Bug 1320402 - Move url-classifier off of using appIds. r=ehsan, gcp

MozReview-Commit-ID: IqnAVrv2c9W
2017-01-03 14:21:58 +08:00 · 2017-01-03 14:21:58 +08:00 · bcd217b3c0
--- a/caps/BasePrincipal.h
+++ b/caps/BasePrincipal.h
@ -137,9 +137,8 @@ class NeckoOriginAttributes : public OriginAttributes
 {
 public:
  NeckoOriginAttributes() {}
-  NeckoOriginAttributes(uint32_t aAppId, bool aInIsolatedMozBrowser)
+  explicit NeckoOriginAttributes(bool aInIsolatedMozBrowser)
  {
-    mAppId = aAppId;
    mInIsolatedMozBrowser = aInIsolatedMozBrowser;
  }

--- a/caps/nsIScriptSecurityManager.idl
+++ b/caps/nsIScriptSecurityManager.idl
@ -256,7 +256,6 @@ interface nsIScriptSecurityManager : nsISupports

    const unsigned long NO_APP_ID = 0;
    const unsigned long UNKNOWN_APP_ID = 4294967295; // UINT32_MAX
-    const unsigned long SAFEBROWSING_APP_ID = 4294967294; // UINT32_MAX - 1

    const unsigned long DEFAULT_USER_CONTEXT_ID = 0;

--- a/docshell/base/LoadContext.h
+++ b/docshell/base/LoadContext.h
@ -25,9 +25,6 @@ namespace mozilla {
 * typically provided by nsDocShell.  This is only used when the original
 * docshell is in a different process and we need to copy certain values from
 * it.
- *
- * Note: we also generate a new nsILoadContext using LoadContext(uint32_t aAppId)
- * to separate the safebrowsing cookie.
 */

 class LoadContext final
--- a/netwerk/base/LoadContextInfo.cpp
+++ b/netwerk/base/LoadContextInfo.cpp
@ -137,8 +137,7 @@ LoadContextInfo *
 GetLoadContextInfo(nsILoadContext *aLoadContext, bool aIsAnonymous)
 {
  if (!aLoadContext) {
-    return new LoadContextInfo(aIsAnonymous,
-                               NeckoOriginAttributes(nsILoadContextInfo::NO_APP_ID, false));
+    return new LoadContextInfo(aIsAnonymous, NeckoOriginAttributes(false));
  }

  DebugOnly<bool> pb = aLoadContext->UsePrivateBrowsing();
--- a/netwerk/base/nsNetUtil.h
+++ b/netwerk/base/nsNetUtil.h
@ -672,8 +672,12 @@ bool NS_HasBeenCrossOrigin(nsIChannel* aChannel, bool aReport = false);
 // know about script security manager.
 #define NECKO_NO_APP_ID 0
 #define NECKO_UNKNOWN_APP_ID UINT32_MAX
-// special app id reserved for separating the safebrowsing cookie
-#define NECKO_SAFEBROWSING_APP_ID UINT32_MAX - 1
+
+// Unique first-party domain for separating the safebrowsing cookie.
+// Note if this value is changed, code in test_cookiejars_safebrowsing.js
+// should also be changed.
+#define NECKO_SAFEBROWSING_FIRST_PARTY_DOMAIN \
+  "safebrowsing.86868755-6b82-4842-b301-72671a0db32e.mozilla"

 /**
 * Determines whether appcache should be checked for a given URI.
--- a/netwerk/cache2/CacheFileUtils.cpp
+++ b/netwerk/cache2/CacheFileUtils.cpp
@ -35,7 +35,7 @@ public:
  explicit KeyParser(nsACString const& aInput)
    : Tokenizer(aInput)
    // Initialize attributes to their default values
-    , originAttribs(0, false)
+    , originAttribs(false)
    , isAnonymous(false)
    // Initialize the cache key to a zero length by default
    , lastTag(0)
--- a/netwerk/cookie/nsCookieService.cpp
+++ b/netwerk/cookie/nsCookieService.cpp
@ -834,16 +834,14 @@ ConvertAppIdToOriginAttrsSQLFunction::OnFunctionCall(
  mozIStorageValueArray* aFunctionArguments, nsIVariant** aResult)
 {
  nsresult rv;
-  int32_t appId, inIsolatedMozBrowser;
+  int32_t inIsolatedMozBrowser;

