mozilla
/
gecko-dev
зеркало из https://github.com/mozilla/gecko-dev.git
1
0
Форкнуть 0
Код Задачи Пакеты Проекты Релизы Вики Активность

Backed out 19 changesets (bug 1758745, bug 1758740, bug 1762462, bug 1779603) for causing mochitest failures on browser_partitionedConsoleMessage.js CLOSED TREE 

Backed out changeset e3c8cd6f00b6 (bug 1779603)
Backed out changeset 4e46a6f209b4 (bug 1762462)
Backed out changeset 00c0c6314640 (bug 1762462)
Backed out changeset 8f11221f859f (bug 1762462)
Backed out changeset ffbf90e3bbab (bug 1762462)
Backed out changeset 0c760428dfec (bug 1762462)
Backed out changeset 7c99293cc8f9 (bug 1762462)
Backed out changeset 92bd237a95e1 (bug 1762462)
Backed out changeset 74539a3cc7fc (bug 1762462)
Backed out changeset acf08a10c6fb (bug 1762462)
Backed out changeset 0cf191a7739f (bug 1762462)
Backed out changeset 030c276d6669 (bug 1762462)
Backed out changeset a88a099c684d (bug 1762462)
Backed out changeset cbd69786a24b (bug 1762462)
Backed out changeset e5e0655206a8 (bug 1762462)
Backed out changeset 707f9dfed501 (bug 1762462)
Backed out changeset 619e4bb01a81 (bug 1762462)
Backed out changeset 02b7641683b0 (bug 1758745)
Backed out changeset a2f110442038 (bug 1758740)
This commit is contained in:
Cristian Tuns 2022-07-14 17:26:17 -04:00
Родитель 14113a293a
Коммит 2f5fe88da3
90 изменённых файлов: 204 добавлений и 2728 удалений
Показать статистику Скачать Patch файл Скачать Diff файл Показать все файлы Свернуть все файлы

9
browser/base/content/test/protectionsUI/browser_protectionsUI_icon_state.js
Просмотреть файл

@ -7,8 +7,6 @@
const TP_PREF = "privacy.trackingprotection.enabled";
const TP_PB_PREF = "privacy.trackingprotection.pbmode.enabled";
const APS_PREF =
"privacy.partition.always_partition_third_party_non_cookie_storage";
const NCB_PREF = "network.cookie.cookieBehavior";
const BENIGN_PAGE =
"http://tracking.example.org/browser/browser/base/content/test/protectionsUI/benignPage.html";
@ -147,8 +145,6 @@ async function testTrackingProtectionIconState(tabbrowser) {
}
add_task(async function testNormalBrowsing() {
await SpecialPowers.pushPrefEnv({ set: [[APS_PREF, false]] });
await UrlClassifierTestUtils.addTestTrackers();
let gProtectionsHandler = gBrowser.ownerGlobal.gProtectionsHandler;
@ -181,10 +177,7 @@ add_task(async function testNormalBrowsing() {
add_task(async function testPrivateBrowsing() {
await SpecialPowers.pushPrefEnv({
set: [
[APS_PREF, false],
["dom.security.https_first_pbm", false],
],
set: [["dom.security.https_first_pbm", false]],
});
let privateWin = await BrowserTestUtils.openNewBrowserWindow({

11
browser/base/content/test/protectionsUI/browser_protectionsUI_state.js
Просмотреть файл

@ -16,8 +16,6 @@
const TP_PREF = "privacy.trackingprotection.enabled";
const TP_PB_PREF = "privacy.trackingprotection.pbmode.enabled";
const APS_PREF =
"privacy.partition.always_partition_third_party_non_cookie_storage";
const TPC_PREF = "network.cookie.cookieBehavior";
const DTSCBN_PREF = "dom.testing.sync-content-blocking-notifications";
const BENIGN_PAGE =
@ -274,8 +272,6 @@ async function testContentBlocking(tab) {
}
add_task(async function testNormalBrowsing() {
await SpecialPowers.pushPrefEnv({ set: [[APS_PREF, false]] });
await UrlClassifierTestUtils.addTestTrackers();
Services.prefs.setBoolPref(DTSCBN_PREF, true);
@ -314,10 +310,7 @@ add_task(async function testNormalBrowsing() {
add_task(async function testPrivateBrowsing() {
await SpecialPowers.pushPrefEnv({
set: [
["dom.security.https_first_pbm", false],
[APS_PREF, false],
],
set: [["dom.security.https_first_pbm", false]],
});
let privateWin = await BrowserTestUtils.openNewBrowserWindow({
private: true,
@ -358,8 +351,6 @@ add_task(async function testPrivateBrowsing() {
});
add_task(async function testThirdPartyCookies() {
await SpecialPowers.pushPrefEnv({ set: [[APS_PREF, false]] });
await UrlClassifierTestUtils.addTestTrackers();
gTrackingPageURL = COOKIE_PAGE;

1
devtools/client/storage/test/browser.ini
Просмотреть файл

@ -69,7 +69,6 @@ skip-if = true # Bug 1448484 - sameSite1 is "Unset" - Got undefined, expected Un
[browser_storage_delete_usercontextid.js]
tags = usercontextid
[browser_storage_dfpi.js]
[browser_storage_dfpi_always_partition_storage.js]
[browser_storage_dom_cache_disabled.js]
[browser_storage_dynamic_updates_cookies.js]
[browser_storage_dynamic_updates_localStorage.js]

5
devtools/client/storage/test/browser_storage_dfpi.js
Просмотреть файл

@ -33,11 +33,6 @@ add_task(async function() {
Ci.nsICookieService.BEHAVIOR_REJECT_TRACKER_AND_PARTITION_FOREIGN
);
await pushPref(
"privacy.partition.always_partition_third_party_non_cookie_storage",
false
);
registerCleanupFunction(SiteDataTestUtils.clear);
// `Services.qms.listOrigins()` may or contain results created by other tests.

72
devtools/client/storage/test/browser_storage_dfpi_always_partition_storage.js
Просмотреть файл

@ -1,72 +0,0 @@
/* This Source Code Form is subject to the terms of the Mozilla Public
* License, v. 2.0. If a copy of the MPL was not distributed with this
* file, You can obtain one at http://mozilla.org/MPL/2.0/. */
/* import-globals-from head.js */
// Basic test to assert that the storage tree and table corresponding to each
// item in the storage tree is correctly displayed, bearing in mind the origin
// is partitioned when always_partition_third_party_non_cookie_storage is true.
"use strict";
const { SiteDataTestUtils } = ChromeUtils.import(
"resource://testing-common/SiteDataTestUtils.jsm"
);
// Ensure iframe.src in storage-dfpi.html starts with PREFIX.
const PREFIX = "https://sub1.test1.example";
const ORIGIN = `${PREFIX}.org`;
const ORIGIN_PARTITIONED = `${PREFIX}.com^partitionKey=%28https%2Cexample.org%29`;
const TEST_URL = `${ORIGIN}/document-builder.sjs?html=
<iframe src="${PREFIX}.com/browser/devtools/client/storage/test/storage-blank.html"></iframe>
`;
function listOrigins() {
return new Promise(resolve => {
SpecialPowers.Services.qms.listOrigins().callback = req => {
resolve(req.result);
};
});
}
add_task(async function() {
await pushPref(
"network.cookie.cookieBehavior",
Ci.nsICookieService.BEHAVIOR_REJECT_TRACKER_AND_PARTITION_FOREIGN
);
await pushPref(
"privacy.partition.always_partition_third_party_non_cookie_storage",
true
);
registerCleanupFunction(SiteDataTestUtils.clear);
const expectedOrigins = [ORIGIN, ORIGIN_PARTITIONED];
// `Services.qms.listOrigins()` may or contain results created by other tests.
// And it's unsafe to clear existing origins by `Services.qms.clear()`.
// In order to obtain correct results, we need to compare the results before
// and after `openTabAndSetupStorage` is called.
// To ensure more accurate results, try choosing a uncommon origin for PREFIX.
const EXISTING_ORIGINS = await listOrigins();
expectedOrigins.forEach(expected => {
ok(!EXISTING_ORIGINS.includes(expected), `${expected} doesn't exist`);
});
await openTabAndSetupStorage(TEST_URL);
const origins = await listOrigins();
for (const origin of origins) {
ok(
EXISTING_ORIGINS.includes(origin) || expectedOrigins.includes(origin),
`check origin: ${origin}`
);
}
expectedOrigins.forEach(expected => {
ok(origins.includes(expected), `${expected} is added`);
});
BrowserTestUtils.removeTab(gBrowser.selectedTab);
});

8
devtools/client/storage/test/browser_storage_fission_cookies.js
Просмотреть файл

@ -9,13 +9,7 @@
add_task(async function() {
await SpecialPowers.pushPrefEnv({
// Bug 1617611: Fix all the tests broken by "cookies SameSite=lax by default"
set: [
["network.cookie.sameSite.laxByDefault", false],
[
"privacy.partition.always_partition_third_party_non_cookie_storage",
false,
],
],
set: [["network.cookie.sameSite.laxByDefault", false]],
});
const URL_IFRAME = buildURLWithContent(

6
docshell/test/mochitest/test_bfcache_plus_hash.html
Просмотреть файл

@ -135,11 +135,7 @@ if (isXOrigin) {
SpecialPowers.wrap(document).notifyUserGestureActivation();
SpecialPowers.addPermission("storageAccessAPI", true, window.location.href).then(() => {
SpecialPowers.wrap(document).requestStorageAccess().then(() => {
SpecialPowers.pushPrefEnv({
set: [["privacy.partition.always_partition_third_party_non_cookie_storage", false]],
}).then(() => {
executeTest();
});
executeTest();
});
});
} else {

3
docshell/test/mochitest/test_bug1121701.html
Просмотреть файл

@ -34,9 +34,6 @@ https://bugzilla.mozilla.org/show_bug.cgi?id=1121701
// the iframe containing this page is isolated from first-party storage access,
// which isolates BroadcastChannel communication.
if (isXOrigin) {
await SpecialPowers.pushPrefEnv({
set: [["privacy.partition.always_partition_third_party_non_cookie_storage", false]],
});
SpecialPowers.wrap(document).notifyUserGestureActivation();
await SpecialPowers.addPermission("storageAccessAPI", true, window.location.href);
await SpecialPowers.wrap(document).requestStorageAccess();

6
docshell/test/navigation/test_beforeunload_and_bfcache.html
Просмотреть файл

@ -76,11 +76,7 @@
SpecialPowers.wrap(document).notifyUserGestureActivation();
SpecialPowers.addPermission("storageAccessAPI", true, window.location.href).then(() => {
SpecialPowers.wrap(document).requestStorageAccess().then(() => {
SpecialPowers.pushPrefEnv({
set: [["privacy.partition.always_partition_third_party_non_cookie_storage", false]]
}).then(() => {
executeTest();
});
executeTest();
});
});
} else {

6
docshell/test/navigation/test_blockBFCache.html
Просмотреть файл

@ -278,11 +278,7 @@ if (isXOrigin) {
SpecialPowers.wrap(document).notifyUserGestureActivation();
SpecialPowers.addPermission("storageAccessAPI", true, window.location.href).then(() => {
SpecialPowers.wrap(document).requestStorageAccess().then(() => {
SpecialPowers.pushPrefEnv({
set: [["privacy.partition.always_partition_third_party_non_cookie_storage", false]]
}).then(() => {
executeTest();
});
executeTest();
});
});
} else {

56
dom/base/Document.cpp
Просмотреть файл

@ -6477,7 +6477,7 @@ void Document::GetCookie(nsAString& aCookie, ErrorResult& rv) {
return;
}
StorageAccess storageAccess = CookieAllowedForDocument(this);
StorageAccess storageAccess = StorageAllowedForDocument(this);
if (storageAccess == StorageAccess::eDeny) {
return;
}
@ -6516,7 +6516,7 @@ void Document::SetCookie(const nsAString& aCookie, ErrorResult& aRv) {
return;
}
StorageAccess storageAccess = CookieAllowedForDocument(this);
StorageAccess storageAccess = StorageAllowedForDocument(this);
if (storageAccess == StorageAccess::eDeny) {
return;
}
@ -12056,7 +12056,6 @@ nsresult Document::CloneDocHelper(Document* clone) const {
clone->SetChromeXHRDocURI(mChromeXHRDocURI);
clone->SetPrincipals(NodePrincipal(), mPartitionedPrincipal);
clone->mActiveStoragePrincipal = mActiveStoragePrincipal;
clone->mActiveCookiePrincipal = mActiveCookiePrincipal;
// NOTE(emilio): Intentionally setting this to the GetDocBaseURI rather than
// just mDocumentBaseURI, so that srcdoc iframes get the right base URI even
// when printed standalone via window.print() (where there won't be a parent
@ -17803,11 +17802,6 @@ bool Document::HasStorageAccessPermissionGrantedByAllowList() {
}
nsIPrincipal* Document::EffectiveStoragePrincipal() const {
if (!StaticPrefs::
privacy_partition_always_partition_third_party_non_cookie_storage()) {
return EffectiveCookiePrincipal();
}
nsPIDOMWindowInner* inner = GetInnerWindow();
if (!inner) {
return NodePrincipal();
@ -17818,51 +17812,11 @@ nsIPrincipal* Document::EffectiveStoragePrincipal() const {
return mActiveStoragePrincipal;
}
// Calling StorageAllowedForDocument will notify the ContentBlockLog. This
// loads TrackingDBService.jsm, which in turn pulls in osfile.jsm, making us
// fail // browser/base/content/test/performance/browser_startup.js. To avoid
// that, we short-circuit the check here by allowing storage access to system
// and addon principles, avoiding the test-failure.
nsIPrincipal* principal = NodePrincipal();
if (principal && (principal->IsSystemPrincipal() ||
principal->GetIsAddonOrExpandedAddonPrincipal())) {
return mActiveStoragePrincipal = NodePrincipal();
}
auto cookieJarSettings = const_cast<Document*>(this)->CookieJarSettings();
if (cookieJarSettings->GetIsOnContentBlockingAllowList()) {
return mActiveStoragePrincipal = NodePrincipal();
}
StorageAccess storageAccess = StorageAllowedForDocument(this);
if (!ShouldPartitionStorage(storageAccess) ||
!StoragePartitioningEnabled(storageAccess, cookieJarSettings)) {
return mActiveStoragePrincipal = NodePrincipal();
}
Unused << NS_WARN_IF(NS_FAILED(StoragePrincipalHelper::GetPrincipal(
nsGlobalWindowInner::Cast(inner),
StoragePrincipalHelper::eForeignPartitionedPrincipal,
getter_AddRefs(mActiveStoragePrincipal))));
return mActiveStoragePrincipal;
}
nsIPrincipal* Document::EffectiveCookiePrincipal() const {
nsPIDOMWindowInner* inner = GetInnerWindow();
if (!inner) {
return NodePrincipal();
}
// Return our cached storage principal if one exists.
if (mActiveCookiePrincipal) {
return mActiveCookiePrincipal;
}
// We use the lower-level ContentBlocking API here to ensure this
// check doesn't send notifications.
uint32_t rejectedReason = 0;
if (ShouldAllowAccessFor(inner, GetDocumentURI(), &rejectedReason)) {
return mActiveCookiePrincipal = NodePrincipal();
return mActiveStoragePrincipal = NodePrincipal();
}
// Let's use the storage principal only if we need to partition the cookie
@ -17871,10 +17825,10 @@ nsIPrincipal* Document::EffectiveCookiePrincipal() const {
if (ShouldPartitionStorage(rejectedReason) &&
!StoragePartitioningEnabled(
rejectedReason, const_cast<Document*>(this)->CookieJarSettings())) {
return mActiveCookiePrincipal = NodePrincipal();
return mActiveStoragePrincipal = NodePrincipal();
}
return mActiveCookiePrincipal = mPartitionedPrincipal;
return mActiveStoragePrincipal = mPartitionedPrincipal;
}
nsIPrincipal* Document::GetPrincipalForPrefBasedHacks() const {

16
dom/base/Document.h
Просмотреть файл

@ -624,17 +624,11 @@ class Document : public nsINode,
return DocumentOrShadowRoot::SetValueMissingState(aName, aValue);
}
nsIPrincipal* EffectiveCookiePrincipal() const;
nsIPrincipal* EffectiveStoragePrincipal() const;
// nsIScriptObjectPrincipal
nsIPrincipal* GetPrincipal() final { return NodePrincipal(); }
nsIPrincipal* GetEffectiveCookiePrincipal() final {
return EffectiveCookiePrincipal();
}
nsIPrincipal* GetEffectiveStoragePrincipal() final {
return EffectiveStoragePrincipal();
}
@ -649,10 +643,7 @@ class Document : public nsINode,
// allowlist.
nsIPrincipal* GetPrincipalForPrefBasedHacks() const;
void ClearActiveCookieAndStoragePrincipals() {
mActiveStoragePrincipal = nullptr;
mActiveCookiePrincipal = nullptr;
}
void ClearActiveStoragePrincipal() { mActiveStoragePrincipal = nullptr; }
// EventTarget
void GetEventTargetParent(EventChainPreVisitor& aVisitor) override;
@ -5268,11 +5259,6 @@ class Document : public nsINode,
// which is required due to its CloneDocHelper() call site. :-(
mutable nsCOMPtr<nsIPrincipal> mActiveStoragePrincipal;
// The cached cookie principal for this document.
// This is mutable so that we can keep EffectiveCookiePrincipal() const
// which is required due to its CloneDocHelper() call site. :-(
mutable nsCOMPtr<nsIPrincipal> mActiveCookiePrincipal;
// See GetNextFormNumber and GetNextControlNumber.
int32_t mNextFormNumber;
int32_t mNextControlNumber;

