Bug 1521051 - Get rid of nsICookiePermission.ACCESS_ALLOW_FIRST_PARTY_ONLY, r=johannh, r=flod

2019-01-23 19:19:19 +01:00 · 2019-01-23 19:19:19 +01:00 · 8e0c688733
--- a/browser/components/preferences/permissions.js
+++ b/browser/components/preferences/permissions.js
@ -131,8 +131,13 @@ var gPermissionManager = {
      this.buildPermissionsList();
    } else if (data == "changed") {
      let p = this._permissions.get(permission.principal.origin);
-      p.capability = permission.capability;
-      this._handleCapabilityChange(p);
+      // Maybe this item has been excluded before because it had an invalid capability.
+      if (p) {
+        p.capability = permission.capability;
+        this._handleCapabilityChange(p);
+      } else {
+        this._addPermissionToList(permission);
+      }
      this.buildPermissionsList();
    } else if (data == "deleted") {
      this._removePermissionFromList(permission.principal.origin);
@ -144,6 +149,12 @@ var gPermissionManager = {
    document.l10n.setAttributes(permissionlistitem.querySelector(".website-capability-value"), this._getCapabilityL10nId(perm.capability));
  },

+  _isCapabilitySupported(capability) {
+     return capability == Ci.nsIPermissionManager.ALLOW_ACTION ||
+            capability == Ci.nsIPermissionManager.DENY_ACTION ||
+            capability == Ci.nsICookiePermission.ACCESS_SESSION;
+  },
+
  _getCapabilityL10nId(capability) {
    let stringKey = null;
    switch (capability) {
@ -153,9 +164,6 @@ var gPermissionManager = {
    case Ci.nsIPermissionManager.DENY_ACTION:
      stringKey = "permissions-capabilities-listitem-block";
      break;
-    case Ci.nsICookiePermission.ACCESS_ALLOW_FIRST_PARTY_ONLY:
-      stringKey = "permissions-capabilities-listitem-allow-first-party";
-      break;
    case Ci.nsICookiePermission.ACCESS_SESSION:
      stringKey = "permissions-capabilities-listitem-allow-session";
      break;
@ -168,6 +176,9 @@ var gPermissionManager = {
  _addPermissionToList(perm) {
    if (perm.type !== this._type)
      return;
+    if (!this._isCapabilitySupported(perm.capability))
+      return;
+
    let p = new Permission(perm.principal, perm.type, perm.capability);
    this._permissions.set(p.origin, p);
  },
--- a/browser/locales/en-US/browser/preferences/permissions.ftl
+++ b/browser/locales/en-US/browser/preferences/permissions.ftl
@ -60,8 +60,6 @@ permissions-capabilities-listitem-allow =
    .value = Allow
 permissions-capabilities-listitem-block =
    .value = Block
-permissions-capabilities-listitem-allow-first-party =
-    .value = Allow first party only
 permissions-capabilities-listitem-allow-session =
    .value = Allow for Session

--- a/browser/modules/Sanitizer.jsm
+++ b/browser/modules/Sanitizer.jsm
@ -799,8 +799,7 @@ function cookiesAllowedForDomainOrSubDomain(principal) {
  // If we have the 'cookie' permission for this principal, let's return
  // immediately.
  let p = Services.perms.testPermissionFromPrincipal(principal, "cookie");
-  if (p == Ci.nsICookiePermission.ACCESS_ALLOW ||
-      p == Ci.nsICookiePermission.ACCESS_ALLOW_FIRST_PARTY_ONLY) {
+  if (p == Ci.nsICookiePermission.ACCESS_ALLOW) {
    return true;
  }

