, site_for_cookies.RepresentativeUrl(), top_frame_origin); } } // namespace +} // namespace network + #define BRAVE_GETALLFORURL \ - if (ShouldUseEphemeralStorage(url, top_frame_origin)) { \ + if (ShouldUseEphemeralStorage(cookie_settings_, url, site_for_cookies, \ + top_frame_origin)) { \ static_cast(cookie_store_) \ ->GetEphemeralCookieListWithOptionsAsync( \ url, top_frame_origin.GetURL(), net_options, \ @@ -34,7 +39,8 @@ bool ShouldUseEphemeralStorage(const GURL& url, } else // NOLINT #define BRAVE_SETCANONICALCOOKIE \ - if (ShouldUseEphemeralStorage(url, top_frame_origin)) { \ + if (ShouldUseEphemeralStorage(cookie_settings_, url, site_for_cookies, \ + top_frame_origin)) { \ static_cast(cookie_store_) \ ->SetEphemeralCanonicalCookieAsync( \ std::move(sanitized_cookie), origin_.GetURL(), \ @@ -45,4 +51,8 @@ bool ShouldUseEphemeralStorage(const GURL& url, std::move(callback))); \ } else // NOLINT +#define IsCookieAccessAllowed IsCookieAccessOrEphemeralCookiesAccessAllowed + #include "../../../../../services/network/restricted_cookie_manager.cc" + +#undef IsCookieAccessAllowed diff --git a/patches/net-url_request-url_request_http_job.cc.patch b/patches/net-url_request-url_request_http_job.cc.patch index ee8f2ebd9826..8d1c39f3f879 100644 --- a/patches/net-url_request-url_request_http_job.cc.patch +++ b/patches/net-url_request-url_request_http_job.cc.patch @@ -1,5 +1,5 @@ diff --git a/net/url_request/url_request_http_job.cc b/net/url_request/url_request_http_job.cc -index f5e754f4ea0288a685a6932b00f692e3c6638621..d7da91c3607d205fd19cae3be369d4e58989f8bb 100644 +index f5e754f4ea0288a685a6932b00f692e3c6638621..1679866f30664117311f0fbe5c32fa20f40bb7b8 100644 --- a/net/url_request/url_request_http_job.cc +++ b/net/url_request/url_request_http_job.cc @@ -583,6 +583,7 @@ void URLRequestHttpJob::AddCookieHeaderAndStart() { @@ -10,7 +10,15 @@ index f5e754f4ea0288a685a6932b00f692e3c6638621..d7da91c3607d205fd19cae3be369d4e5 cookie_store->GetCookieListWithOptionsAsync( request_->url(), options, base::BindOnce(&URLRequestHttpJob::SetCookieHeaderAndStart, -@@ -770,6 +771,7 @@ void URLRequestHttpJob::SaveCookiesAndNotifyHeadersComplete(int result) { +@@ -600,6 +601,7 @@ void URLRequestHttpJob::SetCookieHeaderAndStart( + + bool can_get_cookies = + (request_info_.privacy_mode == PRIVACY_MODE_DISABLED && CanGetCookies()); ++ BRAVE_SETCOOKIEHEADERANDSTART + if (!cookies_with_access_result_list.empty() && can_get_cookies) { + std::string cookie_line = + CanonicalCookie::BuildCookieLine(cookies_with_access_result_list); +@@ -770,6 +772,7 @@ void URLRequestHttpJob::SaveCookiesAndNotifyHeadersComplete(int result) { continue; } From ab30496f67c6dbfd6cabffdecd95aba2a2c93c1c Mon Sep 17 00:00:00 2001 From: Cathie Chen Date: Fri, 20 Nov 2020 15:44:32 +0800 Subject: [PATCH 2/4] Ephemeral dom storage flag --- .../ephemeral_storage_browsertest.cc | 149 ++++++++++++++++-- .../modules/storage/dom_window_storage.cc | 20 +-- .../modules/storage/storage_controller.cc | 29 ++++ .../modules/storage/storage_controller.h | 18 +++ ...modules-storage-storage_controller.h.patch | 12 ++ 5 files changed, 199 insertions(+), 29 deletions(-) create mode 100644 chromium_src/third_party/blink/renderer/modules/storage/storage_controller.cc create mode 100644 chromium_src/third_party/blink/renderer/modules/storage/storage_controller.h create mode 100644 patches/third_party-blink-renderer-modules-storage-storage_controller.h.patch diff --git a/browser/ephemeral_storage/ephemeral_storage_browsertest.cc b/browser/ephemeral_storage/ephemeral_storage_browsertest.cc index 7b7a35bfe640..ff9867dac32a 100644 --- a/browser/ephemeral_storage/ephemeral_storage_browsertest.cc +++ b/browser/ephemeral_storage/ephemeral_storage_browsertest.cc @@ -70,15 +70,29 @@ content::EvalJsResult GetCookiesInFrame(RenderFrameHost* host) { return content::EvalJs(host, "document.cookie"); } +content::EvalJsResult GetStorageInFrame(RenderFrameHost* host, + StorageType storage_type) { + std::string script = base::StringPrintf("%sStorage;", ToString(storage_type)); + return content::EvalJs(host, script); +} + +void