Bug 1626226 - Copy the hasStoragePermssion flag from the document for workers when creating under a window for dedicated and shared workers. r=dimi,baku,asuth

When creating workers, dedicated workers, shared workers, we will set the storage prinicpal to the worker load info. During getting the storage principal, we need to check the storage permission in the content process. However, we don't have the hasStroagePermission flag which is needed to do the check since the channel that we use to get the principal is not opened yet at the moment. To address this issue, we can copy the hasStoragePermission flag from the doucment of the window which creates the worker. Because the worker would be the same-origin as the window. So, the hasStoragePermission flag is supposed to be the same between the window and the worker. We don't need to do anything for the service worker since the storage permission won't be checked due to the service worker is disabled for third party trackers. And the storage permission is for the third party trackers. Thus, we can ignore this flag for service workers. Differential Revision: https://phabricator.services.mozilla.com/D69810 --HG-- extra : moz-landing-system : lando
2020-04-08 19:02:37 +00:00 · 2020-04-08 19:02:37 +00:00 · c9d7e80dfa
--- a/dom/workers/WorkerPrivate.cpp
+++ b/dom/workers/WorkerPrivate.cpp
@ -2721,6 +2721,25 @@ nsresult WorkerPrivate::GetLoadInfo(JSContext* aCx, nsPIDOMWindowInner* aWindow,
                               getter_AddRefs(loadInfo.mResolvedScriptURI));
    NS_ENSURE_SUCCESS(rv, rv);

+    // We need the correct hasStoragePermission flag for the channel here since
+    // we will do a content blocking check later when we set the storage
+    // principal for the worker. The channel here won't be opened when we do the
+    // check later, so the hasStoragePermission flag is incorrect. To address
+    // this, We copy the hasStoragePermission flag from the document if there is
+    // a window. The worker is created as the same origin of the window. So, the
+    // worker is supposed to have the same storage permission as the window as
+    // well as the hasStoragePermission flag.
+    nsCOMPtr<nsILoadInfo> channelLoadInfo = loadInfo.mChannel->LoadInfo();
+    if (document) {
+      rv = channelLoadInfo->SetHasStoragePermission(
+          document->HasStoragePermission());
+    } else {
+      // If there is no window, we would allow the storage access above. So,
+      // we should assume the worker has the storage permission.
+      rv = channelLoadInfo->SetHasStoragePermission(true);
+    }
+    NS_ENSURE_SUCCESS(rv, rv);
+
    rv = loadInfo.SetPrincipalsAndCSPFromChannel(loadInfo.mChannel);
    NS_ENSURE_SUCCESS(rv, rv);
  }