we're already treating service workers as cookies, guess we could also treat all shared workers as cookies.

Ben/Raymes, wdyt?

/cc falken for workers

Interesting... or make new SharedWorker() go through the first-party-for-cookies check thing.

I don't know much about this at all but this seems nasty.

jochen / falken - do you have any doco on the existing service worker restrictions? I'm trying to figure out exactly what 'treat service workers as cookies' means :)

I also don't know too much about these kinds of attacks. It's also a bit unclear from the description whether the scenario described is when third party cookies are disabled or when cookies are disabled altogether.

I'm a bit fuzzy on the security boundaries with third party cookies disabled. If you disable third party cookies does it mean iframes can't access local storage? Otherwise the iframe could simply retrieve an identifier from local storage, regardless of shared workers.

+mek for local storage questions

There is documentation about service worker restrictions at:
https://chromium.googlesource.com/chromium/src/+/master/docs/security/service-worker-security-faq.md

In terms of content settings restrictions on cookies and third-party cookies, service workers are treated like cookies, the same as AppCache and I believe other storage mechanisms like local storage and indexeddb. That means if cookies are blocked on an origin/site, you can't register a service worker or start an existing service worker for that origin/site.

I can't find where local storage does its checks now but service worker and appcache are done here:
https://cs.chromium.org/chromium/src/chrome/browser/chrome_content_browser_client.cc?l=1955&rcl=b7cdd8383c1c3f2f8c0b59d07068c543a2e24e79

+storage for local storage questions

This may also be related to issue 723553

I don't believe localstorage (or session storage for that matter) has any kind of third-party checks currently. I suppose it might make sense to do indeed block localstorage/sessionstorage from third party iframes completely if third party cookies are disabled, although it might be possibly be nicer to have sandboxed storage instead? Not sure. Also wonder if different same-third-party-origin iframes should still share their storage, although I guess then we're ending up with something like apple's double keying.

all storage mechanisms take third-party checks into account, e.g., for DOM storage it's here: https://cs.chromium.org/chromium/src/chrome/renderer/content_settings_observer.cc?rcl=eac49849835e9859e9e7a0d1005207757ef2ed37&l=379

Ah, thanks. I stand corrected. I didn't realize we had separate IPCs (and sync no less :( ) for that.

sync API -> sync IPC :/

But we cache the result in each frame (https://cs.chromium.org/chromium/src/third_party/WebKit/Source/modules/storage/StorageArea.cpp?rcl=eac49849835e9859e9e7a0d1005207757ef2ed37&l=147), so we only have one call to the content settings client per frame, and one IPC per origin (as the content settings client caches the result as well)

The following revision refers to this bug:
  https://chromium.googlesource.com/chromium/src.git/+/0ff7645c18fd97bfe138b16c85cdab5fbc89962c

commit 0ff7645c18fd97bfe138b16c85cdab5fbc89962c
Author: Jochen Eisinger <jochen@chromium.org>
Date: Tue Nov 28 08:11:26 2017

Treat SharedWorkers as cookies

While not persisting across restarts, they are still shared across tabs,
and can be used to track users during a session. We already treat
ServiceWorkers as cookies, so we should just treat SharedWorkers as
cookies as well.

We'll consider the main frame URL of the connecting frame as the
first-party, and the URL of the worker script as the actual URL for the
purpose of integrating with content settings.

As SharedWorkers aren't persisted on disc, they won't show up in the
list of cookies in settings, however, all the code needed to display
them is added anyways.

BUG= 786187 
R=raymes@chromium.org,mek@chromium.org,falken@chromium.org,dullweber@chromium.org

