зеркало из https://github.com/mozilla/gecko-dev.git
Bug 1639833 - IntrisincStoragePrincipal should always be partitioned - part 4 - Renaming storage access permission methods, r=dimi
Differential Revision: https://phabricator.services.mozilla.com/D76917
This commit is contained in:
Andrea Marchesini
Родитель
6172ec2b3e
Коммит
a997c1d626
|
|
@ -15846,11 +15846,11 @@ already_AddRefed<mozilla::dom::Promise> Document::RequestStorageAccess(
|
|||
Telemetry::LABELS_STORAGE_ACCESS_API_UI::Request);
|
||||
}
|
||||
|
||||
self->AutomaticStorageAccessCanBeGranted()->Then(
|
||||
self->AutomaticStorageAccessPermissionCanBeGranted()->Then(
|
||||
GetCurrentThreadSerialEventTarget(), __func__,
|
||||
[p, pr, sapr, inner](
|
||||
const AutomaticStorageAccessGrantPromise::ResolveOrRejectValue&
|
||||
aValue) -> void {
|
||||
[p, pr, sapr,
|
||||
inner](const AutomaticStorageAccessPermissionGrantPromise::
|
||||
ResolveOrRejectValue& aValue) -> void {
|
||||
// Make a copy because we can't modified copy-captured lambda
|
||||
// variables.
|
||||
PromptResult pr2 = pr;
|
||||
|
|
@ -15926,8 +15926,8 @@ already_AddRefed<mozilla::dom::Promise> Document::RequestStorageAccess(
|
|||
return promise.forget();
|
||||
}
|
||||
|
||||
RefPtr<Document::AutomaticStorageAccessGrantPromise>
|
||||
Document::AutomaticStorageAccessCanBeGranted() {
|
||||
RefPtr<Document::AutomaticStorageAccessPermissionGrantPromise>
|
||||
Document::AutomaticStorageAccessPermissionCanBeGranted() {
|
||||
if (XRE_IsContentProcess()) {
|
||||
// In the content process, we need to ask the parent process to compute
|
||||
// this. The reason is that nsIPermissionManager::GetAllWithTypePrefix()
|
||||
|
|
@ -15936,32 +15936,35 @@ Document::AutomaticStorageAccessCanBeGranted() {
|
|||
MOZ_ASSERT(cc);
|
||||
|
||||
return cc
|
||||
->SendAutomaticStorageAccessCanBeGranted(
|
||||
->SendAutomaticStorageAccessPermissionCanBeGranted(
|
||||
IPC::Principal(NodePrincipal()))
|
||||
->Then(
|
||||
GetCurrentThreadSerialEventTarget(), __func__,
|
||||
[](const ContentChild::AutomaticStorageAccessCanBeGrantedPromise::
|
||||
ResolveOrRejectValue& aValue) {
|
||||
if (aValue.IsResolve()) {
|
||||
return AutomaticStorageAccessGrantPromise::CreateAndResolve(
|
||||
aValue.ResolveValue(), __func__);
|
||||
}
|
||||
->Then(GetCurrentThreadSerialEventTarget(), __func__,
|
||||
[](const ContentChild::
|
||||
AutomaticStorageAccessPermissionCanBeGrantedPromise::
|
||||
ResolveOrRejectValue& aValue) {
|
||||
if (aValue.IsResolve()) {
|
||||
return AutomaticStorageAccessPermissionGrantPromise::
|
||||
CreateAndResolve(aValue.ResolveValue(), __func__);
|
||||
}
|
||||
|
||||
return AutomaticStorageAccessGrantPromise::CreateAndReject(
|
||||
false, __func__);
|
||||
});
|
||||
return AutomaticStorageAccessPermissionGrantPromise::
|
||||
CreateAndReject(false, __func__);
|
||||
});
|
||||
}
|
||||
|
||||
if (XRE_IsParentProcess()) {
|
||||
// In the parent process, we can directly compute this.
|
||||
return AutomaticStorageAccessGrantPromise::CreateAndResolve(
|
||||
AutomaticStorageAccessCanBeGranted(NodePrincipal()), __func__);
|
||||
return AutomaticStorageAccessPermissionGrantPromise::CreateAndResolve(
|
||||
AutomaticStorageAccessPermissionCanBeGranted(NodePrincipal()),
|
||||
__func__);
|
||||
}
|
||||
|
||||
return AutomaticStorageAccessGrantPromise::CreateAndReject(false, __func__);
|
||||
return AutomaticStorageAccessPermissionGrantPromise::CreateAndReject(
|
||||
false, __func__);
|
||||
}
|
||||
|
||||
bool Document::AutomaticStorageAccessCanBeGranted(nsIPrincipal* aPrincipal) {
|
||||
bool Document::AutomaticStorageAccessPermissionCanBeGranted(
|
||||
nsIPrincipal* aPrincipal) {
|
||||
nsAutoCString prefix;
|
||||
AntiTrackingUtils::CreateStoragePermissionKey(aPrincipal, prefix);
|
||||
|
||||
|
|
|
|||
|
|
@ -3877,7 +3877,8 @@ class Document : public nsINode,
|
|||
|
||||
static bool HasRecentlyStartedForegroundLoads();
|
||||
|
||||
static bool AutomaticStorageAccessCanBeGranted(nsIPrincipal* aPrincipal);
|
||||
static bool AutomaticStorageAccessPermissionCanBeGranted(
|
||||
nsIPrincipal* aPrincipal);
|
||||
|
||||
already_AddRefed<Promise> AddCertException(bool aIsTemporary);
|
||||
|
||||
|
|
@ -4171,9 +4172,10 @@ class Document : public nsINode,
|
|||
|
||||
void MaybeResolveReadyForIdle();
|
||||
|
||||
typedef MozPromise<bool, bool, true> AutomaticStorageAccessGrantPromise;
|
||||
MOZ_MUST_USE RefPtr<AutomaticStorageAccessGrantPromise>
|
||||
AutomaticStorageAccessCanBeGranted();
|
||||
typedef MozPromise<bool, bool, true>
|
||||
AutomaticStorageAccessPermissionGrantPromise;
|
||||
MOZ_MUST_USE RefPtr<AutomaticStorageAccessPermissionGrantPromise>
|
||||
AutomaticStorageAccessPermissionCanBeGranted();
|
||||
|
||||
static void AddToplevelLoadingDocument(Document* aDoc);
|
||||
static void RemoveToplevelLoadingDocument(Document* aDoc);
|
||||
|
|
|
|||
|
|
@ -533,11 +533,11 @@ ThirdPartyUtil::AnalyzeChannel(nsIChannel* aChannel, bool aNotify, nsIURI* aURI,
|
|||
if (performStorageChecks &&
|
||||
ContentBlocking::ShouldAllowAccessFor(aChannel, aURI ? aURI : uri.get(),
|
||||
aRejectedReason)) {
|
||||
result += ThirdPartyAnalysis::IsFirstPartyStorageAccessGranted;
|
||||
result += ThirdPartyAnalysis::IsStorageAccessPermissionGranted;
|
||||
}
|
||||
|
||||
if (aNotify && !result.contains(
|
||||
ThirdPartyAnalysis::IsFirstPartyStorageAccessGranted)) {
|
||||
ThirdPartyAnalysis::IsStorageAccessPermissionGranted)) {
|
||||
ContentBlockingNotifier::OnDecision(
|
||||
aChannel, ContentBlockingNotifier::BlockingDecision::eBlock,
|
||||
*aRejectedReason);
|
||||
|
|
|
|||
|
|
@ -3893,7 +3893,8 @@ void BrowserChild::NotifyContentBlockingEvent(
|
|||
uint32_t aEvent, nsIChannel* aChannel, bool aBlocked,
|
||||
const nsACString& aTrackingOrigin,
|
||||
const nsTArray<nsCString>& aTrackingFullHashes,
|
||||
const Maybe<mozilla::ContentBlockingNotifier::StorageAccessGrantedReason>&
|
||||
const Maybe<
|
||||
mozilla::ContentBlockingNotifier::StorageAccessPermissionGrantedReason>&
|
||||
aReason) {
|
||||
if (!IPCOpen()) {
|
||||
return;
|
||||
|
|
|
|||
|
|
@ -702,7 +702,8 @@ class BrowserChild final : public nsMessageManagerScriptExecutor,
|
|||
uint32_t aEvent, nsIChannel* aChannel, bool aBlocked,
|
||||
const nsACString& aTrackingOrigin,
|
||||
const nsTArray<nsCString>& aTrackingFullHashes,
|
||||
const Maybe<ContentBlockingNotifier::StorageAccessGrantedReason>&
|
||||
const Maybe<
|
||||
ContentBlockingNotifier::StorageAccessPermissionGrantedReason>&
|
||||
aReason);
|
||||
|
||||
protected:
|
||||
|
|
|
|||
|
|
@ -2757,7 +2757,8 @@ mozilla::ipc::IPCResult BrowserParent::RecvNotifyContentBlockingEvent(
|
|||
const uint32_t& aEvent, const RequestData& aRequestData,
|
||||
const bool aBlocked, const nsACString& aTrackingOrigin,
|
||||
nsTArray<nsCString>&& aTrackingFullHashes,
|
||||
const Maybe<mozilla::ContentBlockingNotifier::StorageAccessGrantedReason>&
|
||||
const Maybe<
|
||||
mozilla::ContentBlockingNotifier::StorageAccessPermissionGrantedReason>&
|
||||
aReason) {
|
