зеркало из https://github.com/mozilla/gecko-dev.git
Backed out 10 changesets (bug 1731982) for causing OS X performance test failures and crashes (Bug 1736436
). a=backout DONTBUILD
Backed out changeset 48e6f591f699 (bug 1731982) Backed out changeset 77907884b2fa (bug 1731982) Backed out changeset a299a2d43ebe (bug 1731982) Backed out changeset 005801e7cf91 (bug 1731982) Backed out changeset ef71b02c40cc (bug 1731982) Backed out changeset a52dd02f2b3f (bug 1731982) Backed out changeset 50b14ef1eb4a (bug 1731982) Backed out changeset 80641bdceb6a (bug 1731982) Backed out changeset ada9e2008ca4 (bug 1731982) Backed out changeset a208016e9953 (bug 1731982)
This commit is contained in:
Родитель
56b294e821
Коммит
49f2f21930
|
@ -2445,14 +2445,8 @@ void nsDocShell::MaybeCreateInitialClientSource(nsIPrincipal* aPrincipal) {
|
|||
return;
|
||||
}
|
||||
|
||||
// We cannot get inherited foreign partitioned principal here. Instead, we
|
||||
// directly check which principal we want to inherit for the service worker.
|
||||
nsIPrincipal* principal =
|
||||
aPrincipal
|
||||
? aPrincipal
|
||||
: GetInheritedPrincipal(
|
||||
false, StoragePrincipalHelper::
|
||||
ShouldUsePartitionPrincipalForServiceWorker(this));
|
||||
aPrincipal ? aPrincipal : GetInheritedPrincipal(false);
|
||||
|
||||
// Sometimes there is no principal available when we are called from
|
||||
// CreateAboutBlankContentViewer. For example, sometimes the principal
|
||||
|
@ -6624,14 +6618,7 @@ nsresult nsDocShell::CreateAboutBlankContentViewer(
|
|||
partitionedPrincipal = aPartitionedPrincipal;
|
||||
}
|
||||
|
||||
// We cannot get the foreign partitioned prinicpal for the initial
|
||||
// about:blank page. So, we change to check if we need to use the
|
||||
// partitioned principal for the service worker here.
|
||||
MaybeCreateInitialClientSource(
|
||||
StoragePrincipalHelper::ShouldUsePartitionPrincipalForServiceWorker(
|
||||
this)
|
||||
? partitionedPrincipal
|
||||
: principal);
|
||||
MaybeCreateInitialClientSource(principal);
|
||||
|
||||
// generate (about:blank) document to load
|
||||
blankDoc = nsContentDLF::CreateBlankDocument(mLoadGroup, principal,
|
||||
|
|
|
@ -82,7 +82,6 @@
|
|||
#include "mozilla/StaticPrefs_browser.h"
|
||||
#include "mozilla/StaticPrefs_dom.h"
|
||||
#include "mozilla/StorageAccess.h"
|
||||
#include "mozilla/StoragePrincipalHelper.h"
|
||||
#include "mozilla/TaskCategory.h"
|
||||
#include "mozilla/Telemetry.h"
|
||||
#include "mozilla/TelemetryHistogramEnums.h"
|
||||
|
@ -1851,12 +1850,6 @@ nsresult nsGlobalWindowInner::EnsureClientSource() {
|
|||
}
|
||||
}
|
||||
|
||||
nsCOMPtr<nsIPrincipal> foreignPartitionedPrincipal;
|
||||
nsresult rv = StoragePrincipalHelper::GetPrincipal(
|
||||
this, StoragePrincipalHelper::eForeignPartitionedPrincipal,
|
||||
getter_AddRefs(foreignPartitionedPrincipal));
|
||||
NS_ENSURE_SUCCESS(rv, rv);
|
||||
|
||||
// Verify the final ClientSource principal matches the final document
|
||||
// principal. The ClientChannelHelper handles things like network
|
||||
// redirects, but there are other ways the document principal can change.
|
||||
|
@ -1873,8 +1866,7 @@ nsresult nsGlobalWindowInner::EnsureClientSource() {
|
|||
auto principalOrErr = mClientSource->Info().GetPrincipal();
|
||||
nsCOMPtr<nsIPrincipal> clientPrincipal =
|
||||
principalOrErr.isOk() ? principalOrErr.unwrap() : nullptr;
|
||||
if (!clientPrincipal ||
|
||||
!clientPrincipal->Equals(foreignPartitionedPrincipal)) {
|
||||
if (!clientPrincipal || !clientPrincipal->Equals(mDoc->NodePrincipal())) {
|
||||
mClientSource.reset();
|
||||
}
|
||||
}
|
||||
|
@ -1898,7 +1890,7 @@ nsresult nsGlobalWindowInner::EnsureClientSource() {
|
|||
if (!mClientSource) {
|
||||
mClientSource = ClientManager::CreateSource(
|
||||
ClientType::Window, EventTargetFor(TaskCategory::Other),
|
||||
foreignPartitionedPrincipal);
|
||||
mDoc->NodePrincipal());
|
||||
MOZ_DIAGNOSTIC_ASSERT(mClientSource);
|
||||
newClientSource = true;
|
||||
|
||||
|
@ -1937,7 +1929,7 @@ nsresult nsGlobalWindowInner::EnsureClientSource() {
|
|||
mClientSource.reset();
|
||||
mClientSource = ClientManager::CreateSource(
|
||||
ClientType::Window, EventTargetFor(TaskCategory::Other),
|
||||
foreignPartitionedPrincipal);
|
||||
mDoc->NodePrincipal());
|
||||
MOZ_DIAGNOSTIC_ASSERT(mClientSource);
|
||||
newClientSource = true;
|
||||
}
|
||||
|
|
|
@ -12,7 +12,6 @@
|
|||
#include "mozilla/dom/ClientsBinding.h"
|
||||
#include "mozilla/dom/ServiceWorkerDescriptor.h"
|
||||
#include "mozilla/ipc/BackgroundUtils.h"
|
||||
#include "mozilla/StoragePrincipalHelper.h"
|
||||
#include "nsContentUtils.h"
|
||||
#include "nsIAsyncVerifyRedirectCallback.h"
|
||||
#include "nsIChannel.h"
|
||||
|
@ -108,14 +107,15 @@ class ClientChannelHelper : public nsIInterfaceRequestor,
|
|||
// nsGlobalWindowInner will be controlled as unexpected.
