diff --git a/browser/app/profile/firefox.js b/browser/app/profile/firefox.js index 381f0ef787c3..fa96c6b8ac72 100644 --- a/browser/app/profile/firefox.js +++ b/browser/app/profile/firefox.js @@ -1532,9 +1532,6 @@ pref("browser.contentblocking.allowlist.storage.enabled", true); pref("dom.storage_access.enabled", true); #endif -pref("dom.storage_access.auto_grants", true); -pref("dom.storage_access.max_concurrent_auto_grants", 5); - // Define a set of default features for the Content Blocking UI. pref("browser.contentblocking.trackingprotection.control-center.ui.enabled", true); pref("browser.contentblocking.rejecttrackers.control-center.ui.enabled", true); @@ -1798,5 +1795,3 @@ pref("prio.enabled", true); pref("browser.discovery.enabled", false); pref("browser.discovery.containers.enabled", true); pref("browser.discovery.sites", "addons.mozilla.org"); - -pref("browser.engagement.recent_visited_origins.expiry", 86400); // 24 * 60 * 60 (24 hours in seconds) diff --git a/browser/modules/BrowserUsageTelemetry.jsm b/browser/modules/BrowserUsageTelemetry.jsm index 6e8ef1edf47c..9044ac5629de 100644 --- a/browser/modules/BrowserUsageTelemetry.jsm +++ b/browser/modules/BrowserUsageTelemetry.jsm @@ -7,7 +7,6 @@ var EXPORTED_SYMBOLS = [ "BrowserUsageTelemetry", - "URICountListener", "URLBAR_SELECTED_RESULT_TYPES", "URLBAR_SELECTED_RESULT_METHODS", "MINIMUM_TAB_COUNT_INTERVAL_MS", @@ -19,14 +18,8 @@ XPCOMUtils.defineLazyModuleGetters(this, { PrivateBrowsingUtils: "resource://gre/modules/PrivateBrowsingUtils.jsm", SearchTelemetry: "resource:///modules/SearchTelemetry.jsm", Services: "resource://gre/modules/Services.jsm", - setTimeout: "resource://gre/modules/Timer.jsm", }); -// This pref is in seconds! -XPCOMUtils.defineLazyPreferenceGetter(this, - "gRecentVisitedOriginsExpiry", - "browser.engagement.recent_visited_origins.expiry"); - // The upper bound for the count of the visited unique domain names. const MAX_UNIQUE_VISITED_DOMAINS = 100; @@ -135,8 +128,6 @@ function shouldRecordSearchCount(tabbrowser) { let URICountListener = { // A set containing the visited domains, see bug 1271310. _domainSet: new Set(), - // A set containing the visited origins during the last 24 hours (similar to domains, but not quite the same) - _origin24hrSet: new Set(), // A map to keep track of the URIs loaded from the restored tabs. _restoredURIsMap: new WeakMap(), @@ -239,26 +230,13 @@ let URICountListener = { // Unique domains should be aggregated by (eTLD + 1): x.test.com and y.test.com // are counted once as test.com. - let baseDomain; try { // Even if only considering http(s) URIs, |getBaseDomain| could still throw // due to the URI containing invalid characters or the domain actually being // an ipv4 or ipv6 address. - baseDomain = Services.eTLD.getBaseDomain(uri); - this._domainSet.add(baseDomain); + this._domainSet.add(Services.eTLD.getBaseDomain(uri)); } catch (e) { - baseDomain = uri.host; - } - - // Record the origin, but with the base domain (eTLD + 1). - let baseDomainURI = uri.mutate() - .setHost(baseDomain) - .finalize(); - this._origin24hrSet.add(baseDomainURI.prePath); - if (gRecentVisitedOriginsExpiry) { - setTimeout(() => { - this._origin24hrSet.delete(baseDomainURI.prePath); - }, gRecentVisitedOriginsExpiry * 1000); + return; } Services.telemetry.scalarSet(UNIQUE_DOMAINS_COUNT_SCALAR_NAME, this._domainSet.size); @@ -271,21 +249,6 @@ let URICountListener = { this._domainSet.clear(); }, - /** - * Returns the number of unique origins visited in this session during the - * last 24 hours. - */ - get uniqueOriginsVisitedInPast24Hours() { - return this._origin24hrSet.size; - }, - - /** - * Resets the number of unique origins visited in this session. - */ - resetUniqueOriginsVisitedInPast24Hours() { - this._origin24hrSet.clear(); - }, - QueryInterface: ChromeUtils.generateQI([Ci.nsIWebProgressListener, Ci.nsISupportsWeakReference]), }; diff --git a/browser/modules/PermissionUI.jsm b/browser/modules/PermissionUI.jsm index e657541bbea8..b84d02fb2970 100644 --- a/browser/modules/PermissionUI.jsm +++ b/browser/modules/PermissionUI.jsm @@ -68,8 +68,6 @@ ChromeUtils.defineModuleGetter(this, "SitePermissions", "resource:///modules/SitePermissions.jsm"); ChromeUtils.defineModuleGetter(this, "PrivateBrowsingUtils", "resource://gre/modules/PrivateBrowsingUtils.jsm"); -ChromeUtils.defineModuleGetter(this, "URICountListener", - "resource:///modules/BrowserUsageTelemetry.jsm"); XPCOMUtils.defineLazyGetter(this, "gBrowserBundle", function() { return Services.strings @@ -255,12 +253,8 @@ var PermissionPromptPrototype = { * be called just before. Subclasses may want to override this * in order to, for example, bump a counter Telemetry probe for * how often a particular permission request is seen. - * - * If this returns false, it cancels the process of showing the prompt. In - * that case, it is the responsibility of the onBeforeShow() implementation - * to ensure that allow() or cancel() are called on the object appropriately. */ - onBeforeShow() { return true; }, + onBeforeShow() {}, /** * If the prompt was shown to the user, this callback will be called just @@ -446,15 +440,14 @@ var PermissionPromptPrototype = { return false; }; - if (this.onBeforeShow() !== false) { - chromeWin.PopupNotifications.show(this.browser, - this.notificationID, - this.message, - this.anchorID, - mainAction, - secondaryActions, - options); - } + this.onBeforeShow(); + chromeWin.PopupNotifications.show(this.browser, + this.notificationID, + this.message, + this.anchorID, + mainAction, + secondaryActions, + options); }, }; @@ -597,7 +590,6 @@ GeolocationPermissionPrompt.prototype = { let secHistogram = Services.telemetry.getHistogramById("SECURITY_UI"); const SHOW_REQUEST = Ci.nsISecurityUITelemetry.WARNING_GEOLOCATION_REQUEST; secHistogram.add(SHOW_REQUEST); - return true; }, }; @@ -834,6 +826,9 @@ MIDIPermissionPrompt.prototype = { action: Ci.nsIPermissionManager.DENY_ACTION, }]; }, + + onBeforeShow() { + }, }; PermissionUI.MIDIPermissionPrompt = MIDIPermissionPrompt; @@ -916,7 +911,6 @@ AutoplayPermissionPrompt.prototype = { }; this.browser.addEventListener( "DOMAudioPlaybackStarted", this.handlePlaybackStart); - return true; }, }; @@ -924,11 +918,6 @@ PermissionUI.AutoplayPermissionPrompt = AutoplayPermissionPrompt; function StorageAccessPermissionPrompt(request) { this.request = request; - - XPCOMUtils.defineLazyPreferenceGetter(this, "_autoGrants", - "dom.storage_access.auto_grants"); - XPCOMUtils.defineLazyPreferenceGetter(this, "_maxConcurrentAutoGrants", - "dom.storage_access.max_concurrent_auto_grants"); } StorageAccessPermissionPrompt.prototype = { @@ -1019,38 +1008,6 @@ StorageAccessPermissionPrompt.prototype = { get topLevelPrincipal() { return this.request.topLevelPrincipal; }, - - get maxConcurrentAutomaticGrants() { - // one percent of the number of top-levels origins visited in the current - // session (but not to exceed 24 hours), or the value of the - // dom.storage_access.max_concurrent_auto_grants preference, whichever is - // higher. - return Math.max(Math.max(Math.floor(URICountListener.uniqueOriginsVisitedInPast24Hours / 100), - this._maxConcurrentAutoGrants), 0); - }, - - getOriginsThirdPartyHasAccessTo(thirdPartyOrigin) { - let prefix = `3rdPartyStorage^${thirdPartyOrigin}`; - let perms = Services.perms.getAllWithTypePrefix(prefix); - let origins = new Set(); - while (perms.length) { - let perm = perms.shift(); - origins.add(perm.principal.origin); - } - return origins.size; - }, - - onBeforeShow() { - let thirdPartyOrigin = this.request.principal.origin; - if (this._autoGrants && - this.getOriginsThirdPartyHasAccessTo(thirdPartyOrigin) < - this.maxConcurrentAutomaticGrants) { - // Automatically accept the prompt - this.allow({"storage-access": "allow-auto-grant"}); - return false; - } - return true; - }, }; PermissionUI.StorageAccessPermissionPrompt = StorageAccessPermissionPrompt; diff --git a/browser/modules/test/browser/browser.ini b/browser/modules/test/browser/browser.ini index 0ce6bac65c8a..96f9bdbd496e 100644 --- a/browser/modules/test/browser/browser.ini +++ b/browser/modules/test/browser/browser.ini @@ -39,7 +39,6 @@ run-if = crashreporter [browser_UsageTelemetry_domains.js] [browser_UsageTelemetry_private_and_restore.js] skip-if = verify && debug -[browser_UsageTelemetry_uniqueOriginsVisitedInPast24Hours.js] [browser_UsageTelemetry_urlbar.js] support-files = usageTelemetrySearchSuggestions.sjs diff --git a/browser/modules/test/browser/browser_PermissionUI.js b/browser/modules/test/browser/browser_PermissionUI.js index 32fc682086be..2bf9872ffe3b 100644 --- a/browser/modules/test/browser/browser_PermissionUI.js +++ b/browser/modules/test/browser/browser_PermissionUI.js @@ -294,7 +294,6 @@ add_task(async function test_on_before_show() { promptActions: [mainAction], onBeforeShow() { beforeShown = true; - return true; }, }; @@ -354,7 +353,6 @@ add_task(async function test_no_request() { promptActions: [mainAction, secondaryAction], onBeforeShow() { beforeShown = true; - return true; }, }; diff --git a/browser/modules/test/browser/browser_PermissionUI_prompts.js b/browser/modules/test/browser/browser_PermissionUI_prompts.js index 9d92f2d9ec1b..7354b8f7f102 100644 --- a/browser/modules/test/browser/browser_PermissionUI_prompts.js +++ b/browser/modules/test/browser/browser_PermissionUI_prompts.js @@ -39,9 +39,7 @@ add_task(async function test_autoplay_permission_prompt() { // Tests that AutoplayPermissionPrompt works as expected add_task(async function