||||
MOZ_ASSERT(aRequestData.elapsedLoadTimeMS().isNothing());
|
||||
|
||||
|
|
|
|||
|
|
@ -311,8 +311,8 @@ class BrowserParent final : public PBrowserParent,
|
|||
const uint32_t& aEvent, const RequestData& aRequestData,
|
||||
const bool aBlocked, const nsACString& aTrackingOrigin,
|
||||
nsTArray<nsCString>&& aTrackingFullHashes,
|
||||
const Maybe<mozilla::ContentBlockingNotifier::StorageAccessGrantedReason>&
|
||||
aReason);
|
||||
const Maybe<mozilla::ContentBlockingNotifier::
|
||||
StorageAccessPermissionGrantedReason>& aReason);
|
||||
|
||||
mozilla::ipc::IPCResult RecvReportBlockedEmbedderNodeByClassifier();
|
||||
|
||||
|
|
|
|||
|
|
@ -3508,7 +3508,8 @@ mozilla::ipc::IPCResult ContentChild::RecvSessionStorageData(
|
|||
mozilla::ipc::IPCResult ContentChild::RecvOnAllowAccessFor(
|
||||
const MaybeDiscarded<BrowsingContext>& aContext,
|
||||
const nsCString& aTrackingOrigin, uint32_t aCookieBehavior,
|
||||
const ContentBlockingNotifier::StorageAccessGrantedReason& aReason) {
|
||||
const ContentBlockingNotifier::StorageAccessPermissionGrantedReason&
|
||||
aReason) {
|
||||
MOZ_ASSERT(!aContext.IsNull(), "Browsing context cannot be null");
|
||||
|
||||
ContentBlocking::OnAllowAccessFor(aContext.GetMaybeDiscarded(),
|
||||
|
|
|
|||
|
|
@ -655,7 +655,8 @@ class ContentChild final : public PContentChild,
|
|||
mozilla::ipc::IPCResult RecvOnAllowAccessFor(
|
||||
const MaybeDiscarded<BrowsingContext>& aContext,
|
||||
const nsCString& aTrackingOrigin, uint32_t aCookieBehavior,
|
||||
const ContentBlockingNotifier::StorageAccessGrantedReason& aReason);
|
||||
const ContentBlockingNotifier::StorageAccessPermissionGrantedReason&
|
||||
aReason);
|
||||
|
||||
mozilla::ipc::IPCResult RecvOnContentBlockingDecision(
|
||||
const MaybeDiscarded<BrowsingContext>& aContext,
|
||||
|
|
|
|||
|
|
@ -5912,20 +5912,21 @@ mozilla::ipc::IPCResult ContentParent::RecvAddCertException(
|
|||
return IPC_OK();
|
||||
}
|
||||
|
||||
mozilla::ipc::IPCResult ContentParent::RecvAutomaticStorageAccessCanBeGranted(
|
||||
mozilla::ipc::IPCResult
|
||||
ContentParent::RecvAutomaticStorageAccessPermissionCanBeGranted(
|
||||
const Principal& aPrincipal,
|
||||
AutomaticStorageAccessCanBeGrantedResolver&& aResolver) {
|
||||
aResolver(Document::AutomaticStorageAccessCanBeGranted(aPrincipal));
|
||||
AutomaticStorageAccessPermissionCanBeGrantedResolver&& aResolver) {
|
||||
aResolver(Document::AutomaticStorageAccessPermissionCanBeGranted(aPrincipal));
|
||||
return IPC_OK();
|
||||
}
|
||||
|
||||
mozilla::ipc::IPCResult
|
||||
ContentParent::RecvFirstPartyStorageAccessGrantedForOrigin(
|
||||
ContentParent::RecvStorageAccessPermissionGrantedForOrigin(
|
||||
uint64_t aTopLevelWindowId,
|
||||
const MaybeDiscarded<BrowsingContext>& aParentContext,
|
||||
const Principal& aTrackingPrincipal, const nsCString& aTrackingOrigin,
|
||||
const int& aAllowMode,
|
||||
FirstPartyStorageAccessGrantedForOriginResolver&& aResolver) {
|
||||
StorageAccessPermissionGrantedForOriginResolver&& aResolver) {
|
||||
if (aParentContext.IsNullOrDiscarded()) {
|
||||
return IPC_OK();
|
||||
}
|
||||
|
|
@ -5949,7 +5950,8 @@ mozilla::ipc::IPCResult ContentParent::RecvCompleteAllowAccessFor(
|
|||
const MaybeDiscarded<BrowsingContext>& aParentContext,
|
||||
uint64_t aTopLevelWindowId, const Principal& aTrackingPrincipal,
|
||||
const nsCString& aTrackingOrigin, uint32_t aCookieBehavior,
|
||||
const ContentBlockingNotifier::StorageAccessGrantedReason& aReason,
|
||||
const ContentBlockingNotifier::StorageAccessPermissionGrantedReason&
|
||||
aReason,
|
||||
CompleteAllowAccessForResolver&& aResolver) {
|
||||
if (aParentContext.IsNullOrDiscarded()) {
|
||||
return IPC_OK();
|
||||
|
|
@ -5958,18 +5960,17 @@ mozilla::ipc::IPCResult ContentParent::RecvCompleteAllowAccessFor(
|
|||
ContentBlocking::CompleteAllowAccessFor(
|
||||
aParentContext.get_canonical(), aTopLevelWindowId, aTrackingPrincipal,
|
||||
aTrackingOrigin, aCookieBehavior, aReason, nullptr)
|
||||
->Then(
|
||||
GetCurrentThreadSerialEventTarget(), __func__,
|
||||
[aResolver = std::move(aResolver)](
|
||||
ContentBlocking::StorageAccessGrantPromise::ResolveOrRejectValue&&
|
||||
aValue) {
|
||||
Maybe<StorageAccessPromptChoices> choice;
|
||||
if (aValue.IsResolve()) {
|
||||
choice.emplace(static_cast<StorageAccessPromptChoices>(
|
||||
aValue.ResolveValue()));
|
||||
}
|
||||
aResolver(choice);
|
||||
});
|
||||
->Then(GetCurrentThreadSerialEventTarget(), __func__,
|
||||
[aResolver = std::move(aResolver)](
|
||||
ContentBlocking::StorageAccessPermissionGrantPromise::
|
||||
ResolveOrRejectValue&& aValue) {
|
||||
Maybe<StorageAccessPromptChoices> choice;
|
||||
if (aValue.IsResolve()) {
|
||||
choice.emplace(static_cast<StorageAccessPromptChoices>(
|
||||
aValue.ResolveValue()));
|
||||
}
|
||||
aResolver(choice);
|
||||
});
|
||||
return IPC_OK();
|
||||
}
|
||||
|
||||
|
|
|
|||
|
|
@ -1216,22 +1216,23 @@ class ContentParent final
|
|||
const nsACString& aHostName, int32_t aPort, bool aIsTemporary,
|
||||
AddCertExceptionResolver&& aResolver);
|
||||
|
||||
mozilla::ipc::IPCResult RecvAutomaticStorageAccessCanBeGranted(
|
||||
mozilla::ipc::IPCResult RecvAutomaticStorageAccessPermissionCanBeGranted(
|
||||
const Principal& aPrincipal,
|
||||
AutomaticStorageAccessCanBeGrantedResolver&& aResolver);
|
||||
AutomaticStorageAccessPermissionCanBeGrantedResolver&& aResolver);
|
||||
|
||||
mozilla::ipc::IPCResult RecvFirstPartyStorageAccessGrantedForOrigin(
|
||||
mozilla::ipc::IPCResult RecvStorageAccessPermissionGrantedForOrigin(
|
||||
uint64_t aTopLevelWindowId,
|
||||
const MaybeDiscarded<BrowsingContext>& aParentContext,
|
||||
const Principal& aTrackingPrincipal, const nsCString& aTrackingOrigin,
|
||||
const int& aAllowMode,
|
||||
FirstPartyStorageAccessGrantedForOriginResolver&& aResolver);
|
||||
StorageAccessPermissionGrantedForOriginResolver&& aResolver);
|
||||
|
||||
mozilla::ipc::IPCResult RecvCompleteAllowAccessFor(
|
||||
const MaybeDiscarded<BrowsingContext>& aParentContext,
|
||||
uint64_t aTopLevelWindowId, const Principal& aTrackingPrincipal,
|
||||
const nsCString& aTrackingOrigin, uint32_t aCookieBehavior,
|
||||
const ContentBlockingNotifier::StorageAccessGrantedReason& aReason,
|
||||
const ContentBlockingNotifier::StorageAccessPermissionGrantedReason&
|
||||
aReason,
|
||||
CompleteAllowAccessForResolver&& aResolver);
|
||||
|
||||
mozilla::ipc::IPCResult RecvStoreUserInteractionAsPermission(
|
||||
|
|
|
|||
|
|
@ -94,7 +94,7 @@ using mozilla::ScrollAxis from "mozilla/PresShellForwards.h";
|
|||
using mozilla::ScrollFlags from "mozilla/PresShellForwards.h";
|
||||
using struct InputFormData from "mozilla/dom/SessionStoreMessageUtils.h";
|
||||
using struct CollectedInputDataValue from "mozilla/dom/SessionStoreMessageUtils.h";
|
||||
using mozilla::ContentBlockingNotifier::StorageAccessGrantedReason from "mozilla/ContentBlockingNotifier.h";
|
||||
using mozilla::ContentBlockingNotifier::StorageAccessPermissionGrantedReason from "mozilla/ContentBlockingNotifier.h";
