Skip to content

Instantly share code, notes, and snippets.

@alexnj
Last active April 13, 2023 17:58
Show Gist options
  • Save alexnj/1533989847b6c04e45ccc047e65d1028 to your computer and use it in GitHub Desktop.
Save alexnj/1533989847b6c04e45ccc047e65d1028 to your computer and use it in GitHub Desktop.
3P Cookie access Use Counter.
diff --git a/third_party/blink/public/mojom/use_counter/metrics/web_feature.mojom b/third_party/blink/public/mojom/use_counter/metrics/web_feature.mojom
index 0d8c64ff3be78..08008cf9b66b0 100644
--- a/third_party/blink/public/mojom/use_counter/metrics/web_feature.mojom
+++ b/third_party/blink/public/mojom/use_counter/metrics/web_feature.mojom
@@ -3881,6 +3881,8 @@ enum WebFeature {
kGamepadTouchSurfaceDimension = 4540,
kSandboxViaFencedFrame = 4541,
kVisibilityStateObserver = 4542,
+ kCookieGetThirdParty = 4543,
+ kCookieGetFirstParty = 4544,
// Add new features immediately above this line. Don't change assigned
// numbers of any item, and don't reuse removed slots.
diff --git a/third_party/blink/renderer/bindings/core/v8/v8_script_runner.cc b/third_party/blink/renderer/bindings/core/v8/v8_script_runner.cc
index 379eae7340d33..95c9e10e9439b 100644
--- a/third_party/blink/renderer/bindings/core/v8/v8_script_runner.cc
+++ b/third_party/blink/renderer/bindings/core/v8/v8_script_runner.cc
@@ -471,6 +471,8 @@ ScriptEvaluationResult V8ScriptRunner::CompileAndRunScript(
v8::Context::Scope scope(script_state->GetContext());
+ window->document()->setLastExecutedScript(classic_script->SourceUrl());
+
DEVTOOLS_TIMELINE_TRACE_EVENT(
"EvaluateScript", inspector_evaluate_script_event::Data, frame,
classic_script->SourceUrl().GetString(), classic_script->StartPosition());
@@ -703,6 +705,27 @@ v8::MaybeLocal<v8::Value> V8ScriptRunner::CallFunction(
v8::Isolate* isolate) {
LocalDOMWindow* window = DynamicTo<LocalDOMWindow>(context);
LocalFrame* frame = window ? window->GetFrame() : nullptr;
+
+ if (frame) {
+ Document *doc = frame->GetDocument();
+ std::string resource_name = "";
+ if (!function->GetScriptOrigin().ResourceName().IsEmpty()) {
+ v8::String::Utf8Value resource_name_v8(
+ isolate, function->GetScriptOrigin().ResourceName());
+ resource_name.assign(*resource_name_v8, resource_name_v8.length());
+ }
+
+ LOG(INFO) << "lol: V8ScriptRunner::CallFunction: " << context->Url() << ","
+ << context->BaseURL() << "," << resource_name;
+
+ if (doc) {
+ String maybeUrl(resource_name);
+ KURL maybeParsedUrl(maybeUrl);
+ LOG(INFO) << "lol: V8ScriptRunner::CallFunction: setLastExecutedScript: "
+ << maybeParsedUrl;
+ doc->setLastExecutedScript(maybeParsedUrl);
+ }
+ }
TRACE_EVENT0("v8", "v8.callFunction");
RuntimeCallStatsScopedTracer rcs_scoped_tracer(isolate);
RUNTIME_CALL_TIMER_SCOPE(isolate, RuntimeCallStats::CounterId::kV8);
diff --git a/third_party/blink/renderer/core/dom/document.cc b/third_party/blink/renderer/core/dom/document.cc
index a6a00a492576b..930b8a8b6519b 100644
--- a/third_party/blink/renderer/core/dom/document.cc
+++ b/third_party/blink/renderer/core/dom/document.cc
@@ -5817,6 +5817,19 @@ String Document::cookie(ExceptionState& exception_state) const {
CountUse(WebFeature::kCookieGet);
