Bug 1620602 - P3. Pass parent window's BrowsingContext to AllowAccessFor r=timhuang,Ehsan

This patch doesn't make ContentBlocking::AllowAccessFor fission compatible. This is more like a prerequisite work. Differential Revision: https://phabricator.services.mozilla.com/D65729 --HG-- extra : moz-landing-system : lando
2020-03-10 20:28:42 +00:00 · 2020-03-10 20:28:42 +00:00 · 5f1f00a746
--- a/dom/base/Document.cpp
+++ b/dom/base/Document.cpp
@ -15083,14 +15083,12 @@ void Document::MaybeAllowStorageForOpenerAfterUserInteraction() {
                                                     nullptr)) {
      return;
    }
-    // We don't care when the asynchronous work finishes here.
-    Unused << ContentBlocking::AllowAccessFor(
-        NodePrincipal(), openerInner,
-        ContentBlockingNotifier::eOpenerAfterUserInteraction);
  }

-  // TODO: We don't call ContentBlocking::AllowAccessFor() here because
-  //       openerInner is null. This will be fixed in the next patch.
+  // We don't care when the asynchronous work finishes here.
+  Unused << ContentBlocking::AllowAccessFor(
+      NodePrincipal(), openerBC,
+      ContentBlockingNotifier::eOpenerAfterUserInteraction);
 }

 namespace {
@ -15769,7 +15767,7 @@ already_AddRefed<mozilla::dom::Promise> Document::RequestStorageAccess(
        return std::move(p);
      };
      ContentBlocking::AllowAccessFor(
-          NodePrincipal(), inner, ContentBlockingNotifier::eStorageAccessAPI,
+          NodePrincipal(), bc, ContentBlockingNotifier::eStorageAccessAPI,
          performFinalChecks)
          ->Then(
              GetCurrentThreadSerialEventTarget(), __func__,
--- a/dom/base/nsGlobalWindowOuter.cpp
+++ b/dom/base/nsGlobalWindowOuter.cpp
@ -7184,7 +7184,7 @@ void nsGlobalWindowOuter::MaybeAllowStorageForOpenedWindow(nsIURI* aURI) {
      aURI, doc->NodePrincipal()->OriginAttributesRef());

  // We don't care when the asynchronous work finishes here.
-  Unused << ContentBlocking::AllowAccessFor(principal, inner,
+  Unused << ContentBlocking::AllowAccessFor(principal, GetBrowsingContext(),
                                            ContentBlockingNotifier::eOpener);
 }

--- a/toolkit/components/antitracking/ContentBlocking.cpp
+++ b/toolkit/components/antitracking/ContentBlocking.cpp
@ -249,10 +249,10 @@ bool CheckAntiTrackingPermission(nsIPrincipal* aPrincipal,

 /* static */ RefPtr<ContentBlocking::StorageAccessGrantPromise>
 ContentBlocking::AllowAccessFor(
-    nsIPrincipal* aPrincipal, nsPIDOMWindowInner* aParentWindow,
+    nsIPrincipal* aPrincipal, dom::BrowsingContext* aParentContext,
    ContentBlockingNotifier::StorageAccessGrantedReason aReason,
    const ContentBlocking::PerformFinalChecks& aPerformFinalChecks) {
-  MOZ_ASSERT(aParentWindow);
+  MOZ_ASSERT(aParentContext);

  switch (aReason) {
    case ContentBlockingNotifier::eOpener:
@ -286,9 +286,28 @@ ContentBlocking::AllowAccessFor(
         PromiseFlatCString(origin).get()));
  }

-  Document* parentDoc = aParentWindow->GetExtantDoc();
+  nsCOMPtr<nsPIDOMWindowOuter> parentOuter = aParentContext->GetDOMWindow();
+  if (!parentOuter) {
+    // TODO: Bug 1616775 should implement the parent version of AllowAccessFor
+    // here when parent window is NOT in-process.
+    LOG(
+        ("No outer window found for our parent window context, bailing out "
+         "early"));
+    return StorageAccessGrantPromise::CreateAndReject(false, __func__);
+  }
+
+  nsCOMPtr<nsPIDOMWindowInner> parentInner =
+      parentOuter->GetCurrentInnerWindow();
+  if (!parentInner) {
+    LOG(
+        ("No inner window found for our parent outer window, bailing out "
+         "early"));
+    return StorageAccessGrantPromise::CreateAndReject(false, __func__);
+  }
+
+  Document* parentDoc = parentInner->GetExtantDoc();
  if (!parentDoc) {
-    LOG(("Parent window has no doc"));
+    LOG(("No document found for our parent inner window, bailing out early"));
    return StorageAccessGrantPromise::CreateAndReject(false, __func__);
  }
  int32_t behavior = parentDoc->CookieJarSettings()->GetCookieBehavior();
@ -306,7 +325,7 @@ ContentBlocking::AllowAccessFor(
      behavior ==
          nsICookieService::BEHAVIOR_REJECT_TRACKER_AND_PARTITION_FOREIGN);