|
||||
using CallerType from "mozilla/dom/BindingDeclarations.h";
|
||||
using mozilla::dom::EmbedderElementEventType from "mozilla/dom/TabMessageUtils.h";
|
||||
|
||||
|
|
@ -579,7 +579,7 @@ parent:
|
|||
async NotifyContentBlockingEvent(uint32_t aEvent, RequestData aRequestData,
|
||||
bool aBlocked, nsCString aTrackingOrigin,
|
||||
nsCString[] aTrackingFullHashes,
|
||||
StorageAccessGrantedReason? aReason);
|
||||
StorageAccessPermissionGrantedReason? aReason);
|
||||
|
||||
async NavigationFinished();
|
||||
|
||||
|
|
|
|||
|
|
@ -119,7 +119,7 @@ using mozilla::dom::MaybeMediaMetadataBase from "mozilla/dom/MediaSessionIPCUtil
|
|||
using mozilla::dom::MediaSessionPlaybackState from "mozilla/dom/MediaSessionBinding.h";
|
||||
using refcounted class nsDocShellLoadState from "nsDocShellLoadState.h";
|
||||
using mozilla::dom::ServiceWorkerShutdownState::Progress from "mozilla/dom/ServiceWorkerShutdownState.h";
|
||||
using mozilla::ContentBlockingNotifier::StorageAccessGrantedReason from "mozilla/ContentBlockingNotifier.h";
|
||||
using mozilla::ContentBlockingNotifier::StorageAccessPermissionGrantedReason from "mozilla/ContentBlockingNotifier.h";
|
||||
using mozilla::ContentBlockingNotifier::BlockingDecision from "mozilla/ContentBlockingNotifier.h";
|
||||
using mozilla::ContentBlocking::StorageAccessPromptChoices from "mozilla/ContentBlocking.h";
|
||||
using JSActorMessageKind from "mozilla/dom/JSActor.h";
|
||||
|
|
@ -878,7 +878,7 @@ child:
|
|||
async OnAllowAccessFor(MaybeDiscardedBrowsingContext aParentContext,
|
||||
nsCString aTrackingOrigin,
|
||||
uint32_t aCookieBehavior,
|
||||
StorageAccessGrantedReason aReason);
|
||||
StorageAccessPermissionGrantedReason aReason);
|
||||
|
||||
async OnContentBlockingDecision(MaybeDiscardedBrowsingContext aContext,
|
||||
BlockingDecision aReason,
|
||||
|
|
@ -1492,14 +1492,14 @@ parent:
|
|||
* Determines whether storage access can be granted automatically by the
|
||||
* storage access API without showing a user prompt.
|
||||
*/
|
||||
async AutomaticStorageAccessCanBeGranted(Principal aPrincipal)
|
||||
async AutomaticStorageAccessPermissionCanBeGranted(Principal aPrincipal)
|
||||
returns (bool success);
|
||||
|
||||
/*
|
||||
* A 3rd party tracking origin (aTrackingOrigin) has received the permission
|
||||
* granted to have access to aGrantedOrigin when loaded by aParentWindowId.
|
||||
*/
|
||||
async FirstPartyStorageAccessGrantedForOrigin(uint64_t aTopLevelWindowId,
|
||||
async StorageAccessPermissionGrantedForOrigin(uint64_t aTopLevelWindowId,
|
||||
MaybeDiscardedBrowsingContext aParentContext,
|
||||
Principal aTrackingPrincipal,
|
||||
nsCString aTrackingOrigin,
|
||||
|
|
@ -1511,7 +1511,7 @@ parent:
|
|||
Principal aTrackingPrincipal,
|
||||
nsCString aTrackingOrigin,
|
||||
uint32_t aCookieBehavior,
|
||||
StorageAccessGrantedReason aReason)
|
||||
StorageAccessPermissionGrantedReason aReason)
|
||||
returns (StorageAccessPromptChoices? choice);
|
||||
|
||||
async StoreUserInteractionAsPermission(Principal aPrincipal);
|
||||
|
|
|
|||
|
|
@ -70,7 +70,7 @@ child:
|
|||
|
||||
async DispatchSecurityPolicyViolation(nsString aViolationEventJSON);
|
||||
|
||||
async SaveStorageAccessGranted();
|
||||
async SaveStorageAccessPermissionGranted();
|
||||
|
||||
both:
|
||||
async RawMessage(JSActorMessageMeta aMetadata, ClonedMessageData aData,
|
||||
|
|
|
|||
|
|
@ -485,7 +485,8 @@ mozilla::ipc::IPCResult WindowGlobalChild::RecvGetSecurityInfo(
|
|||
return IPC_OK();
|
||||
}
|
||||
|
||||
mozilla::ipc::IPCResult WindowGlobalChild::RecvSaveStorageAccessGranted() {
|
||||
mozilla::ipc::IPCResult
|
||||
WindowGlobalChild::RecvSaveStorageAccessPermissionGranted() {
|
||||
nsCOMPtr<nsPIDOMWindowInner> inner = GetWindowGlobal();
|
||||
if (inner) {
|
||||
inner->SaveStorageAccessPermissionGranted();
|
||||
|
|
|
|||
|
|
@ -144,7 +144,7 @@ class WindowGlobalChild final : public WindowGlobalActor,
|
|||
mozilla::ipc::IPCResult RecvGetSecurityInfo(
|
||||
GetSecurityInfoResolver&& aResolve);
|
||||
|
||||
mozilla::ipc::IPCResult RecvSaveStorageAccessGranted();
|
||||
mozilla::ipc::IPCResult RecvSaveStorageAccessPermissionGranted();
|
||||
|
||||
virtual void ActorDestroy(ActorDestroyReason aWhy) override;
|
||||
|
||||
|
|
|
|||
|
|
@ -447,7 +447,8 @@ void WindowGlobalParent::NotifyContentBlockingEvent(
|
|||
uint32_t aEvent, nsIRequest* aRequest, bool aBlocked,
|
||||
const nsACString& aTrackingOrigin,
|
||||
const nsTArray<nsCString>& aTrackingFullHashes,
|
||||
const Maybe<ContentBlockingNotifier::StorageAccessGrantedReason>& aReason) {
|
||||
const Maybe<ContentBlockingNotifier::StorageAccessPermissionGrantedReason>&
|
||||
aReason) {
|
||||
MOZ_ASSERT(NS_IsMainThread());
|
||||
DebugOnly<bool> isCookiesBlocked =
|
||||
aEvent == nsIWebProgressListener::STATE_COOKIES_BLOCKED_TRACKER ||
|
||||
|
|
|
|||
|
|
@ -167,7 +167,8 @@ class WindowGlobalParent final : public WindowContext,
|
|||
uint32_t aEvent, nsIRequest* aRequest, bool aBlocked,
|
||||
const nsACString& aTrackingOrigin,
|
||||
const nsTArray<nsCString>& aTrackingFullHashes,
|
||||
const Maybe<ContentBlockingNotifier::StorageAccessGrantedReason>&
|
||||
const Maybe<
|
||||
ContentBlockingNotifier::StorageAccessPermissionGrantedReason>&
|
||||
aReason = Nothing());
|
||||
|
||||
ContentBlockingLog* GetContentBlockingLog() { return &mContentBlockingLog; }
|
||||
|
|
|
|||
|
|
@ -18,7 +18,7 @@ enum class ThirdPartyAnalysis {
|
|||
IsForeign,
|
||||
IsThirdPartyTrackingResource,
|
||||
IsThirdPartySocialTrackingResource,
|
||||
IsFirstPartyStorageAccessGranted,
|
||||
IsStorageAccessPermissionGranted,
|
||||
};
|
||||
|
||||
using ThirdPartyAnalysisResult = mozilla::EnumSet<ThirdPartyAnalysis>;
|
||||
|
|
|
|||
|
|
@ -420,7 +420,7 @@ CookieService::GetCookieStringFromHttp(nsIURI* aHostURI, nsIChannel* aChannel,
|
|||
aHostURI, aChannel, result.contains(ThirdPartyAnalysis::IsForeign),
|
||||
result.contains(ThirdPartyAnalysis::IsThirdPartyTrackingResource),
|
||||
result.contains(ThirdPartyAnalysis::IsThirdPartySocialTrackingResource),
|
||||
result.contains(ThirdPartyAnalysis::IsFirstPartyStorageAccessGranted),
|
||||
result.contains(ThirdPartyAnalysis::IsStorageAccessPermissionGranted),
|
||||
rejectedReason, isSafeTopLevelNav, isSameSiteForeign, true, attrs,
|
||||
foundCookieList);
|
||||
|
||||
|
|
@ -541,7 +541,7 @@ CookieService::SetCookieStringFromHttp(nsIURI* aHostURI,
|
|||
result.contains(ThirdPartyAnalysis::IsForeign),
|
||||
result.contains(ThirdPartyAnalysis::IsThirdPartyTrackingResource),
|
||||
result.contains(ThirdPartyAnalysis::IsThirdPartySocialTrackingResource),
|
||||
result.contains(ThirdPartyAnalysis::IsFirstPartyStorageAccessGranted),
|
||||
result.contains(ThirdPartyAnalysis::IsStorageAccessPermissionGranted),
|
||||
aCookieHeader, priorCookieCount, attrs, &rejectedReason);
|
||||
|
||||
MOZ_ASSERT_IF(rejectedReason, cookieStatus == STATUS_REJECTED);
|
||||
|
|
@ -810,7 +810,7 @@ void CookieService::GetCookiesForURI(
|
|||
nsIURI* aHostURI, nsIChannel* aChannel, bool aIsForeign,
