Bug 1588461 - Added OA StripAttributes flag for privateBrowsingId. r=johannh,ckerschb

Differential Revision: https://phabricator.services.mozilla.com/D49174

--HG--
extra : moz-landing-system : lando

caps/OriginAttributes.cpp

@@ -199,10 +199,11 @@ class MOZ_STACK_CLASS PopulateFromSuffixIterator final
   explicit PopulateFromSuffixIterator(OriginAttributes* aOriginAttributes)
       : mOriginAttributes(aOriginAttributes) {
     MOZ_ASSERT(aOriginAttributes);
-    // If mPrivateBrowsingId is passed in as >0 and is not present in the
+    // If a non-default mPrivateBrowsingId is passed and is not present in the
-    // suffix, then it will remain >0 when it should be 0 according to the
+    // suffix, then it will retain the id when it should be default according
-    // suffix. Set to 0 before iterating to fix this.
+    // to the suffix. Set to default before iterating to fix this.
-    mOriginAttributes->mPrivateBrowsingId = 0;
+    mOriginAttributes->mPrivateBrowsingId =
+        nsIScriptSecurityManager::DEFAULT_PRIVATE_BROWSING_ID;
   }
 
   bool URLParamsIterator(const nsAString& aName,

caps/OriginAttributes.h

@@ -35,6 +35,7 @@ class OriginAttributes : public dom::OriginAttributesDictionary {
   enum {
     STRIP_FIRST_PARTY_DOMAIN = 0x01,
     STRIP_USER_CONTEXT_ID = 0x02,
+    STRIP_PRIVATE_BROWSING_ID = 0x04,
   };
 
   inline void StripAttributes(uint32_t aFlags) {
@@ -45,6 +46,11 @@ class OriginAttributes : public dom::OriginAttributesDictionary {
     if (aFlags & STRIP_USER_CONTEXT_ID) {
       mUserContextId = nsIScriptSecurityManager::DEFAULT_USER_CONTEXT_ID;
     }
+
+    if (aFlags & STRIP_PRIVATE_BROWSING_ID) {
+      mPrivateBrowsingId =
+          nsIScriptSecurityManager::DEFAULT_PRIVATE_BROWSING_ID;
+    }
   }
 
   bool operator==(const OriginAttributes& aOther) const {

caps/nsIScriptSecurityManager.idl

@@ -261,6 +261,8 @@ interface nsIScriptSecurityManager : nsISupports
 
     const unsigned long DEFAULT_USER_CONTEXT_ID = 0;
 
+    const unsigned long DEFAULT_PRIVATE_BROWSING_ID = 0;
+
     /**
      * Per-domain controls to enable and disable script. This system is designed
      * to be used by at most one consumer, and enforces this with its semantics.

docshell/base/nsDocShell.cpp

@@ -4904,7 +4904,7 @@ nsDocShell::Destroy() {
   CancelRefreshURITimers();
 
   if (UsePrivateBrowsing()) {
-    mPrivateBrowsingId = 0;
+    mPrivateBrowsingId = nsIScriptSecurityManager::DEFAULT_PRIVATE_BROWSING_ID;
     mOriginAttributes.SyncAttributesWithPrivateBrowsing(false);
     if (mAffectPrivateSessionLifetime) {
       DecreasePrivateDocShellCount();
@@ -13209,10 +13209,12 @@ nsresult nsDocShell::SetOriginAttributes(const OriginAttributes& aAttrs) {
   AssertOriginAttributesMatchPrivateBrowsing();
   mOriginAttributes = aAttrs;
 
-  bool isPrivate = mOriginAttributes.mPrivateBrowsingId > 0;
+  bool isPrivate = mOriginAttributes.mPrivateBrowsingId !=
+                   nsIScriptSecurityManager::DEFAULT_PRIVATE_BROWSING_ID;
   // Chrome docshell can not contain OriginAttributes.mPrivateBrowsingId
   if (mItemType == typeChrome && isPrivate) {
-    mOriginAttributes.mPrivateBrowsingId = 0;
+    mOriginAttributes.mPrivateBrowsingId =
+        nsIScriptSecurityManager::DEFAULT_PRIVATE_BROWSING_ID;
   }
 
   SetPrivateBrowsing(isPrivate);

extensions/permissions/nsPermissionManager.cpp

@@ -158,12 +158,18 @@ bool IsPreloadPermission(const nsACString& aType) {
 // Strip private browsing and user context (if enabled by pref)
 // Flipping these prefs changes the suffix being hashed.
 void MaybeStripOAs(OriginAttributes& aOriginAttributes) {
+  uint32_t flags = 0;
+
   if (!StaticPrefs::permissions_isolateBy_privateBrowsing()) {
-    aOriginAttributes.mPrivateBrowsingId = 0;
+    flags |= OriginAttributes::STRIP_PRIVATE_BROWSING_ID;
   }
 
   if (!StaticPrefs::permissions_isolateBy_userContext()) {
-    aOriginAttributes.StripAttributes(OriginAttributes::STRIP_USER_CONTEXT_ID);
+    flags |= OriginAttributes::STRIP_USER_CONTEXT_ID;
+  }
+
+  if (flags != 0) {
+    aOriginAttributes.StripAttributes(flags);
   }
 }