mozilla
/
gecko-dev
зеркало из https://github.com/mozilla/gecko-dev.git
1
0
Форкнуть 0
Код Задачи Пакеты Проекты Релизы Вики Активность

Backed out 2 changesets (bug 1629436) for causing test_chrome_ext_trackingprotection.html failures CLOSED TREE 

Backed out changeset 18d21d5f63dd (bug 1629436)
Backed out changeset d14b4bb75db7 (bug 1629436)
This commit is contained in:
Ciure Andrei 2020-05-01 23:43:02 +03:00
Родитель c3d71cca63
Коммит c7af299990
5 изменённых файлов: 21 добавлений и 273 удалений
Показать статистику Скачать Patch файл Скачать Diff файл Показать все файлы Свернуть все файлы

29
dom/base/ThirdPartyUtil.cpp
Просмотреть файл

@ -351,22 +351,23 @@ ThirdPartyUtil::IsThirdPartyChannel(nsIChannel* aChannel, nsIURI* aURI,
if (NS_FAILED(rv)) return rv;
if (!doForce) {
nsCOMPtr<nsILoadInfo> loadInfo = aChannel->LoadInfo();
parentIsThird = loadInfo->GetIsInThirdPartyContext();
BasePrincipal* loadingPrincipal =
BasePrincipal::Cast(loadInfo->GetLoadingPrincipal());
if (!parentIsThird &&
loadInfo->GetExternalContentPolicyType() !=
nsIContentPolicy::TYPE_DOCUMENT &&
(!loadingPrincipal->AddonPolicy() ||
!loadingPrincipal->AddonAllowsLoad(channelURI))) {
// Check if the channel itself is third-party to its own requestor.
// Unforunately, we have to go through the loading principal.
if (nsCOMPtr<nsILoadInfo> loadInfo = aChannel->LoadInfo()) {
parentIsThird = loadInfo->GetIsInThirdPartyContext();
if (!parentIsThird && loadInfo->GetExternalContentPolicyType() !=
nsIContentPolicy::TYPE_DOCUMENT) {
// Check if the channel itself is third-party to its own requestor.
// Unforunately, we have to go through the loading principal.
rv = loadingPrincipal->IsThirdPartyURI(channelURI, &parentIsThird);
if (NS_FAILED(rv)) {
return rv;
rv = loadInfo->GetLoadingPrincipal()->IsThirdPartyURI(channelURI,
&parentIsThird);
if (NS_FAILED(rv)) {
return rv;
}
}
} else {
NS_WARNING(
"Found channel with no loadinfo, assuming third-party request");
parentIsThird = true;
}
}

9
netwerk/base/nsNetUtil.cpp
Просмотреть файл

@ -2110,10 +2110,8 @@ bool NS_IsSameSiteForeign(nsIChannel* aChannel, nsIURI* aHostURI) {
// Do not treat loads triggered by web extensions as foreign
nsCOMPtr<nsIURI> channelURI;
NS_GetFinalChannelURI(aChannel, getter_AddRefs(channelURI));
RefPtr<BasePrincipal> triggeringPrincipal =
BasePrincipal::Cast(loadInfo->TriggeringPrincipal());
if (triggeringPrincipal->AddonPolicy() &&
triggeringPrincipal->AddonAllowsLoad(channelURI)) {
if (BasePrincipal::Cast(loadInfo->TriggeringPrincipal())
->AddonAllowsLoad(channelURI)) {
return false;
}
@ -2124,7 +2122,8 @@ bool NS_IsSameSiteForeign(nsIChannel* aChannel, nsIURI* aHostURI) {
// for loads of TYPE_DOCUMENT we query the hostURI from the
// triggeringPrincipal which returns the URI of the document that caused the
// navigation.
rv = triggeringPrincipal->IsThirdPartyChannel(aChannel, &isForeign);
rv = loadInfo->TriggeringPrincipal()->IsThirdPartyChannel(aChannel,
&isForeign);
} else {
nsCOMPtr<mozIThirdPartyUtil> thirdPartyUtil =
do_GetService(THIRDPARTYUTIL_CONTRACTID);

4
toolkit/components/extensions/test/xpcshell/test_ext_cookieBehaviors.js
Просмотреть файл