|
||||
bool aIsThirdPartyTrackingResource,
|
||||
bool aIsThirdPartySocialTrackingResource,
|
||||
bool aFirstPartyStorageAccessGranted, uint32_t aRejectedReason,
|
||||
bool aStorageAccessPermissionGranted, uint32_t aRejectedReason,
|
||||
bool aIsSafeTopLevelNav, bool aIsSameSiteForeign, bool aHttpBound,
|
||||
const OriginAttributes& aOriginAttrs, nsTArray<Cookie*>& aCookieList) {
|
||||
NS_ASSERTION(aHostURI, "null host!");
|
||||
|
|
@ -865,7 +865,7 @@ void CookieService::GetCookiesForURI(
|
|||
|
||||
CookieStatus cookieStatus = CheckPrefs(
|
||||
cookieJarSettings, aHostURI, aIsForeign, aIsThirdPartyTrackingResource,
|
||||
aIsThirdPartySocialTrackingResource, aFirstPartyStorageAccessGranted,
|
||||
aIsThirdPartySocialTrackingResource, aStorageAccessPermissionGranted,
|
||||
VoidCString(), priorCookieCount, aOriginAttrs, &rejectedReason);
|
||||
|
||||
MOZ_ASSERT_IF(rejectedReason, cookieStatus == STATUS_REJECTED);
|
||||
|
|
@ -1467,7 +1467,7 @@ CookieStatus CookieService::CheckPrefs(nsICookieJarSettings* aCookieJarSettings,
|
|||
nsIURI* aHostURI, bool aIsForeign,
|
||||
bool aIsThirdPartyTrackingResource,
|
||||
bool aIsThirdPartySocialTrackingResource,
|
||||
bool aFirstPartyStorageAccessGranted,
|
||||
bool aStorageAccessPermissionGranted,
|
||||
const nsACString& aCookieHeader,
|
||||
const int aNumOfCookies,
|
||||
const OriginAttributes& aOriginAttrs,
|
||||
|
|
@ -1520,7 +1520,7 @@ CookieStatus CookieService::CheckPrefs(nsICookieJarSettings* aCookieJarSettings,
|
|||
// context, when anti-tracking protection is enabled and when we don't have
|
||||
// access to the first-party cookie jar.
|
||||
if (aIsForeign && aIsThirdPartyTrackingResource &&
|
||||
!aFirstPartyStorageAccessGranted &&
|
||||
!aStorageAccessPermissionGranted &&
|
||||
aCookieJarSettings->GetRejectThirdPartyContexts()) {
|
||||
bool rejectThirdPartyWithExceptions =
|
||||
CookieJarSettings::IsRejectThirdPartyWithExceptions(
|
||||
|
|
@ -1551,12 +1551,12 @@ CookieStatus CookieService::CheckPrefs(nsICookieJarSettings* aCookieJarSettings,
|
|||
}
|
||||
|
||||
// check default prefs.
|
||||
// Check aFirstPartyStorageAccessGranted when checking aCookieBehavior
|
||||
// Check aStorageAccessPermissionGranted when checking aCookieBehavior
|
||||
// so that we take things such as the content blocking allow list into
|
||||
// account.
|
||||
if (aCookieJarSettings->GetCookieBehavior() ==
|
||||
nsICookieService::BEHAVIOR_REJECT &&
|
||||
!aFirstPartyStorageAccessGranted) {
|
||||
!aStorageAccessPermissionGranted) {
|
||||
COOKIE_LOGFAILURE(aCookieHeader.IsVoid() ? GET_COOKIE : SET_COOKIE,
|
||||
aHostURI, aCookieHeader, "cookies are disabled");
|
||||
*aRejectedReason = nsIWebProgressListener::STATE_COOKIES_BLOCKED_ALL;
|
||||
|
|
@ -1567,7 +1567,7 @@ CookieStatus CookieService::CheckPrefs(nsICookieJarSettings* aCookieJarSettings,
|
|||
if (aIsForeign) {
|
||||
if (aCookieJarSettings->GetCookieBehavior() ==
|
||||
nsICookieService::BEHAVIOR_REJECT_FOREIGN &&
|
||||
!aFirstPartyStorageAccessGranted) {
|
||||
!aStorageAccessPermissionGranted) {
|
||||
COOKIE_LOGFAILURE(aCookieHeader.IsVoid() ? GET_COOKIE : SET_COOKIE,
|
||||
aHostURI, aCookieHeader, "context is third party");
|
||||
*aRejectedReason = nsIWebProgressListener::STATE_COOKIES_BLOCKED_FOREIGN;
|
||||
|
|
@ -1575,7 +1575,7 @@ CookieStatus CookieService::CheckPrefs(nsICookieJarSettings* aCookieJarSettings,
|
|||
}
|
||||
|
||||
if (aCookieJarSettings->GetLimitForeignContexts() &&
|
||||
!aFirstPartyStorageAccessGranted && aNumOfCookies == 0) {
|
||||
!aStorageAccessPermissionGranted && aNumOfCookies == 0) {
|
||||
COOKIE_LOGFAILURE(aCookieHeader.IsVoid() ? GET_COOKIE : SET_COOKIE,
|
||||
aHostURI, aCookieHeader, "context is third party");
|
||||
*aRejectedReason = nsIWebProgressListener::STATE_COOKIES_BLOCKED_FOREIGN;
|
||||
|
|
|
|||
|
|
@ -75,7 +75,7 @@ class CookieService final : public nsICookieService,
|
|||
nsIURI* aHostURI, bool aIsForeign,
|
||||
bool aIsThirdPartyTrackingResource,
|
||||
bool aIsThirdPartySocialTrackingResource,
|
||||
bool aFirstPartyStorageAccessGranted,
|
||||
bool aStorageAccessPermissionGranted,
|
||||
const nsACString& aCookieHeader,
|
||||
const int aNumOfCookies,
|
||||
const OriginAttributes& aOriginAttrs,
|
||||
|
|
@ -84,7 +84,7 @@ class CookieService final : public nsICookieService,
|
|||
void GetCookiesForURI(nsIURI* aHostURI, nsIChannel* aChannel, bool aIsForeign,
|
||||
bool aIsThirdPartyTrackingResource,
|
||||
bool aIsThirdPartySocialTrackingResource,
|
||||
bool aFirstPartyStorageAccessGranted,
|
||||
bool aStorageAccessPermissionGranted,
|
||||
uint32_t aRejectedReason, bool aIsSafeTopLevelNav,
|
||||
bool aIsSameSiteForeign, bool aHttpBound,
|
||||
const OriginAttributes& aOriginAttrs,
|
||||
|
|
|
|||
|
|
@ -141,7 +141,7 @@ void CookieServiceChild::TrackCookieLoad(nsIChannel* aChannel) {
|
|||
uri, result.contains(ThirdPartyAnalysis::IsForeign),
|
||||
result.contains(ThirdPartyAnalysis::IsThirdPartyTrackingResource),
|
||||
result.contains(ThirdPartyAnalysis::IsThirdPartySocialTrackingResource),
|
||||
result.contains(ThirdPartyAnalysis::IsFirstPartyStorageAccessGranted),
|
||||
result.contains(ThirdPartyAnalysis::IsStorageAccessPermissionGranted),
|
||||
rejectedReason, isSafeTopLevelNav, isSameSiteForeign, attrs);
|
||||
}
|
||||
|
||||
|
|
@ -539,7 +539,7 @@ CookieServiceChild::SetCookieStringFromHttp(nsIURI* aHostURI,
|
|||
result.contains(ThirdPartyAnalysis::IsForeign),
|
||||
result.contains(ThirdPartyAnalysis::IsThirdPartyTrackingResource),
|
||||
result.contains(ThirdPartyAnalysis::IsThirdPartySocialTrackingResource),
|
||||
result.contains(ThirdPartyAnalysis::IsFirstPartyStorageAccessGranted),
|
||||
result.contains(ThirdPartyAnalysis::IsStorageAccessPermissionGranted),
|
||||
aCookieString, CountCookiesFromHashTable(baseDomain, attrs), attrs,
|
||||
&rejectedReason);
|
||||
|
||||
|
|
|
|||
|
|
@ -99,7 +99,7 @@ void CookieServiceParent::TrackCookieLoad(nsIChannel* aChannel) {
|
|||
uri, aChannel, result.contains(ThirdPartyAnalysis::IsForeign),
|
||||
result.contains(ThirdPartyAnalysis::IsThirdPartyTrackingResource),
|
||||
result.contains(ThirdPartyAnalysis::IsThirdPartySocialTrackingResource),
|
||||
result.contains(ThirdPartyAnalysis::IsFirstPartyStorageAccessGranted),
|
||||
result.contains(ThirdPartyAnalysis::IsStorageAccessPermissionGranted),
|
||||
rejectedReason, isSafeTopLevelNav, aIsSameSiteForeign, false, attrs,
|
||||
foundCookieList);
|
||||
nsTArray<CookieStruct> matchingCookiesList;
|
||||
|
|
@ -126,7 +126,7 @@ IPCResult CookieServiceParent::RecvPrepareCookieList(
|
|||
nsIURI* aHost, const bool& aIsForeign,
|
||||
const bool& aIsThirdPartyTrackingResource,
|
||||
const bool& aIsThirdPartySocialTrackingResource,
|
||||
const bool& aFirstPartyStorageAccessGranted,
|
||||
const bool& aStorageAccessPermissionGranted,
|
||||
const uint32_t& aRejectedReason, const bool& aIsSafeTopLevelNav,
|
||||
const bool& aIsSameSiteForeign, const OriginAttributes& aAttrs) {
|
||||
// Send matching cookies to Child.