--- a/dom/base/nsContentUtils.cpp
+++ b/dom/base/nsContentUtils.cpp
@ -8174,14 +8174,6 @@ void nsContentUtils::GetCookieLifetimePolicyForPrincipal(
    case nsICookiePermission::ACCESS_SESSION:
      *aLifetimePolicy = nsICookieService::ACCEPT_SESSION;
      break;
-    case nsICookiePermission::ACCESS_ALLOW_FIRST_PARTY_ONLY:
-      // NOTE: The decision was made here to override the lifetime policy to be
-      // ACCEPT_NORMALLY for consistency with ACCESS_ALLOW, but this does
-      // prevent us from expressing BEHAVIOR_REJECT_FOREIGN/ACCEPT_SESSION for a
-      // specific domain. As BEHAVIOR_REJECT_FOREIGN isn't visible in our UI,
-      // this is probably not an issue.
-      *aLifetimePolicy = nsICookieService::ACCEPT_NORMALLY;
-      break;
  }
 }

--- a/dom/tests/mochitest/localstorage/mochitest.ini
+++ b/dom/tests/mochitest/localstorage/mochitest.ini
@ -50,4 +50,3 @@ skip-if = true # bug 1347690
 skip-if = toolkit == 'android'
 [test_storageConstructor.html]
 [test_localStorageSessionPrefOverride.html]
-[test_firstPartyOnlyPermission.html]
--- a/dom/tests/mochitest/localstorage/test_firstPartyOnlyPermission.html
+++ b/dom/tests/mochitest/localstorage/test_firstPartyOnlyPermission.html
@ -1,62 +0,0 @@
-<html xmlns="http://www.w3.org/1999/xhtml">
-<head>
-<title>first party storage permission test</title>
-
-<script type="text/javascript" src="/tests/SimpleTest/SimpleTest.js"></script>
-<script type="text/javascript" src="/tests/SimpleTest/AddTask.js"></script>
-<link rel="stylesheet" type="text/css" href="/tests/SimpleTest/test.css" />
-
-<script type="text/javascript">
-  TRY_ACCESS_SESSION_STORAGE =
-    'http://example.com/tests/dom/tests/mochitest/localstorage/file_tryAccessSessionStorage.html';
-
-  add_task(async function() {
-    await SpecialPowers.pushPrefEnv({
-      set: [['network.cookie.cookieBehavior', SpecialPowers.Ci.nsICookieService.BEHAVIOR_REJECT]],
-    });
-
-    try {
-      sessionStorage.setItem("blocked", "blocked");
-      ok(false, "Shouldn't be available yet");
-    } catch (ex) {
-      ok(true, "Shouldn't be available yet");
-    }
-
-    await new Promise(resolve => SpecialPowers.pushPermissions([{
-      type: 'cookie',
-      allow: SpecialPowers.Ci.nsICookiePermission.ACCESS_ALLOW_FIRST_PARTY_ONLY,
-      context: document,
-    }], resolve));
-
-    // With the permission set to ACCESS_ALLOW_FIRST_PARTY_ONLY, we should be
-    // able to run it from this iframe (as we are first party with the test
-    // runner parent document).
-    try {
-      sessionStorage.setItem("blocked", "blocked");
-      ok(true, "Should be available");
-    } catch (ex) {
-      ok(false, "Should be available");
-    }
-
-    // A third party iframe should not have access however.
-    await new Promise(resolve => {
-      window.onmessage = evt => {
-        window.onmessage = null;
-        is(evt.data, "sessionStorage=false");
-        resolve();
-      };
-
-      let iframe = document.createElement('iframe');
-      iframe.setAttribute('src', TRY_ACCESS_SESSION_STORAGE);
-      document.body.appendChild(iframe);
-    });
-  });
-
-</script>
-
-</head>
-
-<body>
-
-</body>
-</html>
--- a/extensions/cookie/nsCookiePermission.cpp
+++ b/extensions/cookie/nsCookiePermission.cpp
@ -158,7 +158,6 @@ nsCookiePermission::CanSetCookie(nsIURI *aURI, nsIChannel *aChannel,

  uint32_t perm;
  mPermMgr->TestPermission(aURI, kPermissionType, &perm);
-  bool isThirdParty = false;
  switch (perm) {
    case nsICookiePermission::ACCESS_SESSION:
      *aIsSession = true;
@ -172,17 +171,8 @@ nsCookiePermission::CanSetCookie(nsIURI *aURI, nsIChannel *aChannel,
      *aResult = false;
      break;

