Backout changeset 5306ba39ab30 (bug 1529396) because of harm on web developers and insufficient evidence for continued web compatibility usefulness

Differential Revision: https://phabricator.services.mozilla.com/D44053 --HG-- extra : moz-landing-system : lando
2019-08-29 21:03:59 +00:00 · 2019-08-29 21:03:59 +00:00 · 651b2b3dca
--- a/dom/base/nsGlobalWindowInner.cpp
+++ b/dom/base/nsGlobalWindowInner.cpp
@ -4510,13 +4510,7 @@ Storage* nsGlobalWindowInner::GetLocalStorage(ErrorResult& aError) {
  }

  if (access == StorageAccess::eDeny) {
-    if (mDoc && (mDoc->GetSandboxFlags() & SANDBOXED_ORIGIN) != 0) {
-      // Only raise the exception if we are denying storage access due to
-      // sandbox restrictions.  If we're denying storage access due to other
-      // reasons (e.g. cookie policy enforcement), withhold raising the
-      // exception in an effort to achieve more web compatibility.
-      aError.Throw(NS_ERROR_DOM_SECURITY_ERR);
-    }
+    aError.Throw(NS_ERROR_DOM_SECURITY_ERR);
    return nullptr;
  }

--- a/dom/tests/mochitest/localstorage/frameLocalStorageCookieSettings.html
+++ b/dom/tests/mochitest/localstorage/frameLocalStorageCookieSettings.html
@ -7,9 +7,9 @@
 <script type="text/javascript">
  try {
    localStorage.setItem("contentkey", "test-value");
-    ok(false, "Setting localStorageItem should throw a type error exception");
+    ok(false, "Setting localStorageItem should throw a security exception");
  } catch(ex) {
-    is(ex.name, "TypeError");
+    is(ex.name, "SecurityError");
  }
 </script>
 </body>
--- a/dom/tests/mochitest/localstorage/test_localStorageCookieSettings.html
+++ b/dom/tests/mochitest/localstorage/test_localStorageCookieSettings.html
@ -26,7 +26,7 @@ function test1() {
      ok(false, "Setting localStorageItem should throw a security exception");
    }
    catch(ex) {
-      is(ex.name, "TypeError");
+      is(ex.name, "SecurityError");
    }

    w.close();
--- a/toolkit/components/antitracking/test/browser/browser_blockingLocalStorage.js
+++ b/toolkit/components/antitracking/test/browser/browser_blockingLocalStorage.js
@ -3,13 +3,12 @@
 AntiTracking.runTestInNormalAndPrivateMode(
  "localStorage",
  async _ => {
-    is(window.localStorage, null, "LocalStorage is null");
    try {
      localStorage.foo = 42;
      ok(false, "LocalStorage cannot be used!");
    } catch (e) {
      ok(true, "LocalStorage cannot be used!");
-      is(e.name, "TypeError", "We want a type error message.");
+      is(e.name, "SecurityError", "We want a security error message.");
    }
  },
  async _ => {
@ -31,13 +30,12 @@ AntiTracking.runTestInNormalAndPrivateMode(
    /* import-globals-from storageAccessAPIHelpers.js */
    await noStorageAccessInitially();

-    is(window.localStorage, null, "LocalStorage is null");
    try {
      localStorage.foo = 42;
      ok(false, "LocalStorage cannot be used!");
    } catch (e) {
      ok(true, "LocalStorage cannot be used!");
-      is(e.name, "TypeError", "We want a type error message.");
+      is(e.name, "SecurityError", "We want a security error message.");
    }

    /* import-globals-from storageAccessAPIHelpers.js */
@ -51,13 +49,12 @@ AntiTracking.runTestInNormalAndPrivateMode(
        SpecialPowers.Services.prefs.getIntPref("network.cookie.cookieBehavior")
      )
    ) {
-      is(window.localStorage, null, "LocalStorage is null");
      try {
        localStorage.foo = 42;
        ok(false, "LocalStorage cannot be used!");
      } catch (e) {
        ok(true, "LocalStorage cannot be used!");
-        is(e.name, "TypeError", "We want a type error message.");
+        is(e.name, "SecurityError", "We want a security error message.");
      }
    } else {
      localStorage.foo = 42;
--- a/toolkit/components/antitracking/test/browser/browser_blockingNoOpener.js
+++ b/toolkit/components/antitracking/test/browser/browser_blockingNoOpener.js
@ -5,13 +5,12 @@ gFeatures = "noopener";
 AntiTracking.runTestInNormalAndPrivateMode(
  "Blocking in the case of noopener windows",
  async _ => {
-    is(window.localStorage, null, "LocalStorage is null");
    try {
      localStorage.foo = 42;
      ok(false, "LocalStorage cannot be used!");
    } catch (e) {
      ok(true, "LocalStorage cannot be used!");
-      is(e.name, "TypeError", "We want a type error message.");
+      is(e.name, "SecurityError", "We want a security error message.");
    }
  },
  async phase => {
@ -21,13 +20,12 @@ AntiTracking.runTestInNormalAndPrivateMode(
        ok(true, "LocalStorage is allowed");
        break;
      case 2:
-        is(window.localStorage, null, "LocalStorage is null");
        try {
          localStorage.foo = 42;
          ok(false, "LocalStorage cannot be used!");
        } catch (e) {
          ok(true, "LocalStorage cannot be used!");
-          is(e.name, "TypeError", "We want a type error message.");
+          is(e.name, "SecurityError", "We want a security error message.");
        }
        break;
    }
--- a/toolkit/components/antitracking/test/browser/browser_partitionedLocalStorage.js
+++ b/toolkit/components/antitracking/test/browser/browser_partitionedLocalStorage.js
@ -14,11 +14,6 @@ AntiTracking.runTestInNormalAndPrivateMode(
      SpecialPowers.Services.prefs.getIntPref("network.cookie.cookieBehavior")
    );