AssertStorageEmptyInFrame(RenderFrameHost* frame) { + EXPECT_EQ(nullptr, GetStorageInFrame(frame, StorageType::Local)); + EXPECT_EQ(nullptr, GetStorageInFrame(frame, StorageType::Session)); +} + +void AssertStorageEmptyInSubframes(WebContents* web_contents) { + RenderFrameHost* main_frame = web_contents->GetMainFrame(); + AssertStorageEmptyInFrame(content::ChildFrameAt(main_frame, 0)); + AssertStorageEmptyInFrame(content::ChildFrameAt(main_frame, 1)); +} + } // namespace -class EphemeralStorageBrowserTest : public InProcessBrowserTest { +class EphemeralStorageBaseBrowserTest : public InProcessBrowserTest { public: - EphemeralStorageBrowserTest() - : https_server_(net::EmbeddedTestServer::TYPE_HTTPS) { - scoped_feature_list_.InitAndEnableFeature( - net::features::kBraveEphemeralStorage); - } + EphemeralStorageBaseBrowserTest() + : https_server_(net::EmbeddedTestServer::TYPE_HTTPS) {} void SetUpOnMainThread() override { InProcessBrowserTest::SetUpOnMainThread(); @@ -180,12 +194,18 @@ class EphemeralStorageBrowserTest : public InProcessBrowserTest { GURL c_site_ephemeral_storage_url_; private: - DISALLOW_COPY_AND_ASSIGN(EphemeralStorageBrowserTest); + DISALLOW_COPY_AND_ASSIGN(EphemeralStorageBaseBrowserTest); }; -IN_PROC_BROWSER_TEST_F(EphemeralStorageBrowserTest, StorageIsPartitioned) { - AllowAllCookies(); +class EphemeralStorageBrowserTest : public EphemeralStorageBaseBrowserTest { + public: + EphemeralStorageBrowserTest() { + scoped_feature_list_.InitAndEnableFeature( + blink::features::kBraveEphemeralStorage); + } +}; +IN_PROC_BROWSER_TEST_F(EphemeralStorageBrowserTest, StorageIsPartitioned) { WebContents* first_party_tab = LoadURLInNewTab(b_site_ephemeral_storage_url_); WebContents* site_a_tab1 = LoadURLInNewTab(a_site_ephemeral_storage_url_); WebContents* site_a_tab2 = LoadURLInNewTab(a_site_ephemeral_storage_url_); @@ -263,8 +283,6 @@ IN_PROC_BROWSER_TEST_F(EphemeralStorageBrowserTest, StorageIsPartitioned) { IN_PROC_BROWSER_TEST_F(EphemeralStorageBrowserTest, NavigatingClearsEphemeralStorage) { - AllowAllCookies(); - ui_test_utils::NavigateToURL(browser(), a_site_ephemeral_storage_url_); auto* web_contents = browser()->tab_strip_model()->GetActiveWebContents(); @@ -303,8 +321,6 @@ IN_PROC_BROWSER_TEST_F(EphemeralStorageBrowserTest, IN_PROC_BROWSER_TEST_F(EphemeralStorageBrowserTest, ClosingTabClearsEphemeralStorage) { - AllowAllCookies(); - WebContents* site_a_tab = LoadURLInNewTab(a_site_ephemeral_storage_url_); EXPECT_EQ(browser()->tab_strip_model()->count(), 2); @@ -353,8 +369,6 @@ IN_PROC_BROWSER_TEST_F(EphemeralStorageBrowserTest, IN_PROC_BROWSER_TEST_F(EphemeralStorageBrowserTest, ReloadDoesNotClearEphemeralStorage) { - AllowAllCookies(); - ui_test_utils::NavigateToURL(browser(), a_site_ephemeral_storage_url_); auto* web_contents = browser()->tab_strip_model()->GetActiveWebContents(); @@ -392,8 +406,6 @@ IN_PROC_BROWSER_TEST_F(EphemeralStorageBrowserTest, IN_PROC_BROWSER_TEST_F(EphemeralStorageBrowserTest, EphemeralStorageDoesNotLeakBetweenProfiles) { - AllowAllCookies(); - ui_test_utils::NavigateToURL(browser(), a_site_ephemeral_storage_url_); auto* web_contents = browser()->tab_strip_model()->GetActiveWebContents(); @@ -554,3 +566,106 @@ IN_PROC_BROWSER_TEST_F(EphemeralStorageBrowserTest, EXPECT_EQ("third-party-a.com", third_party_values.session_storage); EXPECT_EQ("name=third-party-a.com", third_party_values.cookies); } + +IN_PROC_BROWSER_TEST_F(EphemeralStorageBrowserTest, ThirdPartyCookiesEnabled) { + AllowAllCookies(); + + ui_test_utils::NavigateToURL(browser(), b_site_ephemeral_storage_url_); + auto* web_contents = browser()->tab_strip_model()->GetActiveWebContents(); + // We set a value in the page where all the frames are first-party. + SetValuesInFrames(web_contents, "b.com - first party", "from=b.com"); + + // The storage in the first-party iframes should still reflect the + // original value that was written in the non-ephemeral storage area. + ValuesFromFrames first_party_values = GetValuesFromFrames(web_contents); + EXPECT_EQ("b.com - first party", first_party_values.main_frame.local_storage); + EXPECT_EQ("b.com - first party", first_party_values.iframe_1.local_storage); + EXPECT_EQ("b.com - first party", first_party_values.iframe_2.local_storage); + + EXPECT_EQ("b.com - first