-    case nsICookiePermission::ACCESS_ALLOW_FIRST_PARTY_ONLY:
-      mThirdPartyUtil->IsThirdPartyChannel(aChannel, aURI, &isThirdParty);
-      // If it's third party, we can't set the cookie
-      if (isThirdParty) *aResult = false;
-      break;
-
    default:
-      // the permission manager has nothing to say about this cookie -
-      // so, we apply the default prefs to it.
-      NS_ASSERTION(perm == nsIPermissionManager::UNKNOWN_ACTION,
-                   "unknown permission");
+      // Here we can have any legacy permission value.

      // now we need to figure out what type of accept policy we're dealing with
      // if we accept cookies normally, just bail and return
--- a/netwerk/cookie/nsCookieService.cpp
+++ b/netwerk/cookie/nsCookieService.cpp
@ -4068,18 +4068,6 @@ CookieStatus nsCookieService::CheckPrefs(

        case nsICookiePermission::ACCESS_ALLOW:
          return STATUS_ACCEPTED;
-
-        case nsICookiePermission::ACCESS_ALLOW_FIRST_PARTY_ONLY:
-          if (aIsForeign) {
-            COOKIE_LOGFAILURE(aCookieHeader ? SET_COOKIE : GET_COOKIE, aHostURI,
-                              aCookieHeader,
-                              "third party cookies are blocked "
-                              "for this site");
-            *aRejectedReason =
-                nsIWebProgressListener::STATE_COOKIES_BLOCKED_BY_PERMISSION;
-            return STATUS_REJECTED;
-          }
-          return STATUS_ACCEPTED;
      }
    }
  }
--- a/netwerk/cookie/nsICookiePermission.idl
+++ b/netwerk/cookie/nsICookiePermission.idl
@ -31,11 +31,11 @@ interface nsICookiePermission : nsISupports
   * any methods on this interface.
   */
  const nsCookieAccess ACCESS_SESSION = 8;
-  const nsCookieAccess ACCESS_ALLOW_FIRST_PARTY_ONLY = 9;

  /**
-   * Don't use value 10! It used to be ACCESS_LIMIT_THIRD_PARTY, now removed,
-   * but maybe still stored in some ancient user profiles.
+   * Don't use values 9 and 10! They used to be ACCESS_ALLOW_FIRST_PARTY_ONLY
+   * and ACCESS_LIMIT_THIRD_PARTY, now removed, but maybe still stored in some
+   * ancient user profiles.
   */

  /**
--- a/testing/mochitest/tests/Harness_sanity/test_SpecialPowersPushPermissions.html
+++ b/testing/mochitest/tests/Harness_sanity/test_SpecialPowersPushPermissions.html
@ -14,7 +14,6 @@ const DENY_ACTION = SpecialPowers.Ci.nsIPermissionManager.DENY_ACTION;
 const UNKNOWN_ACTION = SpecialPowers.Ci.nsIPermissionManager.UNKNOWN_ACTION;
 const PROMPT_ACTION = SpecialPowers.Ci.nsIPermissionManager.PROMPT_ACTION;
 const ACCESS_SESSION = SpecialPowers.Ci.nsICookiePermission.ACCESS_SESSION;
-const ACCESS_ALLOW_FIRST_PARTY_ONLY = SpecialPowers.Ci.nsICookiePermission.ACCESS_ALLOW_FIRST_PARTY_ONLY;

