[webkit-changes] [WebKit/WebKit] 5e4c68: REGRESSION (252706@main): zillow.com shows a Recap...

Wed, 18 Jan 2023 10:49:20 -0800 

  Branch: refs/heads/main
  Home:   https://github.com/WebKit/WebKit
  Commit: 5e4c68005fe4b76b61be2e90bb7064226ce1f69d
      
https://github.com/WebKit/WebKit/commit/5e4c68005fe4b76b61be2e90bb7064226ce1f69d
  Author: Wenson Hsieh <wenson_hs...@apple.com>
  Date:   2023-01-18 (Wed, 18 Jan 2023)

  Changed paths:
    A 
LayoutTests/http/tests/permissions/permission-state-for-notifications-in-ephemeral-session-expected.txt
    A 
LayoutTests/http/tests/permissions/permission-state-for-notifications-in-ephemeral-session.html
    M LayoutTests/http/tests/push-api/permissions-ephemeral-expected.txt
    M LayoutTests/http/tests/push-api/permissions-ephemeral.html
    M Source/WebKit/UIProcess/WebPageProxy.cpp
    M Source/WebKit/WebProcess/WebCoreSupport/WebNotificationClient.cpp

  Log Message:
  -----------
  REGRESSION (252706@main): zillow.com shows a Recaptcha interstitial in 
private browsing mode
https://bugs.webkit.org/show_bug.cgi?id=250686
rdar://103905006

Reviewed by Youenn Fablet and Ben Nham.

Currently, in private browsing mode (i.e. when using an ephemeral session) 
`Notification.permission`
unconditionally returns `"denied"` (with `Notification.requestPermission` also 
unconditionally
denying the request). However, the Permissions API (i.e. 
`navigator.permissions.query`) implements
inconsistent behavior, and instead returns `"prompt"` in this scenario. On 
zillow.com, this causes
a bot detection script to erroneously flag the UA as non-human in private 
browsing, and present
interstitial Recaptcha UI to the user.

Fix this by making the heuristics for "notifications" in 
`WebPageProxy::queryPermission` consistent
with the Notifications API, such that in an ephemeral session, we return 
"default" or "prompt"
unless the page has requested access (in which case we'll deny access, and then 
subsequently return
"denied").

Test: 
http/tests/permissions/permission-state-for-notifications-in-ephemeral-session.html

* 
LayoutTests/http/tests/permissions/permission-state-for-notifications-in-ephemeral-session-expected.txt:
* 
LayoutTests/http/tests/permissions/permission-state-for-notifications-in-ephemeral-session.html:
* LayoutTests/http/tests/push-api/permissions-ephemeral-expected.txt:
* LayoutTests/http/tests/push-api/permissions-ephemeral.html:

Rebaseline an existing layout test.

* Source/WebKit/UIProcess/WebPageProxy.cpp:
(WebKit::WebPageProxy::queryPermission):
* Source/WebKit/WebProcess/WebCoreSupport/WebNotificationClient.cpp:
(WebKit::WebNotificationClient::checkPermission):

Canonical link: https://commits.webkit.org/259040@main


_______________________________________________
webkit-changes mailing list
webkit-changes@lists.webkit.org
https://lists.webkit.org/mailman/listinfo/webkit-changes

Reply via email to