-  rv = aFunctionArguments->GetInt32(0, &appId);
-  NS_ENSURE_SUCCESS(rv, rv);
  rv = aFunctionArguments->GetInt32(1, &inIsolatedMozBrowser);
  NS_ENSURE_SUCCESS(rv, rv);

-  // Create an originAttributes object by appId and inIsolatedMozBrowser.
+  // Create an originAttributes object by inIsolatedMozBrowser.
  // Then create the originSuffix string from this object.
-  NeckoOriginAttributes attrs(appId, (inIsolatedMozBrowser ? 1 : 0));
+  NeckoOriginAttributes attrs((inIsolatedMozBrowser ? 1 : 0));
  nsAutoCString suffix;
  attrs.CreateSuffix(suffix);

--- a/netwerk/test/unit/test_cookiejars_safebrowsing.js
+++ b/netwerk/test/unit/test_cookiejars_safebrowsing.js
@ -5,10 +5,10 @@
 /*
 * Description of the test:
 *   We show that we can separate the safebrowsing cookie by creating a custom
- *   OriginAttributes using a reserved AppId (UINT_32_MAX - 1). Setting this
+ *   OriginAttributes using a unique safebrowsing first-party domain. Setting this
 *   custom OriginAttributes on the loadInfo of the channel allows us to query the
- *   AppId and therefore separate the safebrowing cookie in its own cookie-jar.
- *   For testing safebrowsing update we do >> NOT << emulate a response
+ *   first-party domain and therefore separate the safebrowing cookie in its own
+ *   cookie-jar. For testing safebrowsing update we do >> NOT << emulate a response
 *   in the body, rather we only set the cookies in the header of the response
 *   and confirm that cookies are separated in their own cookie-jar.
 *
@ -148,7 +148,9 @@ add_test(function test_non_safebrowsing_cookie() {
 add_test(function test_safebrowsing_cookie() {

  var cookieName = 'sbCookie_id4294967294';
-  var originAttributes = new OriginAttributes(Ci.nsIScriptSecurityManager.SAFEBROWSING_APP_ID, false, 0);
+  var originAttributes = new OriginAttributes(0, false, 0);
+  originAttributes.firstPartyDomain =
+    "safebrowsing.86868755-6b82-4842-b301-72671a0db32e.mozilla";

  function setSafeBrowsingCookie() {
    var channel = setupChannel(setCookiePath, originAttributes);
--- a/toolkit/components/downloads/ApplicationReputation.cpp
+++ b/toolkit/components/downloads/ApplicationReputation.cpp
@ -1278,8 +1278,9 @@ PendingLookup::SendRemoteQueryInternal()

  nsCOMPtr<nsILoadInfo> loadInfo = mChannel->GetLoadInfo();
  if (loadInfo) {
-    loadInfo->SetOriginAttributes(
-      mozilla::NeckoOriginAttributes(NECKO_SAFEBROWSING_APP_ID, false));
+    mozilla::NeckoOriginAttributes neckoAttrs(false);
+    neckoAttrs.mFirstPartyDomain.AssignLiteral(NECKO_SAFEBROWSING_FIRST_PARTY_DOMAIN);
+    loadInfo->SetOriginAttributes(neckoAttrs);
  }

  nsCOMPtr<nsIHttpChannel> httpChannel(do_QueryInterface(mChannel, &rv));
@ -1295,14 +1296,6 @@ PendingLookup::SendRemoteQueryInternal()
    NS_LITERAL_CSTRING("POST"), false);
  NS_ENSURE_SUCCESS(rv, rv);

