Bug 1547813 - Part 8: Introduce a CookieSettings API to query whether cookies from third-party trackers must be rejected and use it in Gecko; r=baku

Differential Revision: https://phabricator.services.mozilla.com/D30117

--HG--
extra : moz-landing-system : lando
This commit is contained in:
Ehsan Akhgari 2019-05-08 20:22:18 +00:00
Родитель f33f21e80b
Коммит c7cb5521d1
9 изменённых файлов: 48 добавлений и 28 удалений

Просмотреть файл

@ -12196,8 +12196,7 @@ DocumentAutoplayPolicy Document::AutoplayPolicy() const {
}
void Document::MaybeAllowStorageForOpenerAfterUserInteraction() {
if (CookieSettings()->GetCookieBehavior() !=
nsICookieService::BEHAVIOR_REJECT_TRACKER) {
if (!CookieSettings()->GetRejectThirdPartyTrackers()) {
return;
}
@ -12734,8 +12733,7 @@ already_AddRefed<mozilla::dom::Promise> Document::RequestStorageAccess(
}
// Only enforce third-party checks when there is a reason to enforce them.
if (CookieSettings()->GetCookieBehavior() !=
nsICookieService::BEHAVIOR_REJECT_TRACKER) {
if (!CookieSettings()->GetRejectThirdPartyTrackers()) {
// Step 3. If the document's frame is the main frame, resolve.
if (IsTopLevelContentDocument()) {
promise->MaybeResolveWithUndefined();
@ -12787,9 +12785,7 @@ already_AddRefed<mozilla::dom::Promise> Document::RequestStorageAccess(
return promise.forget();
}
if (CookieSettings()->GetCookieBehavior() ==
nsICookieService::BEHAVIOR_REJECT_TRACKER &&
inner) {
if (CookieSettings()->GetRejectThirdPartyTrackers() && inner) {
// Only do something special for third-party tracking content.
if (nsContentUtils::StorageDisabledByAntiTracking(this, nullptr)) {
// Note: If this has returned true, the top-level document is guaranteed

Просмотреть файл

@ -2293,8 +2293,7 @@ nsresult nsGlobalWindowOuter::SetNewDocument(Document* aDocument,
mHasStorageAccess = false;
nsIURI* uri = aDocument->GetDocumentURI();
if (newInnerWindow &&
aDocument->CookieSettings()->GetCookieBehavior() ==
nsICookieService::BEHAVIOR_REJECT_TRACKER &&
aDocument->CookieSettings()->GetRejectThirdPartyTrackers() &&
nsContentUtils::IsThirdPartyWindowOrChannel(newInnerWindow, nullptr,
uri) &&
nsContentUtils::IsTrackingResourceWindow(newInnerWindow)) {

Просмотреть файл

@ -18,6 +18,7 @@
#include "ReferrerInfo.h"
#include "mozilla/AntiTrackingCommon.h"
#include "mozilla/net/CookieSettings.h"
#include "mozilla/net/HttpBaseChannel.h"
static mozilla::LazyLogModule gReferrerInfoLog("ReferrerInfo");
@ -120,9 +121,18 @@ uint32_t ReferrerInfo::GetDefaultReferrerPolicy(nsIHttpChannel* aChannel,
bool privateBrowsing) {
CachePreferrenceValue();
bool thirdPartyTrackerIsolated = false;
if (StaticPrefs::network_cookie_cookieBehavior() ==
nsICookieService::BEHAVIOR_REJECT_TRACKER &&
aChannel && aURI) {
nsCOMPtr<nsILoadInfo> loadInfo;
if (aChannel) {
loadInfo = aChannel->LoadInfo();
}
nsCOMPtr<nsICookieSettings> cs;
if (loadInfo) {
Unused << loadInfo->GetCookieSettings(getter_AddRefs(cs));
}
if (!cs) {
cs = net::CookieSettings::Create();
}
if (aChannel && aURI && cs->GetRejectThirdPartyTrackers()) {
uint32_t rejectedReason = 0;
thirdPartyTrackerIsolated =
!AntiTrackingCommon::IsFirstPartyStorageAccessGrantedFor(

Просмотреть файл

@ -2030,8 +2030,7 @@ void RuntimeService::PropagateFirstPartyStorageAccessGranted(
MOZ_ASSERT(aWindow);
MOZ_ASSERT_IF(
aWindow->GetExtantDoc(),
aWindow->GetExtantDoc()->CookieSettings()->GetCookieBehavior() ==
nsICookieService::BEHAVIOR_REJECT_TRACKER);
aWindow->GetExtantDoc()->CookieSettings()->GetRejectThirdPartyTrackers());
nsTArray<WorkerPrivate*> workers;
GetWorkersForWindow(aWindow, workers);
@ -2431,8 +2430,7 @@ void PropagateFirstPartyStorageAccessGrantedToWorkers(
AssertIsOnMainThread();
MOZ_ASSERT_IF(
aWindow->GetExtantDoc(),
aWindow->GetExtantDoc()->CookieSettings()->GetCookieBehavior() ==
nsICookieService::BEHAVIOR_REJECT_TRACKER);
aWindow->GetExtantDoc()->CookieSettings()->GetRejectThirdPartyTrackers());
RuntimeService* runtime = RuntimeService::GetService();
if (runtime) {