Cq-Include-Trybots: master.tryserver.chromium.linux:closure_compilation
Change-Id: I6b81b431006eab2b940626fedbac5857937ebad8
Reviewed-on: https://chromium-review.googlesource.com/786018
Reviewed-by: Raymes Khoury <raymes@chromium.org>
Reviewed-by: Marijn Kruisselbrink <mek@chromium.org>
Reviewed-by: Christian Dullweber <dullweber@chromium.org>
Reviewed-by: Matt Falkenhagen <falken@chromium.org>
Commit-Queue: Jochen Eisinger <jochen@chromium.org>
Cr-Commit-Position: refs/heads/master@{#519603}
[modify] https://crrev.com/0ff7645c18fd97bfe138b16c85cdab5fbc89962c/chrome/app/generated_resources.grd
[modify] https://crrev.com/0ff7645c18fd97bfe138b16c85cdab5fbc89962c/chrome/app/settings_strings.grdp
[modify] https://crrev.com/0ff7645c18fd97bfe138b16c85cdab5fbc89962c/chrome/browser/BUILD.gn
[modify] https://crrev.com/0ff7645c18fd97bfe138b16c85cdab5fbc89962c/chrome/browser/android/preferences/website_preference_bridge.cc
[add] https://crrev.com/0ff7645c18fd97bfe138b16c85cdab5fbc89962c/chrome/browser/browsing_data/browsing_data_shared_worker_helper.cc
[add] https://crrev.com/0ff7645c18fd97bfe138b16c85cdab5fbc89962c/chrome/browser/browsing_data/browsing_data_shared_worker_helper.h
[add] https://crrev.com/0ff7645c18fd97bfe138b16c85cdab5fbc89962c/chrome/browser/browsing_data/browsing_data_shared_worker_helper_unittest.cc
[modify] https://crrev.com/0ff7645c18fd97bfe138b16c85cdab5fbc89962c/chrome/browser/browsing_data/cookies_tree_model.cc
[modify] https://crrev.com/0ff7645c18fd97bfe138b16c85cdab5fbc89962c/chrome/browser/browsing_data/cookies_tree_model.h
[modify] https://crrev.com/0ff7645c18fd97bfe138b16c85cdab5fbc89962c/chrome/browser/browsing_data/cookies_tree_model_unittest.cc
[modify] https://crrev.com/0ff7645c18fd97bfe138b16c85cdab5fbc89962c/chrome/browser/browsing_data/local_data_container.cc
[modify] https://crrev.com/0ff7645c18fd97bfe138b16c85cdab5fbc89962c/chrome/browser/browsing_data/local_data_container.h
[add] https://crrev.com/0ff7645c18fd97bfe138b16c85cdab5fbc89962c/chrome/browser/browsing_data/mock_browsing_data_shared_worker_helper.cc
[add] https://crrev.com/0ff7645c18fd97bfe138b16c85cdab5fbc89962c/chrome/browser/browsing_data/mock_browsing_data_shared_worker_helper.h
[modify] https://crrev.com/0ff7645c18fd97bfe138b16c85cdab5fbc89962c/chrome/browser/chrome_content_browser_client.cc
[modify] https://crrev.com/0ff7645c18fd97bfe138b16c85cdab5fbc89962c/chrome/browser/chrome_content_browser_client.h
[modify] https://crrev.com/0ff7645c18fd97bfe138b16c85cdab5fbc89962c/chrome/browser/content_settings/local_shared_objects_container.cc
[modify] https://crrev.com/0ff7645c18fd97bfe138b16c85cdab5fbc89962c/chrome/browser/content_settings/local_shared_objects_container.h
[modify] https://crrev.com/0ff7645c18fd97bfe138b16c85cdab5fbc89962c/chrome/browser/content_settings/tab_specific_content_settings.cc
[modify] https://crrev.com/0ff7645c18fd97bfe138b16c85cdab5fbc89962c/chrome/browser/content_settings/tab_specific_content_settings.h
[modify] https://crrev.com/0ff7645c18fd97bfe138b16c85cdab5fbc89962c/chrome/browser/resources/settings/site_settings/cookie_info.js
[modify] https://crrev.com/0ff7645c18fd97bfe138b16c85cdab5fbc89962c/chrome/browser/resources/settings/site_settings/site_data_details_subpage.js
[modify] https://crrev.com/0ff7645c18fd97bfe138b16c85cdab5fbc89962c/chrome/browser/ui/webui/cookies_tree_model_util.cc
[modify] https://crrev.com/0ff7645c18fd97bfe138b16c85cdab5fbc89962c/chrome/browser/ui/webui/settings/md_settings_localized_strings_provider.cc
[modify] https://crrev.com/0ff7645c18fd97bfe138b16c85cdab5fbc89962c/chrome/browser/ui/webui/settings/settings_cookies_view_handler.cc
[modify] https://crrev.com/0ff7645c18fd97bfe138b16c85cdab5fbc89962c/chrome/test/BUILD.gn
[modify] https://crrev.com/0ff7645c18fd97bfe138b16c85cdab5fbc89962c/content/browser/devtools/shared_worker_devtools_agent_host.cc
[modify] https://crrev.com/0ff7645c18fd97bfe138b16c85cdab5fbc89962c/content/browser/shared_worker/shared_worker_connector_impl.cc
[modify] https://crrev.com/0ff7645c18fd97bfe138b16c85cdab5fbc89962c/content/browser/shared_worker/shared_worker_host.cc
[modify] https://crrev.com/0ff7645c18fd97bfe138b16c85cdab5fbc89962c/content/browser/shared_worker/shared_worker_service_impl.cc
[modify] https://crrev.com/0ff7645c18fd97bfe138b16c85cdab5fbc89962c/content/browser/shared_worker/shared_worker_service_impl.h
[modify] https://crrev.com/0ff7645c18fd97bfe138b16c85cdab5fbc89962c/content/browser/shared_worker/shared_worker_service_impl_unittest.cc
[modify] https://crrev.com/0ff7645c18fd97bfe138b16c85cdab5fbc89962c/content/public/browser/BUILD.gn
[modify] https://crrev.com/0ff7645c18fd97bfe138b16c85cdab5fbc89962c/content/public/browser/content_browser_client.cc
[modify] https://crrev.com/0ff7645c18fd97bfe138b16c85cdab5fbc89962c/content/public/browser/content_browser_client.h
[add] https://crrev.com/0ff7645c18fd97bfe138b16c85cdab5fbc89962c/content/public/browser/shared_worker_service.h
[modify] https://crrev.com/0ff7645c18fd97bfe138b16c85cdab5fbc89962c/content/test/layouttest_support.cc