party", + first_party_values.main_frame.session_storage); + EXPECT_EQ("b.com - first party", first_party_values.iframe_1.session_storage); + EXPECT_EQ("b.com - first party", first_party_values.iframe_2.session_storage); + + ui_test_utils::NavigateToURL(browser(), a_site_ephemeral_storage_url_); + auto* a_site_content = browser()->tab_strip_model()->GetActiveWebContents(); + + // If third-party cookies is enabled, site_a_tab should be able to access to + // non-ephemeral sotrages. + ValuesFromFrames site_a_tab_values = GetValuesFromFrames(a_site_content); + EXPECT_EQ(nullptr, site_a_tab_values.main_frame.local_storage); + EXPECT_EQ("b.com - first party", site_a_tab_values.iframe_1.local_storage); + EXPECT_EQ("b.com - first party", site_a_tab_values.iframe_2.local_storage); + + EXPECT_EQ(nullptr, site_a_tab_values.main_frame.session_storage); + EXPECT_EQ("b.com - first party", site_a_tab_values.iframe_1.session_storage); + EXPECT_EQ("b.com - first party", site_a_tab_values.iframe_2.session_storage); +} + +class EphemeralStorageDisabledBrowserTest + : public EphemeralStorageBaseBrowserTest { + public: + EphemeralStorageDisabledBrowserTest() { + scoped_feature_list_.InitAndDisableFeature( + blink::features::kBraveEphemeralStorage); + } +}; + +IN_PROC_BROWSER_TEST_F(EphemeralStorageDisabledBrowserTest, + ThirdPartyCookiesEnabled) { + AllowAllCookies(); + + ui_test_utils::NavigateToURL(browser(), b_site_ephemeral_storage_url_); + auto* web_contents = browser()->tab_strip_model()->GetActiveWebContents(); + // We set a value in the page where all the frames are first-party. + SetValuesInFrames(web_contents, "b.com - first party", "from=b.com"); + + ValuesFromFrames first_party_values = GetValuesFromFrames(web_contents); + EXPECT_EQ("b.com - first party", first_party_values.main_frame.local_storage); + EXPECT_EQ("b.com - first party", first_party_values.iframe_1.local_storage); + EXPECT_EQ("b.com - first party", first_party_values.iframe_2.local_storage); + + EXPECT_EQ("b.com - first party", + first_party_values.main_frame.session_storage); + EXPECT_EQ("b.com - first party", first_party_values.iframe_1.session_storage); + EXPECT_EQ("b.com - first party", first_party_values.iframe_2.session_storage); + + ui_test_utils::NavigateToURL(browser(), a_site_ephemeral_storage_url_); + auto* a_site_content = browser()->tab_strip_model()->GetActiveWebContents(); + + // If third-party cookies is enabled, site_a_tab should be able to access to + // non-ephemeral sotrages. + ValuesFromFrames site_a_tab_values = GetValuesFromFrames(a_site_content); + EXPECT_EQ(nullptr, site_a_tab_values.main_frame.local_storage); + EXPECT_EQ("b.com - first party", site_a_tab_values.iframe_1.local_storage); + EXPECT_EQ("b.com - first party", site_a_tab_values.iframe_2.local_storage); + + EXPECT_EQ(nullptr, site_a_tab_values.main_frame.session_storage); + EXPECT_EQ("b.com - first party", site_a_tab_values.iframe_1.session_storage); + EXPECT_EQ("b.com - first party", site_a_tab_values.iframe_2.session_storage); +} + +IN_PROC_BROWSER_TEST_F(EphemeralStorageDisabledBrowserTest, + ThirdPartyCookiesDisabled) { + ui_test_utils::NavigateToURL(browser(), b_site_ephemeral_storage_url_); + auto* web_contents = browser()->tab_strip_model()->GetActiveWebContents(); + // We set a value in the page where all the frames are first-party. + SetValuesInFrames(web_contents, "b.com - first party", "from=b.com"); + + ValuesFromFrames first_party_values = GetValuesFromFrames(web_contents); + EXPECT_EQ("b.com - first party", first_party_values.main_frame.local_storage); + EXPECT_EQ("b.com - first party", first_party_values.iframe_1.local_storage); + EXPECT_EQ("b.com - first party", first_party_values.iframe_2.local_storage); + + EXPECT_EQ("b.com - first party", + first_party_values.main_frame.session_storage); + EXPECT_EQ("b.com - first party", first_party_values.iframe_1.session_storage); + EXPECT_EQ("b.com - first party", first_party_values.iframe_2.session_storage); + + ui_test_utils::NavigateToURL(browser(), a_site_ephemeral_storage_url_); + auto* a_site_content = browser()->tab_strip_model()->GetActiveWebContents(); + + // If both ephemeral storage and third-party cookies disabled, third-party + // frames can not