Просмотреть файл

@ -104,6 +104,15 @@ CookieSettings::GetCookieBehavior(uint32_t* aCookieBehavior) {
return NS_OK;
}
NS_IMETHODIMP
CookieSettings::GetRejectThirdPartyTrackers(bool* aRejectThirdPartyTrackers) {
*aRejectThirdPartyTrackers =
mCookieBehavior == nsICookieService::BEHAVIOR_REJECT_TRACKER ||
mCookieBehavior ==
nsICookieService::BEHAVIOR_REJECT_TRACKER_AND_PARTITION_FOREIGN;
return NS_OK;
}
NS_IMETHODIMP
CookieSettings::CookiePermission(nsIPrincipal* aPrincipal,
uint32_t* aCookiePermission) {

Просмотреть файл

@ -4054,8 +4054,7 @@ CookieStatus nsCookieService::CheckPrefs(
// context, when anti-tracking protection is enabled and when we don't have
// access to the first-party cookie jar.
if (aIsForeign && aIsTrackingResource && !aFirstPartyStorageAccessGranted &&
aCookieSettings->GetCookieBehavior() ==
nsICookieService::BEHAVIOR_REJECT_TRACKER) {
aCookieSettings->GetRejectThirdPartyTrackers()) {
if (StoragePartitioningEnabled(aInputRejectedReason, aCookieSettings)) {
MOZ_ASSERT(!aOriginAttrs.mFirstPartyDomain.IsEmpty(),
"We must have a StoragePrincipal here!");

Просмотреть файл

@ -21,6 +21,11 @@ interface nsICookieSettings : nsISupports
*/
[infallible] readonly attribute unsigned long cookieBehavior;
/**
* Whether our cookie behavior mandates rejecting third-party trackers.
*/
[infallible] readonly attribute boolean rejectThirdPartyTrackers;
/**
* CookiePermission at the loading of the document for a particular
* principal. It returns the same cookiePermission also in case it changes

Просмотреть файл

@ -122,6 +122,7 @@
#include "mozilla/dom/Promise.h"
#include "mozilla/dom/ServiceWorkerUtils.h"
#include "mozilla/net/AsyncUrlChannelClassifier.h"
#include "mozilla/net/CookieSettings.h"
#include "mozilla/net/NeckoChannelParams.h"
#include "mozilla/net/UrlClassifierFeatureFactory.h"
#include "nsIWebNavigation.h"
@ -10223,8 +10224,14 @@ nsresult nsHttpChannel::RedirectToInterceptedChannel() {
}
void nsHttpChannel::ReEvaluateReferrerAfterTrackingStatusIsKnown() {
if (StaticPrefs::network_cookie_cookieBehavior() ==
nsICookieService::BEHAVIOR_REJECT_TRACKER) {
nsCOMPtr<nsICookieSettings> cs;
if (mLoadInfo) {
Unused << mLoadInfo->GetCookieSettings(getter_AddRefs(cs));
}
if (!cs) {
cs = net::CookieSettings::Create();
}
if (cs->GetRejectThirdPartyTrackers()) {
bool isPrivate =
mLoadInfo && mLoadInfo->GetOriginAttributes().mPrivateBrowsingId > 0;
// If our referrer has been set before, and our referrer policy is unset

Просмотреть файл

@ -786,12 +786,11 @@ AntiTrackingCommon::AddFirstPartyStorageAccessGrantedFor(
LOG(("Parent window has no doc"));
return StorageAccessGrantPromise::CreateAndReject(false, __func__);
}
auto cookieBehavior = parentDoc->CookieSettings()->GetCookieBehavior();
if (cookieBehavior != nsICookieService::BEHAVIOR_REJECT_TRACKER) {
if (!parentDoc->CookieSettings()->GetRejectThirdPartyTrackers()) {
LOG(
("Disabled by network.cookie.cookieBehavior pref (%d), bailing out "
"early",
cookieBehavior));
parentDoc->CookieSettings()->GetCookieBehavior()));
return StorageAccessGrantPromise::CreateAndResolve(true, __func__);
}
@ -1617,11 +1616,9 @@ bool AntiTrackingCommon::MaybeIsFirstPartyStorageAccessGrantedFor(
return false;
}
auto cookieBehavior = parentDocument->CookieSettings()->GetCookieBehavior();
// TODO: Perhaps we need to do something special for
// nsICookieService::BEHAVIOR_REJECT_TRACKER_AND_PARTITION_FOREIGN here?
if (cookieBehavior != nsICookieService::BEHAVIOR_REJECT_TRACKER) {
LOG(("Disabled by the pref (%d), bail out early", cookieBehavior));
if (!parentDocument->CookieSettings()->GetRejectThirdPartyTrackers()) {
LOG(("Disabled by the pref (%d), bail out early",
parentDocument->CookieSettings()->GetCookieBehavior()));
return true;
}