59
dom/base/nsGlobalWindowInner.cpp
Просмотреть файл

@ -448,10 +448,6 @@ class nsGlobalWindowObserver final : public nsIObserver,
}
}
nsIPrincipal* GetEffectiveCookiePrincipal() const override {
return mWindow ? mWindow->GetEffectiveCookiePrincipal() : nullptr;
}
nsIPrincipal* GetEffectiveStoragePrincipal() const override {
return mWindow ? mWindow->GetEffectiveStoragePrincipal() : nullptr;
}
@ -1164,7 +1160,6 @@ void nsGlobalWindowInner::FreeInnerObjects() {
if (mDoc) {
// Remember the document's principal, URI, and CSP.
mDocumentPrincipal = mDoc->NodePrincipal();
mDocumentCookiePrincipal = mDoc->EffectiveCookiePrincipal();
mDocumentStoragePrincipal = mDoc->EffectiveStoragePrincipal();
mDocumentPartitionedPrincipal = mDoc->PartitionedPrincipal();
mDocumentURI = mDoc->GetDocumentURI();
@ -1410,7 +1405,6 @@ NS_IMPL_CYCLE_COLLECTION_TRAVERSE_BEGIN_INTERNAL(nsGlobalWindowInner)
NS_IMPL_CYCLE_COLLECTION_TRAVERSE(mApplicationCache)
NS_IMPL_CYCLE_COLLECTION_TRAVERSE(mIndexedDB)
NS_IMPL_CYCLE_COLLECTION_TRAVERSE(mDocumentPrincipal)
NS_IMPL_CYCLE_COLLECTION_TRAVERSE(mDocumentCookiePrincipal)
NS_IMPL_CYCLE_COLLECTION_TRAVERSE(mDocumentStoragePrincipal)
NS_IMPL_CYCLE_COLLECTION_TRAVERSE(mDocumentPartitionedPrincipal)
NS_IMPL_CYCLE_COLLECTION_TRAVERSE(mDocumentCsp)
@ -1529,7 +1523,6 @@ NS_IMPL_CYCLE_COLLECTION_UNLINK_BEGIN(nsGlobalWindowInner)
NS_IMPL_CYCLE_COLLECTION_UNLINK(mIndexedDB)
}
NS_IMPL_CYCLE_COLLECTION_UNLINK(mDocumentPrincipal)
NS_IMPL_CYCLE_COLLECTION_UNLINK(mDocumentCookiePrincipal)
NS_IMPL_CYCLE_COLLECTION_UNLINK(mDocumentStoragePrincipal)
NS_IMPL_CYCLE_COLLECTION_UNLINK(mDocumentPartitionedPrincipal)
NS_IMPL_CYCLE_COLLECTION_UNLINK(mDocumentCsp)
@ -2264,29 +2257,6 @@ nsIPrincipal* nsGlobalWindowInner::GetPrincipal() {
return nullptr;
}
nsIPrincipal* nsGlobalWindowInner::GetEffectiveCookiePrincipal() {
if (mDoc) {
// If we have a document, get the principal from the document
return mDoc->EffectiveCookiePrincipal();
}
if (mDocumentCookiePrincipal) {
return mDocumentCookiePrincipal;
}
// If we don't have a cookie principal and we don't have a document we ask
// the parent window for the cookie principal.
nsCOMPtr<nsIScriptObjectPrincipal> objPrincipal =
do_QueryInterface(GetInProcessParentInternal());
if (objPrincipal) {
return objPrincipal->GetEffectiveCookiePrincipal();
}
return nullptr;
}
nsIPrincipal* nsGlobalWindowInner::GetEffectiveStoragePrincipal() {
if (mDoc) {
// If we have a document, get the principal from the document
@ -2297,8 +2267,8 @@ nsIPrincipal* nsGlobalWindowInner::GetEffectiveStoragePrincipal() {
return mDocumentStoragePrincipal;
}
// If we don't have a cookie principal and we don't have a document we ask
// the parent window for the cookie principal.
// If we don't have a storage principal and we don't have a document we ask
// the parent window for the storage principal.
nsCOMPtr<nsIScriptObjectPrincipal> objPrincipal =
do_QueryInterface(GetInProcessParentInternal());
@ -7755,25 +7725,6 @@ void nsGlobalWindowInner::StorageAccessPermissionGranted() {
// give us the updated localStorage object.
ClearStorageAllowedCache();
// If we're always partitioning non-cookie third party storage then
// there is no need to clear it when the user accepts requestStorageAccess.
if (StaticPrefs::
privacy_partition_always_partition_third_party_non_cookie_storage()) {
// Just reset the active cookie and storage principals
nsCOMPtr<nsICookieJarSettings> cjs;
if (mDoc) {
cjs = mDoc->CookieJarSettings();
}
StorageAccess storageAccess = StorageAllowedForWindow(this);
if (ShouldPartitionStorage(storageAccess) &&
StoragePartitioningEnabled(storageAccess, cjs)) {
if (mDoc) {
mDoc->ClearActiveCookieAndStoragePrincipals();
}
return;
}
}
PropagateStorageAccessPermissionGrantedToWorkers(*this);
// If we have a partitioned localStorage, it's time to replace it with a real
@ -7803,11 +7754,11 @@ void nsGlobalWindowInner::StorageAccessPermissionGranted() {
// Reset DOM Cache
mCacheStorage = nullptr;
// Reset the active cookie and storage principals
// Reset the active storage principal
if (mDoc) {
mDoc->ClearActiveCookieAndStoragePrincipals();
mDoc->ClearActiveStoragePrincipal();
if (mWindowGlobalChild) {
// XXX(farre): This is a bit backwards, but clearing the cookie
// XXX(farre): This is a bit backwards, but clearing the storage
// principal might make us end up with a new effective storage
// principal on the child side than on the parent side, which
// means that we need to sync it. See bug 1705359.

3
dom/base/nsGlobalWindowInner.h
Просмотреть файл

@ -273,8 +273,6 @@ class nsGlobalWindowInner final : public mozilla::dom::EventTarget,
// nsIScriptObjectPrincipal
virtual nsIPrincipal* GetPrincipal() override;
virtual nsIPrincipal* GetEffectiveCookiePrincipal() override;
virtual nsIPrincipal* GetEffectiveStoragePrincipal() override;
virtual nsIPrincipal* PartitionedPrincipal() override;
@ -1463,7 +1461,6 @@ class nsGlobalWindowInner final : public mozilla::dom::EventTarget,
// The document's principals and CSP are only stored if
// FreeInnerObjects has been called.
nsCOMPtr<nsIPrincipal> mDocumentPrincipal;
nsCOMPtr<nsIPrincipal> mDocumentCookiePrincipal;
nsCOMPtr<nsIPrincipal> mDocumentStoragePrincipal;
nsCOMPtr<nsIPrincipal> mDocumentPartitionedPrincipal;
nsCOMPtr<nsIContentSecurityPolicy> mDocumentCsp;

28
dom/base/nsGlobalWindowOuter.cpp
Просмотреть файл

@ -1575,7 +1575,6 @@ NS_IMPL_CYCLE_COLLECTION_TRAVERSE_BEGIN_INTERNAL(nsGlobalWindowOuter)
NS_IMPL_CYCLE_COLLECTION_TRAVERSE(mLocalStorage)
NS_IMPL_CYCLE_COLLECTION_TRAVERSE(mSuspendedDocs)
NS_IMPL_CYCLE_COLLECTION_TRAVERSE(mDocumentPrincipal)
NS_IMPL_CYCLE_COLLECTION_TRAVERSE(mDocumentCookiePrincipal)
NS_IMPL_CYCLE_COLLECTION_TRAVERSE(mDocumentStoragePrincipal)
NS_IMPL_CYCLE_COLLECTION_TRAVERSE(mDocumentPartitionedPrincipal)
NS_IMPL_CYCLE_COLLECTION_TRAVERSE(mDoc)
@ -1608,7 +1607,6 @@ NS_IMPL_CYCLE_COLLECTION_UNLINK_BEGIN(nsGlobalWindowOuter)
NS_IMPL_CYCLE_COLLECTION_UNLINK(mLocalStorage)
NS_IMPL_CYCLE_COLLECTION_UNLINK(mSuspendedDocs)
NS_IMPL_CYCLE_COLLECTION_UNLINK(mDocumentPrincipal)
NS_IMPL_CYCLE_COLLECTION_UNLINK(mDocumentCookiePrincipal)
NS_IMPL_CYCLE_COLLECTION_UNLINK(mDocumentStoragePrincipal)
NS_IMPL_CYCLE_COLLECTION_UNLINK(mDocumentPartitionedPrincipal)
NS_IMPL_CYCLE_COLLECTION_UNLINK(mDoc)
@ -2077,8 +2075,6 @@ nsresult nsGlobalWindowOuter::SetNewDocument(Document* aDocument,
WindowGlobalChild* aActor) {
MOZ_ASSERT(mDocumentPrincipal == nullptr,
"mDocumentPrincipal prematurely set!");
MOZ_ASSERT(mDocumentCookiePrincipal == nullptr,
"mDocumentCookiePrincipal prematurely set!");
MOZ_ASSERT(mDocumentStoragePrincipal == nullptr,
"mDocumentStoragePrincipal prematurely set!");
MOZ_ASSERT(mDocumentPartitionedPrincipal == nullptr,
@ -2715,7 +2711,6 @@ void nsGlobalWindowOuter::DetachFromDocShell(bool aIsBeingDiscarded) {
// Remember the document's principal and URI.
mDocumentPrincipal = mDoc->NodePrincipal();
mDocumentCookiePrincipal = mDoc->EffectiveCookiePrincipal();
mDocumentStoragePrincipal = mDoc->EffectiveStoragePrincipal();
mDocumentPartitionedPrincipal = mDoc->PartitionedPrincipal();
mDocumentURI = mDoc->GetDocumentURI();
@ -2950,29 +2945,6 @@ nsIPrincipal* nsGlobalWindowOuter::GetPrincipal() {
return nullptr;
}
nsIPrincipal* nsGlobalWindowOuter::GetEffectiveCookiePrincipal() {
if (mDoc) {
// If we have a document, get the principal from the document
return mDoc->EffectiveCookiePrincipal();
}
if (mDocumentCookiePrincipal) {
return mDocumentCookiePrincipal;
}
// If we don't have a cookie principal and we don't have a document we ask
// the parent window for the cookie principal.
nsCOMPtr<nsIScriptObjectPrincipal> objPrincipal =
do_QueryInterface(GetInProcessParentInternal());
if (objPrincipal) {
return objPrincipal->GetEffectiveCookiePrincipal();
}
return nullptr;
}
nsIPrincipal* nsGlobalWindowOuter::GetEffectiveStoragePrincipal() {
if (mDoc) {
// If we have a document, get the principal from the document

3
dom/base/nsGlobalWindowOuter.h
Просмотреть файл

@ -254,8 +254,6 @@ class nsGlobalWindowOuter final : public mozilla::dom::EventTarget,
// nsIScriptObjectPrincipal
virtual nsIPrincipal* GetPrincipal() override;
virtual nsIPrincipal* GetEffectiveCookiePrincipal() override;
virtual nsIPrincipal* GetEffectiveStoragePrincipal() override;
virtual nsIPrincipal* PartitionedPrincipal() override;
@ -1099,7 +1097,6 @@ class nsGlobalWindowOuter final : public mozilla::dom::EventTarget,
RefPtr<mozilla::dom::Storage> mLocalStorage;
nsCOMPtr<nsIPrincipal> mDocumentPrincipal;
nsCOMPtr<nsIPrincipal> mDocumentCookiePrincipal;
nsCOMPtr<nsIPrincipal> mDocumentStoragePrincipal;
nsCOMPtr<nsIPrincipal> mDocumentPartitionedPrincipal;

2
dom/base/nsIScriptObjectPrincipal.h
Просмотреть файл

@ -27,8 +27,6 @@ class nsIScriptObjectPrincipal : public nsISupports {
virtual nsIPrincipal* GetPrincipal() = 0;
virtual nsIPrincipal* GetEffectiveCookiePrincipal() = 0;
virtual nsIPrincipal* GetEffectiveStoragePrincipal() = 0;
virtual nsIPrincipal* PartitionedPrincipal() = 0;

6
dom/broadcastchannel/tests/test_bfcache.html
Просмотреть файл

@ -104,11 +104,7 @@
SpecialPowers.wrap(document).notifyUserGestureActivation();
SpecialPowers.addPermission("storageAccessAPI", true, window.location.href).then(() => {
SpecialPowers.wrap(document).requestStorageAccess().then(() => {
SpecialPowers.pushPrefEnv({
set: [["privacy.partition.always_partition_third_party_non_cookie_storage", false]]
}).then(() => {
executeTest();
});
executeTest();
});
});
} else {

7
dom/cache/CacheStorage.cpp поставляемый
Просмотреть файл

@ -558,12 +558,7 @@ bool CacheStorage::HasStorageAccess() const {
if (NS_WARN_IF(!mGlobal)) {
return false;
}
StorageAccess access = mGlobal->GetStorageAccess();
return access > StorageAccess::ePrivateBrowsing ||
(StaticPrefs::
privacy_partition_always_partition_third_party_non_cookie_storage() &&
ShouldPartitionStorage(access));
return mGlobal->GetStorageAccess() > StorageAccess::ePrivateBrowsing;
}
} // namespace mozilla::dom::cache

4
dom/cache/test/mochitest/driver.js поставляемый
Просмотреть файл

@ -34,10 +34,6 @@ function runTests(testFile, order) {
["dom.serviceWorkers.enabled", true],
["dom.serviceWorkers.testing.enabled", true],
["dom.serviceWorkers.exemptFromPerDomainMax", true],
[
"privacy.partition.always_partition_third_party_non_cookie_storage",
false,
],
],
});
}

3
dom/cache/test/mochitest/test_cache_orphaned_body.html поставляемый
Просмотреть файл

@ -90,8 +90,7 @@ SpecialPowers.pushPrefEnv({
"set": [["dom.caches.enabled", true],
["dom.caches.testing.enabled", true],
["dom.quotaManager.testing", true],
["dom.storageManager.enabled", true],
["privacy.partition.always_partition_third_party_non_cookie_storage", false]],
["dom.storageManager.enabled", true]],
}, async function() {
// Bug 1746646: Make mochitests work with TCP enabled (cookieBehavior = 5)
// Acquire storage access permission here so that the Cache API is avaialable

3
dom/cache/test/mochitest/test_cache_orphaned_cache.html поставляемый
Просмотреть файл

@ -63,8 +63,7 @@ SimpleTest.waitForExplicitFinish();
SpecialPowers.pushPrefEnv({
"set": [["dom.caches.enabled", true],
["dom.caches.testing.enabled", true],
["dom.quotaManager.testing", true],
["privacy.partition.always_partition_third_party_non_cookie_storage", false]],
["dom.quotaManager.testing", true]],
}, async function() {
// Bug 1746646: Make mochitests work with TCP enabled (cookieBehavior = 5)
// Acquire storage access permission here so that the Cache API is avaialable

3
dom/cache/test/mochitest/test_cache_padding.html поставляемый
Просмотреть файл

@ -87,8 +87,7 @@ SimpleTest.waitForExplicitFinish();
SpecialPowers.pushPrefEnv({
"set": [["dom.caches.enabled", true],
["dom.caches.testing.enabled", true],
["dom.quotaManager.testing", true],
["privacy.partition.always_partition_third_party_non_cookie_storage", false]],
["dom.quotaManager.testing", true]],
}, async function() {
// This test is mainly to verify we only generate different padding size for
// the opaque response which is comming from netwrok.