access to any dom storage. + AssertStorageEmptyInSubframes(a_site_content); +} diff --git a/chromium_src/third_party/blink/renderer/modules/storage/dom_window_storage.cc b/chromium_src/third_party/blink/renderer/modules/storage/dom_window_storage.cc index 3e03e94a2b55..f337ba826944 100644 --- a/chromium_src/third_party/blink/renderer/modules/storage/dom_window_storage.cc +++ b/chromium_src/third_party/blink/renderer/modules/storage/dom_window_storage.cc @@ -170,17 +170,15 @@ StorageArea* BraveDOMWindowStorage::sessionStorage( DOMWindowStorage::From(*window).sessionStorage(exception_state); MaybeClearAccessDeniedException(storage, *window, &exception_state); - if (!base::FeatureList::IsEnabled(net::features::kBraveEphemeralStorage)) - return storage; - - if (!window->IsCrossSiteSubframe()) - return storage; - // If we were not able to create non-ephemeral session storage for this // window, then don't attempt to create an ephemeral version. if (!storage) return nullptr; + if (StorageController::CanAccessStorageAreaWithoutEphemeralStorage( + window->GetFrame(), StorageArea::StorageType::kSessionStorage)) + return storage; + return ephemeralSessionStorage(); } @@ -210,17 +208,15 @@ StorageArea* BraveDOMWindowStorage::localStorage( auto* storage = DOMWindowStorage::From(*window).localStorage(exception_state); MaybeClearAccessDeniedException(storage, *window, &exception_state); - if (!base::FeatureList::IsEnabled(net::features::kBraveEphemeralStorage)) - return storage; - - if (!window->IsCrossSiteSubframe()) - return storage; - // If we were not able to create non-ephemeral localStorage for this Window, // then don't attempt to create an ephemeral version. if (!storage) return nullptr; + if (StorageController::CanAccessStorageAreaWithoutEphemeralStorage( + window->GetFrame(), StorageArea::StorageType::kSessionStorage)) + return storage; + return ephemeralLocalStorage(); } diff --git a/chromium_src/third_party/blink/renderer/modules/storage/storage_controller.cc b/chromium_src/third_party/blink/renderer/modules/storage/storage_controller.cc new file mode 100644 index 000000000000..81ce6b85e63d --- /dev/null +++ b/chromium_src/third_party/blink/renderer/modules/storage/storage_controller.cc @@ -0,0 +1,29 @@ +/* Copyright (c) 2020 The Brave Authors. All rights reserved. + * This Source Code Form is subject to the terms of the Mozilla Public + * License, v. 2.0. If a copy of the MPL was not distributed with this file, + * You can obtain one at http://mozilla.org/MPL/2.0/. */ + +#include "third_party/blink/renderer/modules/storage/storage_controller.h" + +#include "third_party/blink/public/common/features.h" +#include "third_party/blink/renderer/core/frame/local_dom_window.h" +#include "third_party/blink/renderer/core/frame/local_frame.h" + +namespace blink { + +// static +bool StorageController::CanAccessStorageArea(LocalFrame* frame, + StorageArea::StorageType type) { + if (CanAccessStorageAreaWithoutEphemeralStorage(frame, type)) + return true; + if (frame && frame->GetDocument() && frame->GetDocument()->domWindow() && + frame->GetDocument()->domWindow()->IsCrossSiteSubframe()) + return base::FeatureList::IsEnabled(net::features::kBraveEphemeralStorage); + return false; +} + +} // namespace blink + +#define CanAccessStorageArea CanAccessStorageAreaWithoutEphemeralStorage +#include "../../../../../../../third_party/blink/renderer/modules/storage/storage_controller.cc" +#undef CanAccessStorageAreaWithoutEphemeralStorage diff --git a/chromium_src/third_party/blink/renderer/modules/storage/storage_controller.h b/chromium_src/third_party/blink/renderer/modules/storage/storage_controller.h new file mode 100644 index 000000000000..3da844fc898a --- /dev/null +++ b/chromium_src/third_party/blink/renderer/modules/storage/storage_controller.h @@ -0,0 +1,18 @@ +/* Copyright (c) 2020 The Brave Authors. All rights reserved. + * This Source Code Form is subject to the terms of the Mozilla Public + * License, v. 2.0. If a copy of the MPL was not distributed with this file, + * You can obtain one at http://mozilla.org/MPL/2.0/. */ + +#ifndef BRAVE_CHROMIUM_SRC_THIRD_PARTY_BLINK_RENDERER_MODULES_STORAGE_STORAGE_CONTROLLER_H_ +#define BRAVE_CHROMIUM_SRC_THIRD_PARTY_BLINK_RENDERER_MODULES_STORAGE_STORAGE_CONTROLLER_H_ + +#define BRAVE_STORAGE_CONTROLLER_H \ + public: \ + static bool CanAccessStorageAreaWithoutEphemeralStorage( \ + LocalFrame* frame, StorageArea::StorageType type); + +#include "../../../../../../../third_party/blink/renderer/modules/storage/storage_controller.h" + +#undef BRAVE_STORAGE_CONTROLLER_H + +#endif // BRAVE_CHROMIUM_SRC_THIRD_PARTY_BLINK_RENDERER_MODULES_STORAGE_STORAGE_CONTROLLER_H_ diff --git a/patches/third_party-blink-renderer-modules-storage-storage_controller.h.patch b/patches/third_party-blink-renderer-modules-storage-storage_controller.h.patch new file mode 100644 index 000000000000..ac56cc46f47c --- /dev/null +++ b/patches/third_party-blink-renderer-modules-storage-storage_controller.h.patch @@ -0,0 +1,12 @@ +diff --git a/third_party/blink/renderer/modules/storage/storage_controller.h b/third_party/blink/renderer/modules/storage/storage_controller.h +index 554f6cbaadec5b247452b68ffe332d1210cd4a81..6d8e3adec71bbbf7782671f4d0138f30ecebac39 100644 +--- a/third_party/blink/renderer/modules/storage/storage_controller.h ++++ b/third_party/blink/renderer/modules/storage/storage_controller.h +@@ -96,6 +96,7 @@ class MODULES_EXPORT StorageController : public mojom::blink::DomStorageClient { + return task_runner_; + } + ++ BRAVE_STORAGE_CONTROLLER_H + private: + void EnsureLocalStorageNamespaceCreated(); + From 113e1cbb26ef898d0d1d66d74d96842647952bfe Mon Sep 17 00:00:00 2001 From: Cathie Chen Date: Thu, 17 Dec 2020 17:20:43 +0800 Subject: [PATCH 3/4] cookie flag test --- .../ephemeral_storage_browsertest.cc | 129 ++++++++++++++++-- .../net/url_request/url_request_http_job.cc | 4 +- .../modules/storage/storage_controller.cc | 1 + 3 files changed, 119 insertions(+), 15 deletions(-) diff --git a/browser/ephemeral_storage/ephemeral_storage_browsertest.cc b/browser/ephemeral_storage/ephemeral_storage_browsertest.cc index ff9867dac32a..eb8efe600548 100644 --- a/browser/ephemeral_storage/ephemeral_storage_browsertest.cc +++ b/browser/ephemeral_storage/ephemeral_storage_browsertest.cc @@ -76,15 +76,18 @@ content::EvalJsResult GetStorageInFrame(RenderFrameHost* host, return content::EvalJs(host, script); } -void AssertStorageEmptyInFrame(RenderFrameHost* frame) { - EXPECT_EQ(nullptr, GetStorageInFrame(frame, StorageType::Local)); - EXPECT_EQ(nullptr, GetStorageInFrame(frame, StorageType::Session)); +void AssertEmptyInFrame(RenderFrameHost* frame) { + EXPECT_EQ(false, + GetStorageInFrame(frame, StorageType::Local).value.is_none()); + EXPECT_EQ(false, + GetStorageInFrame(frame, StorageType::Session).value.is_none()); + EXPECT_EQ("", GetCookiesInFrame(frame)); } -void AssertStorageEmptyInSubframes(WebContents* web_contents) { +void AssertEmptyInSubframes(WebContents* web_contents) { RenderFrameHost* main_frame = web_contents->GetMainFrame(); - AssertStorageEmptyInFrame(content::ChildFrameAt(main_frame, 0)); - AssertStorageEmptyInFrame(content::ChildFrameAt(main_frame, 1)); + AssertEmptyInFrame(content::ChildFrameAt(main_frame, 0)); + AssertEmptyInFrame(content::ChildFrameAt(main_frame, 1)); } } // namespace @@ -201,7 +204,7 @@ class EphemeralStorageBrowserTest : public EphemeralStorageBaseBrowserTest { public: EphemeralStorageBrowserTest() { scoped_feature_list_.InitAndEnableFeature( - blink::features::kBraveEphemeralStorage); + net::features::kBraveEphemeralStorage); } }; @@ -469,8 +472,6 @@ IN_PROC_BROWSER_TEST_F(EphemeralStorageBrowserTest, IN_PROC_BROWSER_TEST_F(EphemeralStorageBrowserTest, NavigationCookiesArePartitioned) { - AllowAllCookies(); - GURL a_site_set_cookie_url = https_server_.GetURL( "a.com", "/set-cookie?name=acom;path=/;SameSite=None;Secure"); GURL b_site_set_cookie_url = https_server_.GetURL( @@ -522,8 +523,6 @@ IN_PROC_BROWSER_TEST_F(EphemeralStorageBrowserTest, IN_PROC_BROWSER_TEST_F(EphemeralStorageBrowserTest, FirstPartyNestedInThirdParty) { - AllowAllCookies(); - auto* web_contents = browser()->tab_strip_model()->GetActiveWebContents(); GURL a_site_set_cookie_url = https_server_.GetURL( @@ -587,6 +586,10 @@ IN_PROC_BROWSER_TEST_F(EphemeralStorageBrowserTest, ThirdPartyCookiesEnabled) { EXPECT_EQ("b.com - first