|
||||
if (oldLoadInfo->GetController().isSome() &&
|
||||
newLoadInfo->GetController().isNothing()) {
|
||||
nsCOMPtr<nsIPrincipal> foreignPartitionedPrincipal;
|
||||
rv = StoragePrincipalHelper::GetPrincipal(
|
||||
aNewChannel,
|
||||
StoragePrincipalHelper::eForeignPartitionedPrincipal,
|
||||
getter_AddRefs(foreignPartitionedPrincipal));
|
||||
nsIScriptSecurityManager* ssm =
|
||||
nsContentUtils::GetSecurityManager();
|
||||
MOZ_DIAGNOSTIC_ASSERT(ssm);
|
||||
nsCOMPtr<nsIPrincipal> principal;
|
||||
rv = ssm->GetChannelResultPrincipal(aNewChannel,
|
||||
getter_AddRefs(principal));
|
||||
NS_ENSURE_SUCCESS(rv, rv);
|
||||
reservedClient.reset();
|
||||
CreateClient(newLoadInfo, foreignPartitionedPrincipal);
|
||||
CreateClient(newLoadInfo, principal);
|
||||
} else {
|
||||
newLoadInfo->SetReservedClientInfo(reservedClientInfo.ref());
|
||||
}
|
||||
|
@ -130,14 +130,17 @@ class ClientChannelHelper : public nsIInterfaceRequestor,
|
|||
// If it's a cross-origin redirect then we discard the old reserved client
|
||||
// and create a new one.
|
||||
else {
|
||||
nsCOMPtr<nsIPrincipal> foreignPartitionedPrincipal;
|
||||
rv = StoragePrincipalHelper::GetPrincipal(
|
||||
aNewChannel, StoragePrincipalHelper::eForeignPartitionedPrincipal,
|
||||
getter_AddRefs(foreignPartitionedPrincipal));
|
||||
// If CheckSameOrigin() worked, then the security manager must exist.
|
||||
nsIScriptSecurityManager* ssm = nsContentUtils::GetSecurityManager();
|
||||
MOZ_DIAGNOSTIC_ASSERT(ssm);
|
||||
|
||||
nsCOMPtr<nsIPrincipal> principal;
|
||||
rv = ssm->GetChannelResultPrincipal(aNewChannel,
|
||||
getter_AddRefs(principal));
|
||||
NS_ENSURE_SUCCESS(rv, rv);
|
||||
|
||||
reservedClient.reset();
|
||||
CreateClient(newLoadInfo, foreignPartitionedPrincipal);
|
||||
CreateClient(newLoadInfo, principal);
|
||||
}
|
||||
|
||||
uint32_t redirectMode = nsIHttpChannelInternal::REDIRECT_MODE_MANUAL;
|
||||
|
@ -296,10 +299,12 @@ nsresult AddClientChannelHelperInternal(nsIChannel* aChannel,
|
|||
|
||||
nsCOMPtr<nsILoadInfo> loadInfo = aChannel->LoadInfo();
|
||||
|
||||
nsCOMPtr<nsIPrincipal> channelForeignPartitionedPrincipal;
|
||||
nsresult rv = StoragePrincipalHelper::GetPrincipal(
|
||||
aChannel, StoragePrincipalHelper::eForeignPartitionedPrincipal,
|
||||
getter_AddRefs(channelForeignPartitionedPrincipal));
|
||||
nsIScriptSecurityManager* ssm = nsContentUtils::GetSecurityManager();
|
||||
NS_ENSURE_TRUE(ssm, NS_ERROR_FAILURE);
|
||||
|
||||
nsCOMPtr<nsIPrincipal> channelPrincipal;
|
||||
nsresult rv = ssm->GetChannelResultPrincipal(
|
||||
aChannel, getter_AddRefs(channelPrincipal));
|
||||
NS_ENSURE_SUCCESS(rv, rv);
|
||||
|
||||
// Only allow the initial ClientInfo to be set if the current channel
|
||||
|
@ -309,10 +314,9 @@ nsresult AddClientChannelHelperInternal(nsIChannel* aChannel,
|
|||
PrincipalInfoToPrincipal(initialClientInfo.ref().PrincipalInfo());
|
||||
|
||||
bool equals = false;
|
||||
rv = initialPrincipalOrErr.isErr()
|
||||
? initialPrincipalOrErr.unwrapErr()
|
||||
: initialPrincipalOrErr.unwrap()->Equals(
|
||||
channelForeignPartitionedPrincipal, &equals);
|
||||
rv = initialPrincipalOrErr.isErr() ? initialPrincipalOrErr.unwrapErr()
|
||||
: initialPrincipalOrErr.unwrap()->Equals(
|
||||
channelPrincipal, &equals);
|
||||
if (NS_FAILED(rv) || !equals) {
|
||||
initialClientInfo.reset();
|
||||
}
|
||||
|
@ -327,8 +331,8 @@ nsresult AddClientChannelHelperInternal(nsIChannel* aChannel,
|
|||
bool equals = false;
|
||||
rv = reservedPrincipalOrErr.isErr()
|
||||
? reservedPrincipalOrErr.unwrapErr()
|
||||
: reservedPrincipalOrErr.unwrap()->Equals(
|
||||
channelForeignPartitionedPrincipal, &equals);
|
||||
: reservedPrincipalOrErr.unwrap()->Equals(channelPrincipal,
|
||||
&equals);
|
||||
if (NS_FAILED(rv) || !equals) {
|
||||
reservedClientInfo.reset();
|
||||
}
|
||||
|
@ -341,8 +345,7 @@ nsresult AddClientChannelHelperInternal(nsIChannel* aChannel,
|
|||
RefPtr<ClientChannelHelper> helper = new T(outerCallbacks, aEventTarget);
|
||||
|
||||
if (initialClientInfo.isNothing() && reservedClientInfo.isNothing()) {
|
||||
helper->CreateClientForPrincipal(
|
||||
loadInfo, channelForeignPartitionedPrincipal, aEventTarget);
|
||||
helper->CreateClientForPrincipal(loadInfo, channelPrincipal, aEventTarget);