|
||||
|
|
@ -140,7 +140,7 @@ IPCResult CookieServiceParent::RecvPrepareCookieList(
|
|||
// child process already does the necessary reporting in this case for us.
|
||||
mCookieService->GetCookiesForURI(
|
||||
aHost, nullptr, aIsForeign, aIsThirdPartyTrackingResource,
|
||||
aIsThirdPartySocialTrackingResource, aFirstPartyStorageAccessGranted,
|
||||
aIsThirdPartySocialTrackingResource, aStorageAccessPermissionGranted,
|
||||
aRejectedReason, aIsSafeTopLevelNav, aIsSameSiteForeign, false, aAttrs,
|
||||
foundCookieList);
|
||||
nsTArray<CookieStruct> matchingCookiesList;
|
||||
|
|
|
|||
|
|
@ -53,7 +53,7 @@ class CookieServiceParent : public PCookieServiceParent {
|
|||
nsIURI* aHost, const bool& aIsForeign,
|
||||
const bool& aIsThirdPartyTrackingResource,
|
||||
const bool& aIsThirdPartySocialTrackingResource,
|
||||
const bool& aFirstPartyStorageAccessGranted,
|
||||
const bool& aStorageAccessPermissionGranted,
|
||||
const uint32_t& aRejectedReason, const bool& aIsSafeTopLevelNav,
|
||||
const bool& aIsSameSiteForeign, const OriginAttributes& aAttrs);
|
||||
|
||||
|
|
|
|||
|
|
@ -42,7 +42,7 @@ parent:
|
|||
bool isForeign,
|
||||
bool isThirdPartyTrackingResource,
|
||||
bool isThirdPartySocialTrackingResource,
|
||||
bool firstPartyStorageAccessGranted,
|
||||
bool firstPartyStorageAccessPermissionGranted,
|
||||
uint32_t rejectedReason,
|
||||
bool isSafeTopLevelNav,
|
||||
bool isSameSiteForeign,
|
||||
|
|
|
|||
|
|
@ -15,15 +15,17 @@
|
|||
namespace IPC {
|
||||
|
||||
// For allowing passing the enum
|
||||
// ContentBlockingNotifier::StorageAccessGrantedReason over IPC.
|
||||
// ContentBlockingNotifier::StorageAccessPermissionGrantedReason over IPC.
|
||||
template <>
|
||||
struct ParamTraits<mozilla::ContentBlockingNotifier::StorageAccessGrantedReason>
|
||||
struct ParamTraits<
|
||||
mozilla::ContentBlockingNotifier::StorageAccessPermissionGrantedReason>
|
||||
: public ContiguousEnumSerializerInclusive<
|
||||
mozilla::ContentBlockingNotifier::StorageAccessGrantedReason,
|
||||
mozilla::ContentBlockingNotifier::StorageAccessGrantedReason::
|
||||
eStorageAccessAPI,
|
||||
mozilla::ContentBlockingNotifier::StorageAccessGrantedReason::
|
||||
eOpener> {};
|
||||
mozilla::ContentBlockingNotifier::
|
||||
StorageAccessPermissionGrantedReason,
|
||||
mozilla::ContentBlockingNotifier::
|
||||
StorageAccessPermissionGrantedReason::eStorageAccessAPI,
|
||||
mozilla::ContentBlockingNotifier::
|
||||
StorageAccessPermissionGrantedReason::eOpener> {};
|
||||
|
||||
// ContentBlockingNotifier::BlockingDecision over IPC.
|
||||
template <>
|
||||
|
|
|
|||
|
|
@ -128,10 +128,10 @@ int32_t CookiesBehavior(nsIPrincipal* aPrincipal,
|
|||
}
|
||||
} // namespace
|
||||
|
||||
/* static */ RefPtr<ContentBlocking::StorageAccessGrantPromise>
|
||||
/* static */ RefPtr<ContentBlocking::StorageAccessPermissionGrantPromise>
|
||||
ContentBlocking::AllowAccessFor(
|
||||
nsIPrincipal* aPrincipal, dom::BrowsingContext* aParentContext,
|
||||
ContentBlockingNotifier::StorageAccessGrantedReason aReason,
|
||||
ContentBlockingNotifier::StorageAccessPermissionGrantedReason aReason,
|
||||
const ContentBlocking::PerformFinalChecks& aPerformFinalChecks) {
|
||||
MOZ_ASSERT(aParentContext);
|
||||
|
||||
|
|
@ -143,7 +143,8 @@ ContentBlocking::AllowAccessFor(
|
|||
("Bailing out early because the "
|
||||
"privacy.restrict3rdpartystorage.heuristic.window_open preference "
|
||||
"has been disabled"));
|
||||
return StorageAccessGrantPromise::CreateAndReject(false, __func__);
|
||||
return StorageAccessPermissionGrantPromise::CreateAndReject(false,
|
||||
__func__);
|
||||
}
|
||||
break;
|
||||
case ContentBlockingNotifier::eOpenerAfterUserInteraction:
|
||||
|
|
@ -153,7 +154,8 @@ ContentBlocking::AllowAccessFor(
|
|||
("Bailing out early because the "
|
||||
"privacy.restrict3rdpartystorage.heuristic.opened_window_after_"
|
||||
"interaction preference has been disabled"));
|
||||
return StorageAccessGrantPromise::CreateAndReject(false, __func__);
|
||||
return StorageAccessPermissionGrantPromise::CreateAndReject(false,
|
||||
__func__);
|
||||
}
|
||||
break;
|
||||
default:
|
||||
|
|
@ -173,14 +175,16 @@ ContentBlocking::AllowAccessFor(
|
|||
LOG(
|
||||
("No window context found for our parent browsing context, bailing out "
|
||||
"early"));
|
||||
return StorageAccessGrantPromise::CreateAndReject(false, __func__);
|
||||
return StorageAccessPermissionGrantPromise::CreateAndReject(false,
|
||||
__func__);
|
||||
}
|
||||
|
||||
if (parentWindowContext->GetCookieBehavior().isNothing()) {
|
||||
LOG(
|
||||
("No cookie behaviour found for our parent window context, bailing "
|
||||
"out early"));
|
||||
return StorageAccessGrantPromise::CreateAndReject(false, __func__);
|
||||
return StorageAccessPermissionGrantPromise::CreateAndReject(false,
|
||||
__func__);
|
||||
}
|
||||
|
||||
// Only add storage permission when there is a reason to do so.
|
||||
|
|
@ -190,7 +194,8 @@ ContentBlocking::AllowAccessFor(
|
|||
("Disabled by network.cookie.cookieBehavior pref (%d), bailing out "
|
||||
"early",
|
||||
behavior));
|
||||
return StorageAccessGrantPromise::CreateAndResolve(true, __func__);
|
||||
return StorageAccessPermissionGrantPromise::CreateAndResolve(true,
|
||||
__func__);
|
||||
}
|
||||
|
||||
MOZ_ASSERT(
|
||||
|
|
@ -201,7 +206,8 @@ ContentBlocking::AllowAccessFor(
|
|||
|
||||
// No need to continue when we are already in the allow list.