test_storage_access_permission_prompt() { - Services.prefs.setBoolPref("dom.storage_access.auto_grants", false); await testPrompt(PermissionUI.StorageAccessPermissionPrompt); - Services.prefs.clearUserPref("dom.storage_access.auto_grants"); }); async function testPrompt(Prompt) { diff --git a/browser/modules/test/browser/browser_UsageTelemetry_uniqueOriginsVisitedInPast24Hours.js b/browser/modules/test/browser/browser_UsageTelemetry_uniqueOriginsVisitedInPast24Hours.js deleted file mode 100644 index b65a89143d62..000000000000 --- a/browser/modules/test/browser/browser_UsageTelemetry_uniqueOriginsVisitedInPast24Hours.js +++ /dev/null @@ -1,51 +0,0 @@ -/* eslint-disable mozilla/no-arbitrary-setTimeout */ -/* This Source Code Form is subject to the terms of the Mozilla Public - * License, v. 2.0. If a copy of the MPL was not distributed with this - * file, You can obtain one at http://mozilla.org/MPL/2.0/. */ - -"use strict"; - -ChromeUtils.defineModuleGetter(this, "URICountListener", - "resource:///modules/BrowserUsageTelemetry.jsm"); - -add_task(async function test_uniqueOriginsVisitedInPast24Hours() { - URICountListener.resetUniqueOriginsVisitedInPast24Hours(); - let startingCount = URICountListener.uniqueOriginsVisitedInPast24Hours; - is(startingCount, 0, "We should have no origins recorded in the history right after resetting"); - - // Add a new window and then some tabs in it. - let win = await BrowserTestUtils.openNewBrowserWindow(); - await BrowserTestUtils.openNewForegroundTab(win.gBrowser, "http://example.com"); - - await BrowserTestUtils.openNewForegroundTab(win.gBrowser, "http://test1.example.com"); - is(URICountListener.uniqueOriginsVisitedInPast24Hours, startingCount + 1, - "test1.example.com should only count as a unique visit if example.com wasn't visited before"); - - // http://www.exämple.test - await BrowserTestUtils.openNewForegroundTab(win.gBrowser, "http://xn--exmple-cua.test"); - is(URICountListener.uniqueOriginsVisitedInPast24Hours, startingCount + 2, - "www.exämple.test should count as a unique visit"); - - // Set the expiry time to 1 second - SpecialPowers.setIntPref("browser.engagement.recent_visited_origins.expiry", 1); - - await BrowserTestUtils.openNewForegroundTab(win.gBrowser, "http://127.0.0.1"); - is(URICountListener.uniqueOriginsVisitedInPast24Hours, startingCount + 3, - "127.0.0.1 should count as a unique visit"); - - let countBefore = URICountListener.uniqueOriginsVisitedInPast24Hours; - - await new Promise(resolve => { - setTimeout(_ => { - let countAfter = URICountListener.uniqueOriginsVisitedInPast24Hours; - is(countAfter, countBefore - 1, - "The expiry should work correctly"); - resolve(); - }, 1100); - }); - - BrowserTestUtils.removeTab(win.gBrowser.selectedTab); - BrowserTestUtils.removeTab(win.gBrowser.selectedTab); - await BrowserTestUtils.closeWindow(win); -}); - diff --git a/dom/base/StorageAccessPermissionRequest.cpp b/dom/base/StorageAccessPermissionRequest.cpp index 52f7a08d8353..40f48cd84b0e 100644 --- a/dom/base/StorageAccessPermissionRequest.cpp +++ b/dom/base/StorageAccessPermissionRequest.cpp @@ -19,14 +19,12 @@ StorageAccessPermissionRequest::StorageAccessPermissionRequest( nsPIDOMWindowInner* aWindow, nsIPrincipal* aNodePrincipal, AllowCallback&& aAllowCallback, - AllowAutoGrantCallback&& aAllowAutoGrantCallback, AllowAnySiteCallback&& aAllowAnySiteCallback, CancelCallback&& aCancelCallback) : ContentPermissionRequestBase(aNodePrincipal, false, aWindow, NS_LITERAL_CSTRING("dom.storage_access"), NS_LITERAL_CSTRING("storage-access")), mAllowCallback(std::move(aAllowCallback)), - mAllowAutoGrantCallback(std::move(aAllowAutoGrantCallback)), mAllowAnySiteCallback(std::move(aAllowAnySiteCallback)), mCancelCallback(std::move(aCancelCallback)), mCallbackCalled(false) @@ -63,9 +61,6 @@ StorageAccessPermissionRequest::Allow(JS::HandleValue aChoices) if (choices.Length() == 1 && choices[0].choice().EqualsLiteral("allow-on-any-site")) { mAllowAnySiteCallback(); - } else if (choices.Length() == 1 && - choices[0].choice().EqualsLiteral("allow-auto-grant")) { - mAllowAutoGrantCallback(); } else { mAllowCallback(); } @@ -76,7 +71,6 @@ StorageAccessPermissionRequest::Allow(JS::HandleValue aChoices) already_AddRefed StorageAccessPermissionRequest::Create(nsPIDOMWindowInner* aWindow, AllowCallback&& aAllowCallback, - AllowAutoGrantCallback&& aAllowAutoGrantCallback, AllowAnySiteCallback&& aAllowAnySiteCallback, CancelCallback&& aCancelCallback) { @@ -91,7 +85,6 @@ StorageAccessPermissionRequest::Create(nsPIDOMWindowInner* aWindow, new StorageAccessPermissionRequest(aWindow, win->GetPrincipal(), std::move(aAllowCallback), - std::move(aAllowAutoGrantCallback), std::move(aAllowAnySiteCallback), std::move(aCancelCallback)); return request.forget(); diff --git a/dom/base/StorageAccessPermissionRequest.h b/dom/base/StorageAccessPermissionRequest.h index bdc112718c7f..5af43b95b705 100644 --- a/dom/base/StorageAccessPermissionRequest.h +++ b/dom/base/StorageAccessPermissionRequest.h @@ -28,14 +28,12 @@ public: NS_IMETHOD Allow(JS::HandleValue choices) override; typedef std::function AllowCallback; - typedef std::function AllowAutoGrantCallback; typedef std::function AllowAnySiteCallback; typedef std::function CancelCallback; static already_AddRefed Create( nsPIDOMWindowInner* aWindow, AllowCallback&& aAllowCallback, - AllowAutoGrantCallback&& aAllowAutoGrantCallback, AllowAnySiteCallback&& aAllowAnySiteCallback, CancelCallback&& aCancelCallback); @@ -43,13 +41,11 @@ private: StorageAccessPermissionRequest(nsPIDOMWindowInner* aWindow, nsIPrincipal* aNodePrincipal, AllowCallback&& aAllowCallback, - AllowAutoGrantCallback&& aAllowAutoGrantCallback, AllowAnySiteCallback&& aAllowAnySiteCallback, CancelCallback&& aCancelCallback); ~StorageAccessPermissionRequest(); AllowCallback mAllowCallback; - AllowAutoGrantCallback mAllowAutoGrantCallback; AllowAnySiteCallback mAllowAnySiteCallback; CancelCallback mCancelCallback; nsTArray mPermissionRequests; diff --git a/dom/base/nsDocument.cpp b/dom/base/nsDocument.cpp index f85d4b94fc9a..7ad28bee6b7e 100644 --- a/dom/base/nsDocument.cpp +++ b/dom/base/nsDocument.cpp @@ -13988,11 +13988,9 @@ nsIDocument::RequestStorageAccess(mozilla::ErrorResult& aRv) RefPtr sapr = StorageAccessPermissionRequest::Create(inner, // Allow - [p] { p->Resolve(AntiTrackingCommon::eAllow, __func__); }, - // Allow auto