mozilla
/
gecko-dev
зеркало из https://github.com/mozilla/gecko-dev.git
1
0
Форкнуть 0
Код Задачи Пакеты Проекты Релизы Вики Активность

Bug 1675018 - Part 4 - Use deleteUserInteractionForClearingHistory in Sanitizer.jsm. r=timhuang 

This uses the new deleteStorageAccessForClearingHistory API in Sanitizer to avoid
clearing all storage access API permissions and thus all cookies and site data when
clearing only history.

Differential Revision: https://phabricator.services.mozilla.com/D96641
This commit is contained in:
Johann Hofmann 2020-11-17 22:25:04 +00:00
Родитель 98f163104c
Коммит 0e57e4e491
3 изменённых файлов: 148 добавлений и 3 удалений
Показать статистику Скачать Patch файл Скачать Diff файл Показать все файлы Свернуть все файлы

1
browser/base/content/test/sanitize/browser.ini
Просмотреть файл

@ -9,6 +9,7 @@ prefs=
[browser_purgehistory_clears_sh.js]
[browser_sanitize-formhistory.js]
[browser_sanitize-history.js]
[browser_sanitize-offlineData.js]
[browser_sanitize-passwordDisabledHosts.js]
[browser_sanitize-sitepermissions.js]

129
browser/base/content/test/sanitize/browser_sanitize-history.js Normal file
Просмотреть файл

@ -0,0 +1,129 @@
/* Any copyright is dedicated to the Public Domain.
* http://creativecommons.org/publicdomain/zero/1.0/ */
// Tests that sanitizing history will clear storage access permissions
// for sites without cookies or site data.
add_task(async function sanitizeStorageAccessPermissions() {
await new Promise(resolve => {
Services.clearData.deleteData(Ci.nsIClearDataService.CLEAR_ALL, resolve);
});
await SiteDataTestUtils.addToIndexedDB("https://sub.example.org");
await SiteDataTestUtils.addToCookies("https://example.com");
PermissionTestUtils.add(
"https://example.org",
"storageAccessAPI",
Services.perms.ALLOW_ACTION
);
PermissionTestUtils.add(
"https://example.com",
"storageAccessAPI",
Services.perms.ALLOW_ACTION
);
PermissionTestUtils.add(
"http://mochi.test",
"storageAccessAPI",
Services.perms.ALLOW_ACTION
);
// Add some time in between taking the snapshot of the timestamp
// to avoid flakyness.
// eslint-disable-next-line mozilla/no-arbitrary-setTimeout
await new Promise(c => setTimeout(c, 100));
let timestamp = Date.now();
// eslint-disable-next-line mozilla/no-arbitrary-setTimeout
await new Promise(c => setTimeout(c, 100));
PermissionTestUtils.add(
"http://example.net",
"storageAccessAPI",
Services.perms.ALLOW_ACTION
);
await Sanitizer.sanitize(["history"], { range: [timestamp, Date.now()] });
Assert.equal(
PermissionTestUtils.testExactPermission(
"http://example.net",
"storageAccessAPI"
),
Services.perms.UNKNOWN_ACTION
);
Assert.equal(
PermissionTestUtils.testExactPermission(
"http://mochi.test",
"storageAccessAPI"
),
Services.perms.ALLOW_ACTION
);
Assert.equal(
PermissionTestUtils.testExactPermission(
"https://example.com",
"storageAccessAPI"
),
Services.perms.ALLOW_ACTION
);
Assert.equal(
PermissionTestUtils.testExactPermission(
"https://example.org",
"storageAccessAPI"
),
Services.perms.ALLOW_ACTION
);
await Sanitizer.sanitize(["history"]);
Assert.equal(
PermissionTestUtils.testExactPermission(
"http://mochi.test",
"storageAccessAPI"
),
Services.perms.UNKNOWN_ACTION
);
Assert.equal(
PermissionTestUtils.testExactPermission(
"http://example.net",
"storageAccessAPI"
),
Services.perms.UNKNOWN_ACTION
);
Assert.equal(
PermissionTestUtils.testExactPermission(
"https://example.com",
"storageAccessAPI"
),
Services.perms.ALLOW_ACTION
);
Assert.equal(
PermissionTestUtils.testExactPermission(
"https://example.org",
"storageAccessAPI"
),
Services.perms.ALLOW_ACTION
);
await Sanitizer.sanitize(["history", "siteSettings"]);
Assert.equal(
PermissionTestUtils.testExactPermission(
"http://mochi.test",
"storageAccessAPI"
),
Services.perms.UNKNOWN_ACTION
);
Assert.equal(
PermissionTestUtils.testExactPermission(
"https://example.com",
"storageAccessAPI"
),
Services.perms.UNKNOWN_ACTION
);
Assert.equal(
PermissionTestUtils.testExactPermission(
"https://example.org",
"storageAccessAPI"
),
Services.perms.UNKNOWN_ACTION
);
});

21
browser/modules/Sanitizer.jsm
Просмотреть файл

@ -261,7 +261,7 @@ var Sanitizer = {
* specify a specific range.
* If timespan is not ignored, and range is not set, sanitize() will
* use the value of the timespan pref to determine a range.
* - range (default: null)
* - range (default: null): array-tuple of [from, to] timestamps
* - privateStateForNewWindow (default: "non-private"): when clearing
* open windows, defines the private state for the newly opened window.
*/
@ -340,7 +340,7 @@ var Sanitizer = {
// When making any changes to the sanitize implementations here,
// please check whether the changes are applicable to Android
// (mobile/android/modules/Sanitizer.jsm) as well.
// (mobile/android/modules/geckoview/GeckoViewStorageController.jsm) as well.
items: {
cache: {
@ -380,9 +380,24 @@ var Sanitizer = {
range,
Ci.nsIClearDataService.CLEAR_HISTORY |
Ci.nsIClearDataService.CLEAR_SESSION_HISTORY |
Ci.nsIClearDataService.CLEAR_STORAGE_ACCESS |
Ci.nsIClearDataService.CLEAR_CONTENT_BLOCKING_RECORDS
);
// storageAccessAPI permissions record every site that the user
// interacted with and thus mirror history quite closely. It makes
// sense to clear them when we clear history. However, since their absence
// indicates that we can purge cookies and site data for tracking origins without
// user interaction, we need to ensure that we only delete those permissions that
// do not have any existing storage.
let principalsCollector = new PrincipalsCollector();
let principals = await principalsCollector.getAllPrincipals();
await new Promise(resolve => {
Services.clearData.deleteUserInteractionForClearingHistory(
principals,
range ? range[0] : 0,
resolve
);
});
TelemetryStopwatch.finish("FX_SANITIZE_HISTORY", refObj);
},
},