|
||||
if (parentWindowContext->GetIsOnContentBlockingAllowList()) {
|
||||
return StorageAccessGrantPromise::CreateAndResolve(true, __func__);
|
||||
return StorageAccessPermissionGrantPromise::CreateAndResolve(true,
|
||||
__func__);
|
||||
}
|
||||
|
||||
bool isParentTopLevel = aParentContext->IsTopContent();
|
||||
|
|
@ -210,7 +216,8 @@ ContentBlocking::AllowAccessFor(
|
|||
if (!isParentTopLevel &&
|
||||
Document::StorageAccessSandboxed(aParentContext->GetSandboxFlags())) {
|
||||
LOG(("Our document is sandboxed"));
|
||||
return StorageAccessGrantPromise::CreateAndReject(false, __func__);
|
||||
return StorageAccessPermissionGrantPromise::CreateAndReject(false,
|
||||
__func__);
|
||||
}
|
||||
|
||||
uint64_t topLevelWindowId;
|
||||
|
|
@ -226,7 +233,8 @@ ContentBlocking::AllowAccessFor(
|
|||
nsresult rv = aPrincipal->GetAsciiOrigin(origin);
|
||||
if (NS_WARN_IF(NS_FAILED(rv))) {
|
||||
LOG(("Can't get the origin from the URI"));
|
||||
return StorageAccessGrantPromise::CreateAndReject(false, __func__);
|
||||
return StorageAccessPermissionGrantPromise::CreateAndReject(false,
|
||||
__func__);
|
||||
}
|
||||
|
||||
trackingOrigin = origin;
|
||||
|
|
@ -234,7 +242,8 @@ ContentBlocking::AllowAccessFor(
|
|||
topLevelWindowId = aParentContext->GetCurrentInnerWindowId();
|
||||
if (NS_WARN_IF(!topLevelWindowId)) {
|
||||
LOG(("Top-level storage area window id not found, bailing out early"));
|
||||
return StorageAccessGrantPromise::CreateAndReject(false, __func__);
|
||||
return StorageAccessPermissionGrantPromise::CreateAndReject(false,
|
||||
__func__);
|
||||
}
|
||||
|
||||
} else {
|
||||
|
|
@ -242,14 +251,16 @@ ContentBlocking::AllowAccessFor(
|
|||
if (behavior == nsICookieService::BEHAVIOR_REJECT_TRACKER &&
|
||||
!parentWindowContext->GetIsThirdPartyTrackingResourceWindow()) {
|
||||
LOG(("Our window isn't a third-party tracking window"));
|
||||
return StorageAccessGrantPromise::CreateAndReject(false, __func__);
|
||||
return StorageAccessPermissionGrantPromise::CreateAndReject(false,
|
||||
__func__);
|
||||
}
|
||||
if ((CookieJarSettings::IsRejectThirdPartyWithExceptions(behavior) ||
|
||||
behavior ==
|
||||
nsICookieService::BEHAVIOR_REJECT_TRACKER_AND_PARTITION_FOREIGN) &&
|
||||
!parentWindowContext->GetIsThirdPartyWindow()) {
|
||||
LOG(("Our window isn't a third-party window"));
|
||||
return StorageAccessGrantPromise::CreateAndReject(false, __func__);
|
||||
return StorageAccessPermissionGrantPromise::CreateAndReject(false,
|
||||
__func__);
|
||||
}
|
||||
|
||||
if (!GetTopLevelWindowId(aParentContext,
|
||||
|
|
@ -259,7 +270,8 @@ ContentBlocking::AllowAccessFor(
|
|||
nsICookieService::BEHAVIOR_ACCEPT,
|
||||
topLevelWindowId)) {
|
||||
LOG(("Error while retrieving the parent window id, bailing out early"));
|
||||
return StorageAccessGrantPromise::CreateAndReject(false, __func__);
|
||||
return StorageAccessPermissionGrantPromise::CreateAndReject(false,
|
||||
__func__);
|
||||
}
|
||||
|
||||
// If we can't get the principal and tracking origin at this point, the
|
||||
|
|
@ -272,7 +284,8 @@ ContentBlocking::AllowAccessFor(
|
|||
LOG(
|
||||
("Error while computing the parent principal and tracking origin, "
|
||||
"bailing out early"));
|
||||
return StorageAccessGrantPromise::CreateAndReject(false, __func__);
|
||||
return StorageAccessPermissionGrantPromise::CreateAndReject(false,
|
||||
__func__);
|
||||
}
|
||||
}
|
||||
}
|
||||
|
|
@ -311,7 +324,8 @@ ContentBlocking::AllowAccessFor(
|
|||
AntiTrackingUtils::GetPrincipal(aParentContext);
|
||||
if (!principal) {
|
||||
LOG(("Can't get the principal from the browsing context"));
|
||||
return StorageAccessGrantPromise::CreateAndReject(false, __func__);
|
||||
return StorageAccessPermissionGrantPromise::CreateAndReject(false,
|
||||
__func__);
|
||||
}
|
||||
Unused << trackingPrincipal->IsThirdPartyPrincipal(principal,
|
||||
&isThirdParty);
|
||||
|
|
@ -355,11 +369,11 @@ ContentBlocking::AllowAccessFor(
|
|||
ContentBlocking::OnAllowAccessFor(bc, trackingOrigin,
|
||||
behavior, aReason);
|
||||
}
|
||||
return StorageAccessGrantPromise::CreateAndResolve(
|
||||
return StorageAccessPermissionGrantPromise::CreateAndResolve(
|
||||
aValue.ResolveValue().value(), __func__);
|
||||
}
|
||||
return StorageAccessGrantPromise::CreateAndReject(false,
|
||||
__func__);
|
||||
return StorageAccessPermissionGrantPromise::CreateAndReject(
|
||||
false, __func__);
|
||||
});
|
||||
}
|
||||
|
||||
|
|
@ -388,12 +402,12 @@ ContentBlocking::AllowAccessFor(
|
|||
// aParentContext is the browsing context of the opener window, but
|
||||
// AllowAccessFor is called by the opened window. So as long as
|
||||
// aParentContext is not in-process, we should run in the parent.
|
||||
/* static */ RefPtr<ContentBlocking::StorageAccessGrantPromise>
|
||||
/* static */ RefPtr<ContentBlocking::StorageAccessPermissionGrantPromise>
|
||||
ContentBlocking::CompleteAllowAccessFor(
|
||||
dom::BrowsingContext* aParentContext, uint64_t aTopLevelWindowId,
|
||||
nsIPrincipal* aTrackingPrincipal, const nsCString& aTrackingOrigin,
|
||||
uint32_t aCookieBehavior,
|
||||
ContentBlockingNotifier::StorageAccessGrantedReason aReason,
|
||||
ContentBlockingNotifier::StorageAccessPermissionGrantedReason aReason,
|
||||
const PerformFinalChecks& aPerformFinalChecks) {
|
||||
MOZ_ASSERT(aParentContext);
|
||||
MOZ_ASSERT_IF(XRE_IsContentProcess(), aParentContext->IsInProcess());
|
||||
|
|
@ -412,7 +426,8 @@ ContentBlocking::CompleteAllowAccessFor(
|
|||
LOG(
|
||||
("Error while computing the parent principal and tracking origin, "
|
||||
"bailing out early"));
|
||||
return StorageAccessGrantPromise::CreateAndReject(false, __func__);
|
||||
return StorageAccessPermissionGrantPromise::CreateAndReject(false,
|
||||
__func__);
|
||||
}
|
||||
} else {
|
||||
trackingPrincipal = aTrackingPrincipal;
|
||||
|
|
@ -443,7 +458,8 @@ ContentBlocking::CompleteAllowAccessFor(
|
|||
CookieJarSettings::IsRejectThirdPartyWithExceptions(aCookieBehavior)
|
||||
? nsIWebProgressListener::STATE_COOKIES_BLOCKED_FOREIGN
|
||||
: nsIWebProgressListener::STATE_COOKIES_BLOCKED_TRACKER);
|
||||
return StorageAccessGrantPromise::CreateAndReject(false, __func__);
|
||||
return StorageAccessPermissionGrantPromise::CreateAndReject(false,
|
||||
__func__);
|
||||
}
|
||||
|
||||
// Ensure we can find the window before continuing, so we can safely
|
||||
|
|
@ -454,13 +470,14 @@ ContentBlocking::CompleteAllowAccessFor(
|
|||
LOG(
|
||||
("No window found for our parent browsing context, bailing out "
|
||||
"early"));
|
||||
return StorageAccessGrantPromise::CreateAndReject(false, __func__);
|
||||
return StorageAccessPermissionGrantPromise::CreateAndReject(false,
|
||||
__func__);
|
||||
}
|
||||
|
||||
auto storePermission =
|
||||
[aParentContext, aTopLevelWindowId, trackingOrigin, trackingPrincipal,
|
||||
aCookieBehavior,
|
||||
aReason](int aAllowMode) -> RefPtr<StorageAccessGrantPromise> {
|
||||
aReason](int aAllowMode) -> RefPtr<StorageAccessPermissionGrantPromise> {
|
||||
// Inform the window we granted permission for. This has to be done in the
|
||||
// window's process.
|
||||
if (aParentContext->IsInProcess()) {
|
||||
|
|
@ -488,15 +505,16 @@ ContentBlocking::CompleteAllowAccessFor(
|
|||
return SaveAccessForOriginOnParentProcess(
|
||||
aTopLevelWindowId, aParentContext, trackingPrincipal,
|
||||
trackingOrigin, aAllowMode)
|
||||
->Then(GetCurrentThreadSerialEventTarget(), __func__,
|
||||
[](ParentAccessGrantPromise::ResolveOrRejectValue&& aValue) {
|
||||
if (aValue.IsResolve()) {
|
||||
return StorageAccessGrantPromise::CreateAndResolve(
|
||||
ContentBlocking::eAllow, __func__);
|
||||
}
|
||||
return StorageAccessGrantPromise::CreateAndReject(false,
|
||||
__func__);
|
||||
});
|
||||
->Then(
|
||||
GetCurrentThreadSerialEventTarget(), __func__,
|
||||
[](ParentAccessGrantPromise::ResolveOrRejectValue&& aValue) {
|
||||
if (aValue.IsResolve()) {
|
||||
return StorageAccessPermissionGrantPromise::CreateAndResolve(
|
||||
ContentBlocking::eAllow, __func__);
|
||||
}
|
||||
return StorageAccessPermissionGrantPromise::CreateAndReject(
|
||||
false, __func__);
|
||||
});
|
||||
}
|
||||
|
||||
ContentChild* cc = ContentChild::GetSingleton();
|
||||
|
|
@ -510,19 +528,19 @@ ContentBlocking::CompleteAllowAccessFor(
|
|||
// This is not really secure, because here we have the content process
|
||||
// sending the request of storing a permission.
