Bug 1334111 - Reject MediaKeys requests for persistent storage when in PB mode. r=gerald

We want requests for MediaKeySystemAccess with persistentState to be rejected
if the window is in Private Browsing mode. This is primarily so that users in
Private Browsing mode don't unknowningly use up their "device limits"; some DRM
streamers have limits on the numbers of unique devices that can be
provisioned/used in a given time period, and the device ID is persisted in the
persistent state. So if we're flushing that state, the user will use up one of
their device quota on every new session, and quickly hit their limit, and be
unable to continue watching DRM video.

MozReview-Commit-ID: JWNO1kcU2ST

--HG--
extra : rebase_source : ad4e22629acfdd82aff8ead764949939726adbf4
This commit is contained in:
Chris Pearce 2017-05-29 10:21:18 +12:00
Родитель e5a35bb911
Коммит 7bcd5db48e
3 изменённых файлов: 29 добавлений и 11 удалений

Просмотреть файл

@ -821,7 +821,8 @@ static bool
GetSupportedConfig(const KeySystemConfig& aKeySystem,
const MediaKeySystemConfiguration& aCandidate,
MediaKeySystemConfiguration& aOutConfig,
DecoderDoctorDiagnostics* aDiagnostics)
DecoderDoctorDiagnostics* aDiagnostics,
bool aInPrivateBrowsing)
{
// Let accumulated configuration be a new MediaKeySystemConfiguration dictionary.
MediaKeySystemConfiguration config;
@ -874,6 +875,14 @@ GetSupportedConfig(const KeySystemConfig& aKeySystem,
return false;
}
if (config.mPersistentState == MediaKeysRequirement::Required &&
aInPrivateBrowsing) {
EME_LOG("MediaKeySystemConfiguration (label='%s') rejected; "
"persistentState requested in Private Browsing window.",
NS_ConvertUTF16toUTF8(aCandidate.mLabel).get());
return false;
}
Sequence<nsString> sessionTypes(UnboxSessionTypes(aCandidate.mSessionTypes));
if (sessionTypes.IsEmpty()) {
// Malloc failure.
@ -1044,10 +1053,12 @@ GetSupportedConfig(const KeySystemConfig& aKeySystem,
/* static */
bool
MediaKeySystemAccess::GetSupportedConfig(const nsAString& aKeySystem,
const Sequence<MediaKeySystemConfiguration>& aConfigs,
MediaKeySystemConfiguration& aOutConfig,
DecoderDoctorDiagnostics* aDiagnostics)
MediaKeySystemAccess::GetSupportedConfig(
const nsAString& aKeySystem,
const Sequence<MediaKeySystemConfiguration>& aConfigs,
MediaKeySystemConfiguration& aOutConfig,
DecoderDoctorDiagnostics* aDiagnostics,
bool aIsPrivateBrowsing)
{
KeySystemConfig implementation;
if (!GetKeySystemConfig(aKeySystem, implementation)) {
@ -1057,7 +1068,8 @@ MediaKeySystemAccess::GetSupportedConfig(const nsAString& aKeySystem,
if (mozilla::dom::GetSupportedConfig(implementation,
candidate,
aOutConfig,
aDiagnostics)) {
aDiagnostics,
aIsPrivateBrowsing)) {
return true;
}
}

Просмотреть файл

@ -61,10 +61,12 @@ public:
const nsAString& aKeySystem,
MediaKeySystemStatus aStatus);
static bool GetSupportedConfig(const nsAString& aKeySystem,
const Sequence<MediaKeySystemConfiguration>& aConfigs,
MediaKeySystemConfiguration& aOutConfig,
DecoderDoctorDiagnostics* aDiagnostics);
static bool GetSupportedConfig(
const nsAString& aKeySystem,
const Sequence<MediaKeySystemConfiguration>& aConfigs,
MediaKeySystemConfiguration& aOutConfig,
DecoderDoctorDiagnostics* aDiagnostics,
bool aIsPrivateBrowsing);
static bool KeySystemSupportsInitDataType(const nsAString& aKeySystem,
const nsAString& aInitDataType);

Просмотреть файл

@ -165,8 +165,12 @@ MediaKeySystemAccessManager::Request(DetailedPromise* aPromise,
return;
}
bool isPrivateBrowsing =
mWindow->GetExtantDoc() &&
mWindow->GetExtantDoc()->NodePrincipal()->GetPrivateBrowsingId() > 0;
MediaKeySystemConfiguration config;
if (MediaKeySystemAccess::GetSupportedConfig(aKeySystem, aConfigs, config, &diagnostics)) {
if (MediaKeySystemAccess::GetSupportedConfig(
aKeySystem, aConfigs, config, &diagnostics, isPrivateBrowsing)) {
RefPtr<MediaKeySystemAccess> access(
new MediaKeySystemAccess(mWindow, aKeySystem, config));
aPromise->MaybeResolve(access);