3
dom/cache/test/mochitest/test_cache_shrink.html поставляемый
Просмотреть файл

@ -63,8 +63,7 @@ SimpleTest.waitForExplicitFinish();
SpecialPowers.pushPrefEnv({
"set": [["dom.caches.enabled", true],
["dom.caches.testing.enabled", true],
["dom.quotaManager.testing", true],
["privacy.partition.always_partition_third_party_non_cookie_storage", false]],
["dom.quotaManager.testing", true]],
}, async function() {
// Bug 1746646: Make mochitests work with TCP enabled (cookieBehavior = 5)
// Acquire storage access permission here so that the Cache API is avaialable

3
dom/cache/test/mochitest/test_cache_tons_of_fd.html поставляемый
Просмотреть файл

@ -89,8 +89,7 @@ SimpleTest.waitForExplicitFinish();
SpecialPowers.pushPrefEnv({
"set": [["dom.caches.enabled", true],
["dom.caches.testing.enabled", true],
["dom.quotaManager.testing", true],
["privacy.partition.always_partition_third_party_non_cookie_storage", false]],
["dom.quotaManager.testing", true]],
}, async function() {
// Bug 1746646: Make mochitests work with TCP enabled (cookieBehavior = 5)
// Acquire storage access permission here so that the Cache API is avaialable

3
dom/cache/test/mochitest/test_cache_updateUsage.html поставляемый
Просмотреть файл

@ -83,8 +83,7 @@ SimpleTest.waitForExplicitFinish();
SpecialPowers.pushPrefEnv({
"set": [["dom.caches.enabled", true],
["dom.caches.testing.enabled", true],
["dom.quotaManager.testing", true],
["privacy.partition.always_partition_third_party_non_cookie_storage", false]],
["dom.quotaManager.testing", true]],
}, async function() {
// Bug 1746646: Make mochitests work with TCP enabled (cookieBehavior = 5)
// Acquire storage access permission here so that the Cache API is avaialable

10
dom/cache/test/mochitest/test_cache_worker_gc.html поставляемый
Просмотреть файл

@ -44,13 +44,9 @@ async function test() {
// Bug 1746646: Make mochitests work with TCP enabled (cookieBehavior = 5)
// Acquire storage access permission here so that the Cache API is avaialable
SpecialPowers.wrap(document).notifyUserGestureActivation();
SpecialPowers.addPermission("storageAccessAPI", true, window.location.href).then(() => {
SpecialPowers.wrap(document).requestStorageAccess().then(() => {
SpecialPowers.pushPrefEnv({
set: [["privacy.partition.always_partition_third_party_non_cookie_storage", false]],
}).then(() => {
test();
});
SpecialPowers.addPermission("storageAccessAPI", true, window.location.href).then(() => {
SpecialPowers.wrap(document).requestStorageAccess().then(() => {
test();
});
});
</script>

8
dom/indexedDB/test/unit/test_storage_manager_estimate.js
Просмотреть файл

@ -68,14 +68,6 @@ async function setup(isXOrigin) {
// first-party access to the storage estimate. Without this, it is
// isolated and this test will always fail
if (isXOrigin) {
await SpecialPowers.pushPrefEnv({
set: [
[
"privacy.partition.always_partition_third_party_non_cookie_storage",
false,
],
],
});
SpecialPowers.wrap(document).notifyUserGestureActivation();
await SpecialPowers.addPermission(
"storageAccessAPI",

3
dom/ipc/tests/test_browsingcontext_currenturi.html
Просмотреть файл

@ -67,9 +67,6 @@ async function broadcastLoadTest(baseURI, callback) {
// the iframe containing this page is isolated from first-party storage access,
// which isolates BroadcastChannel communication.
if (isXOrigin) {
await SpecialPowers.pushPrefEnv({
set: [["privacy.partition.always_partition_third_party_non_cookie_storage", false]],
});
SpecialPowers.wrap(document).notifyUserGestureActivation();
await SpecialPowers.addPermission(
"storageAccessAPI",

2
dom/storage/StorageNotifierService.h
Просмотреть файл

@ -35,8 +35,6 @@ class StorageNotificationObserver {
virtual bool IsPrivateBrowsing() const = 0;
virtual nsIPrincipal* GetEffectiveCookiePrincipal() const = 0;
virtual nsIPrincipal* GetEffectiveStoragePrincipal() const = 0;
virtual nsIEventTarget* GetEventTarget() const = 0;

9
dom/tests/browser/browser_sessionStorage_navigation.js
Просмотреть файл

@ -22,15 +22,6 @@ add_task(async function() {
`cross-origin site and then navigating back`
);
await SpecialPowers.pushPrefEnv({
set: [
[
"privacy.partition.always_partition_third_party_non_cookie_storage",
false,
],
],
});
BrowserTestUtils.loadURI(browser, URL1);
await BrowserTestUtils.browserLoaded(browser);

12
dom/tests/mochitest/sessionstorage/frameNotEqual.html
Просмотреть файл

@ -5,29 +5,23 @@
<script type="text/javascript" src="interOriginSlave.js"></script>
<script type="text/javascript">
var aps = document.location.hash.includes("aps");
var xorigin = document.location.hash.includes("xorigin");
var sameOrigin = document.location.origin === "http://mochi.test:8888";
var currentStep = 2;
function doStep()
{
var expect = (!xorigin && aps && sameOrigin) ? 2 : 0;
switch (currentStep)
{
case 2:
is(sessionStorage.length, expect, `Num of items is ${expect}`);
is(sessionStorage.length, 0, "Num of items is 0");
sessionStorage.setItem("C", "3");
is(sessionStorage.getItem("C"), "3", "C is 3 in the slave");
is(sessionStorage.length, expect + 1, `Num of items is ${expect + 1}`);
is(sessionStorage.length, 1, "Num of items is 1");
break;
case 4:
is(sessionStorage.getItem("C"), "3", "C is 3 in the slave");
is(sessionStorage.length, expect + 1, `Num of items is ${expect + 1}`);
is(sessionStorage.length, 1, "Num of items is 1");
break;
case 6:

1
dom/tests/mochitest/sessionstorage/mochitest.ini
Просмотреть файл

@ -11,7 +11,6 @@ support-files =
[test_sessionStorageBase.html]
[test_sessionStorageBaseSessionOnly.html]
[test_sessionStorageClone.html]
[test_sessionStorageClone_alwaysPartitioned.html]
[test_sessionStorageHttpHttps.html]
[test_sessionStorageReplace.html]
[test_sessionStorageUsage.html]

4
dom/tests/mochitest/sessionstorage/test_sessionStorageClone.html
Просмотреть файл

@ -35,10 +35,6 @@ async function doNextTest()
await SpecialPowers.wrap(document).requestStorageAccess();
}
await SpecialPowers.pushPrefEnv({
set: [["privacy.partition.always_partition_third_party_non_cookie_storage", false]],
});
// We must perform the first step of the test
// to prepare the land.
currentStep = 1;

107
dom/tests/mochitest/sessionstorage/test_sessionStorageClone_alwaysPartitioned.html
Просмотреть файл

@ -1,107 +0,0 @@
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<title>sessionStorage clone equal origins</title>
<script src="/tests/SimpleTest/SimpleTest.js"></script>
<script type="text/javascript" src="interOriginTest.js"></script>
<link rel="stylesheet" type="text/css" href="/tests/SimpleTest/test.css" />
<script type="text/javascript">
var currentTest = 1;
var currentStep = 1;
async function doNextTest()
{
// Bug 1746646: Make mochitests work with TCP enabled (cookieBehavior = 5)
// Acquire storage access permission here so that the sessionStorage object is
// shared between this window and the slave in xorigin tests. Without this,
// our storage would be isolated as a xorigin iframe.
if (isXOrigin) {
SpecialPowers.wrap(document).notifyUserGestureActivation();
await SpecialPowers.addPermission(
"storageAccessAPI",
true,
window.location.href
);
await SpecialPowers.wrap(document).requestStorageAccess();
}
await SpecialPowers.pushPrefEnv({
set: [["privacy.partition.always_partition_third_party_non_cookie_storage", true]],
});
// We must perform the first step of the test
// to prepare the land.
currentStep = 1;
doStep();
let hash = "#aps";
if (isXOrigin) hash += "xorigin";
switch (currentTest)
{
case 1:
// Open a window from the same origin and check data
// are copied but not further modified on our side
slaveOrigin = "http://mochi.test:8888";
slave = window.open(slaveOrigin + slavePath + "frameNotEqual.html" + hash);
break;
case 2:
slave.close();
// Open a window from a different origin and check data
// are NOT copied and not modified on our side
slaveOrigin = "https://example.com";
slave = window.open(slaveOrigin + slavePath + "frameNotEqual.html" + hash);
break;
case 3:
slave.close();
sessionStorage.clear();
SimpleTest.finish();
break;
}
++currentTest;
}
function doStep()
{
switch (currentStep)
{
case 1:
sessionStorage.setItem("A", "1");
sessionStorage.setItem("B", "2");
is(sessionStorage.getItem("A"), "1", "A is 1 in the master");
is(sessionStorage.getItem("B"), "2", "B is 2 in the master");
is(sessionStorage.length, 2, "Num of items is 2");
break;
case 3:
is(sessionStorage.getItem("A"), "1", "A is 1 in the master");
is(sessionStorage.getItem("B"), "2", "B is 2 in the master");
is(sessionStorage.getItem("C"), null, "C is null in the master");
is(sessionStorage.length, 2, "Num of items is 2");
sessionStorage.setItem("C", "4");
is(sessionStorage.getItem("C"), "4", "C is 4 in the master");
is(sessionStorage.length, 3, "Num of items is 3");
break;
}
++currentStep;
++currentStep;
return true;
}
SimpleTest.waitForExplicitFinish();
</script>
</head>
<body onload="doNextTest();">
</body>
</html>

2
dom/websocket/tests/test_bug1384658.html
Просмотреть файл

@ -40,8 +40,6 @@ SimpleTest.waitForExplicitFinish();
SpecialPowers.pushPrefEnv({
set: [
["network.cookie.cookieBehavior", 4],
// disable third-party storage isolation so the test works as expected
["privacy.partition.always_partition_third_party_non_cookie_storage", false],
["dom.security.https_first", false]
],
}, test_frameset);

5
dom/workers/test/test_multi_sharedWorker_lifetimes_bfcache.html
Просмотреть файл

@ -127,10 +127,7 @@
SpecialPowers.pushPermissions([{'type': 'storageAccessAPI', 'allow': 1, 'context': document}], () =>{
SpecialPowers.wrap(document).requestStorageAccess().then(() => {
// If Fission is disabled, the pref is no-op.
SpecialPowers.pushPrefEnv({set: [
["fission.bfcacheInParent", true],
["privacy.partition.always_partition_third_party_non_cookie_storage", false],
]}, () => {
SpecialPowers.pushPrefEnv({set: [["fission.bfcacheInParent", true]]}, () => {
testGenerator.next();
});
}).then(() => {

14
dom/workers/test/test_multi_sharedWorker_lifetimes_nobfcache.html
Просмотреть файл

@ -104,15 +104,11 @@
// the iframe containing this page is isolated from first-party storage access,
// which isolates BroadcastChannel communication.
SpecialPowers.wrap(document).notifyUserGestureActivation();
SpecialPowers.pushPrefEnv({
set: [["privacy.partition.always_partition_third_party_non_cookie_storage", false]],
}).then(() => {
SpecialPowers.pushPermissions([{'type': 'storageAccessAPI', 'allow': 1, 'context': document}], () =>{
SpecialPowers.wrap(document).requestStorageAccess().then(() => {
runTest();
}).then(() => {
SpecialPowers.removePermission("3rdPartyStorage^http://mochi.test:8888", "http://mochi.xorigin-test:8888");
});
SpecialPowers.pushPermissions([{'type': 'storageAccessAPI', 'allow': 1, 'context': document}], () =>{
SpecialPowers.wrap(document).requestStorageAccess().then(() => {
runTest();
}).then(() => {
SpecialPowers.removePermission("3rdPartyStorage^http://mochi.test:8888", "http://mochi.xorigin-test:8888");
});
});
} else {

14
dom/workers/test/test_subworkers_suspended.html
Просмотреть файл

@ -122,15 +122,11 @@
// the iframe containing this page is isolated from first-party storage access,
// which isolates BroadcastChannel communication.
SpecialPowers.wrap(document).notifyUserGestureActivation();
SpecialPowers.pushPrefEnv({
set: [["privacy.partition.always_partition_third_party_non_cookie_storage", false]],
}).then(() => {
SpecialPowers.pushPermissions([{'type': 'storageAccessAPI', 'allow': 1, 'context': document}], () =>{
SpecialPowers.wrap(document).requestStorageAccess().then(() => {
runTest();
}).then(() => {
SpecialPowers.removePermission("3rdPartyStorage^http://mochi.test:8888", "http://mochi.xorigin-test:8888");
});
SpecialPowers.pushPermissions([{'type': 'storageAccessAPI', 'allow': 1, 'context': document}], () =>{
SpecialPowers.wrap(document).requestStorageAccess().then(() => {
runTest();
}).then(() => {
SpecialPowers.removePermission("3rdPartyStorage^http://mochi.test:8888", "http://mochi.xorigin-test:8888");
});
});
} else {

14
dom/workers/test/test_suspend.html
Просмотреть файл

@ -167,15 +167,11 @@
// the iframe containing this page is isolated from first-party storage access,
// which isolates BroadcastChannel communication.
SpecialPowers.wrap(document).notifyUserGestureActivation();
SpecialPowers.pushPrefEnv({
set: [["privacy.partition.always_partition_third_party_non_cookie_storage", false]],
}).then(() => {
SpecialPowers.pushPermissions([{'type': 'storageAccessAPI', 'allow': 1, 'context': document}], () =>{
SpecialPowers.wrap(document).requestStorageAccess().then(() => {
runTest();
}).then(() => {
SpecialPowers.removePermission("3rdPartyStorage^http://mochi.test:8888", "http://mochi.xorigin-test:8888");
});
SpecialPowers.pushPermissions([{'type': 'storageAccessAPI', 'allow': 1, 'context': document}], () =>{
SpecialPowers.wrap(document).requestStorageAccess().then(() => {
runTest();
}).then(() => {
SpecialPowers.removePermission("3rdPartyStorage^http://mochi.test:8888", "http://mochi.xorigin-test:8888");
});
});
} else {

2
js/xpconnect/src/BackstagePass.h
Просмотреть файл

@ -35,8 +35,6 @@ class BackstagePass final : public nsIGlobalObject,
nsIPrincipal* GetPrincipal() override { return mPrincipal; }
nsIPrincipal* GetEffectiveCookiePrincipal() override { return mPrincipal; }
nsIPrincipal* GetEffectiveStoragePrincipal() override { return mPrincipal; }
nsIPrincipal* PartitionedPrincipal() override { return mPrincipal; }

2
js/xpconnect/src/SandboxPrivate.h
Просмотреть файл

@ -56,8 +56,6 @@ class SandboxPrivate : public nsIGlobalObject,
nsIPrincipal* GetPrincipal() override { return mPrincipal; }
nsIPrincipal* GetEffectiveCookiePrincipal() override { return mPrincipal; }
nsIPrincipal* GetEffectiveStoragePrincipal() override { return mPrincipal; }
nsIPrincipal* PartitionedPrincipal() override { return mPrincipal; }

10
layout/base/tests/test_bug607529.html
Просмотреть файл

@ -99,13 +99,9 @@ https://bugzilla.mozilla.org/show_bug.cgi?id=607529
// the iframe containing this page is isolated from first-party storage access,
// which isolates BroadcastChannel communication.
SpecialPowers.wrap(document).notifyUserGestureActivation();
SpecialPowers.pushPrefEnv({
set: [["privacy.partition.always_partition_third_party_non_cookie_storage", false]],
}).then(() => {
SpecialPowers.addPermission("storageAccessAPI", true, window.location.href).then(() => {
SpecialPowers.wrap(document).requestStorageAccess().then(() => {
executeTest();
});
SpecialPowers.addPermission("storageAccessAPI", true, window.location.href).then(() =>{
SpecialPowers.wrap(document).requestStorageAccess().then(() => {
executeTest();
});
});
} else {

6
modules/libpref/init/StaticPrefList.yaml
Просмотреть файл

@ -11976,12 +11976,6 @@
value: true
mirror: always
# Always partition web storage APIs except cookies.
- name: privacy.partition.always_partition_third_party_non_cookie_storage
type: RelaxedAtomicBool
value: @IS_NIGHTLY_BUILD@
mirror: always
- name: privacy.partition.bloburl_per_agent_cluster
type: RelaxedAtomicBool
value: false

2
netwerk/cookie/CookieCommons.cpp
Просмотреть файл

@ -329,7 +329,7 @@ already_AddRefed<Cookie> CookieCommons::CreateCookieFromDocument(
aHasExistingCookiesLambda,
nsIURI** aDocumentURI, nsACString& aBaseDomain, OriginAttributes& aAttrs) {
nsCOMPtr<nsIPrincipal> storagePrincipal =
aDocument->EffectiveCookiePrincipal();
aDocument->EffectiveStoragePrincipal();
MOZ_ASSERT(storagePrincipal);
nsCOMPtr<nsIURI> principalURI;

2
netwerk/cookie/CookieService.cpp
Просмотреть файл

@ -356,7 +356,7 @@ CookieService::GetCookieStringFromDocument(Document* aDocument,
return NS_OK;
}
nsCOMPtr<nsIPrincipal> principal = aDocument->EffectiveCookiePrincipal();
nsCOMPtr<nsIPrincipal> principal = aDocument->EffectiveStoragePrincipal();
if (!CookieCommons::IsSchemeSupported(principal)) {
return NS_OK;

2
netwerk/cookie/CookieServiceChild.cpp
Просмотреть файл

@ -342,7 +342,7 @@ CookieServiceChild::GetCookieStringFromDocument(dom::Document* aDocument,
aCookieString.Truncate();
nsCOMPtr<nsIPrincipal> principal = aDocument->EffectiveCookiePrincipal();
nsCOMPtr<nsIPrincipal> principal = aDocument->EffectiveStoragePrincipal();
if (!CookieCommons::IsSchemeSupported(principal)) {
return NS_OK;

1
taskcluster/ci/test/variants.yml
Просмотреть файл

@ -114,7 +114,6 @@ xorigin:
mozharness:
extra-options:
- "--enable-xorigin-tests"
- "--setpref=privacy.partition.always_partition_third_party_non_cookie_storage=false"
conditioned_profile:
description: "{description} with conditioned profile"

2
testing/profiles/web-platform/user.js
Просмотреть файл

@ -78,5 +78,3 @@ user_pref("dom.workers.requestAnimationFrame", true);
user_pref("layout.css.font-loading-api.workers.enabled", true);
// Enable WebDriver BiDi experimental commands and events during tests.
user_pref("remote.experimental.enabled", true);
// Disable always partitioning storage with the Storage Access API
user_pref("privacy.partition.always_partition_third_party_non_cookie_storage", false);

31
toolkit/components/antitracking/ContentBlockingNotifier.cpp
Просмотреть файл

@ -215,26 +215,25 @@ void ReportBlockingToConsole(uint64_t aWindowID, nsIURI* aURI,
void ReportBlockingToConsole(nsIChannel* aChannel, nsIURI* aURI,
uint32_t aRejectedReason) {
MOZ_ASSERT(aChannel && aURI);
uint64_t windowID = nsContentUtils::GetInnerWindowID(aChannel);
if (!windowID) {
// Get the window ID from the target BrowsingContext
nsCOMPtr<nsILoadInfo> loadInfo = aChannel->LoadInfo();
RefPtr<dom::BrowsingContext> targetBrowsingContext;
loadInfo->GetTargetBrowsingContext(getter_AddRefs(targetBrowsingContext));
// Get the window ID from the target BrowsingContext
nsCOMPtr<nsILoadInfo> loadInfo = aChannel->LoadInfo();
if (!targetBrowsingContext) {
return;
}
RefPtr<dom::BrowsingContext> targetBrowsingContext;
loadInfo->GetTargetBrowsingContext(getter_AddRefs(targetBrowsingContext));
WindowContext* windowContext =
targetBrowsingContext->GetCurrentWindowContext();
if (!windowContext) {
return;
}
windowID = windowContext->InnerWindowId();
if (!targetBrowsingContext) {
return;
}
WindowContext* windowContext =
targetBrowsingContext->GetCurrentWindowContext();
if (!windowContext) {
return;
}
uint64_t windowID = windowContext->InnerWindowId();
ReportBlockingToConsole(windowID, aURI, aRejectedReason);
}

10
toolkit/components/antitracking/StorageAccess.cpp
Просмотреть файл

@ -249,16 +249,6 @@ StorageAccess StorageAllowedForWindow(nsPIDOMWindowInner* aWindow,
}
StorageAccess StorageAllowedForDocument(const Document* aDoc) {
StorageAccess cookieAllowed = CookieAllowedForDocument(aDoc);
if (StaticPrefs::
privacy_partition_always_partition_third_party_non_cookie_storage() &&
cookieAllowed > StorageAccess::eDeny) {
return StorageAccess::ePartitionForeignOrDeny;
}
return cookieAllowed;
}
StorageAccess CookieAllowedForDocument(const Document* aDoc) {
MOZ_ASSERT(aDoc);
if (nsPIDOMWindowInner* inner = aDoc->GetInnerWindow()) {

2
toolkit/components/antitracking/StorageAccess.h
Просмотреть файл

@ -70,8 +70,6 @@ StorageAccess StorageAllowedForWindow(nsPIDOMWindowInner* aWindow,
*/
StorageAccess StorageAllowedForDocument(const dom::Document* aDoc);
StorageAccess CookieAllowedForDocument(const dom::Document* aDoc);
/*
* Checks if storage should be allowed for a new window with the given
* principal, load URI, and parent.

