diff --git a/caps/OriginAttributes.cpp b/caps/OriginAttributes.cpp index 238664abff1c..f60253a62aa0 100644 --- a/caps/OriginAttributes.cpp +++ b/caps/OriginAttributes.cpp @@ -65,16 +65,18 @@ void OriginAttributes::SetFirstPartyDomain(const bool aIsTopLevelDocument, // Saving isInsufficientDomainLevels before rv is overwritten. bool isInsufficientDomainLevels = (rv == NS_ERROR_INSUFFICIENT_DOMAIN_LEVELS); nsAutoCString scheme; - rv = aURI->GetScheme(scheme); - NS_ENSURE_SUCCESS_VOID(rv); - if (scheme.EqualsLiteral("about")) { - mFirstPartyDomain.AssignLiteral(ABOUT_URI_FIRST_PARTY_DOMAIN); - return; + if (aURI) { + rv = aURI->GetScheme(scheme); + NS_ENSURE_SUCCESS_VOID(rv); + if (scheme.EqualsLiteral("about")) { + mFirstPartyDomain.AssignLiteral(ABOUT_URI_FIRST_PARTY_DOMAIN); + return; + } } nsCOMPtr blobPrincipal; - if (dom::BlobURLProtocolHandler::GetBlobURLPrincipal( - aURI, getter_AddRefs(blobPrincipal))) { + if (aURI && dom::BlobURLProtocolHandler::GetBlobURLPrincipal( + aURI, getter_AddRefs(blobPrincipal))) { MOZ_ASSERT(blobPrincipal); mFirstPartyDomain = blobPrincipal->OriginAttributesRef().mFirstPartyDomain; return; diff --git a/caps/nsScriptSecurityManager.cpp b/caps/nsScriptSecurityManager.cpp index 8fa6b231b104..5852897181ab 100644 --- a/caps/nsScriptSecurityManager.cpp +++ b/caps/nsScriptSecurityManager.cpp @@ -271,6 +271,15 @@ nsScriptSecurityManager::GetChannelResultPrincipals( return rv; } + if (!(*aPrincipal)->GetIsContentPrincipal()) { + // If for some reason we don't have a content principal here, just reuse our + // principal for the storage principal too, since attempting to create a + // storage principal would fail anyway. + nsCOMPtr copy = *aPrincipal; + copy.forget(aStoragePrincipal); + return NS_OK; + } + return StoragePrincipalHelper::Create(aChannel, *aPrincipal, aStoragePrincipal); } diff --git a/dom/base/nsGlobalWindowInner.cpp b/dom/base/nsGlobalWindowInner.cpp index 0c1ec6c676d8..7bd68a07d014 100644 --- a/dom/base/nsGlobalWindowInner.cpp +++ b/dom/base/nsGlobalWindowInner.cpp @@ -46,6 +46,7 @@ # include "mozilla/dom/WindowOrientationObserver.h" #endif #include "nsDOMOfflineResourceList.h" +#include "nsICookieService.h" #include "nsError.h" #include "nsISizeOfEventTarget.h" #include "nsDOMJSUtils.h" @@ -5605,7 +5606,10 @@ nsIPrincipal* nsGlobalWindowInner::GetTopLevelPrincipal() { return nullptr; } - if (topLevelOuterWindow == outerWindow) { + bool stopAtOurLevel = mDoc && mDoc->CookieSettings()->GetCookieBehavior() == + nsICookieService::BEHAVIOR_REJECT_TRACKER; + + if (stopAtOurLevel && topLevelOuterWindow == outerWindow) { return nullptr; } diff --git a/toolkit/components/antitracking/test/browser/antitracking_head.js b/toolkit/components/antitracking/test/browser/antitracking_head.js index 32837f042a37..d42fa0cf5af2 100644 --- a/toolkit/components/antitracking/test/browser/antitracking_head.js +++ b/toolkit/components/antitracking/test/browser/antitracking_head.js @@ -8,6 +8,8 @@ "use strict"; var gFeatures = undefined; +var gTestTrackersCleanedUp = false; +var gTestTrackersCleanupRegistered = false; /** * Force garbage collection. @@ -372,6 +374,16 @@ this.AntiTracking = { } await UrlClassifierTestUtils.addTestTrackers(); + if (!gTestTrackersCleanupRegistered) { + registerCleanupFunction(_ => { + if (gTestTrackersCleanedUp) { + return; + } + UrlClassifierTestUtils.cleanupTestTrackers(); + gTestTrackersCleanedUp = true; + }); + gTestTrackersCleanupRegistered = true; + } }, _createTask(options) { diff --git a/toolkit/components/antitracking/test/browser/browser.ini b/toolkit/components/antitracking/test/browser/browser.ini index f528fbfee5a4..b282ced2f3dd 100644 --- a/toolkit/components/antitracking/test/browser/browser.ini +++ b/toolkit/components/antitracking/test/browser/browser.ini @@ -88,6 +88,9 @@ skip-if = fission [browser_subResources.js] skip-if = fission || serviceworker_e10s support-files = subResources.sjs +[browser_subResourcesPartitioned.js] +skip-if = fission || serviceworker_e10s +support-files = subResources.sjs [browser_script.js] skip-if = fission support-files = tracker.js diff --git a/toolkit/components/antitracking/test/browser/browser_allowListNotifications.js b/toolkit/components/antitracking/test/browser/browser_allowListNotifications.js index 38f1797ff07d..b91050a71ca6 100644 --- a/toolkit/components/antitracking/test/browser/browser_allowListNotifications.js +++ b/toolkit/components/antitracking/test/browser/browser_allowListNotifications.js @@ -117,6 +117,8 @@ add_task(async function() { info("Removing the tab"); BrowserTestUtils.removeTab(tab); + + UrlClassifierTestUtils.cleanupTestTrackers(); }); add_task(async function() { diff --git a/toolkit/components/antitracking/test/browser/browser_localStorageEvents.js b/toolkit/components/antitracking/test/browser/browser_localStorageEvents.js index 3b1d072e2129..50f0b32e66e8 100644 --- a/toolkit/components/antitracking/test/browser/browser_localStorageEvents.js +++ b/toolkit/components/antitracking/test/browser/browser_localStorageEvents.js @@ -167,6 +167,8 @@ add_task(async function testBlockedLocalStorageEventPropagation() { info("Removing the tab"); BrowserTestUtils.removeTab(tab); + UrlClassifierTestUtils.cleanupTestTrackers(); + info("Cleaning up."); await new Promise(resolve => { Services.clearData.deleteData(Ci.nsIClearDataService.CLEAR_ALL, value => diff --git a/toolkit/components/antitracking/test/browser/browser_networkIsolation.js b/toolkit/components/antitracking/test/browser/browser_networkIsolation.js index 9ef68e6db2b7..4e24bcc5f0d6 100644 --- a/toolkit/components/antitracking/test/browser/browser_networkIsolation.js +++ b/toolkit/components/antitracking/test/browser/browser_networkIsolation.js @@ -191,6 +191,8 @@ add_task(async function() { info("Removing the tab"); BrowserTestUtils.removeTab(tab); + + UrlClassifierTestUtils.cleanupTestTrackers(); }); add_task(async function() { diff --git a/toolkit/components/antitracking/test/browser/browser_partitionedLocalStorage_events.js b/toolkit/components/antitracking/test/browser/browser_partitionedLocalStorage_events.js index 145100272aa9..1c792b110670 100644 --- a/toolkit/components/antitracking/test/browser/browser_partitionedLocalStorage_events.js +++ b/toolkit/components/antitracking/test/browser/browser_partitionedLocalStorage_events.js @@ -176,6 +176,8 @@ function runAllTests(withStoragePrincipalEnabled, prefValue) { BrowserTestUtils.removeTab(trackerTab); BrowserTestUtils.removeTab(normalTab); + + UrlClassifierTestUtils.cleanupTestTrackers(); }); // Two ePartitionOrDeny iframes in the same tab in the same origin don't see @@ -296,6 +298,8 @@ function runAllTests(withStoragePrincipalEnabled, prefValue) { ); BrowserTestUtils.removeTab(normalTab); + + UrlClassifierTestUtils.cleanupTestTrackers(); }); // Same as the previous test but with a cookie behavior of BEHAVIOR_ACCEPT @@ -404,6 +408,8 @@ function runAllTests(withStoragePrincipalEnabled, prefValue) { ); BrowserTestUtils.removeTab(normalTab); + + UrlClassifierTestUtils.cleanupTestTrackers(); }); // An ePartitionOrDeny iframe navigated between two distinct pages on the same @@ -498,6 +504,8 @@ function runAllTests(withStoragePrincipalEnabled, prefValue) { ); BrowserTestUtils.removeTab(normalTab); + + UrlClassifierTestUtils.cleanupTestTrackers(); }); // Like the previous test, but accepting trackers @@ -586,6 +594,8 @@ function runAllTests(withStoragePrincipalEnabled, prefValue) { ); BrowserTestUtils.removeTab(normalTab); + + UrlClassifierTestUtils.cleanupTestTrackers(); }); // An ePartitionOrDeny iframe on the same origin that is navigated to itself @@ -681,6 +691,8 @@ function runAllTests(withStoragePrincipalEnabled, prefValue) { ); BrowserTestUtils.removeTab(normalTab); + + UrlClassifierTestUtils.cleanupTestTrackers(); }); // Like the previous test, but accepting trackers @@ -769,6 +781,8 @@ function runAllTests(withStoragePrincipalEnabled, prefValue) { ); BrowserTestUtils.removeTab(normalTab); + + UrlClassifierTestUtils.cleanupTestTrackers(); }); // Cleanup data. diff --git a/toolkit/components/antitracking/test/browser/browser_referrerDefaultPolicy.js b/toolkit/components/antitracking/test/browser/browser_referrerDefaultPolicy.js index 8cf52234ac08..eb81902f7a89 100644 --- a/toolkit/components/antitracking/test/browser/browser_referrerDefaultPolicy.js +++ b/toolkit/components/antitracking/test/browser/browser_referrerDefaultPolicy.js @@ -410,8 +410,6 @@ add_task(async function() { ], }); - await UrlClassifierTestUtils.addTestTrackers(); - // no-referrer-when-downgrade await SpecialPowers.pushPrefEnv({ set: [["network.http.referer.defaultPolicy.trackers", 3]], @@ -523,7 +521,11 @@ add_task(async function() { }); add_task(async function() { + await UrlClassifierTestUtils.addTestTrackers(); + await executeTests(); + + UrlClassifierTestUtils.cleanupTestTrackers(); }); add_task(async function() { diff --git a/toolkit/components/antitracking/test/browser/browser_script.js b/toolkit/components/antitracking/test/browser/browser_script.js index 8312f725d6b5..28b0a893c338 100644 --- a/toolkit/components/antitracking/test/browser/browser_script.js +++ b/toolkit/components/antitracking/test/browser/browser_script.js @@ -204,6 +204,8 @@ add_task(async function() { info("Removing the tab"); BrowserTestUtils.removeTab(tab); + + UrlClassifierTestUtils.cleanupTestTrackers(); }); add_task(async function() { diff --git a/toolkit/components/antitracking/test/browser/browser_socialtracking.js b/toolkit/components/antitracking/test/browser/browser_socialtracking.js index 89ffcc746a16..f92d2e3deebd 100644 --- a/toolkit/components/antitracking/test/browser/browser_socialtracking.js +++ b/toolkit/components/antitracking/test/browser/browser_socialtracking.js @@ -71,6 +71,8 @@ function runTest(obj) { ); BrowserTestUtils.removeTab(tab); + + UrlClassifierTestUtils.cleanupTestTrackers(); }); } diff --git a/toolkit/components/antitracking/test/browser/browser_storageAccessWithHeuristics.js b/toolkit/components/antitracking/test/browser/browser_storageAccessWithHeuristics.js index 746ae1ca1666..56b2aea427dc 100644 --- a/toolkit/components/antitracking/test/browser/browser_storageAccessWithHeuristics.js +++ b/toolkit/components/antitracking/test/browser/browser_storageAccessWithHeuristics.js @@ -310,6 +310,8 @@ add_task(async function testUserInteractionHeuristic() { info("Removing the tab"); BrowserTestUtils.removeTab(tab); + + UrlClassifierTestUtils.cleanupTestTrackers(); }); add_task(async function() { diff --git a/toolkit/components/antitracking/test/browser/browser_subResources.js b/toolkit/components/antitracking/test/browser/browser_subResources.js index 4184fa41df2f..6d887e5f452a 100644 --- a/toolkit/components/antitracking/test/browser/browser_subResources.js +++ b/toolkit/components/antitracking/test/browser/browser_subResources.js @@ -253,6 +253,8 @@ add_task(async function() { info("Removing the tab"); BrowserTestUtils.removeTab(tab); + + UrlClassifierTestUtils.cleanupTestTrackers(); }); add_task(async function() { diff --git a/toolkit/components/antitracking/test/browser/browser_subResourcesPartitioned.js b/toolkit/components/antitracking/test/browser/browser_subResourcesPartitioned.js new file mode 100644 index 000000000000..ff29f1fce640 --- /dev/null +++ b/toolkit/components/antitracking/test/browser/browser_subResourcesPartitioned.js @@ -0,0 +1,254 @@ +async function runTests(topPage) { + info("Creating a new tab"); + let tab = BrowserTestUtils.addTab(gBrowser, topPage); + gBrowser.selectedTab = tab; + + let browser = gBrowser.getBrowserForTab(tab); + await