-    is(
-      window.localStorage == null,
-      shouldThrow,
-      shouldThrow ? "LocalStorage is null" : "LocalStorage is not null"
-    );
    let hasThrown;
    try {
      localStorage.foo = 42;
@ -26,7 +21,7 @@ AntiTracking.runTestInNormalAndPrivateMode(
      is(localStorage.foo, "42", "The value matches");
      hasThrown = false;
    } catch (e) {
-      is(e.name, "TypeError", "We want a type error message.");
+      is(e.name, "SecurityError", "We want a security error message.");
      hasThrown = true;
    }

--- a/toolkit/components/antitracking/test/browser/browser_script.js
+++ b/toolkit/components/antitracking/test/browser/browser_script.js
@ -39,13 +39,12 @@ add_task(async function() {
    async obj => {
      info("Checking if permission is denied");
      let callbackBlocked = async _ => {
-        is(window.localStorage, null, "LocalStorage is null");
        try {
          localStorage.foo = 42;
          ok(false, "LocalStorage cannot be used!");
        } catch (e) {
          ok(true, "LocalStorage cannot be used!");
-          is(e.name, "TypeError", "We want a type error message.");
+          is(e.name, "SecurityError", "We want a security error message.");
        }
      };

@ -112,13 +111,12 @@ add_task(async function() {
    async obj => {
      info("Checking if permission is denied");
      let callbackBlocked = async _ => {
-        is(window.localStorage, null, "LocalStorage is null");
        try {
          localStorage.foo = 42;
          ok(false, "LocalStorage cannot be used!");
        } catch (e) {
          ok(true, "LocalStorage cannot be used!");
-          is(e.name, "TypeError", "We want a type error message.");
+          is(e.name, "SecurityError", "We want a security error message.");
        }
      };

--- a/toolkit/components/antitracking/test/browser/browser_siteSpecificWorkArounds.js
+++ b/toolkit/components/antitracking/test/browser/browser_siteSpecificWorkArounds.js
@ -84,13 +84,12 @@ AntiTracking.runTest(
 AntiTracking.runTest(
  "localStorage with a tracker that is whitelisted via a misconfigured pref",
  async _ => {
-    is(window.localStorage, null, "LocalStorage is null");
    try {
      localStorage.foo = 42;
      ok(false, "LocalStorage cannot be used!");
    } catch (e) {
      ok(true, "LocalStorage cannot be used!");
-      is(e.name, "TypeError", "We want a type error message.");
+      is(e.name, "SecurityError", "We want a security error message.");
    }
  },
  async _ => {
--- a/toolkit/components/antitracking/test/browser/browser_storageAccessSandboxed.js
+++ b/toolkit/components/antitracking/test/browser/browser_storageAccessSandboxed.js
@ -60,13 +60,12 @@ AntiTracking.runTest(
    /* import-globals-from storageAccessAPIHelpers.js */
    await noStorageAccessInitially();

-    is(window.localStorage, null, "LocalStorage is null");
    try {
      localStorage.foo = 42;
      ok(false, "LocalStorage cannot be used!");
    } catch (e) {
      ok(true, "LocalStorage cannot be used!");
-      is(e.name, "TypeError", "We want a type error message.");
+      is(e.name, "SecurityError", "We want a security error message.");
    }
  },

@ -110,13 +109,12 @@ AntiTracking.runTest(
    /* import-globals-from storageAccessAPIHelpers.js */
    await noStorageAccessInitially();

-    is(window.localStorage, null, "LocalStorage is null");
    try {
      localStorage.foo = 42;
      ok(false, "LocalStorage cannot be used!");
    } catch (e) {
      ok(true, "LocalStorage cannot be used!");
-      is(e.name, "TypeError", "We want a type error message.");
+      is(e.name, "SecurityError", "We want a security error message.");
    }
  },

--- a/toolkit/components/extensions/test/xpcshell/test_ext_cookieBehaviors.js
+++ b/toolkit/components/extensions/test/xpcshell/test_ext_cookieBehaviors.js
@ -553,8 +553,9 @@ add_task(async function test_content_script_on_cookieBehaviorReject() {
      "a content script can't use indexedDB from a page where it is disallowed"
    );

-    browser.test.assertTrue(
-      window.localStorage === null,
+    browser.test.assertThrows(
+      () => localStorage,
+      /The operation is insecure/,
      "a content script can't use localStorage from a page where it is disallowed"
    );