From a0049a050faded78e88dc8f1a90e461f15a6a663 Mon Sep 17 00:00:00 2001 From: Andrea Marchesini Date: Fri, 29 May 2020 15:57:29 +0000 Subject: [PATCH] Bug 1641459 - Consider 3rd parties cookie requested by documents with a window, r=smaug This is required for how Cookies gtests are written Differential Revision: https://phabricator.services.mozilla.com/D77301 --- netwerk/cookie/CookieService.cpp | 22 +++++++++++++--------- netwerk/cookie/CookieServiceChild.cpp | 22 +++++++++++++--------- netwerk/test/TestCookie.cpp | 1 + 3 files changed, 27 insertions(+), 18 deletions(-) diff --git a/netwerk/cookie/CookieService.cpp b/netwerk/cookie/CookieService.cpp index 0e77b4736762..514f4d0dd9de 100644 --- a/netwerk/cookie/CookieService.cpp +++ b/netwerk/cookie/CookieService.cpp @@ -317,14 +317,15 @@ CookieService::GetCookieStringFromDocument(Document* aDocument, // if it isn't, then we can't send a secure cookie over the connection. bool potentiallyTurstworthy = principal->GetIsOriginPotentiallyTrustworthy(); + bool thirdParty = true; nsPIDOMWindowInner* innerWindow = aDocument->GetInnerWindow(); - if (NS_WARN_IF(!innerWindow)) { - return NS_OK; + // in gtests we don't have a window, let's consider those requests as 3rd + // party. + if (innerWindow) { + thirdParty = nsContentUtils::IsThirdPartyWindowOrChannel(innerWindow, + nullptr, nullptr); } - bool thirdParty = nsContentUtils::IsThirdPartyWindowOrChannel( - innerWindow, nullptr, nullptr); - bool stale = false; nsTArray cookieList; @@ -455,13 +456,16 @@ CookieService::SetCookieStringFromDocument(Document* aDocument, return NS_OK; } + bool thirdParty = true; nsPIDOMWindowInner* innerWindow = aDocument->GetInnerWindow(); - if (NS_WARN_IF(!innerWindow)) { - return NS_OK; + // in gtests we don't have a window, let's consider those requests as 3rd + // party. + if (innerWindow) { + thirdParty = nsContentUtils::IsThirdPartyWindowOrChannel(innerWindow, + nullptr, nullptr); } - if (nsContentUtils::IsThirdPartyWindowOrChannel(innerWindow, nullptr, - nullptr) && + if (thirdParty && !CookieCommons::ShouldIncludeCrossSiteCookieForDocument(cookie)) { return NS_OK; } diff --git a/netwerk/cookie/CookieServiceChild.cpp b/netwerk/cookie/CookieServiceChild.cpp index fe98676101ef..9440ff0c8748 100644 --- a/netwerk/cookie/CookieServiceChild.cpp +++ b/netwerk/cookie/CookieServiceChild.cpp @@ -351,14 +351,15 @@ CookieServiceChild::GetCookieStringFromDocument(Document* aDocument, nsAutoCString pathFromURI; principal->GetFilePath(pathFromURI); + bool thirdParty = true; nsPIDOMWindowInner* innerWindow = aDocument->GetInnerWindow(); - if (NS_WARN_IF(!innerWindow)) { - return NS_OK; + // in gtests we don't have a window, let's consider those requests as 3rd + // party. + if (innerWindow) { + thirdParty = nsContentUtils::IsThirdPartyWindowOrChannel(innerWindow, + nullptr, nullptr); } - bool thirdParty = nsContentUtils::IsThirdPartyWindowOrChannel( - innerWindow, nullptr, nullptr); - bool isPotentiallyTrustworthy = principal->GetIsOriginPotentiallyTrustworthy(); int64_t currentTimeInUsec = PR_Now(); @@ -444,13 +445,16 @@ CookieServiceChild::SetCookieStringFromDocument( return NS_OK; } + bool thirdParty = true; nsPIDOMWindowInner* innerWindow = aDocument->GetInnerWindow(); - if (NS_WARN_IF(!innerWindow)) { - return NS_OK; + // in gtests we don't have a window, let's consider those requests as 3rd + // party. + if (innerWindow) { + thirdParty = nsContentUtils::IsThirdPartyWindowOrChannel(innerWindow, + nullptr, nullptr); } - if (nsContentUtils::IsThirdPartyWindowOrChannel(innerWindow, nullptr, - nullptr) && + if (thirdParty && !CookieCommons::ShouldIncludeCrossSiteCookieForDocument(cookie)) { return NS_OK; } diff --git a/netwerk/test/TestCookie.cpp b/netwerk/test/TestCookie.cpp index 68c229b62e0a..aac9ba57c78e 100644 --- a/netwerk/test/TestCookie.cpp +++ b/netwerk/test/TestCookie.cpp @@ -1026,6 +1026,7 @@ TEST(TestCookie, SameSiteLax) TEST(TestCookie, OnionSite) { Preferences::SetBool("dom.securecontext.whitelist_onions", true); + Preferences::SetBool("network.cookie.sameSite.laxByDefault", false); nsresult rv; nsCString cookie;