Bug 1670058 - support Global Privacy Control signal; r=smaug,necko-reviewers

Differential Revision: https://phabricator.services.mozilla.com/D126966
2021-10-07 07:55:30 +00:00 · 2021-10-07 07:55:30 +00:00 · 692c22b993
--- a/devtools/client/netmonitor/src/utils/mdn-utils.js
+++ b/devtools/client/netmonitor/src/utils/mdn-utils.js
@ -78,6 +78,7 @@ const SUPPORTED_HEADERS = [
  "Sec-Fetch-Mode",
  "Sec-Fetch-Site",
  "Sec-Fetch-User",
+  "Sec-GPC",
  "Server",
  "Server-Timing",
  "Set-Cookie",
--- a/dom/base/Navigator.cpp
+++ b/dom/base/Navigator.cpp
@ -627,6 +627,11 @@ void Navigator::GetDoNotTrack(nsAString& aResult) {
  }
 }

+bool Navigator::GlobalPrivacyControl() {
+  return StaticPrefs::privacy_globalprivacycontrol_enabled() &&
+         StaticPrefs::privacy_globalprivacycontrol_functionality_enabled();
+}
+
 uint64_t Navigator::HardwareConcurrency() {
  workerinternals::RuntimeService* rts =
      workerinternals::RuntimeService::GetOrCreateService();
--- a/dom/base/Navigator.h
+++ b/dom/base/Navigator.h
@ -129,6 +129,7 @@ class Navigator final : public nsISupports, public nsWrapperCache {
  nsPluginArray* GetPlugins(ErrorResult& aRv);
  Permissions* GetPermissions(ErrorResult& aRv);
  void GetDoNotTrack(nsAString& aResult);
+  bool GlobalPrivacyControl();
  Geolocation* GetGeolocation(ErrorResult& aRv);
  Promise* GetBattery(ErrorResult& aRv);

@ -289,6 +290,6 @@ class Navigator final : public nsISupports, public nsWrapperCache {
  RefPtr<dom::LockManager> mLocks;
 };

-}  // namespace mozilla
+}  // namespace mozilla::dom

 #endif  // mozilla_dom_Navigator_h
--- a/dom/security/test/general/file_gpc_server.sjs
+++ b/dom/security/test/general/file_gpc_server.sjs
@ -0,0 +1,15 @@
+"use strict";
+
+function handleRequest(request, response) {
+  response.setHeader("Content-Type", "text/html", false);
+  response.setHeader("Cache-Control", "no-cache", false);
+
+  var gpc = request.hasHeader("Sec-GPC") ? request.getHeader("Sec-GPC") : "";
+
+  if (gpc === "1") {
+    response.write("true");
+  }
+  else {
+    response.write("false");
+  }
+}
--- a/dom/security/test/general/mochitest.ini
+++ b/dom/security/test/general/mochitest.ini
@ -67,3 +67,5 @@ support-files =
 [test_bug1660452_http.html]
 [test_bug1660452_https.html]
 scheme = https
+[test_gpc.html]
+support-files = file_gpc_server.sjs
--- a/dom/security/test/general/test_gpc.html
+++ b/dom/security/test/general/test_gpc.html
@ -0,0 +1,39 @@
+<!DOCTYPE HTML>
+<html>
+<head>
+  <title>Test for Global Privacy Control headers</title>
+  <script src="/tests/SimpleTest/SimpleTest.js"></script>
+  <link rel="stylesheet" type="text/css" href="/tests/SimpleTest/test.css" />
+</head>
+<body>
+<script class="testbody" type="application/javascript">
+
+add_task(async function testGlobalPrivacyControlDisabled() {
+  await SpecialPowers.pushPrefEnv({ set: [
+    ["privacy.globalprivacycontrol.enabled", false],
+    ["privacy.globalprivacycontrol.functionality.enabled", true],
+  ]});
+  await fetch("file_gpc_server.sjs")
+  .then((response) => response.text())
+  .then((response) => {
+    is(response, "false", "GPC disabled so header unsent");
+    is(navigator.globalPrivacyControl, false, "GPC disabled so navigator property is 0");
+  });
+});
+
+add_task(async function testGlobalPrivacyControlEnabled() {
+  await SpecialPowers.pushPrefEnv({ set: [
+    ["privacy.globalprivacycontrol.enabled", true],
+    ["privacy.globalprivacycontrol.functionality.enabled", true],
+  ]});
+  await fetch("file_gpc_server.sjs")
+  .then((response) => response.text())
+  .then((response) => {
+    is(response, "true", "GPC enabled so header sent and received");
+    is(navigator.globalPrivacyControl, true, "GPC enabled so navigator property is 1");
+  });
+});
+
+</script>
+</body>
+</html>
--- a/dom/webidl/Navigator.webidl
+++ b/dom/webidl/Navigator.webidl
@ -119,6 +119,12 @@ partial interface Navigator {
  readonly attribute DOMString doNotTrack;
 };