|
||||
}
|
||||
|
||||
// Only set the callbacks helper if we are able to reserve the client
|
||||
|
|
|
@ -3056,31 +3056,16 @@ void ForceKillAllDatabases() {
|
|||
}
|
||||
|
||||
bool VerifyPrincipalInfo(const PrincipalInfo& aPrincipalInfo,
|
||||
const PrincipalInfo& aStoragePrincipalInfo,
|
||||
bool aCheckClientPrincipal) {
|
||||
const PrincipalInfo& aStoragePrincipalInfo) {
|
||||
AssertIsOnBackgroundThread();
|
||||
|
||||
if (NS_WARN_IF(!QuotaManager::IsPrincipalInfoValid(aPrincipalInfo))) {
|
||||
return false;
|
||||
}
|
||||
|
||||
// Note that the client prinicpal could have a different spec than the node
|
||||
// principal but they should have the same origin. It's because the client
|
||||
// could be initialized when opening the initial about:blank document and pass
|
||||
// to the newly opened window and reuse over there if the new window has the
|
||||
// same origin as the initial about:blank document. But, the FilePath could be
|
||||
// different. Therefore, we have to ignore comparing the Spec of the
|
||||
// principals if we are verifying clinet principal here. Also, when
|
||||
// document.domain is set, client principal won't get it. So, we don't compare
|
||||
// domain for client princpal too.
|
||||
bool result = aCheckClientPrincipal
|
||||
? StoragePrincipalHelper::
|
||||
VerifyValidClientPrincipalInfoForPrincipalInfo(
|
||||
aStoragePrincipalInfo, aPrincipalInfo)
|
||||
: StoragePrincipalHelper::
|
||||
VerifyValidStoragePrincipalInfoForPrincipalInfo(
|
||||
aStoragePrincipalInfo, aPrincipalInfo);
|
||||
if (NS_WARN_IF(!result)) {
|
||||
if (NS_WARN_IF(!StoragePrincipalHelper::
|
||||
VerifyValidStoragePrincipalInfoForPrincipalInfo(
|
||||
aStoragePrincipalInfo, aPrincipalInfo))) {
|
||||
return false;
|
||||
}
|
||||
|
||||
|
@ -3088,7 +3073,7 @@ bool VerifyPrincipalInfo(const PrincipalInfo& aPrincipalInfo,
|
|||
}
|
||||
|
||||
bool VerifyClientId(const Maybe<ContentParentId>& aContentParentId,
|
||||
const Maybe<PrincipalInfo>& aPrincipalInfo,
|
||||
const PrincipalInfo& aPrincipalInfo,
|
||||
const Maybe<nsID>& aClientId) {
|
||||
AssertIsOnBackgroundThread();
|
||||
|
||||
|
@ -3097,13 +3082,9 @@ bool VerifyClientId(const Maybe<ContentParentId>& aContentParentId,
|
|||
return false;
|
||||
}
|
||||
|
||||
if (NS_WARN_IF(aPrincipalInfo.isNothing())) {
|
||||
return false;
|
||||
}
|
||||
|
||||
RefPtr<ClientManagerService> svc = ClientManagerService::GetInstance();
|
||||
if (svc && NS_WARN_IF(!svc->HasWindow(
|
||||
aContentParentId, aPrincipalInfo.ref(), aClientId.ref()))) {
|
||||
if (svc && NS_WARN_IF(!svc->HasWindow(aContentParentId, aPrincipalInfo,
|
||||
aClientId.ref()))) {
|
||||
return false;
|
||||
}
|
||||
}
|
||||
|
@ -6133,8 +6114,8 @@ bool LSRequestBase::VerifyRequestParams() {
|
|||
const LSRequestCommonParams& params =
|
||||
mParams.get_LSRequestPreloadDatastoreParams().commonParams();
|
||||
|
||||
if (NS_WARN_IF(!VerifyPrincipalInfo(
|
||||
params.principalInfo(), params.storagePrincipalInfo(), false))) {
|
||||
if (NS_WARN_IF(!VerifyPrincipalInfo(params.principalInfo(),
|
||||
params.storagePrincipalInfo()))) {
|
||||
return false;
|
||||
}
|
||||
|
||||
|
@ -6152,21 +6133,14 @@ bool LSRequestBase::VerifyRequestParams() {
|
|||
|
||||
const LSRequestCommonParams& commonParams = params.commonParams();
|
||||
|
||||
if (NS_WARN_IF(!VerifyPrincipalInfo(commonParams.principalInfo(),
|
||||
commonParams.storagePrincipalInfo(),
|
||||
false))) {
|
||||
return false;
|
||||
}
|
||||
|
||||
if (params.clientPrincipalInfo() &&
|
||||
NS_WARN_IF(!VerifyPrincipalInfo(commonParams.principalInfo(),
|
||||
params.clientPrincipalInfo().ref(),
|
||||
true))) {
|
||||
if (NS_WARN_IF(
|
||||
!VerifyPrincipalInfo(commonParams.principalInfo(),
|
||||
commonParams.storagePrincipalInfo()))) {
|
||||
return false;
|
||||
}
|
||||
|
||||
if (NS_WARN_IF(!VerifyClientId(mContentParentId,
|
||||
params.clientPrincipalInfo(),
|
||||
commonParams.principalInfo(),
|
||||
params.clientId()))) {
|
||||
return false;
|
||||
}
|
||||
|
@ -6183,20 +6157,12 @@ bool LSRequestBase::VerifyRequestParams() {
|
|||
const LSRequestPrepareObserverParams& params =
|
||||
mParams.get_LSRequestPrepareObserverParams();
|
||||
|
||||
if (NS_WARN_IF(!VerifyPrincipalInfo(
|
||||