grant - [p] { p->Resolve(AntiTrackingCommon::eAllowAutoGrant, __func__); }, + [p] { p->Resolve(false, __func__); }, // Allow on any site - [p] { p->Resolve(AntiTrackingCommon::eAllowOnAnySite, __func__); }, + [p] { p->Resolve(true, __func__); }, // Block [p] { p->Reject(false, __func__); }); @@ -14013,8 +14011,7 @@ nsIDocument::RequestStorageAccess(mozilla::ErrorResult& aRv) pr == PromptResult::Denied); if (pr == PromptResult::Granted) { return AntiTrackingCommon::StorageAccessFinalCheckPromise:: - CreateAndResolve(onAnySite ? AntiTrackingCommon::eAllowOnAnySite : - AntiTrackingCommon::eAllow, __func__); + CreateAndResolve(onAnySite, __func__); } return AntiTrackingCommon::StorageAccessFinalCheckPromise:: CreateAndReject(false, __func__); diff --git a/toolkit/components/antitracking/AntiTrackingCommon.cpp b/toolkit/components/antitracking/AntiTrackingCommon.cpp index 484092b2f115..4b87fefa29db 100644 --- a/toolkit/components/antitracking/AntiTrackingCommon.cpp +++ b/toolkit/components/antitracking/AntiTrackingCommon.cpp @@ -408,89 +408,6 @@ CompareBaseDomains(nsIURI* aTrackingURI, nsCaseInsensitiveCStringComparator()); } -class TemporaryAccessGrantObserver final : public nsIObserver -{ -public: - NS_DECL_ISUPPORTS - NS_DECL_NSIOBSERVER - - static void - Create(nsIPermissionManager* aPM, - nsIPrincipal* aPrincipal, - const nsACString& aType) - { - nsCOMPtr timer; - RefPtr observer = - new TemporaryAccessGrantObserver(aPM, aPrincipal, aType); - nsresult rv = - NS_NewTimerWithObserver(getter_AddRefs(timer), - observer, - 24 * 60 * 60 * 1000, // 24 hours - nsITimer::TYPE_ONE_SHOT); - - if (NS_SUCCEEDED(rv)) { - observer->SetTimer(timer); - } else { - timer->Cancel(); - } - } - - void SetTimer(nsITimer* aTimer) - { - mTimer = aTimer; - nsCOMPtr observerService = - mozilla::services::GetObserverService(); - if (observerService) { - observerService->AddObserver(this, NS_XPCOM_SHUTDOWN_OBSERVER_ID, false); - } - } - -private: - TemporaryAccessGrantObserver(nsIPermissionManager* aPM, - nsIPrincipal* aPrincipal, - const nsACString& aType) - : mPM(aPM) - , mPrincipal(aPrincipal) - , mType(aType) - { - MOZ_ASSERT(XRE_IsParentProcess(), - "Enforcing temporary access grant lifetimes can only be done in " - "the parent process"); - } - - ~TemporaryAccessGrantObserver() = default; - -private: - nsCOMPtr mTimer; - nsCOMPtr mPM; - nsCOMPtr mPrincipal; - nsCString mType; -}; - -NS_IMPL_ISUPPORTS(TemporaryAccessGrantObserver, nsIObserver) - -NS_IMETHODIMP -TemporaryAccessGrantObserver::Observe(nsISupports* aSubject, - const char* aTopic, - const char16_t* aData) -{ - if (strcmp(aTopic, NS_TIMER_CALLBACK_TOPIC) == 0) { - Unused << mPM->RemoveFromPrincipal(mPrincipal, mType.get()); - } else if (strcmp(aTopic, NS_XPCOM_SHUTDOWN_OBSERVER_ID) == 0) { - nsCOMPtr observerService = - mozilla::services::GetObserverService(); - if (observerService) { - observerService->RemoveObserver(this, NS_XPCOM_SHUTDOWN_OBSERVER_ID); - } - if (mTimer) { - mTimer->Cancel(); - mTimer = nullptr; - } - } - - return NS_OK; -} - } // anonymous /* static */ RefPtr @@ -522,11 +439,11 @@ AntiTrackingCommon::AddFirstPartyStorageAccessGrantedFor(nsIPrincipal* aPrincipa