Bug 1491835 - Store User-Interaction for AntiTracking purposes - part 2 - storing user-interaction, r=ehsan

dom/base/nsDocument.cpp

@@ -12638,6 +12638,7 @@ nsIDocument::SetUserHasInteracted()
   }
 
   MaybeAllowStorageForOpener();
+  MaybeStoreUserInteractionAsPermission();
 }
 
 void
@@ -12757,6 +12758,15 @@ nsIDocument::MaybeAllowStorageForOpener()
                                                                      AntiTrackingCommon::eHeuristic);
 }
 
+void
+nsIDocument::MaybeStoreUserInteractionAsPermission()
+{
+  // We care about user-interaction stored only for top-level documents.
+  if (!mParentDocument) {
+    AntiTrackingCommon::StoreUserInteractionFor(NodePrincipal());
+  }
+}
+
 bool
 nsIDocument::HasBeenUserGestureActivated()
 {

dom/base/nsIDocument.h

@@ -3921,6 +3921,8 @@ protected:
 
   void MaybeAllowStorageForOpener();
 
+  void MaybeStoreUserInteractionAsPermission();
+
   // Helpers for GetElementsByName.
   static bool MatchNameAttribute(mozilla::dom::Element* aElement,
                                  int32_t aNamespaceID,

dom/ipc/ContentParent.cpp

@@ -5946,6 +5946,13 @@ ContentParent::RecvFirstPartyStorageAccessGrantedForOrigin(const Principal& aPar
   return IPC_OK();
 }
 
+mozilla::ipc::IPCResult
+ContentParent::RecvStoreUserInteractionAsPermission(const Principal& aPrincipal)
+{
+  AntiTrackingCommon::StoreUserInteractionFor(aPrincipal);
+  return IPC_OK();
+}
+
 mozilla::ipc::IPCResult
 ContentParent::RecvAttachBrowsingContext(
   const BrowsingContextId& aParentId,

dom/ipc/ContentParent.h

@@ -1256,6 +1256,9 @@ public:
                                               const nsCString& aGrantedOrigin,
                                               FirstPartyStorageAccessGrantedForOriginResolver&& aResolver) override;
 
+  virtual mozilla::ipc::IPCResult
+  RecvStoreUserInteractionAsPermission(const Principal& aPrincipal) override;
+
   // Notify the ContentChild to enable the input event prioritization when
   // initializing.
   void MaybeEnableRemoteInputEventQueue();

dom/ipc/PContent.ipdl

@@ -1168,6 +1168,8 @@ parent:
                                                   nsCString aGrantedOrigin)
           returns (bool unused);
 
+    async StoreUserInteractionAsPermission(Principal aPrincipal);
+
     /**
      * Sync the BrowsingContext with id 'aContextId' and name 'aName'
      * to the parent, and attach it to the BrowsingContext with id

modules/libpref/init/StaticPrefList.h

@@ -1621,6 +1621,13 @@ VARCACHE_PREF(
   uint32_t, 2592000 // 30 days (in seconds)
 )
 
+// Anti-tracking user-interaction expiration
+VARCACHE_PREF(
+  "privacy.userInteraction.expiration",
+   privacy_userInteraction_expiration,
+  uint32_t, 2592000 // 30 days (in seconds)
+)
+
 // Anti-fingerprinting, disabled by default
 VARCACHE_PREF(
   "privacy.resistFingerprinting",

toolkit/components/antitracking/AntiTrackingCommon.cpp

@@ -21,6 +21,7 @@
 #include "nsIHttpChannelInternal.h"
 #include "nsIIOService.h"
 #include "nsIParentChannel.h"
+#include "nsIPermission.h"
 #include "nsIPermissionManager.h"
 #include "nsIPrincipal.h"
 #include "nsIScriptError.h"
@@ -34,6 +35,7 @@
 #include "prtime.h"
 
 #define ANTITRACKING_PERM_KEY "3rdPartyStorage"
+#define USER_INTERACTION_PERM "storageAccessAPI"
 
 using namespace mozilla;
 using mozilla::dom::ContentChild;
@@ -1121,3 +1123,50 @@ AntiTrackingCommon::NotifyRejection(nsPIDOMWindowInner* aWindow,
 
   ReportBlockingToConsole(pwin, httpChannel, aRejectedReason);
 }
+
+/* static */ void
+AntiTrackingCommon::StoreUserInteractionFor(nsIPrincipal* aPrincipal)
+{
+  if (XRE_IsParentProcess()) {
+    nsCOMPtr<nsIURI> uri;
+    Unused << aPrincipal->GetURI(getter_AddRefs(uri));
+    LOG_SPEC(("Saving the userInteraction for %s", _spec), uri);
+
+    nsCOMPtr<nsIPermissionManager> pm = services::GetPermissionManager();
+    if (NS_WARN_IF(!pm)) {
+      LOG(("Permission manager is null, bailing out early"));
+      return;
+    }
+
+    // Remember that this pref is stored in seconds!
+    uint32_t expirationType = nsIPermissionManager::EXPIRE_TIME;
+    uint32_t expirationTime =
+      StaticPrefs::privacy_userInteraction_expiration() * 1000;
+    int64_t when = (PR_Now() / PR_USEC_PER_MSEC) + expirationTime;
+
+    uint32_t privateBrowsingId = 0;
+    nsresult rv = aPrincipal->GetPrivateBrowsingId(&privateBrowsingId);
+    if (!NS_WARN_IF(NS_FAILED(rv)) && privateBrowsingId > 0) {
+      // If we are coming from a private window, make sure to store a session-only
+      // permission which won't get persisted to disk.
+      expirationType = nsIPermissionManager::EXPIRE_SESSION;
+      when = 0;
+    }
+
+    rv = pm->AddFromPrincipal(aPrincipal,
+                              USER_INTERACTION_PERM,
+                              nsIPermissionManager::ALLOW_ACTION,
+                              expirationType, when);
+    Unused << NS_WARN_IF(NS_FAILED(rv));
+    return;
+  }
+
+  ContentChild* cc = ContentChild::GetSingleton();
+  MOZ_ASSERT(cc);
+
+  nsCOMPtr<nsIURI> uri;
+  Unused << aPrincipal->GetURI(getter_AddRefs(uri));
+  LOG_SPEC(("Asking the parent process to save the user-interaction for us: %s",
+            _spec), uri);
+  cc->SendStoreUserInteractionAsPermission(IPC::Principal(aPrincipal));
+}

toolkit/components/antitracking/AntiTrackingCommon.h

@@ -108,6 +108,9 @@ public:
                                        nsPIDOMWindowInner* aParentWindow,
                                        StorageAccessGrantedReason aReason);
 
+  static void
+  StoreUserInteractionFor(nsIPrincipal* aPrincipal);
+
   // For IPC only.
   static void
   SaveFirstPartyStorageAccessGrantedForOriginOnParentProcess(nsIPrincipal* aPrincipal,