-  if (ContentBlockingAllowList::Check(aParentWindow)) {
+  if (ContentBlockingAllowList::Check(parentInner)) {
    return StorageAccessGrantPromise::CreateAndResolve(true, __func__);
  }

@ -315,7 +334,7 @@ ContentBlocking::AllowAccessFor(
  nsCOMPtr<nsIPrincipal> trackingPrincipal;

  RefPtr<nsGlobalWindowInner> parentWindow =
-      nsGlobalWindowInner::Cast(aParentWindow);
+      nsGlobalWindowInner::Cast(parentInner);
  nsGlobalWindowOuter* outerParentWindow =
      nsGlobalWindowOuter::Cast(parentWindow->GetOuterWindow());
  if (NS_WARN_IF(!outerParentWindow)) {
@ -389,8 +408,7 @@ ContentBlocking::AllowAccessFor(
    }
  }

-  nsPIDOMWindowOuter* topOuterWindow =
-      aParentWindow->GetBrowsingContext()->Top()->GetDOMWindow();
+  nsPIDOMWindowOuter* topOuterWindow = aParentContext->Top()->GetDOMWindow();
  nsGlobalWindowOuter* topWindow = nsGlobalWindowOuter::Cast(topOuterWindow);
  if (NS_WARN_IF(!topWindow)) {
    LOG(("No top outer window."));
@ -429,7 +447,7 @@ ContentBlocking::AllowAccessFor(
              _spec),
             trackingPrincipal);
    ContentBlockingNotifier::OnDecision(
-        aParentWindow, ContentBlockingNotifier::BlockingDecision::eBlock,
+        parentInner, ContentBlockingNotifier::BlockingDecision::eBlock,
        blockReason);
    return StorageAccessGrantPromise::CreateAndReject(false, __func__);
  }
--- a/toolkit/components/antitracking/ContentBlocking.h
+++ b/toolkit/components/antitracking/ContentBlocking.h
@ -25,6 +25,10 @@ namespace mozilla {

 class OriginAttributes;

+namespace dom {
+class BrowsingContext;
+}
+
 class ContentBlocking final {
 public:
  // This method returns true if the URI has first party storage access when
@ -67,13 +71,14 @@ class ContentBlocking final {

  // Grant the permission for aOrigin to have access to the first party storage.
  // This method can handle 2 different scenarios:
-  // - aParentWindow is a 3rd party context, it opens an aOrigin window and the
+  // - aParentContext is a 3rd party context, it opens an aOrigin window and the
  //   user interacts with it. We want to grant the permission at the
  //   combination: top-level + aParentWindow + aOrigin.
  //   Ex: example.net loads an iframe tracker.com, which opens a popup
  //   tracker.prg and the user interacts with it. tracker.org is allowed if
  //   loaded by tracker.com when loaded by example.net.
-  // - aParentWindow is a first party context and a 3rd party resource (probably
+  // - aParentContext is a first party context and a 3rd party resource
+  // (probably
  //   becuase of a script) opens a popup and the user interacts with it. We
  //   want to grant the permission for the 3rd party context to have access to
  //   the first party stoage when loaded in aParentWindow.
@ -85,7 +90,7 @@ class ContentBlocking final {
      PerformFinalChecks;
  typedef MozPromise<int, bool, true> StorageAccessGrantPromise;
  static MOZ_MUST_USE RefPtr<StorageAccessGrantPromise> AllowAccessFor(
-      nsIPrincipal* aPrincipal, nsPIDOMWindowInner* aParentWindow,
+      nsIPrincipal* aPrincipal, dom::BrowsingContext* aParentContext,
      ContentBlockingNotifier::StorageAccessGrantedReason aReason,
      const PerformFinalChecks& aPerformFinalChecks = nullptr);