@ -271,9 +271,9 @@ add_task(async function test_ext_page_3rdparty_cookies() {
const testRequests = ["xhr", "fetch", "worker fetch"];
const tests = [
{ behavior: "BEHAVIOR_ACCEPT", cookiesCount: 1 },
{ behavior: "BEHAVIOR_REJECT_FOREIGN", cookiesCount: 1 },
{ behavior: "BEHAVIOR_REJECT_FOREIGN", cookiesCount: 0 },
{ behavior: "BEHAVIOR_REJECT", cookiesCount: 0 },
{ behavior: "BEHAVIOR_LIMIT_FOREIGN", cookiesCount: 1 },
{ behavior: "BEHAVIOR_LIMIT_FOREIGN", cookiesCount: 0 },
{ behavior: "BEHAVIOR_REJECT_TRACKER", cookiesCount: 1 },
];

251
toolkit/components/extensions/test/xpcshell/test_ext_cookies_firstParty.js
Просмотреть файл

@ -1,251 +0,0 @@
"use strict";
const server = createHttpServer({
hosts: ["example.org", "example.net", "example.com"],
});
function promiseSetCookies() {
return new Promise(resolve => {
server.registerPathHandler("/setCookies", (request, response) => {
response.setStatusLine(request.httpVersion, 200, "OK");
response.setHeader("Content-Type", "text/html; charset=utf-8", false);
response.setHeader("Set-Cookie", "none=a; sameSite=none", true);
response.setHeader("Set-Cookie", "lax=b; sameSite=lax", true);
response.setHeader("Set-Cookie", "strict=c; sameSite=strict", true);
response.write("<html></html>");
resolve();
});
});
}
function promiseLoadedCookies() {
return new Promise(resolve => {
let cookies;
server.registerPathHandler("/checkCookies", (request, response) => {
cookies = request.hasHeader("Cookie") ? request.getHeader("Cookie") : "";
response.setStatusLine(request.httpVersion, 302, "Moved Permanently");
response.setHeader("Content-Type", "text/html; charset=utf-8", false);
response.setHeader("Location", "/ready");
});
server.registerPathHandler("/navigate", (request, response) => {
cookies = request.hasHeader("Cookie") ? request.getHeader("Cookie") : "";
response.setStatusLine(request.httpVersion, 200, "OK");
response.setHeader("Content-Type", "text/html; charset=utf-8", false);
response.write(
"<html><script>location = '/checkCookies';</script></html>"
);
});
server.registerPathHandler("/fetch", (request, response) => {
response.setStatusLine(request.httpVersion, 200, "OK");
response.setHeader("Content-Type", "text/html; charset=utf-8", false);
response.write("<html><script>fetch('/checkCookies');</script></html>");
});
server.registerPathHandler("/ready", (request, response) => {
response.setStatusLine(request.httpVersion, 200, "OK");
response.setHeader("Content-Type", "text/html; charset=utf-8", false);
response.write("<html></html>");
resolve(cookies);
});
});
}
add_task(async function setup() {
Services.prefs.setIntPref("network.cookie.cookieBehavior", 0);
Services.prefs.setBoolPref("network.cookie.sameSite.laxByDefault", true);
// We don't want to have 'secure' cookies because our test http server doesn't run in https.
Services.prefs.setBoolPref(
"network.cookie.sameSite.noneRequiresSecure",
false
);
// Let's set 3 cookies before loading the extension.
let cookiesPromise = promiseSetCookies();
let contentPage = await ExtensionTestUtils.loadContentPage(
"http://example.org/setCookies"
);
await cookiesPromise;
await contentPage.close();
Assert.equal(Services.cookies.cookies.length, 3);
});
add_task(async function test_cookies_firstParty() {
async function pageScript() {
const ifr = document.createElement("iframe");
ifr.src = "http://example.org/" + location.search.slice(1);
document.body.appendChild(ifr);
}
let extension = ExtensionTestUtils.loadExtension({
manifest: {
permissions: ["*://example.org/"],
},
files: {
"page.html": `<body><script src="page.js"></script></body>`,
"page.js": pageScript,
},
});
await extension.startup();
// This page will load example.org in an iframe.
let url = `moz-extension://${extension.uuid}/page.html`;
let cookiesPromise = promiseLoadedCookies();
let contentPage = await ExtensionTestUtils.loadContentPage(
url + "?checkCookies",
{ extension }
);
// Let's check the cookies received during the last loading.
Assert.equal(await cookiesPromise, "none=a; lax=b; strict=c");
await contentPage.close();
// Let's navigate.
cookiesPromise = promiseLoadedCookies();