party", first_party_values.iframe_1.session_storage); EXPECT_EQ("b.com - first party", first_party_values.iframe_2.session_storage); + EXPECT_EQ("from=b.com", first_party_values.main_frame.cookies); + EXPECT_EQ("from=b.com", first_party_values.iframe_1.cookies); + EXPECT_EQ("from=b.com", first_party_values.iframe_2.cookies); + ui_test_utils::NavigateToURL(browser(), a_site_ephemeral_storage_url_); auto* a_site_content = browser()->tab_strip_model()->GetActiveWebContents(); @@ -600,6 +603,38 @@ IN_PROC_BROWSER_TEST_F(EphemeralStorageBrowserTest, ThirdPartyCookiesEnabled) { EXPECT_EQ(nullptr, site_a_tab_values.main_frame.session_storage); EXPECT_EQ("b.com - first party", site_a_tab_values.iframe_1.session_storage); EXPECT_EQ("b.com - first party", site_a_tab_values.iframe_2.session_storage); + + EXPECT_EQ("", site_a_tab_values.main_frame.cookies); + EXPECT_EQ("from=b.com", site_a_tab_values.iframe_1.cookies); + EXPECT_EQ("from=b.com", site_a_tab_values.iframe_2.cookies); +} + +IN_PROC_BROWSER_TEST_F(EphemeralStorageBrowserTest, + ThirdPartyCookiesEnabledAndNavigateCookies) { + AllowAllCookies(); + + GURL b_site_set_cookie_url = https_server_.GetURL( + "b.com", "/set-cookie?name=bcom;path=/;SameSite=None;Secure"); + + ui_test_utils::NavigateToURL(browser(), b_site_set_cookie_url); + ui_test_utils::NavigateToURL(browser(), a_site_ephemeral_storage_url_); + + std::string a_cookie = + content::GetCookies(browser()->profile(), GURL("https://a.com/")); + std::string b_cookie = + content::GetCookies(browser()->profile(), GURL("https://b.com/")); + EXPECT_EQ("", a_cookie); + EXPECT_EQ("name=bcom", b_cookie); + + // The third-party iframe should have the b.com cookie for third-party + // cookies is enabled. + auto* web_contents = browser()->tab_strip_model()->GetActiveWebContents(); + RenderFrameHost* main_frame = web_contents->GetMainFrame(); + RenderFrameHost* iframe_a = content::ChildFrameAt(main_frame, 0); + RenderFrameHost* iframe_b = content::ChildFrameAt(main_frame, 1); + ASSERT_EQ("", GetCookiesInFrame(main_frame)); + ASSERT_EQ("name=bcom", GetCookiesInFrame(iframe_a)); + ASSERT_EQ("name=bcom", GetCookiesInFrame(iframe_b)); } class EphemeralStorageDisabledBrowserTest @@ -607,7 +642,7 @@ class EphemeralStorageDisabledBrowserTest public: EphemeralStorageDisabledBrowserTest() { scoped_feature_list_.InitAndDisableFeature( - blink::features::kBraveEphemeralStorage); + net::features::kBraveEphemeralStorage); } }; @@ -630,6 +665,10 @@ IN_PROC_BROWSER_TEST_F(EphemeralStorageDisabledBrowserTest, EXPECT_EQ("b.com - first party", first_party_values.iframe_1.session_storage); EXPECT_EQ("b.com - first party", first_party_values.iframe_2.session_storage); + EXPECT_EQ("from=b.com", first_party_values.main_frame.cookies); + EXPECT_EQ("from=b.com", first_party_values.iframe_1.cookies); + EXPECT_EQ("from=b.com", first_party_values.iframe_2.cookies); + ui_test_utils::NavigateToURL(browser(), a_site_ephemeral_storage_url_); auto* a_site_content = browser()->tab_strip_model()->GetActiveWebContents(); @@ -643,6 +682,38 @@ IN_PROC_BROWSER_TEST_F(EphemeralStorageDisabledBrowserTest, EXPECT_EQ(nullptr, site_a_tab_values.main_frame.session_storage); EXPECT_EQ("b.com - first party", site_a_tab_values.iframe_1.session_storage); EXPECT_EQ("b.com - first party", site_a_tab_values.iframe_2.session_storage); + + EXPECT_EQ("", site_a_tab_values.main_frame.cookies); + EXPECT_EQ("from=b.com", site_a_tab_values.iframe_1.cookies); + EXPECT_EQ("from=b.com", site_a_tab_values.iframe_2.cookies); +} + +IN_PROC_BROWSER_TEST_F(EphemeralStorageDisabledBrowserTest, + ThirdPartyCookiesEnabledAndNavigateCookies) { + AllowAllCookies(); + + GURL b_site_set_cookie_url = https_server_.GetURL( + "b.com", "/set-cookie?name=bcom;path=/;SameSite=None;Secure"); + + ui_test_utils::NavigateToURL(browser(), b_site_set_cookie_url); + ui_test_utils::NavigateToURL(browser(), a_site_ephemeral_storage_url_); + + std::string a_cookie = + content::GetCookies(browser()->profile(), GURL("https://a.com/")); + std::string b_cookie = + content::GetCookies(browser()->profile(), GURL("https://b.com/")); + EXPECT_EQ("", a_cookie); + EXPECT_EQ("name=bcom", b_cookie); + + // The third-party iframe should have the b.com cookie for third-party + // cookies is enabled. + auto* web_contents = browser()->tab_strip_model()->GetActiveWebContents(); + RenderFrameHost* main_frame = web_contents->GetMainFrame(); + RenderFrameHost* iframe_a = content::ChildFrameAt(main_frame, 0); + RenderFrameHost* iframe_b = content::ChildFrameAt(main_frame, 1); + ASSERT_EQ("", GetCookiesInFrame(main_frame)); + ASSERT_EQ("name=bcom", GetCookiesInFrame(iframe_a)); + ASSERT_EQ("name=bcom", GetCookiesInFrame(iframe_b)); } IN_PROC_BROWSER_TEST_F(EphemeralStorageDisabledBrowserTest, @@ -662,10 +733,42 @@ IN_PROC_BROWSER_TEST_F(EphemeralStorageDisabledBrowserTest, EXPECT_EQ("b.com - first party", first_party_values.iframe_1.session_storage); EXPECT_EQ("b.com - first party", first_party_values.iframe_2.session_storage); + EXPECT_EQ("from=b.com", first_party_values.main_frame.cookies); + EXPECT_EQ("from=b.com", first_party_values.iframe_1.cookies); + EXPECT_EQ("from=b.com", first_party_values.iframe_2.cookies); + ui_test_utils::NavigateToURL(browser(), a_site_ephemeral_storage_url_); auto* a_site_content = browser()->tab_strip_model()->GetActiveWebContents(); // If both ephemeral storage and third-party cookies disabled, third-party // frames can not access to any dom storage. - AssertStorageEmptyInSubframes(a_site_content); + AssertEmptyInSubframes(a_site_content); +} + +IN_PROC_BROWSER_TEST_F(EphemeralStorageDisabledBrowserTest, + ThirdPartyCookiesDisabledAndNavigateCookies) { + AllowAllCookies(); + + GURL b_site_set_cookie_url = https_server_.GetURL( + "b.com", "/set-cookie?name=bcom;path=/;SameSite=None;Secure"); + + ui_test_utils::NavigateToURL(browser(), b_site_set_cookie_url); + ui_test_utils::NavigateToURL(browser(), a_site_ephemeral_storage_url_); + + std::string a_cookie = + content::GetCookies(browser()->profile(), GURL("https://a.com/")); + std::string b_cookie = + content::GetCookies(browser()->profile(), GURL("https://b.com/")); + EXPECT_EQ("", a_cookie); + EXPECT_EQ("name=bcom", b_cookie); + + // The third-party iframe should have the b.com cookie for third-party + // cookies is enabled. + auto* web_contents = browser()->tab_strip_model()->GetActiveWebContents(); + RenderFrameHost* main_frame = web_contents->GetMainFrame(); + RenderFrameHost* iframe_a = content::ChildFrameAt(main_frame, 0); + RenderFrameHost* iframe_b = content::ChildFrameAt(main_frame, 1); + ASSERT_EQ("", GetCookiesInFrame(main_frame)); + ASSERT_EQ("", GetCookiesInFrame(iframe_a)); + ASSERT_EQ("", GetCookiesInFrame(iframe_b)); } diff --git a/chromium_src/net/url_request/url_request_http_job.cc b/chromium_src/net/url_request/url_request_http_job.cc index 1acb1a6e5b32..ecdda75830dd 100644 --- a/chromium_src/net/url_request/url_request_http_job.cc +++ b/chromium_src/net/url_request/url_request_http_job.cc @@ -61,7 +61,7 @@ bool URLRequestHttpJob::CanSetNonEphemeralCookie( request()->isolation_info().top_frame_origin()->GetURL(), options, \ base::BindOnce(&URLRequestHttpJob::SetCookieHeaderAndStart, \ weak_factory_.GetWeakPtr(), options)); \ - else + } else #define BRAVE_SETCOOKIEHEADERANDSTART \ if (!can_get_cookies && CanUseEphemeralStorage(this)) \ @@ -77,7 +77,7 @@ bool URLRequestHttpJob::CanSetNonEphemeralCookie( base::BindOnce(&URLRequestHttpJob::OnSetCookieResult, \ weak_factory_.GetWeakPtr(), options, \ cookie_to_return, cookie_string)); \ - else + } else #define CanSetCookie CanSetCookieIncludingEphemeral diff --git a/chromium_src/third_party/blink/renderer/modules/storage/storage_controller.cc b/chromium_src/third_party/blink/renderer/modules/storage/storage_controller.cc index 81ce6b85e63d..2c540b8e5d47 100644 --- a/chromium_src/third_party/blink/renderer/modules/storage/storage_controller.cc +++ b/chromium_src/third_party/blink/renderer/modules/storage/storage_controller.cc @@ -5,6 +5,7 @@ #include "third_party/blink/renderer/modules/storage/storage_controller.h" +#include "net/base/features.h" #include "third_party/blink/public/common/features.h" #include "third_party/blink/renderer/core/frame/local_dom_window.h" #include "third_party/blink/renderer/core/frame/local_frame.h" From 3ab6e3ed0dd3c02739fb8cfc4ea3c33234aa14c1 Mon Sep 17 00:00:00 2001 From: Cathie Chen Date: Fri, 18 Dec 2020 01:29:13 +0800 Subject: [PATCH 4/4] specify the third party cookie setting --- .../ephemeral_storage_browsertest.cc | 25 ++++++++++++++++++- 1 file changed, 24 insertions(+), 1 deletion(-) diff --git a/browser/ephemeral_storage/ephemeral_storage_browsertest.cc b/browser/ephemeral_storage/ephemeral_storage_browsertest.cc index eb8efe600548..d3b940c1fc10 100644 --- a/browser/ephemeral_storage/ephemeral_storage_browsertest.cc +++ b/browser/ephemeral_storage/ephemeral_storage_browsertest.cc @@ -133,6 +133,13 @@ class EphemeralStorageBaseBrowserTest : public InProcessBrowserTest { content_settings, brave_shields::ControlType::ALLOW, GURL()); } + void BlockThirdPartyCookies() { + auto* content_settings = + HostContentSettingsMapFactory::GetForProfile(browser()->profile()); + brave_shields::SetCookieControlType( + content_settings, brave_shields::ControlType::BLOCK_THIRD_PARTY, GURL()); + } + void SetValuesInFrame(RenderFrameHost* frame, std::string storage_value, std::string cookie_value) { @@ -209,6 +216,8 @@ class EphemeralStorageBrowserTest : public EphemeralStorageBaseBrowserTest { }; IN_PROC_BROWSER_TEST_F(EphemeralStorageBrowserTest, StorageIsPartitioned) { + BlockThirdPartyCookies(); + WebContents* first_party_tab = LoadURLInNewTab(b_site_ephemeral_storage_url_); WebContents* site_a_tab1 = LoadURLInNewTab(a_site_ephemeral_storage_url_); WebContents* site_a_tab2 = LoadURLInNewTab(a_site_ephemeral_storage_url_); @@ -286,6 +295,8 @@ IN_PROC_BROWSER_TEST_F(EphemeralStorageBrowserTest, StorageIsPartitioned) { IN_PROC_BROWSER_TEST_F(EphemeralStorageBrowserTest, NavigatingClearsEphemeralStorage) { + BlockThirdPartyCookies(); + ui_test_utils::NavigateToURL(browser(), a_site_ephemeral_storage_url_); auto* web_contents = browser()->tab_strip_model()->GetActiveWebContents(); @@ -324,6 +335,8 @@ IN_PROC_BROWSER_TEST_F(EphemeralStorageBrowserTest, IN_PROC_BROWSER_TEST_F(EphemeralStorageBrowserTest, ClosingTabClearsEphemeralStorage) { + BlockThirdPartyCookies(); + WebContents* site_a_tab = LoadURLInNewTab(a_site_ephemeral_storage_url_); EXPECT_EQ(browser()->tab_strip_model()->count(), 2); @@ -372,6 +385,8 @@ IN_PROC_BROWSER_TEST_F(EphemeralStorageBrowserTest, IN_PROC_BROWSER_TEST_F(EphemeralStorageBrowserTest, ReloadDoesNotClearEphemeralStorage) { + BlockThirdPartyCookies(); + ui_test_utils::NavigateToURL(browser(), a_site_ephemeral_storage_url_); auto* web_contents = browser()->tab_strip_model()->GetActiveWebContents(); @@ -409,6 +424,8 @@ IN_PROC_BROWSER_TEST_F(EphemeralStorageBrowserTest, IN_PROC_BROWSER_TEST_F(EphemeralStorageBrowserTest, EphemeralStorageDoesNotLeakBetweenProfiles) { + BlockThirdPartyCookies(); + ui_test_utils::NavigateToURL(browser(), a_site_ephemeral_storage_url_); auto* web_contents = browser()->tab_strip_model()->GetActiveWebContents(); @@ -472,6 +489,8 @@ IN_PROC_BROWSER_TEST_F(EphemeralStorageBrowserTest, IN_PROC_BROWSER_TEST_F(EphemeralStorageBrowserTest, NavigationCookiesArePartitioned) { + BlockThirdPartyCookies(); + GURL a_site_set_cookie_url = https_server_.GetURL( "a.com", "/set-cookie?name=acom;path=/;SameSite=None;Secure"); GURL b_site_set_cookie_url = https_server_.GetURL( @@ -523,6 +542,8 @@ IN_PROC_BROWSER_TEST_F(EphemeralStorageBrowserTest, IN_PROC_BROWSER_TEST_F(EphemeralStorageBrowserTest, FirstPartyNestedInThirdParty) { + BlockThirdPartyCookies(); + auto* web_contents = browser()->tab_strip_model()->GetActiveWebContents(); GURL a_site_set_cookie_url = https_server_.GetURL( @@ -718,6 +739,8 @@ IN_PROC_BROWSER_TEST_F(EphemeralStorageDisabledBrowserTest, IN_PROC_BROWSER_TEST_F(EphemeralStorageDisabledBrowserTest, ThirdPartyCookiesDisabled) { + BlockThirdPartyCookies(); + ui_test_utils::NavigateToURL(browser(), b_site_ephemeral_storage_url_); auto* web_contents = browser()->tab_strip_model()->GetActiveWebContents(); // We set a value in the page where all the frames are first-party. @@ -747,7 +770,7 @@ IN_PROC_BROWSER_TEST_F(EphemeralStorageDisabledBrowserTest, IN_PROC_BROWSER_TEST_F(EphemeralStorageDisabledBrowserTest, ThirdPartyCookiesDisabledAndNavigateCookies) { - AllowAllCookies(); + BlockThirdPartyCookies(); GURL b_site_set_cookie_url = https_server_.GetURL( "b.com", "/set-cookie?name=bcom;path=/;SameSite=None;Secure");