nsICookieService::BEHAVIOR_REJECT_TRACKER) { LOG(("Disabled by network.cookie.cookieBehavior pref (%d), bailing out early", StaticPrefs::network_cookie_cookieBehavior())); - return StorageAccessGrantPromise::CreateAndResolve(eAllowOnAnySite, __func__); + return StorageAccessGrantPromise::CreateAndResolve(true, __func__); } if (CheckContentBlockingAllowList(aParentWindow)) { - return StorageAccessGrantPromise::CreateAndResolve(eAllowOnAnySite, __func__); + return StorageAccessGrantPromise::CreateAndResolve(true, __func__); } nsCOMPtr topLevelStoragePrincipal; @@ -617,7 +534,7 @@ AntiTrackingCommon::AddFirstPartyStorageAccessGrantedFor(nsIPrincipal* aPrincipa auto storePermission = [pwin, parentWindow, origin, trackingOrigin, trackingPrincipal, trackingURI, topInnerWindow, topLevelStoragePrincipal, aReason] - (int aAllowMode) -> RefPtr { + (bool aAnySite) -> RefPtr { NS_ConvertUTF16toUTF8 grantedOrigin(origin); nsAutoCString permissionKey; @@ -645,12 +562,11 @@ AntiTrackingCommon::AddFirstPartyStorageAccessGrantedFor(nsIPrincipal* aPrincipa trackingPrincipal, trackingOrigin, grantedOrigin, - aAllowMode) + aAnySite) ->Then(GetCurrentThreadSerialEventTarget(), __func__, [] (FirstPartyStorageAccessGrantPromise::ResolveOrRejectValue&& aValue) { if (aValue.IsResolve()) { - return StorageAccessGrantPromise::CreateAndResolve(NS_SUCCEEDED(aValue.ResolveValue()) ? - eAllowOnAnySite : eAllow, __func__); + return StorageAccessGrantPromise::CreateAndResolve(NS_SUCCEEDED(aValue.ResolveValue()), __func__); } return StorageAccessGrantPromise::CreateAndReject(false, __func__); }); @@ -668,7 +584,7 @@ AntiTrackingCommon::AddFirstPartyStorageAccessGrantedFor(nsIPrincipal* aPrincipa IPC::Principal(trackingPrincipal), trackingOrigin, grantedOrigin, - aAllowMode) + aAnySite) ->Then(GetCurrentThreadSerialEventTarget(), __func__, [] (const ContentChild::FirstPartyStorageAccessGrantedForOriginPromise::ResolveOrRejectValue& aValue) { if (aValue.IsResolve()) { @@ -696,12 +612,9 @@ AntiTrackingCommon::SaveFirstPartyStorageAccessGrantedForOriginOnParentProcess(n nsIPrincipal* aTrackingPrincipal, const nsCString& aTrackingOrigin, const nsCString& aGrantedOrigin, - int aAllowMode) + bool aAnySite) { MOZ_ASSERT(XRE_IsParentProcess()); - MOZ_ASSERT(aAllowMode == eAllow || - aAllowMode == eAllowAutoGrant || - aAllowMode == eAllowOnAnySite); nsCOMPtr parentPrincipalURI; Unused << aParentPrincipal->GetURI(getter_AddRefs(parentPrincipalURI)); @@ -727,7 +640,7 @@ AntiTrackingCommon::SaveFirstPartyStorageAccessGrantedForOriginOnParentProcess(n int64_t when = (PR_Now() / PR_USEC_PER_MSEC) + expirationTime; nsresult rv; - if (aAllowMode == eAllowOnAnySite) { + if (aAnySite) { uint32_t privateBrowsingId = 0; rv = aTrackingPrincipal->GetPrivateBrowsingId(&privateBrowsingId); if (!NS_WARN_IF(NS_FAILED(rv)) && privateBrowsingId > 0) { @@ -746,11 +659,9 @@ AntiTrackingCommon::SaveFirstPartyStorageAccessGrantedForOriginOnParentProcess(n } else { uint32_t privateBrowsingId = 0; rv = aParentPrincipal->GetPrivateBrowsingId(&privateBrowsingId); - if ((!NS_WARN_IF(NS_FAILED(rv)) && privateBrowsingId > 0) || - (aAllowMode == eAllowAutoGrant)) { - // If we are coming from