|
||||
return cc
|
||||
->SendFirstPartyStorageAccessGrantedForOrigin(
|
||||
->SendStorageAccessPermissionGrantedForOrigin(
|
||||
aTopLevelWindowId, aParentContext,
|
||||
IPC::Principal(trackingPrincipal), trackingOrigin, aAllowMode)
|
||||
->Then(GetCurrentThreadSerialEventTarget(), __func__,
|
||||
[](const ContentChild::
|
||||
FirstPartyStorageAccessGrantedForOriginPromise::
|
||||
StorageAccessPermissionGrantedForOriginPromise::
|
||||
ResolveOrRejectValue& aValue) {
|
||||
if (aValue.IsResolve()) {
|
||||
return StorageAccessGrantPromise::CreateAndResolve(
|
||||
return StorageAccessPermissionGrantPromise::CreateAndResolve(
|
||||
aValue.ResolveValue(), __func__);
|
||||
}
|
||||
return StorageAccessGrantPromise::CreateAndReject(false,
|
||||
__func__);
|
||||
return StorageAccessPermissionGrantPromise::CreateAndReject(
|
||||
false, __func__);
|
||||
});
|
||||
};
|
||||
|
||||
|
|
@ -530,11 +548,13 @@ ContentBlocking::CompleteAllowAccessFor(
|
|||
return aPerformFinalChecks()->Then(
|
||||
GetCurrentThreadSerialEventTarget(), __func__,
|
||||
[storePermission](
|
||||
StorageAccessGrantPromise::ResolveOrRejectValue&& aValue) {
|
||||
StorageAccessPermissionGrantPromise::ResolveOrRejectValue&&
|
||||
aValue) {
|
||||
if (aValue.IsResolve()) {
|
||||
return storePermission(aValue.ResolveValue());
|
||||
}
|
||||
return StorageAccessGrantPromise::CreateAndReject(false, __func__);
|
||||
return StorageAccessPermissionGrantPromise::CreateAndReject(false,
|
||||
__func__);
|
||||
});
|
||||
}
|
||||
return storePermission(false);
|
||||
|
|
@ -543,7 +563,7 @@ ContentBlocking::CompleteAllowAccessFor(
|
|||
/* static */ void ContentBlocking::OnAllowAccessFor(
|
||||
dom::BrowsingContext* aParentContext, const nsCString& aTrackingOrigin,
|
||||
uint32_t aCookieBehavior,
|
||||
ContentBlockingNotifier::StorageAccessGrantedReason aReason) {
|
||||
ContentBlockingNotifier::StorageAccessPermissionGrantedReason aReason) {
|
||||
MOZ_ASSERT(aParentContext->IsInProcess());
|
||||
|
||||
// Let's inform the parent window and the other windows having the
|
||||
|
|
@ -764,7 +784,7 @@ void ContentBlocking::UpdateAllowAccessOnParentProcess(
|
|||
nsAutoCString origin;
|
||||
AntiTrackingUtils::GetPrincipalAndTrackingOrigin(aContext, nullptr, origin);
|
||||
if (aTrackingOrigin == origin) {
|
||||
Unused << wgp->SendSaveStorageAccessGranted();
|
||||
Unused << wgp->SendSaveStorageAccessPermissionGranted();
|
||||
}
|
||||
});
|
||||
}
|
||||
|
|
|
|||
|
|
@ -89,10 +89,11 @@ class ContentBlocking final {
|
|||
typedef MozPromise<int, bool, true> StorageAccessFinalCheckPromise;
|
||||
typedef std::function<RefPtr<StorageAccessFinalCheckPromise>()>
|
||||
PerformFinalChecks;
|
||||
typedef MozPromise<int, bool, true> StorageAccessGrantPromise;
|
||||
static MOZ_MUST_USE RefPtr<StorageAccessGrantPromise> AllowAccessFor(
|
||||
typedef MozPromise<int, bool, true> StorageAccessPermissionGrantPromise;
|
||||
static MOZ_MUST_USE RefPtr<StorageAccessPermissionGrantPromise>
|
||||
AllowAccessFor(
|
||||
nsIPrincipal* aPrincipal, dom::BrowsingContext* aParentContext,
|
||||
ContentBlockingNotifier::StorageAccessGrantedReason aReason,
|
||||
ContentBlockingNotifier::StorageAccessPermissionGrantedReason aReason,
|
||||
const PerformFinalChecks& aPerformFinalChecks = nullptr);
|
||||
|
||||
// This function handles tasks that have to be done in the process
|
||||
|
|
@ -100,7 +101,7 @@ class ContentBlocking final {
|
|||
static void OnAllowAccessFor(
|
||||
dom::BrowsingContext* aParentContext, const nsCString& aTrackingOrigin,
|
||||
uint32_t aCookieBehavior,
|
||||
ContentBlockingNotifier::StorageAccessGrantedReason aReason);
|
||||
ContentBlockingNotifier::StorageAccessPermissionGrantedReason aReason);
|
||||
|
||||
// For IPC only.
|
||||
typedef MozPromise<nsresult, bool, true> ParentAccessGrantPromise;
|
||||
|
|
@ -121,11 +122,12 @@ class ContentBlocking final {
|
|||
friend class dom::ContentParent;
|
||||
// This should be running either in the parent process or in the child
|
||||
// processes with an in-process browsing context.
|
||||
static MOZ_MUST_USE RefPtr<StorageAccessGrantPromise> CompleteAllowAccessFor(
|
||||
static MOZ_MUST_USE RefPtr<StorageAccessPermissionGrantPromise>
|
||||
CompleteAllowAccessFor(
|
||||
dom::BrowsingContext* aParentContext, uint64_t aTopLevelWindowId,
|
||||
nsIPrincipal* aTrackingPrincipal, const nsCString& aTrackingOrigin,
|
||||
uint32_t aCookieBehavior,
|
||||
ContentBlockingNotifier::StorageAccessGrantedReason aReason,
|
||||
ContentBlockingNotifier::StorageAccessPermissionGrantedReason aReason,
|
||||
const PerformFinalChecks& aPerformFinalChecks = nullptr);
|
||||
|
||||
static void UpdateAllowAccessOnCurrentProcess(
|
||||
|
|
|
|||
|
|
@ -105,7 +105,8 @@ static void ReportOriginSingleHash(OriginMetricID aId,
|
|||
|
||||
Maybe<uint32_t> ContentBlockingLog::RecordLogParent(
|
||||
const nsACString& aOrigin, uint32_t aType, bool aBlocked,
|
||||
const Maybe<ContentBlockingNotifier::StorageAccessGrantedReason>& aReason,
|
||||
const Maybe<ContentBlockingNotifier::StorageAccessPermissionGrantedReason>&
|
||||
aReason,
|
||||
const nsTArray<nsCString>& aTrackingFullHashes) {
|
||||
MOZ_ASSERT(XRE_IsParentProcess());
|
||||
|
||||
|
|
@ -242,21 +243,22 @@ void ContentBlockingLog::ReportOrigins() {
|
|||
}
|
||||
|
||||
const bool isBlocked = logEntry.mBlocked;
|
||||
Maybe<StorageAccessGrantedReason> reason = logEntry.mReason;
|
||||
Maybe<StorageAccessPermissionGrantedReason> reason = logEntry.mReason;
|
||||
|
||||
metricId = testMode ? OriginMetricID::ContentBlocking_Blocked_TestOnly
|
||||
: OriginMetricID::ContentBlocking_Blocked;
|
||||
if (!isBlocked) {
|
||||
MOZ_ASSERT(reason.isSome());
|
||||
switch (reason.value()) {
|
||||
case StorageAccessGrantedReason::eStorageAccessAPI:
|
||||
case StorageAccessPermissionGrantedReason::eStorageAccessAPI:
|
||||
metricId =
|
||||
testMode
|
||||
? OriginMetricID::
|
||||
ContentBlocking_StorageAccessAPIExempt_TestOnly
|
||||
: OriginMetricID::ContentBlocking_StorageAccessAPIExempt;
|
||||
break;
|
||||
case StorageAccessGrantedReason::eOpenerAfterUserInteraction:
|
||||
case StorageAccessPermissionGrantedReason::
|
||||
eOpenerAfterUserInteraction:
|
||||
metricId =
|
||||
testMode
|
||||
? OriginMetricID::
|
||||
|
|
@ -264,13 +266,14 @@ void ContentBlockingLog::ReportOrigins() {
|
|||
: OriginMetricID::
|
||||
ContentBlocking_OpenerAfterUserInteractionExempt;
|
||||
break;
|
||||
case StorageAccessGrantedReason::eOpener:
|
||||
case StorageAccessPermissionGrantedReason::eOpener:
|
||||
metricId =
|
||||
testMode ? OriginMetricID::ContentBlocking_OpenerExempt_TestOnly
|
||||
: OriginMetricID::ContentBlocking_OpenerExempt;
|
||||
break;
|
||||
default:
|
||||
MOZ_ASSERT_UNREACHABLE("Unknown StorageAccessGrantedReason");
|
||||
MOZ_ASSERT_UNREACHABLE(
|
||||
"Unknown StorageAccessPermissionGrantedReason");
|
||||
}
|
||||
}
|
||||
|
||||
|
|
|
|||
|
|
@ -23,14 +23,15 @@ class nsIPrincipal;
|
|||
namespace mozilla {
|
||||
|
||||
class ContentBlockingLog final {
|
||||
typedef ContentBlockingNotifier::StorageAccessGrantedReason
|
||||
StorageAccessGrantedReason;
|
||||
typedef ContentBlockingNotifier::StorageAccessPermissionGrantedReason
|
||||
StorageAccessPermissionGrantedReason;
|
||||
|
||||
struct LogEntry {
|
||||
uint32_t mType;
|
||||
uint32_t mRepeatCount;
|
||||
bool mBlocked;
|
||||
Maybe<ContentBlockingNotifier::StorageAccessGrantedReason> mReason;
|
||||
Maybe<ContentBlockingNotifier::StorageAccessPermissionGrantedReason>
|
||||
mReason;
|
||||
nsTArray<nsCString> mTrackingFullHashes;
|
||||
};
|
||||
|
||||
|
|
@ -91,12 +92,16 @@ class ContentBlockingLog final {
|
|||
// ContentBlockingLog from content processes.