-  // Set the Safebrowsing cookie jar, so that the regular Google cookie is not
-  // sent with this request. See bug 897516.
-  DocShellOriginAttributes attrs;
-  attrs.mAppId = NECKO_SAFEBROWSING_APP_ID;
-  nsCOMPtr<nsIInterfaceRequestor> loadContext = new mozilla::LoadContext(attrs);
-  rv = mChannel->SetNotificationCallbacks(loadContext);
-  NS_ENSURE_SUCCESS(rv, rv);
-
  uint32_t timeoutMs = Preferences::GetUint(PREF_SB_DOWNLOADS_REMOTE_TIMEOUT, 10000);
  mTimeoutTimer = do_CreateInstance(NS_TIMER_CONTRACTID);
  mTimeoutTimer->InitWithCallback(this, timeoutMs, nsITimer::TYPE_ONE_SHOT);
--- a/toolkit/components/url-classifier/content/xml-fetcher.js
+++ b/toolkit/components/url-classifier/content/xml-fetcher.js
@ -34,14 +34,15 @@ this.PROT_NewXMLHttpRequest = function PROT_NewXMLHttpRequest() {
 * Note, that XMLFetcher is only used for SafeBrowsing, therefore
 * we inherit from nsILoadContext, so we can use the callbacks on the
 * channel to separate the safebrowsing cookie based on a reserved
- * appId.
+ * first-party domain.
 * @constructor
 */
 this.PROT_XMLFetcher = function PROT_XMLFetcher() {
  this.debugZone = "xmlfetcher";
  this._request = PROT_NewXMLHttpRequest();
  // implements nsILoadContext
-  this.appId = Ci.nsIScriptSecurityManager.SAFEBROWSING_APP_ID;
+  this.firstPartyDomain =
+    "safebrowsing.86868755-6b82-4842-b301-72671a0db32e.mozilla";
  this.isInIsolatedMozBrowserElement = false;
  this.usePrivateBrowsing = false;
  this.isContent = false;
@ -66,7 +67,7 @@ PROT_XMLFetcher.prototype = {
    this._callback = callback;
    var asynchronous = true;
    this._request.loadInfo.originAttributes = {
-      appId: this.appId,
+      firstPartyDomain: this.firstPartyDomain,
      inIsolatedMozBrowser: this.isInIsolatedMozBrowserElement
    };
    this._request.open("GET", page, asynchronous);
--- a/toolkit/components/url-classifier/nsUrlClassifierStreamUpdater.cpp
+++ b/toolkit/components/url-classifier/nsUrlClassifierStreamUpdater.cpp
@ -131,7 +131,9 @@ nsUrlClassifierStreamUpdater::FetchUpdate(nsIURI *aUpdateUrl,
  NS_ENSURE_SUCCESS(rv, rv);

  nsCOMPtr<nsILoadInfo> loadInfo = mChannel->GetLoadInfo();
-  loadInfo->SetOriginAttributes(mozilla::NeckoOriginAttributes(NECKO_SAFEBROWSING_APP_ID, false));
+  mozilla::NeckoOriginAttributes neckoAttrs(false);
+  neckoAttrs.mFirstPartyDomain.AssignLiteral(NECKO_SAFEBROWSING_FIRST_PARTY_DOMAIN);
+  loadInfo->SetOriginAttributes(neckoAttrs);

  mBeganStream = false;

@ -175,15 +177,6 @@ nsUrlClassifierStreamUpdater::FetchUpdate(nsIURI *aUpdateUrl,
    NS_ENSURE_SUCCESS(rv, rv);
  }

-  // Create a custom LoadContext for SafeBrowsing, so we can use callbacks on
-  // the channel to query the appId which allows separation of safebrowsing
-  // cookies in a separate jar.
-  DocShellOriginAttributes attrs;
-  attrs.mAppId = NECKO_SAFEBROWSING_APP_ID;
-  nsCOMPtr<nsIInterfaceRequestor> sbContext = new mozilla::LoadContext(attrs);
-  rv = mChannel->SetNotificationCallbacks(sbContext);
-  NS_ENSURE_SUCCESS(rv, rv);
-
  // Make the request.
  rv = mChannel->AsyncOpen2(this);
  NS_ENSURE_SUCCESS(rv, rv);