57
toolkit/components/antitracking/test/browser/antitracking_head.js
Просмотреть файл

@ -636,16 +636,10 @@ this.AntiTracking = {
}
let cookieBlocked = 0;
let { expectedBlockingNotifications } = options;
if (!Array.isArray(expectedBlockingNotifications)) {
expectedBlockingNotifications = [expectedBlockingNotifications];
}
let listener = {
onContentBlockingEvent(webProgress, request, event) {
for (const notification of expectedBlockingNotifications) {
if (event & notification) {
++cookieBlocked;
}
if (event & options.expectedBlockingNotifications) {
++cookieBlocked;
}
},
};
@ -896,34 +890,25 @@ this.AntiTracking = {
return false;
}
});
let expectedCategory = "";
// When changing this list, please make sure to update the corresponding
// code in ReportBlockingToConsole().
let expectedCategories = [];
let rawExpectedCategories = options.expectedBlockingNotifications;
if (!Array.isArray(rawExpectedCategories)) {
// if given a single value to match, expect each message to match it
rawExpectedCategories = Array(allMessages.length).fill(
rawExpectedCategories
);
}
for (let category of rawExpectedCategories) {
switch (category) {
case Ci.nsIWebProgressListener.STATE_COOKIES_BLOCKED_BY_PERMISSION:
expectedCategories.push("cookieBlockedPermission");
break;
case Ci.nsIWebProgressListener.STATE_COOKIES_BLOCKED_TRACKER:
expectedCategories.push("cookieBlockedTracker");
break;
case Ci.nsIWebProgressListener.STATE_COOKIES_BLOCKED_ALL:
expectedCategories.push("cookieBlockedAll");
break;
case Ci.nsIWebProgressListener.STATE_COOKIES_BLOCKED_FOREIGN:
expectedCategories.push("cookieBlockedForeign");
break;
}
switch (options.expectedBlockingNotifications) {
case Ci.nsIWebProgressListener.STATE_COOKIES_BLOCKED_BY_PERMISSION:
expectedCategory = "cookieBlockedPermission";
break;
case Ci.nsIWebProgressListener.STATE_COOKIES_BLOCKED_TRACKER:
expectedCategory = "cookieBlockedTracker";
break;
case Ci.nsIWebProgressListener.STATE_COOKIES_BLOCKED_ALL:
expectedCategory = "cookieBlockedAll";
break;
case Ci.nsIWebProgressListener.STATE_COOKIES_BLOCKED_FOREIGN:
expectedCategory = "cookieBlockedForeign";
break;
}
if (!expectedCategories.length) {
if (expectedCategory == "") {
is(allMessages.length, 0, "No console messages should be generated");
} else {
ok(!!allMessages.length, "Some console message should be generated");
@ -939,8 +924,8 @@ this.AntiTracking = {
for (let msg of allMessages) {
is(
msg.category,
expectedCategories[index],
`Message ${index} should be of expected category`
expectedCategory,
"Message should be of expected category"
);
if (options.errorMessageDomains) {
@ -962,10 +947,6 @@ this.AntiTracking = {
win.gBrowser.removeProgressListener(listener);
if (!!cookieBlocked != !!options.expectedBlockingNotifications) {
ok(false, JSON.stringify(cookieBlocked));
ok(false, JSON.stringify(options.expectedBlockingNotifications));
}
is(
!!cookieBlocked,
!!options.expectedBlockingNotifications,

6
toolkit/components/antitracking/test/browser/browser-blocking.ini
Просмотреть файл

@ -41,12 +41,6 @@ support-files =
[browser_blockingCookies.js]
skip-if = socketprocess_networking
[browser_blockingDOMCacheSAA.js]
skip-if = socketprocess_networking
[browser_blockingDOMCacheAlwaysPartition.js]
skip-if = socketprocess_networking
[browser_blockingDOMCacheAlwaysPartitionSAA.js]
skip-if = socketprocess_networking
[browser_blockingDOMCache.js]
[browser_blockingIndexedDb.js]
skip-if = os == 'linux' && socketprocess_networking

12
toolkit/components/antitracking/test/browser/browser.ini
Просмотреть файл

@ -60,7 +60,6 @@ support-files =
[browser_aboutblank.js]
[browser_allowListNotifications.js]
[browser_allowListNotifications_alwaysPartition.js]
support-files = subResources.sjs
[browser_addonHostPermissionIgnoredInTP.js]
[browser_allowListSeparationInPrivateAndNormalWindows.js]
@ -71,16 +70,13 @@ skip-if = os == "mac" && !debug # Bug 1503778, 1577362
[browser_fileUrl.js]
[browser_firstPartyCookieRejectionHonoursAllowList.js]
[browser_hasStorageAccess.js]
[browser_hasStorageAccess_alwaysPartition.js]
[browser_iframe_document_open.js]
[browser_imageCache4.js]
[browser_imageCache8.js]
[browser_onBeforeRequestNotificationForTrackingResources.js]
[browser_onModifyRequestNotificationForTrackingResources.js]
[browser_permissionInNormalWindows.js]
[browser_permissionInNormalWindows_alwaysPartition.js]
[browser_permissionInPrivateWindows.js]
[browser_permissionInPrivateWindows_alwaysPartition.js]
[browser_permissionPropagation.js]
skip-if =
os == "linux" && bits == 64 # Bug 1645505
@ -92,8 +88,6 @@ support-files = referrer.sjs
support-files = subResources.sjs
[browser_subResourcesPartitioned.js]
support-files = subResources.sjs
[browser_subResourcesPartitioned_alwaysPartition.js]
support-files = subResources.sjs
[browser_script.js]
support-files = tracker.js
[browser_userInteraction.js]
@ -115,20 +109,15 @@ skip-if = debug # Bug 1700551
[browser_storageAccessGrantedGivesUserInteraction.js]
[browser_storageAccessPrivilegeAPI.js]
[browser_storageAccessPromiseRejectHandlerUserInteraction.js]
[browser_storageAccessPromiseRejectHandlerUserInteraction_alwaysPartition.js]
[browser_storageAccessPromiseResolveHandlerUserInteraction.js]
[browser_storageAccessRemovalNavigateSubframe.js]
[browser_storageAccessRemovalNavigateSubframe_alwaysPartition.js]
[browser_storageAccessRemovalNavigateTopframe.js]
[browser_storageAccessRemovalNavigateTopframe_alwaysPartition.js]
[browser_storageAccessSandboxed.js]
[browser_storageAccessSandboxed_alwaysPartition.js]
[browser_storageAccessScopeDifferentSite.js]
[browser_storageAccessScopeSameOrigin.js]
[browser_storageAccessScopeSameSiteRead.js]
[browser_storageAccessScopeSameSiteWrite.js]
[browser_storageAccessThirdPartyChecks.js]
[browser_storageAccessThirdPartyChecks_alwaysPartition.js]
[browser_storageAccessWithDynamicFpi.js]
[browser_storageAccessWithHeuristics.js]
[browser_allowPermissionForTracker.js]
@ -156,7 +145,6 @@ support-files = sharedWorker.js partitionedSharedWorker.js
[browser_socialtracking_save_image.js]
[browser_thirdPartyStorageRejectionForCORS.js]
[browser_urlDecorationStripping.js]
[browser_urlDecorationStripping_alwaysPartition.js]
tags = remote-settings
[browser_urlQueryStringStripping_allowList.js]
support-files = file_stripping.html

4
toolkit/components/antitracking/test/browser/browser_allowListNotifications.js
Просмотреть файл

@ -15,10 +15,6 @@ add_task(async function() {
["privacy.trackingprotection.enabled", false],
["privacy.trackingprotection.pbmode.enabled", false],
["privacy.trackingprotection.annotate_channels", true],
[
"privacy.partition.always_partition_third_party_non_cookie_storage",
false,
],
],
});

142
toolkit/components/antitracking/test/browser/browser_allowListNotifications_alwaysPartition.js
Просмотреть файл

@ -1,142 +0,0 @@
add_task(async function() {
info("Starting subResources test");
await SpecialPowers.flushPrefEnv();
await SpecialPowers.pushPrefEnv({
set: [
[
"network.cookie.cookieBehavior",
Ci.nsICookieService.BEHAVIOR_REJECT_TRACKER,
],
[
"network.cookie.cookieBehavior.pbmode",
Ci.nsICookieService.BEHAVIOR_REJECT_TRACKER,
],
["privacy.trackingprotection.enabled", false],
["privacy.trackingprotection.pbmode.enabled", false],
["privacy.trackingprotection.annotate_channels", true],
[
"privacy.partition.always_partition_third_party_non_cookie_storage",
true,
],
],
});
await UrlClassifierTestUtils.addTestTrackers();
info("Creating a new tab");
let tab = BrowserTestUtils.addTab(gBrowser, TEST_TOP_PAGE);
gBrowser.selectedTab = tab;
let browser = gBrowser.getBrowserForTab(tab);
await BrowserTestUtils.browserLoaded(browser);
gProtectionsHandler.disableForCurrentPage();
// The previous function reloads the browser, so wait for it to load again!
await BrowserTestUtils.browserLoaded(browser);
// Now load subresources from a few third-party origins.
// We should expect to see none of these origins in the content blocking log at the end.
await fetch(
"https://test1.example.com/browser/toolkit/components/antitracking/test/browser/subResources.sjs?result&what=image"
)
.then(r => r.text())
.then(text => {
is(text, "0", "Cookies received for images");
});
await fetch(
"https://test2.example.com/browser/toolkit/components/antitracking/test/browser/subResources.sjs?result&what=image"
)
.then(r => r.text())
.then(text => {
is(text, "0", "Cookies received for images");
});
info("Creating a 3rd party content");
await SpecialPowers.spawn(
browser,
[
{
page: TEST_3RD_PARTY_PAGE,
blockingCallback: (async _ => {}).toString(),
nonBlockingCallback: (async _ => {}).toString(),
},
],
async function(obj) {
await new content.Promise(resolve => {
let ifr = content.document.createElement("iframe");
ifr.onload = function() {
info("Sending code to the 3rd party content");
ifr.contentWindow.postMessage(obj.blockingCallback, "*");
};
content.addEventListener("message", function msg(event) {
if (event.data.type == "finish") {
content.removeEventListener("message", msg);
resolve();
return;
}
if (event.data.type == "ok") {
ok(event.data.what, event.data.msg);
return;
}
if (event.data.type == "info") {
info(event.data.msg);
return;
}
ok(false, "Unknown message");
});
content.document.body.appendChild(ifr);
ifr.src = obj.page;
});
}
);
const nsIWPL = Ci.nsIWebProgressListener;
let expectTrackerFound = (item, expect) => {
is(item[0], expect, "Correct blocking type reported");
is(item[1], true, "Correct blocking status reported");
ok(item[2] >= 1, "Correct repeat count reported");
};
let log = JSON.parse(await browser.getContentBlockingLog());
for (let trackerOrigin in log) {
is(
trackerOrigin + "/",
TEST_3RD_PARTY_DOMAIN,
"Correct tracker origin must be reported"
);
let originLog = log[trackerOrigin];
is(originLog.length, 1, "We should have one entry in the compressed log");
expectTrackerFound(
originLog[0],
nsIWPL.STATE_LOADED_LEVEL_1_TRACKING_CONTENT
);
}
gProtectionsHandler.enableForCurrentPage();
// The previous function reloads the browser, so wait for it to load again!
await BrowserTestUtils.browserLoaded(browser);
info("Removing the tab");
BrowserTestUtils.removeTab(tab);
UrlClassifierTestUtils.cleanupTestTrackers();
});
add_task(async function() {
info("Cleaning up.");
await new Promise(resolve => {
Services.clearData.deleteData(Ci.nsIClearDataService.CLEAR_ALL, value =>
resolve()
);
});
});

86
toolkit/components/antitracking/test/browser/browser_blockingDOMCache.js
Просмотреть файл

@ -31,11 +31,83 @@ AntiTracking.runTest(
);
});
},
[
["dom.caches.testing.enabled", true],
[
"privacy.partition.always_partition_third_party_non_cookie_storage",
false,
],
]
[["dom.caches.testing.enabled", true]]
);
AntiTracking.runTest(
"DOM Cache and Storage Access API",
async _ => {
/* import-globals-from storageAccessAPIHelpers.js */
await noStorageAccessInitially();
await caches.open("wow").then(
_ => {
ok(false, "DOM Cache cannot be used!");
},
_ => {
ok(true, "DOM Cache cannot be used!");
}
);
/* import-globals-from storageAccessAPIHelpers.js */
await callRequestStorageAccess();
let effectiveCookieBehavior = SpecialPowers.isContentWindowPrivate(window)
? SpecialPowers.Services.prefs.getIntPref(
"network.cookie.cookieBehavior.pbmode"
)
: SpecialPowers.Services.prefs.getIntPref(
"network.cookie.cookieBehavior"
);
let shouldThrow = [
SpecialPowers.Ci.nsICookieService.BEHAVIOR_REJECT,
SpecialPowers.Ci.nsICookieService.BEHAVIOR_REJECT_FOREIGN,
].includes(effectiveCookieBehavior);
await caches.open("wow").then(
_ => {
ok(!shouldThrow, "DOM Cache can be used!");
},
_ => {
ok(shouldThrow, "DOM Cache can be used!");
}
);
},
async _ => {
/* import-globals-from storageAccessAPIHelpers.js */
await hasStorageAccessInitially();
await caches.open("wow").then(
_ => {
ok(true, "DOM Cache can be used!");
},
_ => {
ok(false, "DOM Cache can be used!");
}
);
/* import-globals-from storageAccessAPIHelpers.js */
await callRequestStorageAccess();
// For non-tracking windows, calling the API is a no-op
await caches.open("wow").then(
_ => {
ok(true, "DOM Cache can be used!");
},
_ => {
ok(false, "DOM Cache can be used!");
}
);
},
async _ => {
await new Promise(resolve => {
Services.clearData.deleteData(Ci.nsIClearDataService.CLEAR_ALL, value =>
resolve()
);
});
},
[["dom.caches.testing.enabled", true]],
false,
false
);

56
toolkit/components/antitracking/test/browser/browser_blockingDOMCacheAlwaysPartition.js
Просмотреть файл

@ -1,56 +0,0 @@
/* import-globals-from antitracking_head.js */
requestLongerTimeout(2);
AntiTracking.runTest(
"DOM Cache Always Partition Storage",
async _ => {
let effectiveCookieBehavior = SpecialPowers.isContentWindowPrivate(window)
? SpecialPowers.Services.prefs.getIntPref(
"network.cookie.cookieBehavior.pbmode"
)
: SpecialPowers.Services.prefs.getIntPref(
"network.cookie.cookieBehavior"
);
// caches.open still fails for cookieBehavior 2 (reject) and
// 1 (reject for third parties), so we need to account for that.
let shouldFail =
effectiveCookieBehavior ==
SpecialPowers.Ci.nsICookieService.BEHAVIOR_REJECT ||
(effectiveCookieBehavior ==
SpecialPowers.Ci.nsICookieService.BEHAVIOR_REJECT_FOREIGN &&
!document.location.href.includes("3rdPartyWO") &&
!document.location.href.includes("3rdPartyUI"));
await caches.open("wow").then(
_ => {
ok(!shouldFail, "DOM Cache can be used!");
},
_ => {
ok(shouldFail, "DOM Cache can be used!");
}
);
},
async _ => {
await caches.open("wow").then(
_ => {
ok(true, "DOM Cache can be used!");
},
_ => {
ok(false, "DOM Cache can be used!");
}
);
},
async _ => {
await new Promise(resolve => {
Services.clearData.deleteData(Ci.nsIClearDataService.CLEAR_ALL, value =>
resolve()
);
});
},
[
["dom.caches.testing.enabled", true],
["privacy.partition.always_partition_third_party_non_cookie_storage", true],
]
);

