Simplify WebDriver API for blocking cross-site cookies about storage-access HOT 7 OPEN

I'm supportive of this, probably unsurprisingly. I like that the API design gives no indication that "allow third-party cookies" is a supported state, since all major browsers are moving toward blocking third-party cookie access by default.

from storage-access.

Could you elaborate on the issue with Chromium running all tests as if cross-site cookies are blocked?

With this proposal we might end up with a number of tests that work in all browsers (and that also depends on how these methods function in non-supporting user agents), but we will still have a large number of "broken" tests.

from storage-access.

Right, eventually we'd like to have Chromium run all tests with cross-site cookies blocked. However, that is a much larger effort both technically and (especially) organizationally, and it's not even clear whether this is something our team would be driving.

In the meantime, to make iterative improvements and to support the effort of increasing the number of tests without cross-site cookies enabled, having this capability would be helpful.

from storage-access.

We discussed this at the editor's meeting and ended up re-iterating on two things that we'd like to ensure when committing to this API:

• We should make it as clear as possible that it's only meant for browsers that have not yet deprecated cross-site cookies. In comments, naming and semantics it should be clear that this will have no effect in browsers with blocked cross-site cookies by default.
• The API should ideally just function (i.e. do nothing) out of the box in those browsers, without requiring extra work from their side.

I'll try to prototype this in Chrome to see if this is achievable with the proposed model and report back for follow-up discussion if not.

from storage-access.

Would testdriver.require_cross_site_cookie_blocking set a flag that persists across navigations? What if the browser crashes and the cleanup function never gets called?

from storage-access.

Would testdriver.require_cross_site_cookie_blocking set a flag that persists across navigations?

I guess I was thinking that it could turn on cookie blocking globally, could that be an issue with tests running in parallel? Otherwise we might be able to store some extra information on the browsing context (or what the new term is) to ensure that it is sustained across navigations.

What if the browser crashes and the cleanup function never gets called?

I don't think this setting should persist across restarts.

from storage-access.

This sounds like something that the test runner itself should own, rather than it being controlled via JS. wptrunner and (I believe) Blink's run_web_tests.py have ways to set preferences for certain groups of tests, and this doesn't seem meaningfully different from that. Which seems to come back to:

Anne's original suggestion was to have a Chrome-only configuration file somewhere, but having discussed this with @foolip and @jgraham it seems much more difficult to achieve such a setup in a way that would give us the same results as this WebDriver API. As such, I think it's preferable to update and simplify the existing WebDriver API instead.

IMO, this probably makes more sense to have as a thread on https://github.com/web-platform-tests/rfcs, rather than here, because it sounds like there's prior discussion (not linked) that I don't know the context of, and it really is a question of how we change the semantics of the test runner and less a CG matter.

from storage-access.