 const EXPIRE_TIME = SpecialPowers.Ci.nsIPermissionManager.EXPIRE_TIME;
 // expire Setting:
@ -36,7 +35,6 @@ function starttest(){
  SpecialPowers.addPermission("pDENY", DENY_ACTION, document);
  SpecialPowers.addPermission("pREMOVE", ALLOW_ACTION, document);
  SpecialPowers.addPermission("pSESSION", ACCESS_SESSION, document);
-  SpecialPowers.addPermission("pFIRSTPARTY", ACCESS_ALLOW_FIRST_PARTY_ONLY, document);

  setTimeout(test1, 0);
 }
@ -59,9 +57,6 @@ function test1() {
  } else if (!SpecialPowers.testPermission('pSESSION', ACCESS_SESSION, document)) {
    dump('/**** ACCESS_SESSION not set ****/\n');
    setTimeout(test1, 0);
-  } else if (!SpecialPowers.testPermission('pFIRSTPARTY', ACCESS_ALLOW_FIRST_PARTY_ONLY, document)) {
-    dump('/**** ACCESS_ALLOW_FIRST_PARTY_ONLY not set ****/\n');
-    setTimeout(test1, 0);
  } else {
    test2();
  }
@ -69,7 +64,14 @@ function test1() {

 function test2() {
  ok(SpecialPowers.testPermission('pUNKNOWN', UNKNOWN_ACTION, document), 'pUNKNOWN value should have UNKOWN permission');
-  SpecialPowers.pushPermissions([{'type': 'pUNKNOWN', 'allow': true, 'context': document}, {'type': 'pALLOW', 'allow': false, 'context': document}, {'type': 'pDENY', 'allow': true, 'context': document}, {'type': 'pPROMPT', 'allow': true, 'context': document}, {'type': 'pSESSION', 'allow': true, 'context': document}, {'type': 'pFIRSTPARTY', 'allow': true, 'context': document}, {'type': 'pREMOVE', 'remove': true, 'context': document}], test3);
+  SpecialPowers.pushPermissions([
+    {'type': 'pUNKNOWN', 'allow': true, 'context': document},
+    {'type': 'pALLOW', 'allow': false, 'context': document},
+    {'type': 'pDENY', 'allow': true, 'context': document},
+    {'type': 'pPROMPT', 'allow': true, 'context': document},
+    {'type': 'pSESSION', 'allow': true, 'context': document},
+    {'type': 'pREMOVE', 'remove': true, 'context': document},
+  ], test3);
 }

 function test3() {
@ -79,15 +81,25 @@ function test3() {
  ok(SpecialPowers.testPermission('pDENY', ALLOW_ACTION, document), 'pDENY should have ALLOW permission');
  ok(SpecialPowers.testPermission('pREMOVE', UNKNOWN_ACTION, document), 'pREMOVE should have REMOVE permission');
  ok(SpecialPowers.testPermission('pSESSION', ALLOW_ACTION, document), 'pSESSION should have ALLOW permission');
-  ok(SpecialPowers.testPermission('pFIRSTPARTY', ALLOW_ACTION, document), 'pFIRSTPARTY should have ALLOW permission');

  // only pPROMPT (last one) is different, the other stuff is just to see if it doesn't cause test failures
-  SpecialPowers.pushPermissions([{'type': 'pUNKNOWN', 'allow': true, 'context': document}, {'type': 'pALLOW', 'allow': false, 'context': document}, {'type': 'pDENY', 'allow': true, 'context': document}, {'type': 'pPROMPT', 'allow': false, 'context': document}, {'type': 'pREMOVE', 'remove': true, 'context': document}], test3b);
+  SpecialPowers.pushPermissions([
+    {'type': 'pUNKNOWN', 'allow': true, 'context': document},
+    {'type': 'pALLOW', 'allow': false, 'context': document},
+    {'type': 'pDENY', 'allow': true, 'context': document},
+    {'type': 'pPROMPT', 'allow': false, 'context': document},
+    {'type': 'pREMOVE', 'remove': true, 'context': document},
+  ], test3b);
 }

