diff --git a/dom/base/nsContentUtils.cpp b/dom/base/nsContentUtils.cpp index 724e18c56d23..dd0e932bbc2b 100644 --- a/dom/base/nsContentUtils.cpp +++ b/dom/base/nsContentUtils.cpp @@ -8103,8 +8103,8 @@ nsContentUtils::StorageAccess nsContentUtils::StorageAllowedForWindow( // callee is able to deal with a null channel argument, and if passed null, // will only fail to notify the UI in case storage gets blocked. nsIChannel* channel = document->GetChannel(); - return InternalStorageAllowedCheck(principal, aWindow, nullptr, channel, - *aRejectedReason); + return InternalStorageAllowedForPrincipal(principal, aWindow, nullptr, + channel, *aRejectedReason); } // No document? Let's return a generic rejected reason. @@ -8124,8 +8124,8 @@ nsContentUtils::StorageAccess nsContentUtils::StorageAllowedForDocument( nsIChannel* channel = aDoc->GetChannel(); uint32_t rejectedReason = 0; - return InternalStorageAllowedCheck(principal, inner, nullptr, channel, - rejectedReason); + return InternalStorageAllowedForPrincipal(principal, inner, nullptr, + channel, rejectedReason); } return StorageAccess::eDeny; @@ -8139,8 +8139,8 @@ nsContentUtils::StorageAccess nsContentUtils::StorageAllowedForNewWindow( // parent may be nullptr uint32_t rejectedReason = 0; - return InternalStorageAllowedCheck(aPrincipal, aParent, aURI, nullptr, - rejectedReason); + return InternalStorageAllowedForPrincipal(aPrincipal, aParent, aURI, nullptr, + rejectedReason); } // static, public @@ -8155,18 +8155,18 @@ nsContentUtils::StorageAccess nsContentUtils::StorageAllowedForChannel( NS_ENSURE_TRUE(principal, nsContentUtils::StorageAccess::eDeny); uint32_t rejectedReason = 0; - nsContentUtils::StorageAccess result = InternalStorageAllowedCheck( + nsContentUtils::StorageAccess result = InternalStorageAllowedForPrincipal( principal, nullptr, nullptr, aChannel, rejectedReason); return result; } // static, public -nsContentUtils::StorageAccess nsContentUtils::StorageAllowedForServiceWorker( +nsContentUtils::StorageAccess nsContentUtils::StorageAllowedForPrincipal( nsIPrincipal* aPrincipal) { uint32_t rejectedReason = 0; - return InternalStorageAllowedCheck(aPrincipal, nullptr, nullptr, nullptr, - rejectedReason); + return InternalStorageAllowedForPrincipal(aPrincipal, nullptr, nullptr, + nullptr, rejectedReason); } // static, private @@ -8356,9 +8356,12 @@ bool nsContentUtils::StorageDisabledByAntiTracking(nsPIDOMWindowInner* aWindow, } // static, private -nsContentUtils::StorageAccess nsContentUtils::InternalStorageAllowedCheck( - nsIPrincipal* aPrincipal, nsPIDOMWindowInner* aWindow, nsIURI* aURI, - nsIChannel* aChannel, uint32_t& aRejectedReason) { +nsContentUtils::StorageAccess +nsContentUtils::InternalStorageAllowedForPrincipal(nsIPrincipal* aPrincipal, + nsPIDOMWindowInner* aWindow, + nsIURI* aURI, + nsIChannel* aChannel, + uint32_t& aRejectedReason) { MOZ_ASSERT(aPrincipal); aRejectedReason = 0; @@ -8410,7 +8413,7 @@ nsContentUtils::StorageAccess nsContentUtils::InternalStorageAllowedCheck( // // This is due to backwards-compatibility and the state of storage access // before the introducton of - // nsContentUtils::InternalStorageAllowedCheck: + // nsContentUtils::InternalStorageAllowedForPrincipal: // // BEFORE: // localStorage, caches: allowed in 3rd-party iframes always diff --git a/dom/base/nsContentUtils.h b/dom/base/nsContentUtils.h index 35ac8a6df4f5..b41613a9da39 100644 --- a/dom/base/nsContentUtils.h +++ b/dom/base/nsContentUtils.h @@ -2967,9 +2967,10 @@ class nsContentUtils { /* * Checks if storage for the given principal is permitted by the user's - * preferences. This method should be used only by ServiceWorker loading. + * preferences. The caller is assumed to not be a third-party iframe. + * (if that is possible, the caller should use StorageAllowedForWindow) */ - static StorageAccess StorageAllowedForServiceWorker(nsIPrincipal* aPrincipal); + static StorageAccess StorageAllowedForPrincipal(nsIPrincipal* aPrincipal); /* * Returns true if this document should disable storages because of the @@ -3355,7 +3356,7 @@ class nsContentUtils { * Gets the current cookie lifetime policy for a given principal by checking * with preferences and the permission manager. * - * Used in the implementation of InternalStorageAllowedCheck. + * Used in the implementation of InternalStorageAllowedForPrincipal. */ static void GetCookieLifetimePolicyForPrincipal(nsIPrincipal* aPrincipal, uint32_t* aLifetimePolicy); @@ -3369,14 +3370,12 @@ class nsContentUtils { * allow a channel instead of the window reference when determining 3rd party * status. * - * Used in the implementation of StorageAllowedForWindow, - * StorageAllowedForChannel and StorageAllowedForServiceWorker. + * Used in the implementation of StorageAllowedForWindow and + * StorageAllowedForPrincipal. */ - static StorageAccess InternalStorageAllowedCheck(nsIPrincipal* aPrincipal, - nsPIDOMWindowInner* aWindow, - nsIURI* aURI, - nsIChannel* aChannel, - uint32_t& aRejectedReason); + static StorageAccess InternalStorageAllowedForPrincipal( + nsIPrincipal* aPrincipal, nsPIDOMWindowInner* aWindow, nsIURI* aURI, + nsIChannel* aChannel, uint32_t& aRejectedReason); static nsINode* GetCommonAncestorHelper(nsINode* aNode1, nsINode* aNode2); static nsIContent* GetCommonFlattenedTreeAncestorHelper( diff --git a/dom/serviceworkers/ServiceWorkerPrivate.cpp b/dom/serviceworkers/ServiceWorkerPrivate.cpp index c43d0f2f03bc..79a51b0d55fc 100644 --- a/dom/serviceworkers/ServiceWorkerPrivate.cpp +++ b/dom/serviceworkers/ServiceWorkerPrivate.cpp @@ -1723,7 +1723,7 @@ nsresult ServiceWorkerPrivate::SpawnWorkerIfNeeded(WakeUpReason aWhy, info.mLoadingPrincipal = info.mPrincipal; nsContentUtils::StorageAccess access = - nsContentUtils::StorageAllowedForServiceWorker(info.mPrincipal); + nsContentUtils::StorageAllowedForPrincipal(info.mPrincipal); info.mStorageAllowed = access > nsContentUtils::StorageAccess::ePrivateBrowsing; info.mOriginAttributes = mInfo->GetOriginAttributes(); diff --git a/dom/workers/remoteworkers/RemoteWorkerChild.cpp b/dom/workers/remoteworkers/RemoteWorkerChild.cpp index 047f0bb5784b..d7fbbf6c4ed1 100644 --- a/dom/workers/remoteworkers/RemoteWorkerChild.cpp +++ b/dom/workers/remoteworkers/RemoteWorkerChild.cpp @@ -266,7 +266,11 @@ nsresult RemoteWorkerChild::ExecWorkerOnMainThread( info.mDomain = aData.domain(); info.mPrincipal = principal; info.mLoadingPrincipal = loadingPrincipal; - info.mStorageAllowed = aData.isStorageAccessAllowed(); + + nsContentUtils::StorageAccess access = + nsContentUtils::StorageAllowedForPrincipal(info.mPrincipal); + info.mStorageAllowed = + access > nsContentUtils::StorageAccess::ePrivateBrowsing; info.mOriginAttributes = BasePrincipal::Cast(principal)->OriginAttributesRef(); diff --git a/dom/workers/remoteworkers/RemoteWorkerTypes.ipdlh b/dom/workers/remoteworkers/RemoteWorkerTypes.ipdlh index 68bb999d7d43..666761550188 100644 --- a/dom/workers/remoteworkers/RemoteWorkerTypes.ipdlh +++ b/dom/workers/remoteworkers/RemoteWorkerTypes.ipdlh @@ -43,8 +43,6 @@ struct RemoteWorkerData OptionalIPCClientInfo clientInfo; - bool isStorageAccessAllowed; - bool isSharedWorker; }; diff --git a/dom/workers/sharedworkers/SharedWorker.cpp b/dom/workers/sharedworkers/SharedWorker.cpp index 1d48019ec420..cc8118adbb55 100644 --- a/dom/workers/sharedworkers/SharedWorker.cpp +++ b/dom/workers/sharedworkers/SharedWorker.cpp @@ -206,15 +206,11 @@ already_AddRefed SharedWorker::Constructor( ipcClientInfo = void_t(); } - bool storageAccessAllowed = - storageAllowed > nsContentUtils::StorageAccess::ePrivateBrowsing; - RemoteWorkerData remoteWorkerData( nsString(aScriptURL), baseURL, resolvedScriptURL, name, loadingPrincipalInfo, loadingPrincipalCSP, loadingPrincipalPreloadCSP, principalInfo, principalCSP, principalPreloadCSP, loadInfo.mDomain, - isSecureContext, ipcClientInfo, storageAccessAllowed, - true /* sharedWorker */); + isSecureContext, ipcClientInfo, true /* sharedWorker */); PSharedWorkerChild* pActor = actorChild->SendPSharedWorkerConstructor( remoteWorkerData, loadInfo.mWindowID, portIdentifier);