зеркало из https://github.com/mozilla/gecko-dev.git
Bug 1320402 - Move url-classifier off of using appIds. r=ehsan, gcp
MozReview-Commit-ID: IqnAVrv2c9W
This commit is contained in:
Родитель
e5801be263
Коммит
bcd217b3c0
|
@ -137,9 +137,8 @@ class NeckoOriginAttributes : public OriginAttributes
|
|||
{
|
||||
public:
|
||||
NeckoOriginAttributes() {}
|
||||
NeckoOriginAttributes(uint32_t aAppId, bool aInIsolatedMozBrowser)
|
||||
explicit NeckoOriginAttributes(bool aInIsolatedMozBrowser)
|
||||
{
|
||||
mAppId = aAppId;
|
||||
mInIsolatedMozBrowser = aInIsolatedMozBrowser;
|
||||
}
|
||||
|
||||
|
|
|
@ -256,7 +256,6 @@ interface nsIScriptSecurityManager : nsISupports
|
|||
|
||||
const unsigned long NO_APP_ID = 0;
|
||||
const unsigned long UNKNOWN_APP_ID = 4294967295; // UINT32_MAX
|
||||
const unsigned long SAFEBROWSING_APP_ID = 4294967294; // UINT32_MAX - 1
|
||||
|
||||
const unsigned long DEFAULT_USER_CONTEXT_ID = 0;
|
||||
|
||||
|
|
|
@ -25,9 +25,6 @@ namespace mozilla {
|
|||
* typically provided by nsDocShell. This is only used when the original
|
||||
* docshell is in a different process and we need to copy certain values from
|
||||
* it.
|
||||
*
|
||||
* Note: we also generate a new nsILoadContext using LoadContext(uint32_t aAppId)
|
||||
* to separate the safebrowsing cookie.
|
||||
*/
|
||||
|
||||
class LoadContext final
|
||||
|
|
|
@ -137,8 +137,7 @@ LoadContextInfo *
|
|||
GetLoadContextInfo(nsILoadContext *aLoadContext, bool aIsAnonymous)
|
||||
{
|
||||
if (!aLoadContext) {
|
||||
return new LoadContextInfo(aIsAnonymous,
|
||||
NeckoOriginAttributes(nsILoadContextInfo::NO_APP_ID, false));
|
||||
return new LoadContextInfo(aIsAnonymous, NeckoOriginAttributes(false));
|
||||
}
|
||||
|
||||
DebugOnly<bool> pb = aLoadContext->UsePrivateBrowsing();
|
||||
|
|
|
@ -672,8 +672,12 @@ bool NS_HasBeenCrossOrigin(nsIChannel* aChannel, bool aReport = false);
|
|||
// know about script security manager.
|
||||
#define NECKO_NO_APP_ID 0
|
||||
#define NECKO_UNKNOWN_APP_ID UINT32_MAX
|
||||
// special app id reserved for separating the safebrowsing cookie
|
||||
#define NECKO_SAFEBROWSING_APP_ID UINT32_MAX - 1
|
||||
|
||||
// Unique first-party domain for separating the safebrowsing cookie.
|
||||
// Note if this value is changed, code in test_cookiejars_safebrowsing.js
|
||||
// should also be changed.
|
||||
#define NECKO_SAFEBROWSING_FIRST_PARTY_DOMAIN \
|
||||
"safebrowsing.86868755-6b82-4842-b301-72671a0db32e.mozilla"
|
||||
|
||||
/**
|
||||
* Determines whether appcache should be checked for a given URI.
|
||||
|
|
|
@ -35,7 +35,7 @@ public:
|
|||
explicit KeyParser(nsACString const& aInput)
|
||||
: Tokenizer(aInput)
|
||||
// Initialize attributes to their default values
|
||||
, originAttribs(0, false)
|
||||
, originAttribs(false)
|
||||
, isAnonymous(false)
|
||||
// Initialize the cache key to a zero length by default
|
||||
, lastTag(0)
|
||||
|
|
|
@ -834,16 +834,14 @@ ConvertAppIdToOriginAttrsSQLFunction::OnFunctionCall(
|
|||
mozIStorageValueArray* aFunctionArguments, nsIVariant** aResult)
|
||||
{
|
||||
nsresult rv;
|
||||
int32_t appId, inIsolatedMozBrowser;
|
||||
int32_t inIsolatedMozBrowser;
|
||||
|
||||
rv = aFunctionArguments->GetInt32(0, &appId);
|
||||
NS_ENSURE_SUCCESS(rv, rv);
|
||||
rv = aFunctionArguments->GetInt32(1, &inIsolatedMozBrowser);
|
||||
NS_ENSURE_SUCCESS(rv, rv);
|
||||
|
||||
// Create an originAttributes object by appId and inIsolatedMozBrowser.