82
toolkit/components/antitracking/test/browser/browser_blockingDOMCacheAlwaysPartitionSAA.js
Просмотреть файл

@ -1,82 +0,0 @@
/* import-globals-from antitracking_head.js */
requestLongerTimeout(2);
AntiTracking.runTest(
"DOM Cache Always Partition Storage and Storage Access API",
async _ => {
await noStorageAccessInitially();
let effectiveCookieBehavior = SpecialPowers.isContentWindowPrivate(window)
? SpecialPowers.Services.prefs.getIntPref(
"network.cookie.cookieBehavior.pbmode"
)
: SpecialPowers.Services.prefs.getIntPref(
"network.cookie.cookieBehavior"
);
let shouldThrow = [
SpecialPowers.Ci.nsICookieService.BEHAVIOR_REJECT,
SpecialPowers.Ci.nsICookieService.BEHAVIOR_REJECT_FOREIGN,
].includes(effectiveCookieBehavior);
await caches.open("wow").then(
_ => {
ok(!shouldThrow, "DOM Cache can be used!");
},
_ => {
ok(shouldThrow, "DOM Cache can be used!");
}
);
await callRequestStorageAccess();
await caches.open("wow").then(
_ => {
ok(!shouldThrow, "DOM Cache can be used!");
},
_ => {
ok(shouldThrow, "DOM Cache can be used!");
}
);
},
async _ => {
/* import-globals-from storageAccessAPIHelpers.js */
await hasStorageAccessInitially();
await caches.open("wow").then(
_ => {
ok(true, "DOM Cache can be used!");
},
_ => {
ok(false, "DOM Cache can be used!");
}
);
/* import-globals-from storageAccessAPIHelpers.js */
await callRequestStorageAccess();
// For non-tracking windows, calling the API is a no-op
await caches.open("wow").then(
_ => {
ok(true, "DOM Cache can be used!");
},
_ => {
ok(false, "DOM Cache can be used!");
}
);
},
async _ => {
await new Promise(resolve => {
Services.clearData.deleteData(Ci.nsIClearDataService.CLEAR_ALL, value =>
resolve()
);
});
},
[
["dom.caches.testing.enabled", true],
["privacy.partition.always_partition_third_party_non_cookie_storage", true],
],
false,
false
);

87
toolkit/components/antitracking/test/browser/browser_blockingDOMCacheSAA.js
Просмотреть файл

@ -1,87 +0,0 @@
/* import-globals-from antitracking_head.js */
requestLongerTimeout(2);
AntiTracking.runTest(
"DOM Cache and Storage Access API",
async _ => {
/* import-globals-from storageAccessAPIHelpers.js */
await noStorageAccessInitially();
await caches.open("wow").then(
_ => {
ok(false, "DOM Cache cannot be used!");
},
_ => {
ok(true, "DOM Cache cannot be used!");
}
);
/* import-globals-from storageAccessAPIHelpers.js */
await callRequestStorageAccess();
let effectiveCookieBehavior = SpecialPowers.isContentWindowPrivate(window)
? SpecialPowers.Services.prefs.getIntPref(
"network.cookie.cookieBehavior.pbmode"
)
: SpecialPowers.Services.prefs.getIntPref(
"network.cookie.cookieBehavior"
);
let shouldThrow = [
SpecialPowers.Ci.nsICookieService.BEHAVIOR_REJECT,
SpecialPowers.Ci.nsICookieService.BEHAVIOR_REJECT_FOREIGN,
].includes(effectiveCookieBehavior);
await caches.open("wow").then(
_ => {
ok(!shouldThrow, "DOM Cache can be used!");
},
_ => {
ok(shouldThrow, "DOM Cache can be used!");
}
);
},
async _ => {
/* import-globals-from storageAccessAPIHelpers.js */
await hasStorageAccessInitially();
await caches.open("wow").then(
_ => {
ok(true, "DOM Cache can be used!");
},
_ => {
ok(false, "DOM Cache can be used!");
}
);
/* import-globals-from storageAccessAPIHelpers.js */
await callRequestStorageAccess();
// For non-tracking windows, calling the API is a no-op
await caches.open("wow").then(
_ => {
ok(true, "DOM Cache can be used!");
},
_ => {
ok(false, "DOM Cache can be used!");
}
);
},
async _ => {
await new Promise(resolve => {
Services.clearData.deleteData(Ci.nsIClearDataService.CLEAR_ALL, value =>
resolve()
);
});
},
[
["dom.caches.testing.enabled", true],
[
"privacy.partition.always_partition_third_party_non_cookie_storage",
false,
],
],
false,
false
);

7
toolkit/components/antitracking/test/browser/browser_hasStorageAccess.js
Просмотреть файл

@ -173,12 +173,7 @@ var testCases = [
cookieBehavior: test.behavior,
allowList: false,
callback,
extraPrefs: [
[
"privacy.partition.always_partition_third_party_non_cookie_storage",
false,
],
],
extraPrefs: null,
expectedBlockingNotifications: 0,
runInPrivateWindow: false,
iframeSandbox: null,

214
toolkit/components/antitracking/test/browser/browser_hasStorageAccess_alwaysPartition.js
Просмотреть файл

@ -1,214 +0,0 @@
// This test ensures HasStorageAccess API returns the right value under different
// scenarios.
/* import-globals-from antitracking_head.js */
var settings = [
// same-origin no-tracker
{
name: "Test whether same-origin non-tracker frame has storage access",
topPage: TEST_TOP_PAGE,
thirdPartyPage: TEST_DOMAIN + TEST_PATH + "3rdParty.html",
},
// 3rd-party no-tracker
{
name: "Test whether 3rd-party non-tracker frame has storage access",
topPage: TEST_TOP_PAGE,
thirdPartyPage: TEST_4TH_PARTY_PAGE,
},
// 3rd-party no-tracker with permission
{
name:
"Test whether 3rd-party non-tracker frame has storage access when storage permission is granted before",
topPage: TEST_TOP_PAGE,
thirdPartyPage: TEST_4TH_PARTY_PAGE,
setup: () => {
let type = "3rdPartyStorage^http://not-tracking.example.com";
let permission = Services.perms.ALLOW_ACTION;
let expireType = Services.perms.EXPIRE_SESSION;
PermissionTestUtils.add(TEST_DOMAIN, type, permission, expireType, 0);
registerCleanupFunction(_ => {
Services.perms.removeAll();
});
},
},
// 3rd-party tracker
{
name: "Test whether 3rd-party tracker frame has storage access",
topPage: TEST_TOP_PAGE,
thirdPartyPage: TEST_3RD_PARTY_PAGE,
},
// 3rd-party tracker with permission
{
name:
"Test whether 3rd-party tracker frame has storage access when storage access permission is granted before",
topPage: TEST_TOP_PAGE,
thirdPartyPage: TEST_3RD_PARTY_PAGE,
setup: () => {
let type = "3rdPartyStorage^https://tracking.example.org";
let permission = Services.perms.ALLOW_ACTION;
let expireType = Services.perms.EXPIRE_SESSION;
PermissionTestUtils.add(TEST_DOMAIN, type, permission, expireType, 0);
registerCleanupFunction(_ => {
Services.perms.removeAll();
});
},
},
// same-site 3rd-party tracker
{
name: "Test whether same-site 3rd-party tracker frame has storage access",
topPage: TEST_TOP_PAGE,
thirdPartyPage: TEST_ANOTHER_3RD_PARTY_PAGE,
},
// same-origin 3rd-party tracker
{
name: "Test whether same-origin 3rd-party tracker frame has storage access",
topPage: TEST_ANOTHER_3RD_PARTY_DOMAIN + TEST_PATH + "page.html",
thirdPartyPage: TEST_ANOTHER_3RD_PARTY_PAGE,
},
];
const allBlocked = Ci.nsIWebProgressListener.STATE_COOKIES_BLOCKED_ALL;
const foreignBlocked = Ci.nsIWebProgressListener.STATE_COOKIES_BLOCKED_FOREIGN;
const trackerBlocked = Ci.nsIWebProgressListener.STATE_COOKIES_BLOCKED_TRACKER;
var testCases = [
{
behavior: BEHAVIOR_ACCEPT, // 0
cases: [
[true] /* same-origin non-tracker */,
[true] /* 3rd-party non-tracker */,
[true] /* 3rd-party non-tracker with permission */,
[true] /* 3rd-party tracker */,
[true] /* 3rd-party tracker with permission */,
[true] /* same-site tracker */,
[true] /* same-origin tracker */,
],
},
{
behavior: BEHAVIOR_REJECT_FOREIGN, // 1
cases: [
[true] /* same-origin non-tracker */,
[false, foreignBlocked] /* 3rd-party non-tracker */,
[
SpecialPowers.Services.prefs.getBoolPref(
"network.cookie.rejectForeignWithExceptions.enabled"
),
foreignBlocked,
] /* 3rd-party tracker with permission */,
[false, foreignBlocked] /* 3rd-party tracker */,
[
SpecialPowers.Services.prefs.getBoolPref(
"network.cookie.rejectForeignWithExceptions.enabled"
),
foreignBlocked,
] /* 3rd-party non-tracker with permission */,
[true] /* same-site tracker */,
[true] /* same-origin tracker */,
],
},
{
behavior: BEHAVIOR_REJECT, // 2
cases: [
[false, allBlocked] /* same-origin non-tracker */,
[false, allBlocked] /* 3rd-party non-tracker */,
[false, allBlocked] /* 3rd-party non-tracker with permission */,
[false, allBlocked] /* 3rd-party tracker */,
[false, allBlocked] /* 3rd-party tracker with permission */,
[false, allBlocked] /* same-site tracker */,
[false, allBlocked] /* same-origin tracker */,
],
},
{
behavior: BEHAVIOR_LIMIT_FOREIGN, // 3
cases: [
[true] /* same-origin non-tracker */,
[false, foreignBlocked] /* 3rd-party non-tracker */,
[false, foreignBlocked] /* 3rd-party non-tracker with permission */,
[false, foreignBlocked] /* 3rd-party tracker */,
[false, foreignBlocked] /* 3rd-party tracker with permission */,
[true] /* same-site tracker */,
[true] /* same-origin tracker */,
],
},
{
behavior: BEHAVIOR_REJECT_TRACKER, // 4
cases: [
[true] /* same-origin non-tracker */,
[true] /* 3rd-party non-tracker */,
[true] /* 3rd-party non-tracker with permission */,
[false, trackerBlocked] /* 3rd-party tracker */,
[true] /* 3rd-party tracker with permission */,
[true] /* same-site tracker */,
[true] /* same-origin tracker */,
],
},
{
behavior: BEHAVIOR_REJECT_TRACKER_AND_PARTITION_FOREIGN, // 5
cases: [
[true] /* same-origin non-tracker */,
[false] /* 3rd-party non-tracker */,
[true] /* 3rd-party non-tracker with permission */,
[false, trackerBlocked] /* 3rd-party tracker */,
[true] /* 3rd-party tracker with permission */,
[true] /* same-site tracker */,
[true] /* same-origin tracker */,
],
},
];
(function() {
settings.forEach(setting => {
ok(true, JSON.stringify(setting));
if (setting.setup) {
add_task(async _ => {
setting.setup();
});
}
testCases.forEach(test => {
let [hasStorageAccess, expectedBlockingNotifications] = test.cases[
settings.indexOf(setting)
];
let callback = hasStorageAccess
? async _ => {
/* import-globals-from storageAccessAPIHelpers.js */
await hasStorageAccessInitially();
}
: async _ => {
/* import-globals-from storageAccessAPIHelpers.js */
await noStorageAccessInitially();
};
AntiTracking._createTask({
name: setting.name,
cookieBehavior: test.behavior,
allowList: false,
callback,
extraPrefs: [
[
"privacy.partition.always_partition_third_party_non_cookie_storage",
true,
],
],
expectedBlockingNotifications,
runInPrivateWindow: false,
iframeSandbox: null,
accessRemoval: null,
callbackAfterRemoval: null,
topPage: setting.topPage,
thirdPartyPage: setting.thirdPartyPage,
});
});
add_task(async _ => {
await new Promise(resolve => {
Services.clearData.deleteData(Ci.nsIClearDataService.CLEAR_ALL, value =>
resolve()
);
});
});
});
})();

6
toolkit/components/antitracking/test/browser/browser_partitionedCookies.js
Просмотреть файл

@ -103,8 +103,7 @@ PartitionedStorageHelper.runPartitioningTestInNormalAndPrivateMode(
resolve()
);
});
},
true
}
);
PartitionedStorageHelper.runPartitioningTestInNormalAndPrivateMode(
@ -134,6 +133,5 @@ PartitionedStorageHelper.runPartitioningTestInNormalAndPrivateMode(
resolve()
);
});
},
true
}
);

48
toolkit/components/antitracking/test/browser/browser_partitionedDOMCache.js
Просмотреть файл

@ -1,11 +1,9 @@
/* import-globals-from partitionedstorage_head.js */
const APS_PREF =
"privacy.partition.always_partition_third_party_non_cookie_storage";
PartitionedStorageHelper.runTest(
"DOMCache",
async (win3rdParty, win1stParty, allowed) => {
// DOM Cache is not supported. Always blocked.
await win3rdParty.caches.open("wow").then(
_ => {
ok(allowed, "DOM Cache cannot be used!");
@ -32,46 +30,6 @@ PartitionedStorageHelper.runTest(
);
});
},
[
["dom.caches.testing.enabled", true],
[APS_PREF, false],
]
);
PartitionedStorageHelper.runTest(
"DOMCache",
async (win3rdParty, win1stParty, allowed) => {
await win1stParty.caches.open("wow").then(
async cache => {
ok(true, "DOM Cache should be available");
await cache.add("/");
},
_ => {
ok(false, "DOM Cache should be available");
}
);
await win3rdParty.caches.open("wow").then(
async cache => {
ok(true, "DOM Cache can be used!");
is(undefined, await cache.match("/"), "DOM Cache is partitioned");
},
_ => {
ok(false, "DOM Cache cannot be used!");
}
);
},
async _ => {
await new Promise(resolve => {
Services.clearData.deleteData(Ci.nsIClearDataService.CLEAR_ALL, value =>
resolve()
);
});
},
[
["dom.caches.testing.enabled", true],
[APS_PREF, true],
]
[["dom.caches.testing.enabled", true]]
);

7
toolkit/components/antitracking/test/browser/browser_partitionedIndexedDB.js
Просмотреть файл

@ -28,7 +28,12 @@ PartitionedStorageHelper.runTest(
a.onsuccess = e => {
let db = e.target.result;
is(db.objectStoreNames.length, 0, "We have 0 objectStore");
if (allowed) {
is(db.objectStoreNames.length, 1, "We have 1 objectStore");
is(db.objectStoreNames[0], "foobar", "We have 'foobar' objectStore");
} else {
is(db.objectStoreNames.length, 0, "We have 0 objectStore");
}
resolve();
};
});

6
toolkit/components/antitracking/test/browser/browser_partitionedSharedWorkers.js
Просмотреть файл

@ -26,7 +26,11 @@ PartitionedStorageHelper.runTestInNormalAndPrivateMode(
let sh3 = new win3rdParty.SharedWorker("sharedWorker.js");
await new Promise(resolve => {
sh3.port.onmessage = e => {
is(e.data, 1, `We expected 1 connection for 3rd party SharedWorker`);
is(
e.data,
allowed ? 2 : 1,
`We expected ${allowed ? 2 : 1} connection for 3rd party SharedWorker`
);
resolve();
};
sh3.onerror = _ => {

7
toolkit/components/antitracking/test/browser/browser_permissionInNormalWindows.js
Просмотреть файл

@ -95,12 +95,7 @@ AntiTracking.runTest(
);
});
},
[
[
"privacy.partition.always_partition_third_party_non_cookie_storage",
false,
],
], // extra prefs
null, // no extra prefs
true, // run the window.open() test
true, // run the user interaction test
0, // don't expect blocking notifications

111
toolkit/components/antitracking/test/browser/browser_permissionInNormalWindows_alwaysPartition.js
Просмотреть файл

@ -1,111 +0,0 @@
/* import-globals-from antitracking_head.js */
AntiTracking.runTest(
"Test whether we receive any persistent permissions in normal windows",
// Blocking callback
async _ => {
// Nothing to do here!
},
// Non blocking callback
async _ => {
try {
// We load the test script in the parent process to check permissions.
let chromeScript = SpecialPowers.loadChromeScript(_ => {
// eslint-disable-next-line no-undef
addMessageListener("go", _ => {
const { Services } = ChromeUtils.import(
"resource://gre/modules/Services.jsm"
);
function ok(what, msg) {
// eslint-disable-next-line no-undef
sendAsyncMessage("ok", { what: !!what, msg });
}
function is(a, b, msg) {
ok(a === b, msg);
}
// We should use the principal of the TEST_DOMAIN since the storage
// permission is saved under it.
let principal = Services.scriptSecurityManager.createContentPrincipalFromOrigin(
"http://example.net/"
);
for (let perm of Services.perms.getAllForPrincipal(principal)) {
// Ignore permissions other than storage access
if (!perm.type.startsWith("3rdPartyStorage^")) {
continue;
}
is(
perm.expireType,
Services.perms.EXPIRE_TIME,
"Permission must expire at a specific time"
);
ok(perm.expireTime > 0, "Permission must have a expiry time");
}
// eslint-disable-next-line no-undef
sendAsyncMessage("done");
});
});
chromeScript.addMessageListener("ok", obj => {
ok(obj.what, obj.msg);
});
await new Promise(resolve => {
chromeScript.addMessageListener("done", _ => {
chromeScript.destroy();
resolve();
});
chromeScript.sendAsyncMessage("go");
});
// We check the permission in tracking processes for non-Fission mode. In
// Fission mode, the permission won't be synced to the tracking process,
// so we don't check it.
if (!SpecialPowers.useRemoteSubframes) {
let Services = SpecialPowers.Services;
let principal = Services.scriptSecurityManager.createContentPrincipalFromOrigin(
"http://example.net/"
);
for (let perm of Services.perms.getAllForPrincipal(principal)) {
// Ignore permissions other than storage access
if (!perm.type.startsWith("3rdPartyStorage^")) {
continue;
}
is(
perm.expireType,
Services.perms.EXPIRE_TIME,
"Permission must expire at a specific time"
);
ok(perm.expireTime > 0, "Permission must have a expiry time");
}
}
} catch (e) {
alert(e);
}
},
// Cleanup callback
async _ => {
await new Promise(resolve => {
Services.clearData.deleteData(Ci.nsIClearDataService.CLEAR_ALL, value =>
resolve()
);
});
},
[["privacy.partition.always_partition_third_party_non_cookie_storage", true]], // extra prefs
true, // run the window.open() test
true, // run the user interaction test
[
// expected blocking notifications
Ci.nsIWebProgressListener.STATE_COOKIES_BLOCKED_TRACKER,
Ci.nsIWebProgressListener.STATE_COOKIES_BLOCKED_ALL,
],
false
); // run in normal windows