contentPage = await ExtensionTestUtils.loadContentPage(url + "?navigate", {
extension,
});
// Let's check the cookies received during the last loading.
Assert.equal(await cookiesPromise, "none=a; lax=b; strict=c");
await contentPage.close();
// Let's run a fetch()
cookiesPromise = promiseLoadedCookies();
contentPage = await ExtensionTestUtils.loadContentPage(url + "?fetch", {
extension,
});
// Let's check the cookies received during the last loading.
Assert.equal(await cookiesPromise, "none=a");
await contentPage.close();
await extension.unload();
});
add_task(async function test_cookies_iframes() {
server.registerPathHandler("/echocookies", (request, response) => {
response.setStatusLine(request.httpVersion, 200, "OK");
response.setHeader("Content-Type", "text/html; charset=utf-8", false);
response.write(
request.hasHeader("Cookie") ? request.getHeader("Cookie") : ""
);
});
server.registerPathHandler("/contentScriptHere", (request, response) => {
response.setStatusLine(request.httpVersion, 200, "OK");
response.setHeader("Content-Type", "text/html; charset=utf-8", false);
response.write("<html></html>");
});
server.registerPathHandler("/pageWithFrames", (request, response) => {
response.setStatusLine(request.httpVersion, 200, "OK");
response.setHeader("Content-Type", "text/html; charset=utf-8", false);
response.write(`
<html>
<iframe src="http://example.com/contentScriptHere"></iframe>
<iframe src="http://example.net/contentScriptHere"></iframe>
</html>
`);
});
let extension = ExtensionTestUtils.loadExtension({
manifest: {
permissions: ["*://example.org/"],
content_scripts: [
{
js: ["contentScript.js"],
matches: [
"*://example.com/contentScriptHere",
"*://example.net/contentScriptHere",
],
run_at: "document_end",
all_frames: true,
},
],
},
files: {
"contentScript.js": async () => {
const res = await fetch("http://example.org/echocookies");
const cookies = await res.text();
browser.test.assertEq(
"none=a",
cookies,
"expected cookies in content script"
);
browser.test.sendMessage("extfetch:" + location.hostname);
},
},
});
await extension.startup();
let contentPage = await ExtensionTestUtils.loadContentPage(
"http://example.com/pageWithFrames"
);
await Promise.all([
extension.awaitMessage("extfetch:example.com"),
extension.awaitMessage("extfetch:example.net"),
]);
await contentPage.close();
await extension.unload();
});
add_task(async function test_cookies_background() {
async function background() {
const res = await fetch("http://example.org/echocookies", {
credentials: "include",
});
const cookies = await res.text();
browser.test.sendMessage("fetchcookies", cookies);
}
const tests = [
{
permissions: ["http://example.org/*"],
cookies: "none=a; lax=b; strict=c",
},
{
permissions: [],
cookies: "none=a",
},
];
for (let test of tests) {
let extension = ExtensionTestUtils.loadExtension({
background,
manifest: {
permissions: test.permissions,
},
});
server.registerPathHandler("/echocookies", (request, response) => {
response.setStatusLine(request.httpVersion, 200, "OK");
response.setHeader("Content-Type", "text/html; charset=utf-8", false);
response.setHeader(
"Access-Control-Allow-Origin",
`moz-extension://${extension.uuid}`,
false
);
response.setHeader("Access-Control-Allow-Credentials", "true", false);
response.write(
request.hasHeader("Cookie") ? request.getHeader("Cookie") : ""
);
});
await extension.startup();
equal(
await extension.awaitMessage("fetchcookies"),
test.cookies,
"extension with permissions can see SameSite-restricted cookies"
);
await extension.unload();
}
});

1
toolkit/components/extensions/test/xpcshell/xpcshell-common.ini
Просмотреть файл

@ -32,7 +32,6 @@ run-sequentially = node server exceptions dont replay well
skip-if = os == "android" || (os == "mac" && debug) # CP service is disabled on Android, macosx1014/debug due to 1564534
run-sequentially = node server exceptions dont replay well
[test_ext_cookieBehaviors.js]
[test_ext_cookies_firstParty.js]
[test_ext_cookies_samesite.js]
[test_ext_content_security_policy.js]
skip-if = (os == "win" && debug) #Bug 1485567