|
||||
// Create an originAttributes object by inIsolatedMozBrowser.
|
||||
// Then create the originSuffix string from this object.
|
||||
NeckoOriginAttributes attrs(appId, (inIsolatedMozBrowser ? 1 : 0));
|
||||
NeckoOriginAttributes attrs((inIsolatedMozBrowser ? 1 : 0));
|
||||
nsAutoCString suffix;
|
||||
attrs.CreateSuffix(suffix);
|
||||
|
||||
|
|
|
@ -5,10 +5,10 @@
|
|||
/*
|
||||
* Description of the test:
|
||||
* We show that we can separate the safebrowsing cookie by creating a custom
|
||||
* OriginAttributes using a reserved AppId (UINT_32_MAX - 1). Setting this
|
||||
* OriginAttributes using a unique safebrowsing first-party domain. Setting this
|
||||
* custom OriginAttributes on the loadInfo of the channel allows us to query the
|
||||
* AppId and therefore separate the safebrowing cookie in its own cookie-jar.
|
||||
* For testing safebrowsing update we do >> NOT << emulate a response
|
||||
* first-party domain and therefore separate the safebrowing cookie in its own
|
||||
* cookie-jar. For testing safebrowsing update we do >> NOT << emulate a response
|
||||
* in the body, rather we only set the cookies in the header of the response
|
||||
* and confirm that cookies are separated in their own cookie-jar.
|
||||
*
|
||||
|
@ -148,7 +148,9 @@ add_test(function test_non_safebrowsing_cookie() {
|
|||
add_test(function test_safebrowsing_cookie() {
|
||||
|
||||
var cookieName = 'sbCookie_id4294967294';
|
||||
var originAttributes = new OriginAttributes(Ci.nsIScriptSecurityManager.SAFEBROWSING_APP_ID, false, 0);
|
||||
var originAttributes = new OriginAttributes(0, false, 0);
|
||||
originAttributes.firstPartyDomain =
|
||||
"safebrowsing.86868755-6b82-4842-b301-72671a0db32e.mozilla";
|
||||
|
||||
function setSafeBrowsingCookie() {
|
||||
var channel = setupChannel(setCookiePath, originAttributes);
|
||||
|
|
|
@ -1278,8 +1278,9 @@ PendingLookup::SendRemoteQueryInternal()
|
|||
|
||||
nsCOMPtr<nsILoadInfo> loadInfo = mChannel->GetLoadInfo();
|
||||
if (loadInfo) {
|
||||
loadInfo->SetOriginAttributes(
|
||||
mozilla::NeckoOriginAttributes(NECKO_SAFEBROWSING_APP_ID, false));
|
||||
mozilla::NeckoOriginAttributes neckoAttrs(false);
|
||||
neckoAttrs.mFirstPartyDomain.AssignLiteral(NECKO_SAFEBROWSING_FIRST_PARTY_DOMAIN);
|
||||
loadInfo->SetOriginAttributes(neckoAttrs);
|
||||
}
|
||||
|
||||
nsCOMPtr<nsIHttpChannel> httpChannel(do_QueryInterface(mChannel, &rv));
|
||||
|
@ -1295,14 +1296,6 @@ PendingLookup::SendRemoteQueryInternal()
|
|||
NS_LITERAL_CSTRING("POST"), false);
|
||||
NS_ENSURE_SUCCESS(rv, rv);
|
||||
|
||||
// Set the Safebrowsing cookie jar, so that the regular Google cookie is not
|
||||
// sent with this request. See bug 897516.
|
||||
DocShellOriginAttributes attrs;
|
||||
attrs.mAppId = NECKO_SAFEBROWSING_APP_ID;
|
||||
nsCOMPtr<nsIInterfaceRequestor> loadContext = new mozilla::LoadContext(attrs);
|
||||
rv = mChannel->SetNotificationCallbacks(loadContext);
|
||||
NS_ENSURE_SUCCESS(rv, rv);
|
||||
|
||||
uint32_t timeoutMs = Preferences::GetUint(PREF_SB_DOWNLOADS_REMOTE_TIMEOUT, 10000);
|
||||
mTimeoutTimer = do_CreateInstance(NS_TIMER_CONTRACTID);
|
||||
mTimeoutTimer->InitWithCallback(this, timeoutMs, nsITimer::TYPE_ONE_SHOT);
|
||||
|
|
|
@ -34,14 +34,15 @@ this.PROT_NewXMLHttpRequest = function PROT_NewXMLHttpRequest() {
|
|||
* Note, that XMLFetcher is only used for SafeBrowsing, therefore
|
||||
* we inherit from nsILoadContext, so we can use the callbacks on the
|
||||
* channel to separate the safebrowsing cookie based on a reserved
|
||||
* appId.
|
||||
* first-party domain.
|
||||
* @constructor
|
||||
*/
|
||||
this.PROT_XMLFetcher = function PROT_XMLFetcher() {
|
||||
this.debugZone = "xmlfetcher";
|
||||
this._request = PROT_NewXMLHttpRequest();
|
||||
// implements nsILoadContext
|
||||
this.appId = Ci.nsIScriptSecurityManager.SAFEBROWSING_APP_ID;
|
||||
this.firstPartyDomain =
|
||||
"safebrowsing.86868755-6b82-4842-b301-72671a0db32e.mozilla";
|
||||
this.isInIsolatedMozBrowserElement = false;
|
||||
this.usePrivateBrowsing = false;
|
||||
this.isContent = false;
|
||||
|
@ -66,7 +67,7 @@ PROT_XMLFetcher.prototype = {
|
|||
this._callback = callback;
|
||||
var asynchronous = true;
|
||||
this._request.loadInfo.originAttributes = {
|
||||
appId: this.appId,
|
||||
firstPartyDomain: this.firstPartyDomain,
|
||||
inIsolatedMozBrowser: this.isInIsolatedMozBrowserElement
|
||||
};
|
||||
this._request.open("GET", page, asynchronous);
|
||||
|
|
|
@ -131,7 +131,9 @@ nsUrlClassifierStreamUpdater::FetchUpdate(nsIURI *aUpdateUrl,
|
|||
NS_ENSURE_SUCCESS(rv, rv);
|
||||
|
||||
nsCOMPtr<nsILoadInfo> loadInfo = mChannel->GetLoadInfo();
|
||||
loadInfo->SetOriginAttributes(mozilla::NeckoOriginAttributes(NECKO_SAFEBROWSING_APP_ID, false));
|
||||
mozilla::NeckoOriginAttributes neckoAttrs(false);
|
||||
neckoAttrs.mFirstPartyDomain.AssignLiteral(NECKO_SAFEBROWSING_FIRST_PARTY_DOMAIN);
|
||||
loadInfo->SetOriginAttributes(neckoAttrs);
|
||||
|
||||
mBeganStream = false;
|
||||
|
||||
|
@ -175,15 +177,6 @@ nsUrlClassifierStreamUpdater::FetchUpdate(nsIURI *aUpdateUrl,
|
|||
NS_ENSURE_SUCCESS(rv, rv);
|
||||
}
|
||||
|
||||
// Create a custom LoadContext for SafeBrowsing, so we can use callbacks on
|
||||
// the channel to query the appId which allows separation of safebrowsing
|
||||
// cookies in a separate jar.
|
||||
DocShellOriginAttributes attrs;
|
||||
attrs.mAppId = NECKO_SAFEBROWSING_APP_ID;
|
||||
nsCOMPtr<nsIInterfaceRequestor> sbContext = new mozilla::LoadContext(attrs);
|
||||
rv = mChannel->SetNotificationCallbacks(sbContext);
|
||||
NS_ENSURE_SUCCESS(rv, rv);
|
||||
|
||||
// Make the request.
|
||||
rv = mChannel->AsyncOpen2(this);
|
||||
NS_ENSURE_SUCCESS(rv, rv);
|
||||
|
|
Загрузка…
Ссылка в новой задаче