params.principalInfo(), params.storagePrincipalInfo(), false))) {
|
||||
if (NS_WARN_IF(!VerifyPrincipalInfo(params.principalInfo(),
|
||||
params.storagePrincipalInfo()))) {
|
||||
return false;
|
||||
}
|
||||
|
||||
if (params.clientPrincipalInfo() &&
|
||||
NS_WARN_IF(!VerifyPrincipalInfo(params.principalInfo(),
|
||||
params.clientPrincipalInfo().ref(),
|
||||
true))) {
|
||||
return false;
|
||||
}
|
||||
|
||||
if (NS_WARN_IF(!VerifyClientId(mContentParentId,
|
||||
params.clientPrincipalInfo(),
|
||||
if (NS_WARN_IF(!VerifyClientId(mContentParentId, params.principalInfo(),
|
||||
params.clientId()))) {
|
||||
return false;
|
||||
}
|
||||
|
@ -7816,8 +7782,8 @@ bool LSSimpleRequestBase::VerifyRequestParams() {
|
|||
const LSSimpleRequestPreloadedParams& params =
|
||||
mParams.get_LSSimpleRequestPreloadedParams();
|
||||
|
||||
if (NS_WARN_IF(!VerifyPrincipalInfo(
|
||||
params.principalInfo(), params.storagePrincipalInfo(), false))) {
|
||||
if (NS_WARN_IF(!VerifyPrincipalInfo(params.principalInfo(),
|
||||
params.storagePrincipalInfo()))) {
|
||||
return false;
|
||||
}
|
||||
|
||||
|
|
|
@ -35,6 +35,7 @@
|
|||
#include "mozilla/ipc/BackgroundChild.h"
|
||||
#include "mozilla/ipc/BackgroundUtils.h"
|
||||
#include "mozilla/ipc/PBackgroundChild.h"
|
||||
#include "mozilla/ipc/PBackgroundSharedTypes.h"
|
||||
#include "nsCOMPtr.h"
|
||||
#include "nsContentUtils.h"
|
||||
#include "nsDebug.h"
|
||||
|
@ -362,9 +363,6 @@ nsresult LSObject::CreateForWindow(nsPIDOMWindowInner* aWindow,
|
|||
|
||||
Maybe<nsID> clientId = Some(clientInfo.ref().Id());
|
||||
|
||||
Maybe<PrincipalInfo> clientPrincipalInfo =
|
||||
Some(clientInfo.ref().PrincipalInfo());
|
||||
|
||||
nsString documentURI;
|
||||
if (nsCOMPtr<Document> doc = aWindow->GetExtantDoc()) {
|
||||
rv = doc->GetDocumentURI(documentURI);
|
||||
|
@ -378,7 +376,6 @@ nsresult LSObject::CreateForWindow(nsPIDOMWindowInner* aWindow,
|
|||
object->mStoragePrincipalInfo = std::move(storagePrincipalInfo);
|
||||
object->mPrivateBrowsingId = privateBrowsingId;
|
||||
object->mClientId = clientId;
|
||||
object->mClientPrincipalInfo = clientPrincipalInfo;
|
||||
object->mOrigin = origin;
|
||||
object->mOriginKey = originKey;
|
||||
object->mDocumentURI = documentURI;
|
||||
|
@ -935,7 +932,6 @@ nsresult LSObject::EnsureDatabase() {
|
|||
LSRequestPrepareDatastoreParams params;
|
||||
params.commonParams() = commonParams;
|
||||
params.clientId() = mClientId;
|
||||
params.clientPrincipalInfo() = mClientPrincipalInfo;
|
||||
|
||||
LSRequestResponse response;
|
||||
|
||||
|
@ -996,7 +992,6 @@ nsresult LSObject::EnsureObserver() {
|
|||
params.principalInfo() = *mPrincipalInfo;
|
||||
params.storagePrincipalInfo() = *mStoragePrincipalInfo;
|
||||
params.clientId() = mClientId;
|
||||
params.clientPrincipalInfo() = mClientPrincipalInfo;
|
||||
|
||||
LSRequestResponse response;
|
||||
|
||||
|
|
|
@ -15,7 +15,6 @@
|
|||
#include "mozilla/RefPtr.h"
|
||||
#include "mozilla/UniquePtr.h"
|
||||
#include "mozilla/dom/Storage.h"
|
||||
#include "mozilla/ipc/PBackgroundSharedTypes.h"
|
||||
#include "nsCycleCollectionParticipant.h"
|
||||
#include "nsID.h"
|
||||
#include "nsISupports.h"
|
||||
|
@ -32,6 +31,12 @@ namespace mozilla {
|
|||
|
||||
class ErrorResult;
|
||||
|
||||
namespace ipc {
|
||||
|
||||
class PrincipalInfo;
|
||||
|
||||
} // namespace ipc
|
||||
|
||||
namespace dom {
|
||||
|
||||
class LSDatabase;
|
||||
|
@ -77,7 +82,6 @@ class LSObject final : public Storage {
|
|||
|
||||
uint32_t mPrivateBrowsingId;
|
||||
Maybe<nsID> mClientId;
|
||||
Maybe<PrincipalInfo> mClientPrincipalInfo;
|
||||
nsCString mOrigin;
|
||||
nsCString mOriginKey;
|
||||
nsString mDocumentURI;
|
||||
|
|
|
@ -29,30 +29,13 @@ struct LSRequestPrepareDatastoreParams
|
|||
{
|
||||
LSRequestCommonParams commonParams;
|
||||
nsID? clientId;
|
||||
PrincipalInfo? clientPrincipalInfo;
|
||||
};
|
||||
|
||||
/**
|
||||
* In order to validate the principal with the client, we need to provide an
|
||||
* additional principalInfo for the client. The client is using the foreign
|
||||
* principal, see StoragePrincipalHelper.h for details, which is different from
|
||||
* the principalInfo. So, we need to pass the principalInfo from the client So
|
||||
* that we can verify it with the given client Id.