7
toolkit/components/antitracking/test/browser/browser_permissionInPrivateWindows.js
Просмотреть файл

@ -39,12 +39,7 @@ AntiTracking.runTest(
);
});
},
[
[
"privacy.partition.always_partition_third_party_non_cookie_storage",
false,
],
], // extra prefs
null, // no extra prefs
true, // run the window.open() test
true, // run the user interaction test
0, // don't expect blocking notifications

51
toolkit/components/antitracking/test/browser/browser_permissionInPrivateWindows_alwaysPartition.js
Просмотреть файл

@ -1,51 +0,0 @@
/* import-globals-from antitracking_head.js */
AntiTracking.runTest(
"Test whether we receive any persistent permissions in private windows",
// Blocking callback
async _ => {
// Nothing to do here!
},
// Non blocking callback
async _ => {
try {
let Services = SpecialPowers.Services;
// We would use TEST_3RD_PARTY_DOMAIN here, except that the variable isn't
// accessible in the context of the web page...
let principal = SpecialPowers.wrap(document).nodePrincipal;
for (let perm of Services.perms.getAllForPrincipal(principal)) {
// Ignore permissions other than storage access
if (!perm.type.startsWith("3rdPartyStorage^")) {
continue;
}
is(
perm.expireType,
Services.perms.EXPIRE_SESSION,
"Permission must expire at the end of session"
);
is(perm.expireTime, 0, "Permission must have no expiry time");
}
} catch (e) {
alert(e);
}
},
// Cleanup callback
async _ => {
await new Promise(resolve => {
Services.clearData.deleteData(Ci.nsIClearDataService.CLEAR_ALL, value =>
resolve()
);
});
},
[["privacy.partition.always_partition_third_party_non_cookie_storage", true]], // extra prefs
true, // run the window.open() test
true, // run the user interaction test
[
// expected blocking notifications
Ci.nsIWebProgressListener.STATE_COOKIES_BLOCKED_TRACKER,
Ci.nsIWebProgressListener.STATE_COOKIES_BLOCKED_ALL,
],
true
); // run in private windows

7
toolkit/components/antitracking/test/browser/browser_storageAccessPromiseRejectHandlerUserInteraction.js
Просмотреть файл

@ -24,12 +24,7 @@ AntiTracking.runTest(
);
});
},
[
[
"privacy.partition.always_partition_third_party_non_cookie_storage",
false,
],
], // extra prefs
null, // extra prefs
false, // no window open test
false, // no user-interaction test
0, // expected blocking notifications

33
toolkit/components/antitracking/test/browser/browser_storageAccessPromiseRejectHandlerUserInteraction_alwaysPartition.js
Просмотреть файл

@ -1,33 +0,0 @@
/* import-globals-from antitracking_head.js */
AntiTracking.runTest(
"Storage Access API returns promises that do not maintain user activation for calling its reject handler",
// blocking callback
async _ => {
/* import-globals-from storageAccessAPIHelpers.js */
let [threw, rejected] = await callRequestStorageAccess(() => {
ok(
!SpecialPowers.wrap(document).hasValidTransientUserGestureActivation,
"Promise reject handler must not have user activation"
);
}, true);
ok(!threw, "requestStorageAccess should not throw");
ok(rejected, "requestStorageAccess should not be available");
},
null, // non-blocking callback
// cleanup function
async _ => {
await new Promise(resolve => {
Services.clearData.deleteData(Ci.nsIClearDataService.CLEAR_ALL, value =>
resolve()
);
});
},
[["privacy.partition.always_partition_third_party_non_cookie_storage", true]], // extra prefs
false, // no window open test
false, // no user-interaction test
Ci.nsIWebProgressListener.STATE_COOKIES_BLOCKED_TRACKER, // expected blocking notifications
false, // private window
"allow-scripts allow-same-origin allow-popups" // iframe sandbox
);

7
toolkit/components/antitracking/test/browser/browser_storageAccessRemovalNavigateSubframe.js
Просмотреть файл

@ -26,12 +26,7 @@ AntiTracking.runTest(
);
});
},
[
[
"privacy.partition.always_partition_third_party_non_cookie_storage",
false,
],
], // extra prefs
null, // extra prefs
false, // no window open test
false, // no user-interaction test
0, // no blocking notifications

43
toolkit/components/antitracking/test/browser/browser_storageAccessRemovalNavigateSubframe_alwaysPartition.js
Просмотреть файл

@ -1,43 +0,0 @@
/* import-globals-from antitracking_head.js */
AntiTracking.runTest(
"Storage Access is removed when subframe navigates",
// blocking callback
async _ => {
/* import-globals-from storageAccessAPIHelpers.js */
await noStorageAccessInitially();
},
// non-blocking callback
async _ => {
/* import-globals-from storageAccessAPIHelpers.js */
await hasStorageAccessInitially();
/* import-globals-from storageAccessAPIHelpers.js */
let [threw, rejected] = await callRequestStorageAccess();
ok(!threw, "requestStorageAccess should not throw");
ok(!rejected, "requestStorageAccess should be available");
},
// cleanup function
async _ => {
await new Promise(resolve => {
Services.clearData.deleteData(Ci.nsIClearDataService.CLEAR_ALL, value =>
resolve()
);
});
},
[["privacy.partition.always_partition_third_party_non_cookie_storage", true]], // extra prefs
false, // no window open test
false, // no user-interaction test
Ci.nsIWebProgressListener.STATE_COOKIES_BLOCKED_TRACKER, // expected blocking notifications
false, // run in normal window
null, // no iframe sandbox
"navigate-subframe", // access removal type
// after-removal callback
async _ => {
/* import-globals-from storageAccessAPIHelpers.js */
// TODO: this is just a temporarily fixed, we should update the testcase
// in Bug 1649399
await hasStorageAccessInitially();
}
);

7
toolkit/components/antitracking/test/browser/browser_storageAccessRemovalNavigateTopframe.js
Просмотреть файл

@ -26,12 +26,7 @@ AntiTracking.runTest(
);
});
},
[
[
"privacy.partition.always_partition_third_party_non_cookie_storage",
false,
],
], // extra prefs
null, // extra prefs
false, // no window open test
false, // no user-interaction test
0, // no blocking notifications

41
toolkit/components/antitracking/test/browser/browser_storageAccessRemovalNavigateTopframe_alwaysPartition.js
Просмотреть файл

@ -1,41 +0,0 @@
/* import-globals-from antitracking_head.js */
AntiTracking.runTest(
"Storage Access is removed when topframe navigates",
// blocking callback
async _ => {
/* import-globals-from storageAccessAPIHelpers.js */
await noStorageAccessInitially();
},
// non-blocking callback
async _ => {
/* import-globals-from storageAccessAPIHelpers.js */
await hasStorageAccessInitially();
/* import-globals-from storageAccessAPIHelpers.js */
let [threw, rejected] = await callRequestStorageAccess();
ok(!threw, "requestStorageAccess should not throw");
ok(!rejected, "requestStorageAccess should be available");
},
// cleanup function
async _ => {
await new Promise(resolve => {
Services.clearData.deleteData(Ci.nsIClearDataService.CLEAR_ALL, value =>
resolve()
);
});
},
[["privacy.partition.always_partition_third_party_non_cookie_storage", true]], // extra prefs
false, // no window open test
false, // no user-interaction test
Ci.nsIWebProgressListener.STATE_COOKIES_BLOCKED_TRACKER, // expected blocking notifications
false, // run in normal window
null, // no iframe sandbox
"navigate-topframe", // access removal type
// after-removal callback
async _ => {
/* import-globals-from storageAccessAPIHelpers.js */
await noStorageAccessInitially();
}
);

34
toolkit/components/antitracking/test/browser/browser_storageAccessSandboxed.js
Просмотреть файл

@ -1,9 +1,6 @@
/* import-globals-from antitracking_head.js */
/* import-globals-from storageAccessAPIHelpers.js */
const APS_PREF =
"privacy.partition.always_partition_third_party_non_cookie_storage";
AntiTracking.runTest(
"Storage Access API called in a sandboxed iframe",
// blocking callback
@ -27,10 +24,7 @@ AntiTracking.runTest(
);
});
},
[
["dom.storage_access.enabled", true],
[APS_PREF, false],
], // extra prefs
[["dom.storage_access.enabled", true]], // extra prefs
false, // no window open test
false, // no user-interaction test
0, // no blocking notifications
@ -71,7 +65,6 @@ AntiTracking.runTest(
["dom.serviceWorkers.exemptFromPerDomainMax", true],
["dom.serviceWorkers.enabled", true],
["dom.serviceWorkers.testing.enabled", true],
[APS_PREF, false],
], // extra prefs
false, // no window open test
false, // no user-interaction test
@ -94,10 +87,7 @@ AntiTracking.runTest(
null, // non-blocking callback
null, // cleanup function
[
["dom.storage_access.enabled", true],
[APS_PREF, false],
], // extra prefs
[["dom.storage_access.enabled", true]], // extra prefs
false, // no window open test
false, // no user-interaction test
Ci.nsIWebProgressListener.STATE_COOKIES_BLOCKED_TRACKER, // expect blocking notifications
@ -122,10 +112,7 @@ AntiTracking.runTest(
null, // non-blocking callback
null, // cleanup function
[
["dom.storage_access.enabled", true],
[APS_PREF, false],
], // extra prefs
[["dom.storage_access.enabled", true]], // extra prefs
false, // no window open test
false, // no user-interaction test
Ci.nsIWebProgressListener.STATE_COOKIES_BLOCKED_TRACKER, // expect blocking notifications
@ -147,10 +134,7 @@ AntiTracking.runTest(
null, // non-blocking callback
null, // cleanup function
[
["dom.storage_access.enabled", true],
[APS_PREF, false],
], // extra prefs
[["dom.storage_access.enabled", true]], // extra prefs
false, // no window open test
false, // no user-interaction test
0, // no blocking notifications
@ -175,10 +159,7 @@ AntiTracking.runTest(
null, // non-blocking callback
null, // cleanup function
[
["dom.storage_access.enabled", true],
[APS_PREF, false],
], // extra prefs
[["dom.storage_access.enabled", true]], // extra prefs
false, // no window open test
false, // no user-interaction test
Ci.nsIWebProgressListener.STATE_COOKIES_BLOCKED_TRACKER, // expect blocking notifications
@ -205,10 +186,7 @@ AntiTracking.runTest(
);
});
},
[
["dom.storage_access.enabled", true],
[APS_PREF, false],
], // extra prefs
[["dom.storage_access.enabled", true]], // extra prefs
false, // no window open test
false, // no user-interaction test
0 // no blocking notifications

215
toolkit/components/antitracking/test/browser/browser_storageAccessSandboxed_alwaysPartition.js
Просмотреть файл

@ -1,215 +0,0 @@
/* import-globals-from antitracking_head.js */
/* import-globals-from storageAccessAPIHelpers.js */
const APS_PREF =
"privacy.partition.always_partition_third_party_non_cookie_storage";
AntiTracking.runTest(
"Storage Access API called in a sandboxed iframe",
// blocking callback
async _ => {
let [threw, rejected] = await callRequestStorageAccess();
ok(!threw, "requestStorageAccess should not throw");
ok(rejected, "requestStorageAccess shouldn't be available");
},
null, // non-blocking callback
// cleanup function
async _ => {
// Only clear the user-interaction permissions for the tracker here so that
// the next test has a clean slate.
await new Promise(resolve => {
Services.clearData.deleteDataFromHost(
Services.io.newURI(TEST_3RD_PARTY_DOMAIN).host,
true,
Ci.nsIClearDataService.CLEAR_PERMISSIONS,
value => resolve()
);
});
},
[
["dom.storage_access.enabled", true],
[APS_PREF, true],
], // extra prefs
false, // no window open test
false, // no user-interaction test
Ci.nsIWebProgressListener.STATE_COOKIES_BLOCKED_TRACKER, // expected blocking notifications
false, // run in normal window
"allow-scripts allow-same-origin allow-popups"
);
AntiTracking.runTest(
"Exception List can work in a sandboxed iframe",
// blocking callback
async _ => {
await hasStorageAccessInitially();
try {
await navigator.serviceWorker.register("empty.js");
ok(
true,
"ServiceWorker can be registered in allowlisted sandboxed iframe!"
);
} catch (e) {
info("Promise rejected: " + e);
ok(
false,
"ServiceWorker should be able to be registered in allowlisted sandboxed iframe"
);
}
},
null, // non-blocking callback
null, // cleanup function
[
["dom.storage_access.enabled", true],
[
"privacy.restrict3rdpartystorage.skip_list",
"http://example.net,https://tracking.example.org",
],
["dom.serviceWorkers.exemptFromPerDomainMax", true],
["dom.serviceWorkers.enabled", true],
["dom.serviceWorkers.testing.enabled", true],
[APS_PREF, true],
], // extra prefs
false, // no window open test
false, // no user-interaction test
0, // no blocking notifications
false, // run in normal window
"allow-scripts allow-same-origin allow-popups"
);
AntiTracking.runTest(
"Storage Access API called in a sandboxed iframe with" +
" allow-storage-access-by-user-activation",
// blocking callback
async _ => {
await noStorageAccessInitially();
let [threw, rejected] = await callRequestStorageAccess();
ok(!threw, "requestStorageAccess should not throw");
ok(!rejected, "requestStorageAccess should be available");
},
null, // non-blocking callback
null, // cleanup function
[
["dom.storage_access.enabled", true],
[APS_PREF, true],
], // extra prefs
false, // no window open test
false, // no user-interaction test
Ci.nsIWebProgressListener.STATE_COOKIES_BLOCKED_TRACKER, // expect blocking notifications
false, // run in normal window
"allow-scripts allow-same-origin allow-popups allow-storage-access-by-user-activation"
);
AntiTracking.runTest(
"Verify that sandboxed contexts don't get the saved permission",
// blocking callback
async _ => {
await noStorageAccessInitially();
try {
localStorage.foo = 42;
ok(false, "LocalStorage cannot be used!");
} catch (e) {
ok(true, "LocalStorage cannot be used!");
is(e.name, "SecurityError", "We want a security error message.");
}
},
null, // non-blocking callback
null, // cleanup function
[
["dom.storage_access.enabled", true],
[APS_PREF, true],
], // extra prefs
false, // no window open test
false, // no user-interaction test
Ci.nsIWebProgressListener.STATE_COOKIES_BLOCKED_TRACKER, // expect blocking notifications
false, // run in normal window
"allow-scripts allow-same-origin allow-popups"
);
AntiTracking.runTest(
"Verify that sandboxed contexts with" +
" allow-storage-access-by-user-activation get the" +
" saved permission",
// blocking callback
async _ => {
await hasStorageAccessInitially();
localStorage.foo = 42;
ok(true, "LocalStorage can be used!");
},
null, // non-blocking callback
null, // cleanup function
[
["dom.storage_access.enabled", true],
[APS_PREF, true],
], // extra prefs
false, // no window open test
false, // no user-interaction test
0, // no blocking notifications
false, // run in normal window
"allow-scripts allow-same-origin allow-popups allow-storage-access-by-user-activation"
);
AntiTracking.runTest(
"Verify that private browsing contexts don't get the saved permission",
// blocking callback
async _ => {
await noStorageAccessInitially();
try {
localStorage.foo = 42;
ok(false, "LocalStorage cannot be used!");
} catch (e) {
ok(true, "LocalStorage cannot be used!");
is(e.name, "SecurityError", "We want a security error message.");
}
},
null, // non-blocking callback
null, // cleanup function
[
["dom.storage_access.enabled", true],
[APS_PREF, true],
], // extra prefs
false, // no window open test
false, // no user-interaction test
Ci.nsIWebProgressListener.STATE_COOKIES_BLOCKED_TRACKER, // expect blocking notifications
true, // run in private window
null // iframe sandbox
);
AntiTracking.runTest(
"Verify that non-sandboxed contexts get the saved permission",
// blocking callback
async _ => {
await hasStorageAccessInitially();
localStorage.foo = 42;
ok(true, "LocalStorage can be used!");
},
null, // non-blocking callback
// cleanup function
async _ => {
await new Promise(resolve => {
Services.clearData.deleteData(Ci.nsIClearDataService.CLEAR_ALL, value =>
resolve()
);
});
},
[
["dom.storage_access.enabled", true],
[APS_PREF, true],
], // extra prefs
false, // no window open test
false, // no user-interaction test
0 // no blocking notifications
);