+ LOG(INFO) << "lol: Document::cookie: documentUrl: " << Url();
+ LOG(INFO) << "lol: Document::cookie: lastScript: "
+ << dom_window_->document()->getLastExecutedScript();
+
+ if (SecurityOrigin::AreSameOrigin(
+ Url(), dom_window_->document()->getLastExecutedScript())) {
+ CountUse(WebFeature::kCookieGetFirstParty);
+ LOG(INFO) << "lol: Cookie accessed in 1st party context.";
+ } else {
+ CountUse(WebFeature::kCookieGetThirdParty);
+ LOG(INFO) << "lol: Cookie accessed in 3rd party context.";
+ }
+
if (!dom_window_->GetSecurityOrigin()->CanAccessCookies()) {
if (dom_window_->IsSandboxed(
network::mojom::blink::WebSandboxFlags::kOrigin)) {
diff --git a/third_party/blink/renderer/core/dom/document.h b/third_party/blink/renderer/core/dom/document.h
index 68ad95d3250bc..380e53c32223a 100644
--- a/third_party/blink/renderer/core/dom/document.h
+++ b/third_party/blink/renderer/core/dom/document.h
@@ -1938,10 +1938,13 @@ class CORE_EXPORT Document : public ContainerNode,
void ResetAgent(Agent& agent);
- protected:
+ KURL getLastExecutedScript() { return last_executed_script_; }
+ void setLastExecutedScript(KURL url) { last_executed_script_ = url; }
+
+protected:
void ClearXMLVersion() { xml_version_ = String(); }
- virtual Document* CloneDocumentWithoutChildren() const;
+ virtual Document *CloneDocumentWithoutChildren() const;
void LockCompatibilityMode() { compatibility_mode_locked_ = true; }
ParserSynchronizationPolicy GetParserSynchronizationPolicy() const {
@@ -2642,6 +2645,9 @@ class CORE_EXPORT Document : public ContainerNode,
// http://crbug.com/1079044
unsigned ignore_destructive_write_module_script_count_ = 0;
+ // Last known script execution URL.
+ KURL last_executed_script_;
+
// If you want to add new data members to blink::Document, please reconsider
// if the members really should be in blink::Document. document.h is a very
// popular header, and the size of document.h affects build time
diff --git a/third_party/blink/renderer/core/loader/cookie_jar.cc b/third_party/blink/renderer/core/loader/cookie_jar.cc
index edb35e3bb46f3..9e87824066f09 100644
--- a/third_party/blink/renderer/core/loader/cookie_jar.cc
+++ b/third_party/blink/renderer/core/loader/cookie_jar.cc
@@ -63,6 +63,9 @@ void CookieJar::SetCookie(const String& value) {
if (cookie_url.IsEmpty())
return;
+ LOG(INFO) << "lol: setCookie:" << value << ", SiteForCookies:"
+ << document_->SiteForCookies().ToDebugString();
+
base::ElapsedTimer timer;
bool requested = RequestRestrictedCookieManagerIfNeeded();
bool site_for_cookies_ok = true;
diff --git a/tools/metrics/histograms/enums.xml b/tools/metrics/histograms/enums.xml
index 55b07372f7e39..be2c547384602 100644
--- a/tools/metrics/histograms/enums.xml
+++ b/tools/metrics/histograms/enums.xml
@@ -42070,6 +42070,8 @@ Called by update_use_counter_feature_enum.py.-->
<int value="4540" label="GamepadTouchSurfaceDimension"/>
<int value="4541" label="SandboxViaFencedFrame"/>
<int value="4542" label="VisibilityStateObserver"/>
+ <int value="4543" label="CookieGetThirdParty"/>
+ <int value="4544" label="CookieGetFirstParty"/>
</enum>
<enum name="FeaturePolicyAllowlistType">
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment