Bug 1522776 - Unsupported permission values should be ignored by Sanitizer.jsm, r=johannh

browser/base/content/test/sanitize/browser_cookiePermission.js

@@ -250,6 +250,26 @@ tests.forEach(methods => {
   });
 });
 
+// Session mode, but with unsupported custom permission, data in
+// www.example.com, cookie permission set for www.example.com
+tests.forEach(methods => {
+  attributes.forEach(originAttributes => {
+    add_task(async function deleteStorageOnlyCustomPermission() {
+      info(methods.name + ": All is session only, but with unsupported custom custom permission, data in www.example.com, cookie permission set for www.example.com - OA: " + originAttributes.name);
+      await deleteOnShutdown(
+        { lifetimePolicy: Ci.nsICookieService.ACCEPT_SESSION,
+          createData: methods.createData,
+          checkData: methods.checkData,
+          originAttributes: originAttributes.oa,
+          cookiePermission: 123, // invalid cookie permission
+          expectedForOrg: false,
+          expectedForCom: false,
+          fullHost: true,
+        });
+    });
+  });
+});
+
 add_task(async function deleteStorageInAboutURL() {
   info("Test about:newtab");
 

browser/modules/Sanitizer.jsm

@@ -688,7 +688,6 @@ async function sanitizeOnShutdown(progress) {
     await maybeSanitizeSessionPrincipals(principals);
   }
 
-
   // Let's see if we have to forget some particular site.
   for (let permission of Services.perms.enumerator) {
     if (permission.type != "cookie" ||
@@ -808,6 +807,11 @@ function cookiesAllowedForDomainOrSubDomain(principal) {
     return false;
   }
 
+  // This is an old profile with unsupported permission values
+  if (p != Ci.nsICookiePermission.ACCESS_DEFAULT) {
+    return false;
+  }
+
   for (let perm of Services.perms.enumerator) {
     if (perm.type != "cookie") {
       continue;