зеркало из https://github.com/mozilla/gecko-dev.git
Bug 1535697 - Part 6: Use separate network connections for isolated third-party trackers; r=michal
Differential Revision: https://phabricator.services.mozilla.com/D28376 --HG-- extra : moz-landing-system : lando
This commit is contained in:
Родитель
1d483abfeb
Коммит
8d5e253237
|
@ -45,7 +45,7 @@ nsHttpConnectionInfo::nsHttpConnectionInfo(
|
|||
const nsACString &npnToken, const nsACString &username,
|
||||
const nsACString &topWindowOrigin, nsProxyInfo *proxyInfo,
|
||||
const OriginAttributes &originAttributes, bool endToEndSSL)
|
||||
: mRoutedPort(443), mLessThanTls13(false) {
|
||||
: mRoutedPort(443), mIsolated(0), mLessThanTls13(false) {
|
||||
Init(originHost, originPort, npnToken, username, topWindowOrigin, proxyInfo,
|
||||
originAttributes, endToEndSSL);
|
||||
}
|
||||
|
@ -56,7 +56,7 @@ nsHttpConnectionInfo::nsHttpConnectionInfo(
|
|||
const nsACString &topWindowOrigin, nsProxyInfo *proxyInfo,
|
||||
const OriginAttributes &originAttributes, const nsACString &routedHost,
|
||||
int32_t routedPort)
|
||||
: mLessThanTls13(false) {
|
||||
: mIsolated(0), mLessThanTls13(false) {
|
||||
mEndToEndSSL = true; // so DefaultPort() works
|
||||
mRoutedPort = routedPort == -1 ? DefaultPort() : routedPort;
|
||||
|
||||
|
@ -137,6 +137,9 @@ void nsHttpConnectionInfo::BuildHashKey() {
|
|||
// byte 7 is i/. i is for isolated
|
||||
|
||||
mHashKey.AssignLiteral("........[tlsflags0x00000000]");
|
||||
if (mIsolated) {
|
||||
mHashKey.SetCharAt('i', 7);
|
||||
}
|
||||
|
||||
mHashKey.Append(keyHost);
|
||||
mHashKey.Append(':');
|
||||
|
@ -222,6 +225,14 @@ void nsHttpConnectionInfo::BuildHashKey() {
|
|||
mHashKey.AppendLiteral("[!v6]");
|
||||
}
|
||||
|
||||
if (mIsolated && !mTopWindowOrigin.IsEmpty()) {
|
||||
mHashKey.Append('{');
|
||||
mHashKey.Append('{');
|
||||
mHashKey.Append(mTopWindowOrigin);
|
||||
mHashKey.Append('}');
|
||||
mHashKey.Append('}');
|
||||
}
|
||||
|
||||
nsAutoCString originAttributes;
|
||||
mOriginAttributes.CreateSuffix(originAttributes);
|
||||
mHashKey.Append(originAttributes);
|
||||
|
|
|
@ -125,9 +125,10 @@ class nsHttpConnectionInfo final : public ARefBase {
|
|||
bool GetBeConservative() const { return mHashKey.CharAt(6) == 'C'; }
|
||||
|
||||
void SetIsolated(bool aIsolated) {
|
||||
mHashKey.SetCharAt(aIsolated ? 'i' : '.', 7);
|
||||
mIsolated = aIsolated;
|
||||
BuildHashKey();
|
||||
}
|
||||
bool GetIsolated() const { return mHashKey.CharAt(7) == 'i'; }
|
||||
bool GetIsolated() const { return mIsolated; }
|
||||
|
||||
void SetTlsFlags(uint32_t aTlsFlags);
|
||||
uint32_t GetTlsFlags() const { return mTlsFlags; }
|
||||
|
@ -205,6 +206,7 @@ class nsHttpConnectionInfo final : public ARefBase {
|
|||
OriginAttributes mOriginAttributes;
|
||||
|
||||
uint32_t mTlsFlags;
|
||||
uint16_t mIsolated : 1;
|
||||
uint16_t mTrrUsed : 1;
|
||||
uint16_t mTrrDisabled : 1;
|
||||
uint16_t mIPv4Disabled : 1;
|
||||
|
|
|
@ -1,3 +1,17 @@
|
|||
function isIsolated(key) {
|
||||
return key.charAt(7) == "i";
|
||||
}
|
||||
|
||||
function hasTopWindowOrigin(key, origin) {
|
||||
let tokenAtEnd = `{{${origin}}}`;
|
||||
let endPart = key.slice(-tokenAtEnd.length);
|
||||
return endPart == tokenAtEnd;
|
||||
}
|
||||
|
||||
function hasAnyTopWindowOrigin(key) {
|
||||
return !!key.match(/{{[^}]+}}/);
|
||||
}
|
||||
|
||||
add_task(async function() {
|
||||
info("Starting tlsSessionTickets test");
|
||||
|
||||
|
@ -82,6 +96,16 @@ add_task(async function() {
|
|||
is(hashKeys.length, 3, "We should have observed 3 loads for " + trackingURL);
|
||||
is(hashKeys[1], hashKeys[2], "The second and third hash keys should match");
|
||||
isnot(hashKeys[0], hashKeys[1], "The first and second hash keys should not match");
|
||||
|
||||
ok(isIsolated(hashKeys[0]), "The first connection must have been isolated");
|
||||
ok(!isIsolated(hashKeys[1]), "The second connection must not have been isolated");
|
||||
ok(!isIsolated(hashKeys[2]), "The third connection must not have been isolated");
|
||||
ok(hasTopWindowOrigin(hashKeys[0], TEST_DOMAIN.replace(/\/$/, "")),
|
||||
"The first connection must be bound to its top-level window");
|
||||
ok(!hasAnyTopWindowOrigin(hashKeys[1]),
|
||||
"The second connection must not be bound to a top-level window");
|
||||
ok(!hasAnyTopWindowOrigin(hashKeys[2]),
|
||||
"The third connection must not be bound to a top-level window");
|
||||
});
|
||||
|
||||
info("Removing the tab");
|
||||
|
|
Загрузка…
Ссылка в новой задаче