|
||||
*
|
||||
* Note that the storagePrincipalInfo is used to access the right cookie jar
|
||||
* according to the Storage Access. This is passed in order to access the
|
||||
* correct local storage. Essentially, the storage principal and the client
|
||||
* principal are using the PartitionKey in their OriginAttributes. But, the
|
||||
* existence of the PartitionKey between them is depending on different
|
||||
* conditions. Namely, the storage principal depends on the Storage Access but
|
||||
* the client principal depends on whether it's in a third party.
|
||||
*/
|
||||
struct LSRequestPrepareObserverParams
|
||||
{
|
||||
PrincipalInfo principalInfo;
|
||||
PrincipalInfo storagePrincipalInfo;
|
||||
nsID? clientId;
|
||||
PrincipalInfo? clientPrincipalInfo;
|
||||
};
|
||||
|
||||
union LSRequestParams
|
||||
|
|
|
@ -61,7 +61,6 @@
|
|||
#include "mozilla/PermissionManager.h"
|
||||
#include "mozilla/ScopeExit.h"
|
||||
#include "mozilla/StaticPrefs_extensions.h"
|
||||
#include "mozilla/StoragePrincipalHelper.h"
|
||||
#include "mozilla/Unused.h"
|
||||
#include "mozilla/EnumSet.h"
|
||||
|
||||
|
@ -2043,13 +2042,8 @@ void ServiceWorkerManager::DispatchFetchEvent(nsIInterceptedChannel* aChannel,
|
|||
}
|
||||
|
||||
// non-subresource request means the URI contains the principal
|
||||
OriginAttributes attrs = loadInfo->GetOriginAttributes();
|
||||
StoragePrincipalHelper::GetOriginAttributes(
|
||||
internalChannel, attrs,
|
||||
StoragePrincipalHelper::eForeignPartitionedPrincipal);
|
||||
|
||||
nsCOMPtr<nsIPrincipal> principal =
|
||||
BasePrincipal::CreateContentPrincipal(uri, attrs);
|
||||
nsCOMPtr<nsIPrincipal> principal = BasePrincipal::CreateContentPrincipal(
|
||||
uri, loadInfo->GetOriginAttributes());
|
||||
|
||||
RefPtr<ServiceWorkerRegistrationInfo> registration =
|
||||
GetServiceWorkerRegistrationInfo(principal, uri);
|
||||
|
|
|
@ -340,21 +340,13 @@ void AssertLoadingPrincipalAndClientInfoMatch(
|
|||
return;
|
||||
}
|
||||
// Fall back to a slower origin equality test to support null principals.
|
||||
nsAutoCString loadingOriginNoSuffix;
|
||||
MOZ_ALWAYS_SUCCEEDS(
|
||||
aLoadingPrincipal->GetOriginNoSuffix(loadingOriginNoSuffix));
|
||||
nsAutoCString loadingOrigin;
|
||||
MOZ_ALWAYS_SUCCEEDS(aLoadingPrincipal->GetOrigin(loadingOrigin));
|
||||
|
||||
nsAutoCString clientOriginNoSuffix;
|
||||
MOZ_ALWAYS_SUCCEEDS(
|
||||
clientPrincipal->GetOriginNoSuffix(clientOriginNoSuffix));
|
||||
nsAutoCString clientOrigin;
|
||||
MOZ_ALWAYS_SUCCEEDS(clientPrincipal->GetOrigin(clientOrigin));
|
||||
|
||||
// The client principal will have the partitionKey set if it's in a third
|
||||
// party context, but the loading principal won't. So, we ignore he
|
||||
// partitionKey when doing the verification here.
|
||||
MOZ_DIAGNOSTIC_ASSERT(loadingOriginNoSuffix == clientOriginNoSuffix);
|
||||
MOZ_DIAGNOSTIC_ASSERT(
|
||||
aLoadingPrincipal->OriginAttributesRef().EqualsIgnoringPartitionKey(
|
||||
clientPrincipal->OriginAttributesRef()));
|
||||
MOZ_DIAGNOSTIC_ASSERT(loadingOrigin == clientOrigin);
|
||||
}
|
||||
#endif
|
||||
}
|
||||
|
|
|
@ -651,9 +651,9 @@ bool AntiTrackingUtils::IsThirdPartyWindow(nsPIDOMWindowInner* aWindow,
|
|||
}
|
||||
|
||||
RefPtr<Document> doc = aWindow->GetDoc();
|
||||
if (!doc) {
|
||||
// If we can't get the document from the window, ex, about:blank, fallback
|
||||
// to use IsThirdPartyWindow check that examine the whole hierarchy.
|
||||
if (!doc || !doc->GetChannel()) {
|
||||
// If we can't get channel from the window, ex, about:blank, fallback to use
|
||||
// IsThirdPartyWindow check that examine the whole hierarchy.
|
||||
nsCOMPtr<mozIThirdPartyUtil> thirdPartyUtil =
|
||||
components::ThirdPartyUtil::Service();
|
||||
Unused << thirdPartyUtil->IsThirdPartyWindow(aWindow->GetOuterWindow(),
|
||||
|
@ -661,61 +661,12 @@ bool AntiTrackingUtils::IsThirdPartyWindow(nsPIDOMWindowInner* aWindow,
|
|||
return thirdParty;
|
||||
}
|
||||
|
||||
if (!doc->GetChannel()) {
|
||||
// If we can't get the channel from the document, i.e. initial about:blank
|
||||
// page, we use the browsingContext of the document to check if it's in the
|
||||
// third-party context.
|
||||
return IsThirdPartyContext(doc->GetBrowsingContext());
|
||||
}
|
||||
|
||||
// We only care whether the channel is 3rd-party with respect to
|
||||
// the top-level.