BrowserTestUtils.browserLoaded(browser); + + info("Loading scripts and images"); + await ContentTask.spawn(browser, null, async function() { + // Let's load the script twice here. + { + let src = content.document.createElement("script"); + let p = new content.Promise(resolve => { + src.onload = resolve; + }); + content.document.body.appendChild(src); + src.src = + "https://example.org/browser/toolkit/components/antitracking/test/browser/subResources.sjs?what=script"; + await p; + } + { + let src = content.document.createElement("script"); + let p = new content.Promise(resolve => { + src.onload = resolve; + }); + content.document.body.appendChild(src); + src.src = + "https://example.org/browser/toolkit/components/antitracking/test/browser/subResources.sjs?what=script"; + await p; + } + + // Let's load an image twice here. + { + let img = content.document.createElement("img"); + let p = new content.Promise(resolve => { + img.onload = resolve; + }); + content.document.body.appendChild(img); + img.src = + "https://example.org/browser/toolkit/components/antitracking/test/browser/subResources.sjs?what=image"; + await p; + } + { + let img = content.document.createElement("img"); + let p = new content.Promise(resolve => { + img.onload = resolve; + }); + content.document.body.appendChild(img); + img.src = + "https://example.org/browser/toolkit/components/antitracking/test/browser/subResources.sjs?what=image"; + await p; + } + }); + + await fetch( + "https://example.org/browser/toolkit/components/antitracking/test/browser/subResources.sjs?result&what=image" + ) + .then(r => r.text()) + .then(text => { + is(text, 1, "One cookie received for images."); + }); + + await fetch( + "https://example.org/browser/toolkit/components/antitracking/test/browser/subResources.sjs?result&what=script" + ) + .then(r => r.text()) + .then(text => { + is(text, 1, "One cookie received received for scripts."); + }); + + info("Creating a 3rd party content"); + await ContentTask.spawn( + browser, + { + page: TEST_3RD_PARTY_PAGE_WO, + blockingCallback: (async _ => {}).toString(), + nonBlockingCallback: (async _ => {}).toString(), + }, + async function(obj) { + await new content.Promise(resolve => { + let ifr = content.document.createElement("iframe"); + ifr.onload = function() { + info("Sending code to the 3rd party content"); + ifr.contentWindow.postMessage(obj, "*"); + }; + + content.addEventListener("message", function msg(event) { + if (event.data.type == "finish") { + content.removeEventListener("message", msg); + resolve(); + return; + } + + if (event.data.type == "ok") { + ok(event.data.what, event.data.msg); + return; + } + + if (event.data.type == "info") { + info(event.data.msg); + return; + } + + ok(false, "Unknown message"); + }); + + content.document.body.appendChild(ifr); + ifr.src = obj.page; + }); + } + ); + + info("Loading scripts and images again"); + await ContentTask.spawn(browser, null, async function() { + // Let's load the script twice here. + { + let src = content.document.createElement("script"); + let p = new content.Promise(resolve => { + src.onload = resolve; + }); + content.document.body.appendChild(src); + src.src = + "https://example.com/browser/toolkit/components/antitracking/test/browser/subResources.sjs?what=script"; + await p; + } + { + let src = content.document.createElement("script"); + let p = new content.Promise(resolve => { + src.onload = resolve; + }); + content.document.body.appendChild(src); + src.src = + "https://example.com/browser/toolkit/components/antitracking/test/browser/subResources.sjs?what=script"; + await p; + } + + // Let's load an image twice here. + { + let img = content.document.createElement("img"); + let p = new content.Promise(resolve => { + img.onload = resolve; + }); + content.document.body.appendChild(img); + img.src = + "https://example.com/browser/toolkit/components/antitracking/test/browser/subResources.sjs?what=image"; + await p; + } + { + let img = content.document.createElement("img"); + let p = new content.Promise(resolve => { + img.onload = resolve; + }); + content.document.body.appendChild(img); + img.src = + "https://example.com/browser/toolkit/components/antitracking/test/browser/subResources.sjs?what=image"; + await p; + } + }); + + await fetch( + "https://example.com/browser/toolkit/components/antitracking/test/browser/subResources.sjs?result&what=image" + ) + .then(r => r.text()) + .then(text => { + is(text, 1, "One cookie received for images."); + }); + + await fetch( + "https://example.com/browser/toolkit/components/antitracking/test/browser/subResources.sjs?result&what=script" + ) + .then(r => r.text()) + .then(text => { + is(text, 1, "One cookie received received for scripts."); + }); + + let expectTrackerBlocked = (item, blocked) => { + is( + item[0], + Ci.nsIWebProgressListener.STATE_COOKIES_BLOCKED_TRACKER, + "Correct blocking type reported" + ); + is(item[1], blocked, "Correct blocking status reported"); + ok(item[2] >= 1, "Correct repeat count reported"); + }; + + let expectCookiesLoaded = item => { + is( + item[0], + Ci.nsIWebProgressListener.STATE_COOKIES_LOADED, + "Correct blocking type reported" + ); + is(item[1], true, "Correct blocking status reported"); + ok(item[2] >= 1, "Correct repeat count reported"); + }; + + let log = JSON.parse(await browser.getContentBlockingLog()); + for (let trackerOrigin in log) { + let originLog = log[trackerOrigin]; + info(trackerOrigin); + switch (trackerOrigin) { + case "https://example.org": + case "https://example.com": + is( + originLog.length, + 1, + "We should have 1 entries in the compressed log" + ); + expectCookiesLoaded(originLog[0]); + break; + case "https://tracking.example.org": + is( + originLog.length, + 1, + "We should have 1 entries in the compressed log" + ); + expectTrackerBlocked(originLog[0], false); + break; + } + } + + info("Removing the tab"); + BrowserTestUtils.removeTab(tab); +} + +add_task(async function() { + info("Starting subResources test"); + + await SpecialPowers.flushPrefEnv(); + await SpecialPowers.pushPrefEnv({ + set: [ + [ + "network.cookie.cookieBehavior", + Ci.nsICookieService.BEHAVIOR_REJECT_TRACKER_AND_PARTITION_FOREIGN, + ], + ["privacy.trackingprotection.enabled", false], + ["privacy.trackingprotection.pbmode.enabled", false], + ["privacy.trackingprotection.annotate_channels", true], + ], + }); + + for (let page of [TEST_TOP_PAGE, TEST_TOP_PAGE_2, TEST_TOP_PAGE_3]) { + await runTests(page); + } +}); + +add_task(async function() { + info("Cleaning up."); + await new Promise(resolve => { + Services.clearData.deleteData(Ci.nsIClearDataService.CLEAR_ALL, value => + resolve() + ); + }); +}); diff --git a/toolkit/components/antitracking/test/browser/browser_userInteraction.js b/toolkit/components/antitracking/test/browser/browser_userInteraction.js index 5c1d5a03f6fa..078b1dc99889 100644 --- a/toolkit/components/antitracking/test/browser/browser_userInteraction.js +++ b/toolkit/components/antitracking/test/browser/browser_userInteraction.js @@ -106,6 +106,8 @@ add_task(async function() { info("Removing the tab"); BrowserTestUtils.removeTab(tab); + + UrlClassifierTestUtils.cleanupTestTrackers(); }); add_task(async function() { diff --git a/toolkit/components/antitracking/test/browser/browser_workerPropagation.js b/toolkit/components/antitracking/test/browser/browser_workerPropagation.js index 357fe1bc1f2f..106ab70c7cf9 100644 --- a/toolkit/components/antitracking/test/browser/browser_workerPropagation.js +++ b/toolkit/components/antitracking/test/browser/browser_workerPropagation.js @@ -69,6 +69,8 @@ add_task(async function() { info("Removing the tab"); BrowserTestUtils.removeTab(tab); + + UrlClassifierTestUtils.cleanupTestTrackers(); }); add_task(async function() {