23
toolkit/components/antitracking/test/browser/browser_storageAccessScopeDifferentSite.js
Просмотреть файл

@ -25,28 +25,7 @@ add_task(async function testInitialBlock() {
});
add_task(async function testDifferentSitePermission() {
await setPreferences(/*alwaysPartitionStorage*/ false);
await openPageAndRunCode(
TEST_TOP_PAGE_7,
getExpectPopupAndClick("accept"),
TEST_3RD_PARTY_PAGE,
requestStorageAccessAndExpectSuccess
);
await openPageAndRunCode(
TEST_TOP_PAGE,
getExpectPopupAndClick("reject"),
TEST_3RD_PARTY_PAGE,
requestStorageAccessAndExpectFailure
);
await cleanUpData();
await SpecialPowers.flushPrefEnv();
});
add_task(async function testDifferentSitePermissionAPS() {
await setPreferences(/*alwaysPartitionStorage*/ true);
await setPreferences();
await openPageAndRunCode(
TEST_TOP_PAGE_7,

12
toolkit/components/antitracking/test/browser/browser_storageAccessThirdPartyChecks.js
Просмотреть файл

@ -1,8 +1,5 @@
/* import-globals-from antitracking_head.js */
const APS_PREF =
"privacy.partition.always_partition_third_party_non_cookie_storage";
AntiTracking._createTask({
name:
"Test that after a storage access grant we have full first-party access",
@ -40,7 +37,7 @@ AntiTracking._createTask({
await runChecks("image");
},
extraPrefs: [[APS_PREF, false]],
extraPrefs: null,
expectedBlockingNotifications:
Ci.nsIWebProgressListener.STATE_COOKIES_BLOCKED_TRACKER,
runInPrivateWindow: false,
@ -74,10 +71,7 @@ AntiTracking._createTask({
await callRequestStorageAccess(null, true);
},
extraPrefs: [
["network.cookie.rejectForeignWithExceptions.enabled", false],
[APS_PREF, false],
],
extraPrefs: [["network.cookie.rejectForeignWithExceptions.enabled", false]],
expectedBlockingNotifications: 0,
runInPrivateWindow: false,
iframeSandbox: null,
@ -108,7 +102,6 @@ AntiTracking._createTask({
await callRequestStorageAccess(null, true);
},
extraPrefs: [[APS_PREF, false]],
expectedBlockingNotifications: 0,
runInPrivateWindow: false,
iframeSandbox: null,
@ -139,7 +132,6 @@ AntiTracking._createTask({
await callRequestStorageAccess(null, true);
},
extraPrefs: [[APS_PREF, false]],
expectedBlockingNotifications: 0,
runInPrivateWindow: false,
iframeSandbox: null,

157
toolkit/components/antitracking/test/browser/browser_storageAccessThirdPartyChecks_alwaysPartition.js
Просмотреть файл

@ -1,157 +0,0 @@
/* import-globals-from antitracking_head.js */
const allBlocked = Ci.nsIWebProgressListener.STATE_COOKIES_BLOCKED_ALL;
const foreignBlocked = Ci.nsIWebProgressListener.STATE_COOKIES_BLOCKED_FOREIGN;
const APS_PREF =
"privacy.partition.always_partition_third_party_non_cookie_storage";
AntiTracking._createTask({
name:
"Test that after a storage access grant we have full first-party access",
cookieBehavior: BEHAVIOR_REJECT_TRACKER,
blockingByContentBlockingRTUI: true,
allowList: false,
callback: async _ => {
/* import-globals-from storageAccessAPIHelpers.js */
await noStorageAccessInitially();
await callRequestStorageAccess();
const TRACKING_PAGE =
"http://another-tracking.example.net/browser/browser/base/content/test/protectionsUI/trackingPage.html";
async function runChecks(name) {
let iframe = document.createElement("iframe");
iframe.src = TRACKING_PAGE;
document.body.appendChild(iframe);
await new Promise(resolve => {
iframe.onload = resolve;
});
await SpecialPowers.spawn(iframe, [name], name => {
content.postMessage(name, "*");
});
await new Promise(resolve => {
onmessage = e => {
if (e.data == "done") {
resolve();
}
};
});
}
await runChecks("image");
},
extraPrefs: [[APS_PREF, true]],
expectedBlockingNotifications:
Ci.nsIWebProgressListener.STATE_COOKIES_BLOCKED_TRACKER,
runInPrivateWindow: false,
iframeSandbox: null,
accessRemoval: null,
callbackAfterRemoval: null,
thirdPartyPage: TEST_3RD_PARTY_PAGE_HTTP,
errorMessageDomains: [
"http://tracking.example.org",
"http://tracking.example.org",
"http://tracking.example.org",
"http://tracking.example.org",
"http://trackertest.org",
],
});
add_task(async _ => {
await new Promise(resolve => {
Services.clearData.deleteData(Ci.nsIClearDataService.CLEAR_ALL, value =>
resolve()
);
});
});
AntiTracking._createTask({
name:
"Test that we never grant access to cookieBehavior=1, when network.cookie.rejectForeignWithExceptions.enabled is set to false",
cookieBehavior: BEHAVIOR_REJECT_FOREIGN,
allowList: false,
callback: async _ => {
/* import-globals-from storageAccessAPIHelpers.js */
await noStorageAccessInitially();
await callRequestStorageAccess(null, true);
},
extraPrefs: [
["network.cookie.rejectForeignWithExceptions.enabled", false],
[APS_PREF, true],
],
expectedBlockingNotifications: foreignBlocked,
runInPrivateWindow: false,
iframeSandbox: null,
accessRemoval: null,
callbackAfterRemoval: null,
thirdPartyPage: TEST_3RD_PARTY_PAGE_HTTP,
errorMessageDomains: ["http://tracking.example.org"],
});
add_task(async _ => {
await new Promise(resolve => {
Services.clearData.deleteData(Ci.nsIClearDataService.CLEAR_ALL, value =>
resolve()
);
});
});
AntiTracking._createTask({
name: "Test that we never grant access to cookieBehavior=2",
cookieBehavior: BEHAVIOR_REJECT,
allowList: false,
callback: async _ => {
/* import-globals-from storageAccessAPIHelpers.js */
await noStorageAccessInitially();
await callRequestStorageAccess(null, true);
},
extraPrefs: [[APS_PREF, true]],
expectedBlockingNotifications: allBlocked,
runInPrivateWindow: false,
iframeSandbox: null,
accessRemoval: null,
callbackAfterRemoval: null,
thirdPartyPage: TEST_3RD_PARTY_PAGE_HTTP,
errorMessageDomains: ["http://example.net", "http://tracking.example.org"],
});
add_task(async _ => {
await new Promise(resolve => {
Services.clearData.deleteData(Ci.nsIClearDataService.CLEAR_ALL, value =>
resolve()
);
});
});
AntiTracking._createTask({
name: "Test that we never grant access to cookieBehavior=3",
cookieBehavior: BEHAVIOR_LIMIT_FOREIGN,
allowList: false,
callback: async _ => {
/* import-globals-from storageAccessAPIHelpers.js */
await noStorageAccessInitially();
await callRequestStorageAccess(null, true);
},
extraPrefs: [[APS_PREF, true]],
expectedBlockingNotifications: foreignBlocked,
runInPrivateWindow: false,
iframeSandbox: null,
accessRemoval: null,
callbackAfterRemoval: null,
thirdPartyPage: TEST_3RD_PARTY_PAGE_HTTP,
errorMessageDomains: ["http://tracking.example.org"],
});
add_task(async _ => {
await new Promise(resolve => {
Services.clearData.deleteData(Ci.nsIClearDataService.CLEAR_ALL, value =>
resolve()
);
});
});

4
toolkit/components/antitracking/test/browser/browser_subResourcesPartitioned.js
Просмотреть файл

@ -277,10 +277,6 @@ add_task(async function() {
["privacy.trackingprotection.annotate_channels", true],
// Bug 1617611: Fix all the tests broken by "cookies SameSite=lax by default"
["network.cookie.sameSite.laxByDefault", false],
[
"privacy.partition.always_partition_third_party_non_cookie_storage",
false,
],
],
});

313
toolkit/components/antitracking/test/browser/browser_subResourcesPartitioned_alwaysPartition.js
Просмотреть файл

@ -1,313 +0,0 @@
async function runTests(topPage, limitForeignContexts) {
info("Creating a new tab");
let tab = BrowserTestUtils.addTab(gBrowser, topPage);
gBrowser.selectedTab = tab;
let browser = gBrowser.getBrowserForTab(tab);
await BrowserTestUtils.browserLoaded(browser);
info("Loading scripts and images");
await SpecialPowers.spawn(browser, [], async function() {
// Let's load the script twice here.
{
let src = content.document.createElement("script");
let p = new content.Promise(resolve => {
src.onload = resolve;
});
content.document.body.appendChild(src);
src.src =
"https://example.org/browser/toolkit/components/antitracking/test/browser/subResources.sjs?what=script";
await p;
}
{
let src = content.document.createElement("script");
let p = new content.Promise(resolve => {
src.onload = resolve;
});
content.document.body.appendChild(src);
src.src =
"https://example.org/browser/toolkit/components/antitracking/test/browser/subResources.sjs?what=script";
await p;
}
// Let's load an image twice here.
{
let img = content.document.createElement("img");
let p = new content.Promise(resolve => {
img.onload = resolve;
});
content.document.body.appendChild(img);
img.src =
"https://example.org/browser/toolkit/components/antitracking/test/browser/subResources.sjs?what=image";
await p;
}
{
let img = content.document.createElement("img");
let p = new content.Promise(resolve => {
img.onload = resolve;
});
content.document.body.appendChild(img);
img.src =
"https://example.org/browser/toolkit/components/antitracking/test/browser/subResources.sjs?what=image";
await p;
}
});
await fetch(
"https://example.org/browser/toolkit/components/antitracking/test/browser/subResources.sjs?result&what=image"
)
.then(r => r.text())
.then(text => {
if (limitForeignContexts) {
is(text, "0", "No cookie received for images.");
} else {
is(text, "1", "One cookie received for images.");
}
});
await fetch(
"https://example.org/browser/toolkit/components/antitracking/test/browser/subResources.sjs?result&what=script"
)
.then(r => r.text())
.then(text => {
if (limitForeignContexts) {
is(text, "0", "No cookie received received for scripts.");
} else {
is(text, "1", "One cookie received received for scripts.");
}
});
info("Creating a 3rd party content");
await SpecialPowers.spawn(
browser,
[
{
page: TEST_3RD_PARTY_PAGE_WO,
blockingCallback: (async _ => {}).toString(),
nonBlockingCallback: (async _ => {}).toString(),
},
],
async function(obj) {
await new content.Promise(resolve => {
let ifr = content.document.createElement("iframe");
ifr.onload = function() {
info("Sending code to the 3rd party content");
ifr.contentWindow.postMessage(obj, "*");
};
content.addEventListener("message", function msg(event) {
if (event.data.type == "finish") {
content.removeEventListener("message", msg);
resolve();
return;
}
if (event.data.type == "ok") {
ok(event.data.what, event.data.msg);
return;
}
if (event.data.type == "info") {
info(event.data.msg);
return;
}
ok(false, "Unknown message");
});
content.document.body.appendChild(ifr);
ifr.src = obj.page;
});
}
);
info("Loading scripts and images again");
await SpecialPowers.spawn(browser, [], async function() {
// Let's load the script twice here.
{
let src = content.document.createElement("script");
let p = new content.Promise(resolve => {
src.onload = resolve;
});
content.document.body.appendChild(src);
src.src =
"https://example.com/browser/toolkit/components/antitracking/test/browser/subResources.sjs?what=script";
await p;
}
{
let src = content.document.createElement("script");
let p = new content.Promise(resolve => {
src.onload = resolve;
});
content.document.body.appendChild(src);
src.src =
"https://example.com/browser/toolkit/components/antitracking/test/browser/subResources.sjs?what=script";
await p;
}
// Let's load an image twice here.
{
let img = content.document.createElement("img");
let p = new content.Promise(resolve => {
img.onload = resolve;
});
content.document.body.appendChild(img);
img.src =
"https://example.com/browser/toolkit/components/antitracking/test/browser/subResources.sjs?what=image";
await p;
}
{
let img = content.document.createElement("img");
let p = new content.Promise(resolve => {
img.onload = resolve;
});
content.document.body.appendChild(img);
img.src =
"https://example.com/browser/toolkit/components/antitracking/test/browser/subResources.sjs?what=image";
await p;
}
});
await fetch(
"https://example.com/browser/toolkit/components/antitracking/test/browser/subResources.sjs?result&what=image"
)
.then(r => r.text())
.then(text => {
if (limitForeignContexts) {
is(text, "0", "No cookie received for images.");
} else {
is(text, "1", "One cookie received for images.");
}
});
await fetch(
"https://example.com/browser/toolkit/components/antitracking/test/browser/subResources.sjs?result&what=script"
)
.then(r => r.text())
.then(text => {
if (limitForeignContexts) {
is(text, "0", "No cookie received received for scripts.");
} else {
is(text, "1", "One cookie received received for scripts.");
}
});
let expectTrackerBlocked = (item, blocked, type) => {
is(item[0], type, "Correct blocking type reported");
is(item[1], blocked, "Correct blocking status reported");
ok(item[2] >= 1, "Correct repeat count reported");
};
let expectCookiesLoaded = item => {
is(
item[0],
Ci.nsIWebProgressListener.STATE_COOKIES_LOADED,
"Correct blocking type reported"
);
is(item[1], true, "Correct blocking status reported");
ok(item[2] >= 1, "Correct repeat count reported");
};
let expectCookiesBlockedForeign = item => {
is(
item[0],
Ci.nsIWebProgressListener.STATE_COOKIES_BLOCKED_FOREIGN,
"Correct blocking type reported"
);
is(item[1], true, "Correct blocking status reported");
ok(item[2] >= 1, "Correct repeat count reported");
};
let log = JSON.parse(await browser.getContentBlockingLog());
for (let trackerOrigin in log) {
let originLog = log[trackerOrigin];
info(trackerOrigin);
switch (trackerOrigin) {
case "https://example.org":
case "https://example.com":
let numEntries = 1;
if (limitForeignContexts) {
++numEntries;
}
is(
originLog.length,
numEntries,
`We should have ${numEntries} entries in the compressed log`
);
expectCookiesLoaded(originLog[0]);
if (limitForeignContexts) {
expectCookiesBlockedForeign(originLog[1]);
}
break;
case "https://tracking.example.org":
is(
originLog.length,
2,
"We should have 2 entries in the compressed log"
);
expectTrackerBlocked(
originLog[0],
true,
Ci.nsIWebProgressListener.STATE_COOKIES_LOADED
);
expectTrackerBlocked(
originLog[1],
false,
Ci.nsIWebProgressListener.STATE_COOKIES_BLOCKED_TRACKER
);
break;
}
}
info("Removing the tab");
BrowserTestUtils.removeTab(tab);
}
add_task(async function() {
info("Starting subResources test");
await SpecialPowers.flushPrefEnv();
await SpecialPowers.pushPrefEnv({
set: [
[
"network.cookie.cookieBehavior",
Ci.nsICookieService.BEHAVIOR_REJECT_TRACKER_AND_PARTITION_FOREIGN,
],
[
"network.cookie.cookieBehavior.pbmode",
Ci.nsICookieService.BEHAVIOR_REJECT_TRACKER_AND_PARTITION_FOREIGN,
],
["privacy.trackingprotection.enabled", false],
["privacy.trackingprotection.pbmode.enabled", false],
["privacy.trackingprotection.annotate_channels", true],
// Bug 1617611: Fix all the tests broken by "cookies SameSite=lax by default"
["network.cookie.sameSite.laxByDefault", false],
[
"privacy.partition.always_partition_third_party_non_cookie_storage",
true,
],
],
});
for (let limitForeignContexts of [false, true]) {
SpecialPowers.setBoolPref(
"privacy.dynamic_firstparty.limitForeign",
limitForeignContexts
);
for (let page of [TEST_TOP_PAGE, TEST_TOP_PAGE_2, TEST_TOP_PAGE_3]) {
await runTests(page, limitForeignContexts);
}
}
SpecialPowers.clearUserPref("privacy.dynamic_firstparty.limitForeign");
SpecialPowers.clearUserPref("network.cookie.sameSite.laxByDefault");
});
add_task(async function() {
info("Cleaning up.");
await new Promise(resolve => {
Services.clearData.deleteData(Ci.nsIClearDataService.CLEAR_ALL, value =>
resolve()
);
});
});

15
toolkit/components/antitracking/test/browser/browser_urlDecorationStripping.js
Просмотреть файл

@ -17,9 +17,6 @@ const { XPCOMUtils } = ChromeUtils.importESModule(
"resource://gre/modules/XPCOMUtils.sys.mjs"
);
const APS_PREF =
"privacy.partition.always_partition_third_party_non_cookie_storage";
const COLLECTION_NAME = "anti-tracking-url-decoration";
const PREF_NAME = "privacy.restrict3rdpartystorage.url_decorations";
const TOKEN_1 = "fooBar";
@ -149,7 +146,6 @@ AntiTracking._createTask({
extraPrefs: [
["network.http.referer.defaultPolicy", 3], // Ensure we don't downgrade because of the default policy.
["network.http.referer.defaultPolicy.trackers", 3],
[APS_PREF, false],
],
expectedBlockingNotifications: 0,
runInPrivateWindow: false,
@ -178,10 +174,7 @@ AntiTracking._createTask({
ok(false, "No query parameters should be found");
}
},
extraPrefs: [
["network.http.referer.defaultPolicy.trackers", 2],
[APS_PREF, false],
],
extraPrefs: [["network.http.referer.defaultPolicy.trackers", 2]],
expectedBlockingNotifications: 0,
runInPrivateWindow: false,
iframeSandbox: null,
@ -212,7 +205,6 @@ AntiTracking._createTask({
extraPrefs: [
["network.http.referer.defaultPolicy", 3], // Ensure we don't downgrade because of the default policy.
["network.http.referer.defaultPolicy.trackers", 3],
[APS_PREF, false],
],
expectedBlockingNotifications: 0,
runInPrivateWindow: false,
@ -241,10 +233,7 @@ AntiTracking._createTask({
ok(false, "No query parameters should be found");
}
},
extraPrefs: [
["network.http.referer.defaultPolicy.trackers", 2],
[APS_PREF, false],
],
extraPrefs: [["network.http.referer.defaultPolicy.trackers", 2]],
expectedBlockingNotifications: 0,
runInPrivateWindow: false,
iframeSandbox: null,