|
||||
nsCOMPtr<nsILoadInfo> loadInfo = doc->GetChannel()->LoadInfo();
|
||||
return loadInfo->GetIsThirdPartyContextToTopWindow();
|
||||
}
|
||||
|
||||
/* static */
|
||||
bool AntiTrackingUtils::IsThirdPartyContext(BrowsingContext* aBrowsingContext) {
|
||||
MOZ_ASSERT(aBrowsingContext);
|
||||
MOZ_ASSERT(aBrowsingContext->IsInProcess());
|
||||
|
||||
if (aBrowsingContext->IsTopContent()) {
|
||||
return false;
|
||||
}
|
||||
|
||||
// If the top browsing context is not in the same process, it's cross-origin.
|
||||
if (!aBrowsingContext->Top()->IsInProcess()) {
|
||||
return true;
|
||||
}
|
||||
|
||||
nsIDocShell* docShell = aBrowsingContext->GetDocShell();
|
||||
if (!docShell) {
|
||||
return true;
|
||||
}
|
||||
Document* doc = docShell->GetExtantDocument();
|
||||
if (!doc) {
|
||||
return true;
|
||||
}
|
||||
nsIPrincipal* principal = doc->NodePrincipal();
|
||||
|
||||
nsIDocShell* topDocShell = aBrowsingContext->Top()->GetDocShell();
|
||||
if (!topDocShell) {
|
||||
return true;
|
||||
}
|
||||
Document* topDoc = topDocShell->GetDocument();
|
||||
if (!topDoc) {
|
||||
return true;
|
||||
}
|
||||
nsIPrincipal* topPrincipal = topDoc->NodePrincipal();
|
||||
|
||||
auto* topBasePrin = BasePrincipal::Cast(topPrincipal);
|
||||
bool isThirdParty = true;
|
||||
|
||||
topBasePrin->IsThirdPartyPrincipal(principal, &isThirdParty);
|
||||
|
||||
return isThirdParty;
|
||||
}
|
||||
|
||||
/* static */
|
||||
nsCString AntiTrackingUtils::GrantedReasonToString(
|
||||
ContentBlockingNotifier::StorageAccessPermissionGrantedReason aReason) {
|
||||
|
|
|
@ -121,10 +121,6 @@ class AntiTrackingUtils final {
|
|||
// Otherwise, it will continue to check if the window is third-party.
|
||||
static bool IsThirdPartyWindow(nsPIDOMWindowInner* aWindow, nsIURI* aURI);
|
||||
|
||||
// Given a browsing context, this function determines if this browsing context
|
||||
// is considered as a third party in respect to the top-level context.
|
||||
static bool IsThirdPartyContext(dom::BrowsingContext* aBrowsingContext);
|
||||
|
||||
static nsCString GrantedReasonToString(
|
||||
ContentBlockingNotifier::StorageAccessPermissionGrantedReason aReason);
|
||||
|
||||
|
|
|
@ -11,7 +11,6 @@
|
|||
#include "mozilla/ScopeExit.h"
|
||||
#include "mozilla/StorageAccess.h"
|
||||
#include "nsContentUtils.h"
|
||||
#include "nsIDocShell.h"
|
||||
#include "nsIEffectiveTLDService.h"
|
||||
|
||||
namespace mozilla {
|
||||
|
@ -84,78 +83,6 @@ bool ChooseOriginAttributes(nsIChannel* aChannel, OriginAttributes& aAttrs,
|
|||
return true;
|
||||
}
|
||||
|
||||
bool VerifyValidPartitionedPrincipalInfoForPrincipalInfoInternal(
|
||||
const ipc::PrincipalInfo& aPartitionedPrincipalInfo,
|
||||
const ipc::PrincipalInfo& aPrincipalInfo,
|
||||
bool aIgnoreSpecForContentPrincipal,
|
||||
bool aIgnoreDomainForContentPrincipal) {
|
||||
if (aPartitionedPrincipalInfo.type() != aPrincipalInfo.type()) {
|
||||
return false;
|
||||
}
|
||||
|
||||
if (aPartitionedPrincipalInfo.type() ==
|
||||
mozilla::ipc::PrincipalInfo::TContentPrincipalInfo) {
|
||||
const mozilla::ipc::ContentPrincipalInfo& spInfo =
|
||||
aPartitionedPrincipalInfo.get_ContentPrincipalInfo();
|
||||
const mozilla::ipc::ContentPrincipalInfo& pInfo =
|
||||
aPrincipalInfo.get_ContentPrincipalInfo();
|
||||
|
||||
return spInfo.attrs().EqualsIgnoringPartitionKey(pInfo.attrs()) &&
|
||||
spInfo.originNoSuffix() == pInfo.originNoSuffix() &&
|
||||
(aIgnoreSpecForContentPrincipal || spInfo.spec() == pInfo.spec()) &&
|
||||
(aIgnoreDomainForContentPrincipal ||
|
||||
spInfo.domain() == pInfo.domain()) &&
|
||||
spInfo.baseDomain() == pInfo.baseDomain();
|
||||
}
|
||||
|
||||
if (aPartitionedPrincipalInfo.type() ==
|
||||
mozilla::ipc::PrincipalInfo::TSystemPrincipalInfo) {
|
||||
// Nothing to check here.