 function test3b() {
  ok(SpecialPowers.testPermission('pPROMPT', DENY_ACTION, document), 'pPROMPT value should have DENY permission');
-  SpecialPowers.pushPermissions([{'type': 'pUNKNOWN', 'allow': DENY_ACTION, 'context': document}, {'type': 'pALLOW', 'allow': PROMPT_ACTION, 'context': document}, {'type': 'pDENY', 'allow': PROMPT_ACTION, 'context': document}, {'type': 'pPROMPT', 'allow': ALLOW_ACTION, 'context': document}], test4);
+  SpecialPowers.pushPermissions([
+    {'type': 'pUNKNOWN', 'allow': DENY_ACTION, 'context': document},
+    {'type': 'pALLOW', 'allow': PROMPT_ACTION, 'context': document},
+    {'type': 'pDENY', 'allow': PROMPT_ACTION, 'context': document},
+    {'type': 'pPROMPT', 'allow': ALLOW_ACTION, 'context': document},
+  ], test4);
 }

 function test4() {
@ -99,7 +111,6 @@ function test4() {
  SpecialPowers.flushPermissions(test5);
 }

-
 function test5() {
  ok(SpecialPowers.testPermission('pUNKNOWN', UNKNOWN_ACTION, document), 'pUNKNOWN should have UNKNOWN permission');
  ok(SpecialPowers.testPermission('pALLOW', ALLOW_ACTION, document), 'pALLOW should have ALLOW permission');
@ -107,14 +118,12 @@ function test5() {
  ok(SpecialPowers.testPermission('pPROMPT', PROMPT_ACTION, document), 'pPROMPT should have PROMPT permission');
  ok(SpecialPowers.testPermission('pREMOVE', ALLOW_ACTION, document), 'pREMOVE should have ALLOW permission');
  ok(SpecialPowers.testPermission('pSESSION', ACCESS_SESSION, document), 'pSESSION should have ACCESS_SESSION permission');
-  ok(SpecialPowers.testPermission('pFIRSTPARTY', ACCESS_ALLOW_FIRST_PARTY_ONLY, document), 'pFIRSTPARTY should have ACCESS_ALLOW_FIRST_PARTY_ONLY permission');

  SpecialPowers.removePermission("pPROMPT", document);
  SpecialPowers.removePermission("pALLOW", document);
  SpecialPowers.removePermission("pDENY", document);
  SpecialPowers.removePermission("pREMOVE", document);
  SpecialPowers.removePermission("pSESSION", document);
-  SpecialPowers.removePermission("pFIRSTPARTY", document);

  setTimeout(test6, 0);
 }
@ -135,9 +144,6 @@ function test6() {
  } else if (!SpecialPowers.testPermission('pSESSION', UNKNOWN_ACTION, document)) {
    dump('/**** pSESSION still set ****/\n');
    setTimeout(test6, 0);
-  } else if (!SpecialPowers.testPermission('pFIRSTPARTY', UNKNOWN_ACTION, document)) {
-    dump('/**** pFIRSTPARTY still set ****/\n');
-    setTimeout(test6, 0);
  } else {
    test7();
  }
--- a/testing/specialpowers/content/specialpowersAPI.js
+++ b/testing/specialpowers/content/specialpowersAPI.js
@ -802,8 +802,6 @@ SpecialPowersAPI.prototype = {
          originalValue = Ci.nsIPermissionManager.PROMPT_ACTION;
        } else if (this.testPermission(permission.type, Ci.nsICookiePermission.ACCESS_SESSION, context)) {
          originalValue = Ci.nsICookiePermission.ACCESS_SESSION;
-        } else if (this.testPermission(permission.type, Ci.nsICookiePermission.ACCESS_ALLOW_FIRST_PARTY_ONLY, context)) {
-          originalValue = Ci.nsICookiePermission.ACCESS_ALLOW_FIRST_PARTY_ONLY;
        }

        let principal = this._getPrincipalFromArg(context);