+// https://globalprivacycontrol.github.io/gpc-spec/
+partial interface Navigator {
+  [Pref="privacy.globalprivacycontrol.functionality.enabled"]
+  readonly attribute boolean globalPrivacyControl;
+};
+
 // http://www.w3.org/TR/geolocation-API/#geolocation_interface
 interface mixin NavigatorGeolocation {
  [Throws, Pref="geo.enabled"]
--- a/modules/libpref/init/StaticPrefList.yaml
+++ b/modules/libpref/init/StaticPrefList.yaml
@ -10326,6 +10326,25 @@
  value: false
  mirror: always

+# Potentially send "global privacy control" HTTP header and set navigator
+# property accordingly. Communicates user's desire to opt-out/in of
+# websites or services selling or sharing the user's information, false by
+# default.
+# true - Send the header with a value of 1 to indicate opting-out
+# false - Do not send header to indicate opting-in
+- name: privacy.globalprivacycontrol.enabled
+  type: bool
+  value: false
+  mirror: always
+
+# Controls whether or not GPC signals are sent. Meant to act as a third option
+# of 'undecided' by leaving the navigator property undefined and not attaching
+# the Sec-GPC HTTP header.
+- name: privacy.globalprivacycontrol.functionality.enabled
+  type: bool
+  value: false
+  mirror: always
+
 # Lower the priority of network loads for resources on the tracking protection
 # list.  Note that this requires the
 # privacy.trackingprotection.annotate_channels pref to be on in order to have
--- a/netwerk/protocol/http/nsHttpAtomList.h
+++ b/netwerk/protocol/http/nsHttpAtomList.h
@ -52,6 +52,7 @@ HTTP_ATOM(ETag, "Etag")
 HTTP_ATOM(Expect, "Expect")
 HTTP_ATOM(Expires, "Expires")
 HTTP_ATOM(From, "From")
+HTTP_ATOM(GlobalPrivacyControl, "Sec-GPC")
 HTTP_ATOM(Host, "Host")
 HTTP_ATOM(If, "If")
 HTTP_ATOM(If_Match, "If-Match")
--- a/netwerk/protocol/http/nsHttpChannel.cpp
+++ b/netwerk/protocol/http/nsHttpChannel.cpp
@ -5997,6 +5997,7 @@ nsresult nsHttpChannel::BeginConnect() {

  SetOriginHeader();
  SetDoNotTrack();
+  SetGlobalPrivacyControl();

  OriginAttributes originAttributes;
  // Regular principal in case we have a proxy.
@ -8704,6 +8705,17 @@ void nsHttpChannel::SetDoNotTrack() {
  }
 }

+void nsHttpChannel::SetGlobalPrivacyControl() {
+  MOZ_ASSERT(NS_IsMainThread(), "Must be called on the main thread");
+
+  if (StaticPrefs::privacy_globalprivacycontrol_enabled() &&
+      StaticPrefs::privacy_globalprivacycontrol_functionality_enabled()) {
+    // Send the header with a value of 1 to indicate opting-out
+    DebugOnly<nsresult> rv =
+        mRequestHead.SetHeader(nsHttp::GlobalPrivacyControl, "1"_ns, false);
+  }
+}
+
 void nsHttpChannel::ReportRcwnStats(bool isFromNet) {
  if (!StaticPrefs::network_http_rcwn_enabled()) {
    return;
--- a/netwerk/protocol/http/nsHttpChannel.h
+++ b/netwerk/protocol/http/nsHttpChannel.h
@ -502,6 +502,7 @@ class nsHttpChannel final : public HttpBaseChannel,

  void SetOriginHeader();
  void SetDoNotTrack();
+  void SetGlobalPrivacyControl();

  already_AddRefed<nsChannelClassifier> GetOrCreateChannelClassifier();