|
||||
return true;
|
||||
}
|
||||
|
||||
if (aPartitionedPrincipalInfo.type() ==
|
||||
mozilla::ipc::PrincipalInfo::TNullPrincipalInfo) {
|
||||
const mozilla::ipc::NullPrincipalInfo& spInfo =
|
||||
aPartitionedPrincipalInfo.get_NullPrincipalInfo();
|
||||
const mozilla::ipc::NullPrincipalInfo& pInfo =
|
||||
aPrincipalInfo.get_NullPrincipalInfo();
|
||||
|
||||
return spInfo.spec() == pInfo.spec() &&
|
||||
spInfo.attrs().EqualsIgnoringPartitionKey(pInfo.attrs());
|
||||
}
|
||||
|
||||
if (aPartitionedPrincipalInfo.type() ==
|
||||
mozilla::ipc::PrincipalInfo::TExpandedPrincipalInfo) {
|
||||
const mozilla::ipc::ExpandedPrincipalInfo& spInfo =
|
||||
aPartitionedPrincipalInfo.get_ExpandedPrincipalInfo();
|
||||
const mozilla::ipc::ExpandedPrincipalInfo& pInfo =
|
||||
aPrincipalInfo.get_ExpandedPrincipalInfo();
|
||||
|
||||
if (!spInfo.attrs().EqualsIgnoringPartitionKey(pInfo.attrs())) {
|
||||
return false;
|
||||
}
|
||||
|
||||
if (spInfo.allowlist().Length() != pInfo.allowlist().Length()) {
|
||||
return false;
|
||||
}
|
||||
|
||||
for (uint32_t i = 0; i < spInfo.allowlist().Length(); ++i) {
|
||||
if (!VerifyValidPartitionedPrincipalInfoForPrincipalInfoInternal(
|
||||
spInfo.allowlist()[i], pInfo.allowlist()[i],
|
||||
aIgnoreSpecForContentPrincipal,
|
||||
aIgnoreDomainForContentPrincipal)) {
|
||||
return false;
|
||||
}
|
||||
}
|
||||
|
||||
return true;
|
||||
}
|
||||
|
||||
MOZ_CRASH("Invalid principalInfo type");
|
||||
return false;
|
||||
}
|
||||
|
||||
} // namespace
|
||||
|
||||
// static
|
||||
|
@ -229,18 +156,73 @@ StoragePrincipalHelper::PrepareEffectiveStoragePrincipalOriginAttributes(
|
|||
|
||||
// static
|
||||
bool StoragePrincipalHelper::VerifyValidStoragePrincipalInfoForPrincipalInfo(
|
||||
const mozilla::ipc::PrincipalInfo& aPartitionedPrincipalInfo,
|
||||
const mozilla::ipc::PrincipalInfo& aStoragePrincipalInfo,
|
||||
const mozilla::ipc::PrincipalInfo& aPrincipalInfo) {
|
||||
return VerifyValidPartitionedPrincipalInfoForPrincipalInfoInternal(
|
||||
aPartitionedPrincipalInfo, aPrincipalInfo, false, false);
|
||||
}
|
||||
if (aStoragePrincipalInfo.type() != aPrincipalInfo.type()) {
|
||||
return false;
|
||||
}
|
||||
|
||||
// static
|
||||
bool StoragePrincipalHelper::VerifyValidClientPrincipalInfoForPrincipalInfo(
|
||||
const mozilla::ipc::PrincipalInfo& aClientPrincipalInfo,
|
||||
const mozilla::ipc::PrincipalInfo& aPrincipalInfo) {
|
||||
return VerifyValidPartitionedPrincipalInfoForPrincipalInfoInternal(
|
||||
aClientPrincipalInfo, aPrincipalInfo, true, true);
|
||||
if (aStoragePrincipalInfo.type() ==
|
||||
mozilla::ipc::PrincipalInfo::TContentPrincipalInfo) {
|
||||
const mozilla::ipc::ContentPrincipalInfo& spInfo =
|
||||
aStoragePrincipalInfo.get_ContentPrincipalInfo();
|
||||
const mozilla::ipc::ContentPrincipalInfo& pInfo =
|
||||
aPrincipalInfo.get_ContentPrincipalInfo();
|
||||
|
||||
if (!spInfo.attrs().EqualsIgnoringFPD(pInfo.attrs()) ||
|
||||
spInfo.originNoSuffix() != pInfo.originNoSuffix() ||
|
||||
spInfo.spec() != pInfo.spec() || spInfo.domain() != pInfo.domain() ||
|
||||
spInfo.baseDomain() != pInfo.baseDomain()) {
|
||||
return false;
|
||||
}
|
||||
|
||||
return true;
|
||||
}
|
||||
|
||||
if (aStoragePrincipalInfo.type() ==
|
||||
mozilla::ipc::PrincipalInfo::TSystemPrincipalInfo) {
|
||||
// Nothing to check here.
|
||||
return true;
|
||||
}
|
||||
|
||||
if (aStoragePrincipalInfo.type() ==
|
||||
mozilla::ipc::PrincipalInfo::TNullPrincipalInfo) {
|
||||
const mozilla::ipc::NullPrincipalInfo& spInfo =
|
||||
aStoragePrincipalInfo.get_NullPrincipalInfo();
|
||||
const mozilla::ipc::NullPrincipalInfo& pInfo =
|
||||
aPrincipalInfo.get_NullPrincipalInfo();
|
||||
|
||||
return spInfo.spec() == pInfo.spec() &&
|
||||
spInfo.attrs().EqualsIgnoringFPD(pInfo.attrs());
|
||||
}
|
||||
|
||||
if (aStoragePrincipalInfo.type() ==
|
||||
mozilla::ipc::PrincipalInfo::TExpandedPrincipalInfo) {
|
||||
const mozilla::ipc::ExpandedPrincipalInfo& spInfo =
|
||||
aStoragePrincipalInfo.get_ExpandedPrincipalInfo();
|
||||
const mozilla::ipc::ExpandedPrincipalInfo& pInfo =
|
||||
aPrincipalInfo.get_ExpandedPrincipalInfo();
|
||||
|
||||
if (!spInfo.attrs().EqualsIgnoringFPD(pInfo.attrs())) {
|
||||
return false;
|
||||
}
|
||||
|
||||
if (spInfo.allowlist().Length() != pInfo.allowlist().Length()) {
|
||||
return false;
|
||||
}
|
||||
|
||||
for (uint32_t i = 0; i < spInfo.allowlist().Length(); ++i) {
|
||||
if (!VerifyValidStoragePrincipalInfoForPrincipalInfo(
|
||||
spInfo.allowlist()[i], pInfo.allowlist()[i])) {
|
||||
return false;
|
||||
}
|
||||
}
|
||||
|
||||
return true;
|
||||
}
|
||||
|
||||
MOZ_CRASH("Invalid principalInfo type");
|
||||
return false;
|
||||
}
|
||||
|
||||
// static
|
||||
|
@ -338,48 +320,6 @@ nsresult StoragePrincipalHelper::GetPrincipal(nsPIDOMWindowInner* aWindow,
|
|||
return NS_OK;
|
||||
}
|
||||
|
||||
// static
|
||||
bool StoragePrincipalHelper::ShouldUsePartitionPrincipalForServiceWorker(
|
||||
nsIDocShell* aDocShell) {
|
||||
MOZ_ASSERT(aDocShell);
|
||||
|
||||
RefPtr<Document> document = aDocShell->GetExtantDocument();
|
||||
|
||||
// If we cannot get the document from the docShell, we turn to get its
|
||||
// parent's document.
