Shared Storage: Change from per-origin to per-site budgets

We update to using per-site privacy budgets instead of per-origin privacy budgets. This will align with enrollment enforcement, which is per-site. See also WICG/shared-storage#112 and WICG/shared-storage#118. To accomplish this, we migrate the `SharedStorageDatabase` to version 4, where the `budget_mapping` table's `context_origin` column has been renamed to `context_site`, and any existing data for version 3 databases will have each serialized origin in that column replaced by the corresponding serialization of the origin's site. We also update the names and types of other members and parameters as needed. Bug: 1218540,1485598 Change-Id: I3d956f5f2cd54a5da76a20e7d63411b3b7fc51ef Reviewed-on: https://chromium-review.googlesource.com/c/chromium/src/+/4879582 Reviewed-by: Philip Rogers <pdr@chromium.org> Commit-Queue: Cammie Smith Barnes <cammie@chromium.org> Reviewed-by: Ayu Ishii <ayui@chromium.org> Reviewed-by: Garrett Tanzer <gtanzer@chromium.org> Reviewed-by: Avi Drissman <avi@chromium.org> Reviewed-by: danakj <danakj@chromium.org> Reviewed-by: Yao Xiao <yaoxia@chromium.org> Cr-Commit-Position: refs/heads/main@{#1204170}
web-platform-tests · Oct 2, 2023 · 25ddb07 · 25ddb07
1 parent 53a1893
commit 25ddb07
Showing 1 changed file with 16 additions and 9 deletions.
diff --git a/...multiple-origins.tentative.https.sub.html → ...t-multiple-sites.tentative.https.sub.html b/...multiple-origins.tentative.https.sub.html → ...t-multiple-sites.tentative.https.sub.html
@@ -11,9 +11,9 @@
 <script>
 'use strict';
 
-function getOtherOriginURL(url) {
+function getCrossSiteURL(url) {
   return new URL(url.toString().replace(location.origin,
-                                        get_host_info().AUTHENTICATED_ORIGIN));
+                                        get_host_info().HTTPS_NOTSAMESITE_ORIGIN));
 }
 
 promise_test(async () => {
@@ -26,14 +26,21 @@
         "resources/run-url-selection-operation-limit-inner.https.html",
       [ancestorKey]);
 
-  // The per origin per pageload limit is 6 bits.
+  // The per site per pageload limit is 6 bits.
   url0.searchParams.append(bitsKey, perOriginBitLimit.toString());
   attachIFrame(url0);
   const result0 = await nextValueFromServer(ancestorKey);
   assert_equals(result0, "run_url_selection_limit_inner_succeeded");
 
-  // This url will already have a search param of ("bits", "6") appended.
-  let url1 = getRemoteOriginURL(url0);
+  let url1 = generateURL(
+      "/shared-storage-selecturl-limit/" +
+        "resources/run-url-selection-operation-limit-inner.https.html",
+      [ancestorKey]);
+
+  // The overall pageload budget should have 3 bits remaining, as we have set
+  // it to start at 9.
+  url1.searchParams.append(bitsKey, "3");
+  url1 = getCrossSiteURL(url1);
   attachIFrame(url1);
   const result1 = await nextValueFromServer(ancestorKey);
   assert_equals(result1, "run_url_selection_limit_inner_succeeded");
@@ -43,11 +50,11 @@
         "resources/run-url-selection-operation-limit-inner.https.html",
       [ancestorKey]);
 
-  // Since the overall per pageload limit is 12 bits, it should have already
-  // been reached, but we need to verify this using a third origin whose per
-  // origin budget is fresh.
+  // Since the overall per pageload limit is 9 bits here, it should have
+  // already been reached, even though `url2`'s site should have 3 bits
+  // remaining in the per-site budget, since it is same-site with `url1`.
   url2.searchParams.append(bitsKey, "0");
-  url2 = getOtherOriginURL(url2);
+  url2 = getCrossSiteURL(url2);
   attachIFrame(url2);
   const result2 = await nextValueFromServer(ancestorKey);
   assert_equals(result2, "run_url_selection_limit_inner_succeeded");