264
toolkit/components/antitracking/test/browser/browser_urlDecorationStripping_alwaysPartition.js
Просмотреть файл

@ -1,264 +0,0 @@
// This test ensures that the URL decoration annotations service works as
// expected, and also we successfully downgrade document.referrer to the
// eTLD+1 URL when tracking identifiers controlled by this service are
// present in the referrer URI.
/* import-globals-from antitracking_head.js */
"use strict";
const trackerBlocked = Ci.nsIWebProgressListener.STATE_COOKIES_BLOCKED_TRACKER;
const { RemoteSettings } = ChromeUtils.import(
"resource://services-settings/remote-settings.js"
);
const { Preferences } = ChromeUtils.import(
"resource://gre/modules/Preferences.jsm"
);
const { XPCOMUtils } = ChromeUtils.import(
"resource://gre/modules/XPCOMUtils.jsm"
);
const COLLECTION_NAME = "anti-tracking-url-decoration";
const PREF_NAME = "privacy.restrict3rdpartystorage.url_decorations";
const TOKEN_1 = "fooBar";
const TOKEN_2 = "foobaz";
const TOKEN_3 = "fooqux";
const TOKEN_4 = "bazqux";
const APS_PREF =
"privacy.partition.always_partition_third_party_non_cookie_storage";
const token_1 = TOKEN_1.toLowerCase();
const DOMAIN = TEST_DOMAIN_3;
const SUB_DOMAIN = "https://sub1.xn--hxajbheg2az3al.xn--jxalpdlp/";
const TOP_PAGE_WITHOUT_TRACKING_IDENTIFIER =
SUB_DOMAIN + TEST_PATH + "page.html";
const TOP_PAGE_WITH_TRACKING_IDENTIFIER =
TOP_PAGE_WITHOUT_TRACKING_IDENTIFIER + "?" + TOKEN_1 + "=123";
add_task(async _ => {
let uds = Cc["@mozilla.org/tracking-url-decoration-service;1"].getService(
Ci.nsIURLDecorationAnnotationsService
);
let records = [
{
id: "1",
last_modified: 1000000000000001,
schema: Date.now(),
token: TOKEN_1,
},
];
// Add some initial data
async function emitSync() {
await RemoteSettings(COLLECTION_NAME).emit("sync", {
data: { current: records },
});
}
let db = RemoteSettings(COLLECTION_NAME).db;
await db.importChanges({}, Date.now(), [records[0]]);
await emitSync();
await uds.ensureUpdated();
let list = Preferences.get(PREF_NAME).split(" ");
ok(list.includes(TOKEN_1), "Token must now be available in " + PREF_NAME);
ok(Preferences.locked(PREF_NAME), PREF_NAME + " must be locked");
async function verifyList(array, not_array) {
await emitSync();
await uds.ensureUpdated();
list = Preferences.get(PREF_NAME).split(" ");
for (let token of array) {
ok(
list.includes(token),
token + " must now be available in " + PREF_NAME
);
}
for (let token of not_array) {
ok(
!list.includes(token),
token + " must not be available in " + PREF_NAME
);
}
ok(Preferences.locked(PREF_NAME), PREF_NAME + " must be locked");
}
records.push(
{
id: "2",
last_modified: 1000000000000002,
schema: Date.now(),
token: TOKEN_2,
},
{
id: "3",
last_modified: 1000000000000003,
schema: Date.now(),
token: TOKEN_3,
},
{
id: "4",
last_modified: 1000000000000005,
schema: Date.now(),
token: TOKEN_4,
}
);
await verifyList([TOKEN_1, TOKEN_2, TOKEN_3, TOKEN_4], []);
records.pop();
await verifyList([TOKEN_1, TOKEN_2, TOKEN_3], [TOKEN_4]);
is(
Services.eTLD.getBaseDomain(Services.io.newURI(DOMAIN)),
Services.eTLD.getBaseDomain(Services.io.newURI(SUB_DOMAIN)),
"Sanity check"
);
registerCleanupFunction(async _ => {
records = [];
await db.clear();
await emitSync();
});
});
AntiTracking._createTask({
name:
"Test that we do not downgrade document.referrer when it does not contain a tracking identifier",
cookieBehavior: BEHAVIOR_REJECT_TRACKER,
blockingByContentBlockingRTUI: true,
allowList: false,
callback: async _ => {
let ref = new URL(document.referrer);
is(
ref.hostname,
"sub1.xn--hxajbheg2az3al.xn--jxalpdlp",
"Hostname shouldn't be stripped"
);
ok(ref.pathname.length > 1, "Path must not be trimmed");
// eslint-disable-next-line no-unused-vars
for (let entry of ref.searchParams.entries()) {
ok(false, "No query parameters should be found");
}
},
extraPrefs: [
["network.http.referer.defaultPolicy", 3], // Ensure we don't downgrade because of the default policy.
["network.http.referer.defaultPolicy.trackers", 3],
[APS_PREF, true],
],
expectedBlockingNotifications: trackerBlocked,
runInPrivateWindow: false,
iframeSandbox: null,
accessRemoval: null,
callbackAfterRemoval: null,
topPage: TOP_PAGE_WITHOUT_TRACKING_IDENTIFIER,
});
AntiTracking._createTask({
name:
"Test that we do not downgrade document.referrer when it does not contain a tracking identifier even though it gets downgraded to origin only due to the default referrer policy",
cookieBehavior: BEHAVIOR_REJECT_TRACKER,
blockingByContentBlockingRTUI: true,
allowList: false,
callback: async _ => {
let ref = new URL(document.referrer);
is(
ref.hostname,
"sub1.xn--hxajbheg2az3al.xn--jxalpdlp",
"Hostname shouldn't be stripped"
);
is(ref.pathname.length, 1, "Path must be trimmed");
// eslint-disable-next-line no-unused-vars
for (let entry of ref.searchParams.entries()) {
ok(false, "No query parameters should be found");
}
},
extraPrefs: [
["network.http.referer.defaultPolicy.trackers", 2],
[APS_PREF, true],
],
expectedBlockingNotifications: trackerBlocked,
runInPrivateWindow: false,
iframeSandbox: null,
accessRemoval: null,
callbackAfterRemoval: null,
topPage: TOP_PAGE_WITHOUT_TRACKING_IDENTIFIER,
});
AntiTracking._createTask({
name:
"Test that we downgrade document.referrer when it contains a tracking identifier",
cookieBehavior: BEHAVIOR_REJECT_TRACKER,
blockingByContentBlockingRTUI: true,
allowList: false,
callback: async _ => {
let ref = new URL(document.referrer);
is(
ref.hostname,
"xn--hxajbheg2az3al.xn--jxalpdlp",
"Hostname should be stripped"
);
is(ref.pathname.length, 1, "Path must be trimmed");
// eslint-disable-next-line no-unused-vars
for (let entry of ref.searchParams.entries()) {
ok(false, "No query parameters should be found");
}
},
extraPrefs: [
["network.http.referer.defaultPolicy", 3], // Ensure we don't downgrade because of the default policy.
["network.http.referer.defaultPolicy.trackers", 3],
[APS_PREF, true],
],
expectedBlockingNotifications: trackerBlocked,
runInPrivateWindow: false,
iframeSandbox: null,
accessRemoval: null,
callbackAfterRemoval: null,
topPage: TOP_PAGE_WITH_TRACKING_IDENTIFIER,
});
AntiTracking._createTask({
name:
"Test that we don't downgrade document.referrer when it contains a tracking identifier if it gets downgraded to origin only due to the default referrer policy because the tracking identifier wouldn't be present in the referrer any more",
cookieBehavior: BEHAVIOR_REJECT_TRACKER,
blockingByContentBlockingRTUI: true,
allowList: false,
callback: async _ => {
let ref = new URL(document.referrer);
is(
ref.hostname,
"sub1.xn--hxajbheg2az3al.xn--jxalpdlp",
"Hostname shouldn't be stripped"
);
is(ref.pathname.length, 1, "Path must be trimmed");
// eslint-disable-next-line no-unused-vars
for (let entry of ref.searchParams.entries()) {
ok(false, "No query parameters should be found");
}
},
extraPrefs: [
["network.http.referer.defaultPolicy.trackers", 2],
[APS_PREF, true],
],
expectedBlockingNotifications: trackerBlocked,
runInPrivateWindow: false,
iframeSandbox: null,
accessRemoval: null,
callbackAfterRemoval: null,
topPage: TOP_PAGE_WITH_TRACKING_IDENTIFIER,
});
add_task(async _ => {
await new Promise(resolve => {
Services.clearData.deleteData(Ci.nsIClearDataService.CLEAR_ALL, value =>
resolve()
);
});
});

73
toolkit/components/antitracking/test/browser/partitionedstorage_head.js
Просмотреть файл

@ -43,8 +43,7 @@ this.PartitionedStorageHelper = {
testCategory,
getDataCallback,
addDataCallback,
cleanupFunction,
expectUnpartition = false
cleanupFunction
) {
// Normal mode
this.runPartitioningTest(
@ -53,7 +52,6 @@ this.PartitionedStorageHelper = {
getDataCallback,
addDataCallback,
cleanupFunction,
expectUnpartition,
false
);
@ -64,7 +62,6 @@ this.PartitionedStorageHelper = {
getDataCallback,
addDataCallback,
cleanupFunction,
expectUnpartition,
true
);
},
@ -75,7 +72,6 @@ this.PartitionedStorageHelper = {
getDataCallback,
addDataCallback,
cleanupFunction,
expectUnpartition,
runInPrivateWindow = false
) {
for (let variant of ["normal", "initial-aboutblank"]) {
@ -88,8 +84,7 @@ this.PartitionedStorageHelper = {
cleanupFunction,
variant,
runInPrivateWindow,
limitForeignContexts,
expectUnpartition
limitForeignContexts
);
}
}
@ -103,8 +98,7 @@ this.PartitionedStorageHelper = {
cleanupFunction,
variant,
runInPrivateWindow,
limitForeignContexts,
expectUnpartition
limitForeignContexts
) {
add_task(async _ => {
info(
@ -129,10 +123,6 @@ this.PartitionedStorageHelper = {
await SpecialPowers.pushPrefEnv({
set: [
["dom.storage_access.enabled", true],
[
"privacy.partition.always_partition_third_party_non_cookie_storage",
true,
],
["privacy.dynamic_firstparty.limitForeign", limitForeignContexts],
["privacy.trackingprotection.enabled", false],
["privacy.trackingprotection.pbmode.enabled", false],
@ -368,63 +358,6 @@ this.PartitionedStorageHelper = {
info("Forth tab should still have just 'D'");
await getDataFromThirdParty(browser4, "D");
async function setStorageAccessForThirdParty(browser) {
info(`Setting permission for ${browser.currentURI.spec}`);
let type = "3rdPartyStorage^http://not-tracking.example.com";
let permission = Services.perms.ALLOW_ACTION;
let expireType = Services.perms.EXPIRE_SESSION;
Services.perms.addFromPrincipal(
browser.contentPrincipal,
type,
permission,
expireType,
0
);
// Wait for permission to be set successfully
let originAttributes = runInPrivateWindow
? { privateBrowsingId: 1 }
: {};
await new Promise(resolve => {
let id = setInterval(async _ => {
if (
await SpecialPowers.testPermission(type, permission, {
url: browser.currentURI.spec,
originAttributes,
})
) {
clearInterval(id);
resolve();
}
}, 0);
});
}
if (!expectUnpartition) {
info("Setting Storage access for third parties");
await setStorageAccessForThirdParty(browser1);
await setStorageAccessForThirdParty(browser2);
await setStorageAccessForThirdParty(browser3);
await setStorageAccessForThirdParty(browser4);
info("Done setting Storage access for third parties");
// read all tabs
info("First tab should still have just 'D'");
await getDataFromThirdParty(browser1, "D");
info("Second tab should still have just 'B'");
await getDataFromThirdParty(browser2, "B");
info("Third tab should still have just 'C'");
await getDataFromFirstParty(browser3, "C");
info("Forth tab should still have just 'D'");
await getDataFromThirdParty(browser4, "D");
}
info("Done checking departitioned state");
info("Removing the tabs");
BrowserTestUtils.removeTab(tab1);
BrowserTestUtils.removeTab(tab2);

75
toolkit/components/antitracking/test/browser/storage_access_head.js
Просмотреть файл

@ -119,23 +119,6 @@ function expectNoPopup() {
}
async function requestStorageAccessAndExpectSuccess() {
const aps = SpecialPowers.Services.prefs.getBoolPref(
"privacy.partition.always_partition_third_party_non_cookie_storage"
);
// When always partitioning storage, we do not clear non-cookie storage
// after a requestStorageAccess is accepted by the user. So here we test
// that indexedDB is cleared when the pref is off, but not when it is on.
await new Promise((resolve, reject) => {
const db = window.indexedDB.open("rSATest", 1);
db.onupgradeneeded = resolve;
db.success = resolve;
db.onerror = reject;
});
const hadAccessAlready = await document.hasStorageAccess();
const shouldClearIDB = !aps && !hadAccessAlready;
SpecialPowers.wrap(document).notifyUserGestureActivation();
let p = document.requestStorageAccess();
try {
@ -144,41 +127,10 @@ async function requestStorageAccessAndExpectSuccess() {
} catch {
ok(false, "denied storage access.");
}
await new Promise((resolve, reject) => {
const req = window.indexedDB.open("rSATest", 1);
req.onerror = reject;
req.onupgradeneeded = () => {
ok(shouldClearIDB, "iDB was cleared");
req.onsuccess = undefined;
resolve();
};
req.onsuccess = () => {
ok(!shouldClearIDB, "iDB was not cleared");
resolve();
};
});
await new Promise(resolve => {
const req = window.indexedDB.deleteDatabase("rSATest");
req.onsuccess = resolve;
req.onerror = resolve;
});
SpecialPowers.wrap(document).clearUserGestureActivation();
}
async function requestStorageAccessAndExpectFailure() {
// When always partitioning storage, we do not clear non-cookie storage
// after a requestStorageAccess is accepted by the user. So here we test
// that indexedDB is cleared when the pref is off, but not when it is on.
await new Promise((resolve, reject) => {
const db = window.indexedDB.open("rSATest", 1);
db.onupgradeneeded = resolve;
db.success = resolve;
db.onerror = reject;
});
SpecialPowers.wrap(document).notifyUserGestureActivation();
let p = document.requestStorageAccess();
try {
@ -187,27 +139,6 @@ async function requestStorageAccessAndExpectFailure() {
} catch {
ok(true, "denied storage access.");
}
await new Promise((resolve, reject) => {
const req = window.indexedDB.open("rSATest", 1);
req.onerror = reject;
req.onupgradeneeded = () => {
ok(false, "iDB was cleared");
req.onsuccess = undefined;
resolve();
};
req.onsuccess = () => {
ok(true, "iDB was not cleared");
resolve();
};
});
await new Promise(resolve => {
const req = window.indexedDB.deleteDatabase("rSATest");
req.onsuccess = resolve;
req.onerror = resolve;
});
SpecialPowers.wrap(document).clearUserGestureActivation();
}
@ -220,7 +151,7 @@ async function cleanUpData() {
ok(true, "Deleted all data.");
}
async function setPreferences(alwaysPartitionStorage = false) {
async function setPreferences() {
await SpecialPowers.pushPrefEnv({
set: [
["dom.storage_access.auto_grants", true],
@ -236,10 +167,6 @@ async function setPreferences(alwaysPartitionStorage = false) {
"network.cookie.cookieBehavior.pbmode",
Ci.nsICookieService.BEHAVIOR_REJECT_TRACKER_AND_PARTITION_FOREIGN,
],
[
"privacy.partition.always_partition_third_party_non_cookie_storage",
alwaysPartitionStorage,
],
["privacy.trackingprotection.enabled", false],
["privacy.trackingprotection.pbmode.enabled", false],
["privacy.trackingprotection.annotate_channels", true],

5
toolkit/components/extensions/test/mochitest/test_ext_webrequest_redirect_bypass_cors.html
Просмотреть файл

@ -24,11 +24,6 @@ const WIN_URL =
add_task(async function test_webRequest_redirect_cors_bypass() {
// disable third-party storage isolation so the test works as expected
await SpecialPowers.pushPrefEnv({
set: [["privacy.partition.always_partition_third_party_non_cookie_storage", false]],
});
let extension = ExtensionTestUtils.loadExtension({
manifest: {
permissions: [

2
toolkit/components/windowwatcher/test/mochitest.ini
Просмотреть файл

@ -10,5 +10,5 @@ skip-if = (os == 'android') # Fennec doesn't support web content opening new win
[test_storage_copied.html]
support-files =
file_storage_copied.html
skip-if = (os == 'android') || xorigin # Fennec doesn't support web content opening new windows (See bug 1277544 for details) and this test should not pass if the page is an xorigin iframe
skip-if = (os == 'android') # Fennec doesn't support web content opening new windows (See bug 1277544 for details)