|
||||
Maybe<uint32_t> RecordLogParent(
|
||||
const nsACString& aOrigin, uint32_t aType, bool aBlocked,
|
||||
const Maybe<ContentBlockingNotifier::StorageAccessGrantedReason>& aReason,
|
||||
const Maybe<
|
||||
ContentBlockingNotifier::StorageAccessPermissionGrantedReason>&
|
||||
aReason,
|
||||
const nsTArray<nsCString>& aTrackingFullHashes);
|
||||
|
||||
void RecordLog(
|
||||
const nsACString& aOrigin, uint32_t aType, bool aBlocked,
|
||||
const Maybe<ContentBlockingNotifier::StorageAccessGrantedReason>& aReason,
|
||||
const Maybe<
|
||||
ContentBlockingNotifier::StorageAccessPermissionGrantedReason>&
|
||||
aReason,
|
||||
const nsTArray<nsCString>& aTrackingFullHashes) {
|
||||
RecordLogInternal(aOrigin, aType, aBlocked, aReason, aTrackingFullHashes);
|
||||
}
|
||||
|
|
@ -245,7 +250,8 @@ class ContentBlockingLog final {
|
|||
private:
|
||||
void RecordLogInternal(
|
||||
const nsACString& aOrigin, uint32_t aType, bool aBlocked,
|
||||
const Maybe<ContentBlockingNotifier::StorageAccessGrantedReason>&
|
||||
const Maybe<
|
||||
ContentBlockingNotifier::StorageAccessPermissionGrantedReason>&
|
||||
aReason = Nothing(),
|
||||
const nsTArray<nsCString>& aTrackingFullHashes = nsTArray<nsCString>()) {
|
||||
DebugOnly<bool> isCookiesBlockedTracker =
|
||||
|
|
|
|||
|
|
@ -51,7 +51,7 @@ void RunConsoleReportingRunnable(already_AddRefed<nsIRunnable>&& aRunnable) {
|
|||
void ReportUnblockingToConsole(
|
||||
uint64_t aWindowID, nsIPrincipal* aPrincipal,
|
||||
const nsAString& aTrackingOrigin,
|
||||
ContentBlockingNotifier::StorageAccessGrantedReason aReason) {
|
||||
ContentBlockingNotifier::StorageAccessPermissionGrantedReason aReason) {
|
||||
MOZ_ASSERT(aWindowID);
|
||||
MOZ_ASSERT(aPrincipal);
|
||||
|
||||
|
|
@ -291,7 +291,8 @@ void NotifyBlockingDecision(nsIChannel* aTrackingChannel,
|
|||
void NotifyEventInChild(
|
||||
nsIChannel* aTrackingChannel, bool aBlocked, uint32_t aRejectedReason,
|
||||
const nsACString& aTrackingOrigin,
|
||||
const Maybe<ContentBlockingNotifier::StorageAccessGrantedReason>& aReason) {
|
||||
const Maybe<ContentBlockingNotifier::StorageAccessPermissionGrantedReason>&
|
||||
aReason) {
|
||||
MOZ_ASSERT(XRE_IsContentProcess());
|
||||
|
||||
// We don't need to find the top-level window here because the
|
||||
|
|
@ -330,7 +331,8 @@ void NotifyEventInChild(
|
|||
void NotifyEventInParent(
|
||||
nsIChannel* aTrackingChannel, bool aBlocked, uint32_t aRejectedReason,
|
||||
const nsACString& aTrackingOrigin,
|
||||
const Maybe<ContentBlockingNotifier::StorageAccessGrantedReason>& aReason) {
|
||||
const Maybe<ContentBlockingNotifier::StorageAccessPermissionGrantedReason>&
|
||||
aReason) {
|
||||
MOZ_ASSERT(XRE_IsParentProcess());
|
||||
|
||||
nsCOMPtr<nsILoadInfo> loadInfo = aTrackingChannel->LoadInfo();
|
||||
|
|
@ -364,7 +366,7 @@ void NotifyEventInParent(
|
|||
/* static */
|
||||
void ContentBlockingNotifier::ReportUnblockingToConsole(
|
||||
BrowsingContext* aBrowsingContext, const nsAString& aTrackingOrigin,
|
||||
ContentBlockingNotifier::StorageAccessGrantedReason aReason) {
|
||||
ContentBlockingNotifier::StorageAccessPermissionGrantedReason aReason) {
|
||||
MOZ_ASSERT(aBrowsingContext);
|
||||
|
||||
uint64_t windowID = aBrowsingContext->GetCurrentInnerWindowId();
|
||||
|
|
@ -497,7 +499,7 @@ void ContentBlockingNotifier::OnEvent(nsIChannel* aTrackingChannel,
|
|||
void ContentBlockingNotifier::OnEvent(
|
||||
nsIChannel* aTrackingChannel, bool aBlocked, uint32_t aRejectedReason,
|
||||
const nsACString& aTrackingOrigin,
|
||||
const Maybe<StorageAccessGrantedReason>& aReason) {
|
||||
const Maybe<StorageAccessPermissionGrantedReason>& aReason) {
|
||||
if (XRE_IsParentProcess()) {
|
||||
NotifyEventInParent(aTrackingChannel, aBlocked, aRejectedReason,
|
||||
aTrackingOrigin, aReason);
|
||||
|
|
|
|||
|
|
@ -27,7 +27,7 @@ class ContentBlockingNotifier final {
|
|||
eBlock,
|
||||
eAllow,
|
||||
};
|
||||
enum StorageAccessGrantedReason {
|
||||
enum StorageAccessPermissionGrantedReason {
|
||||
eStorageAccessAPI,
|
||||
eOpenerAfterUserInteraction,
|
||||
eOpener
|
||||
|
|
@ -60,11 +60,11 @@ class ContentBlockingNotifier final {
|
|||
static void OnEvent(
|
||||
nsIChannel* aChannel, bool aBlocked, uint32_t aRejectedReason,
|
||||
const nsACString& aTrackingOrigin,
|
||||
const Maybe<StorageAccessGrantedReason>& aReason = Nothing());
|
||||
const Maybe<StorageAccessPermissionGrantedReason>& aReason = Nothing());
|
||||
|
||||
static void ReportUnblockingToConsole(dom::BrowsingContext* aBrowsingContext,
|
||||
const nsAString& aTrackingOrigin,
|
||||
StorageAccessGrantedReason aReason);
|
||||
static void ReportUnblockingToConsole(
|
||||
dom::BrowsingContext* aBrowsingContext, const nsAString& aTrackingOrigin,
|
||||
StorageAccessPermissionGrantedReason aReason);
|
||||
};
|
||||
|
||||
} // namespace mozilla
|
||||
|
|
|
|||
|
|
@ -120,8 +120,8 @@
|
|||
* to use the “new” effective StoragePrincipal. The list of the notifications
|
||||
is:
|
||||
*
|
||||
* - Add some code in nsGlobalWindowInner::StorageAccessGranted().
|
||||
* - WorkerScope::FirstPartyStorageAccessGranted for Workers.
|
||||
* - Add some code in nsGlobalWindowInner::StorageAccessPermissionGranted().
|
||||
* - WorkerScope::StorageAccessPermissionGranted for Workers.
|
||||
* - observe the permission changes (not recommended)
|
||||
*
|
||||
* Scope of Storage Access
|
||||
|
|
|
|||
Загрузка…
Ссылка в новой задаче