|
||||
if (!document) {
|
||||
nsCOMPtr<nsIDocShellTreeItem> parentItem;
|
||||
aDocShell->GetInProcessSameTypeParent(getter_AddRefs(parentItem));
|
||||
|
||||
if (parentItem) {
|
||||
document = parentItem->GetDocument();
|
||||
}
|
||||
}
|
||||
|
||||
nsCOMPtr<nsICookieJarSettings> cookieJarSettings;
|
||||
|
||||
if (document) {
|
||||
cookieJarSettings = document->CookieJarSettings();
|
||||
} else {
|
||||
// If there was no document, we create one cookieJarSettings here in order
|
||||
// to get the cookieBehavior.
|
||||
cookieJarSettings = CookieJarSettings::Create(CookieJarSettings::eRegular);
|
||||
}
|
||||
|
||||
// We only support partitioned service workers when dFPI is enabled.
|
||||
if (cookieJarSettings->GetCookieBehavior() !=
|
||||
nsICookieService::BEHAVIOR_REJECT_TRACKER_AND_PARTITION_FOREIGN) {
|
||||
return false;
|
||||
}
|
||||
|
||||
// Only the third-party context will need to use the partitioned principal. A
|
||||
// first-party context is still using the regular principal for the service
|
||||
// worker.
|
||||
return AntiTrackingUtils::IsThirdPartyContext(
|
||||
document ? document->GetBrowsingContext()
|
||||
: aDocShell->GetBrowsingContext());
|
||||
}
|
||||
|
||||
// static
|
||||
bool StoragePrincipalHelper::GetOriginAttributes(
|
||||
nsIChannel* aChannel, mozilla::OriginAttributes& aAttributes,
|
||||
|
|
|
@ -212,7 +212,6 @@
|
|||
|
||||
class nsIChannel;
|
||||
class nsICookieJarSettings;
|
||||
class nsIDocShell;
|
||||
class nsILoadGroup;
|
||||
class nsIPrincipal;
|
||||
class nsIURI;
|
||||
|
@ -243,19 +242,10 @@ class StoragePrincipalHelper final {
|
|||
static nsresult PrepareEffectiveStoragePrincipalOriginAttributes(
|
||||
nsIChannel* aChannel, OriginAttributes& aOriginAttributes);
|
||||
|
||||
// A helper function to verify storage principal info with the principal info.
|
||||
static bool VerifyValidStoragePrincipalInfoForPrincipalInfo(
|
||||
const mozilla::ipc::PrincipalInfo& aStoragePrincipalInfo,
|
||||
const mozilla::ipc::PrincipalInfo& aPrincipalInfo);
|
||||
|
||||
// A helper function to verify client principal info with the principal info.
|
||||
//
|
||||
// Note that the client principal refers the principal of the client, which is
|
||||
// supposed to be the foreign partitioned principal.
|
||||
static bool VerifyValidClientPrincipalInfoForPrincipalInfo(
|
||||
const mozilla::ipc::PrincipalInfo& aClientPrincipalInfo,
|
||||
const mozilla::ipc::PrincipalInfo& aPrincipalInfo);
|
||||
|
||||
enum PrincipalType {
|
||||
// This is the first-party principal.
|
||||
eRegularPrincipal,
|
||||
|
@ -295,12 +285,6 @@ class StoragePrincipalHelper final {
|
|||
PrincipalType aPrincipalType,
|
||||
nsIPrincipal** aPrincipal);
|
||||
|
||||
// Check if we need to use the partitioned principal for the service worker of
|
||||
// the given docShell. Please do not use this API unless you cannot get the
|
||||
// foreign partitioned principal, e.g. creating the inital about:blank page.
|
||||
static bool ShouldUsePartitionPrincipalForServiceWorker(
|
||||
nsIDocShell* aDocShell);
|
||||
|
||||
/**
|
||||
* Extract the right OriginAttributes from the channel's triggering
|
||||
* principal.
|
||||
|
@ -317,7 +301,7 @@ class StoragePrincipalHelper final {
|
|||
|
||||
// These methods return the correct originAttributes to be used for network
|
||||
// state components (HSTS, network cache, image-cache, and so on).
|
||||
static bool GetOriginAttributesForNetworkState(nsIChannel* aChannel,
|
||||
static bool GetOriginAttributesForNetworkState(nsIChannel* aChanel,
|
||||
OriginAttributes& aAttributes);
|
||||
static void GetOriginAttributesForNetworkState(dom::Document* aDocument,
|
||||
OriginAttributes& aAttributes);
|
||||
|
|
|
@ -69,13 +69,7 @@ PartitionedStorageHelper.runTest(
|
|||
win1stParty.sw.postMessage(win3rdParty.location.href);
|
||||
let msg = await msgPromise;
|
||||
|
||||
// The service worker will always be partitioned. So, the first party window
|
||||
// won't have control on the third-party window.
|
||||
is(
|
||||
false,
|
||||
msg,
|
||||
"We won't have the 3rd party window controlled regardless of StorageAccess."
|
||||
);
|
||||
is(allowed, msg, "We want to have the 3rd party window controlled.");
|
||||
},
|
||||
|
||||
async _ => {
|
||||
|
|
Загрузка…
Ссылка в новой задаче