a private window or are automatically granting a - // permission, make sure to store a session-only permission which won't - // get persisted to disk. + if (!NS_WARN_IF(NS_FAILED(rv)) && privateBrowsingId > 0) { + // If we are coming from a private window, make sure to store a session-only + // permission which won't get persisted to disk. expirationType = nsIPermissionManager::EXPIRE_SESSION; when = 0; } @@ -764,11 +675,6 @@ AntiTrackingCommon::SaveFirstPartyStorageAccessGrantedForOriginOnParentProcess(n rv = pm->AddFromPrincipal(aParentPrincipal, type.get(), nsIPermissionManager::ALLOW_ACTION, expirationType, when); - - if (NS_SUCCEEDED(rv) && (aAllowMode == eAllowAutoGrant)) { - // Make sure temporary access grants do not survive more than 24 hours. - TemporaryAccessGrantObserver::Create(pm, aParentPrincipal, type); - } } Unused << NS_WARN_IF(NS_FAILED(rv)); diff --git a/toolkit/components/antitracking/AntiTrackingCommon.h b/toolkit/components/antitracking/AntiTrackingCommon.h index 6c48dc4aa81b..3000c6fd38be 100644 --- a/toolkit/components/antitracking/AntiTrackingCommon.h +++ b/toolkit/components/antitracking/AntiTrackingCommon.h @@ -77,12 +77,6 @@ public: eOpenerAfterUserInteraction, eOpener }; - enum StorageAccessPromptChoices - { - eAllow, - eAllowAutoGrant, - eAllowOnAnySite - }; // Grant the permission for aOrigin to have access to the first party storage. // This method can handle 2 different scenarios: @@ -99,9 +93,9 @@ public: // Ex: example.net import tracker.com/script.js which does opens a popup and // the user interacts with it. tracker.com is allowed when loaded by // example.net. - typedef MozPromise StorageAccessFinalCheckPromise; + typedef MozPromise StorageAccessFinalCheckPromise; typedef std::function()> PerformFinalChecks; - typedef MozPromise StorageAccessGrantPromise; + typedef MozPromise StorageAccessGrantPromise; static MOZ_MUST_USE RefPtr AddFirstPartyStorageAccessGrantedFor(nsIPrincipal* aPrincipal, nsPIDOMWindowInner* aParentWindow, @@ -126,7 +120,7 @@ public: nsIPrincipal* aTrackingPrinciapl, const nsCString& aParentOrigin, const nsCString& aGrantedOrigin, - int aAllowMode); + bool aAnySite); enum ContentBlockingAllowListPurpose { eStorageChecks, diff --git a/toolkit/components/antitracking/test/browser/browser_storageAccessDoorHanger.js b/toolkit/components/antitracking/test/browser/browser_storageAccessDoorHanger.js index fe72a6ef20ab..67cf2dae47de 100644 --- a/toolkit/components/antitracking/test/browser/browser_storageAccessDoorHanger.js +++ b/toolkit/components/antitracking/test/browser/browser_storageAccessDoorHanger.js @@ -1,30 +1,18 @@ -/* eslint-disable mozilla/no-arbitrary-setTimeout */ ChromeUtils.import("resource://gre/modules/Services.jsm"); const CHROME_BASE = "chrome://mochitests/content/browser/browser/modules/test/browser/"; Services.scriptloader.loadSubScript(CHROME_BASE + "head.js", this); /* import-globals-from ../../../../../browser/modules/test/browser/head.js */ -const BLOCK = 0; -const ALLOW = 1; -const ALLOW_ON_ANY_SITE = 2; - -async function testDoorHanger(choice, showPrompt, topPage, maxConcurrent) { - info(`Running doorhanger test with choice #${choice}, showPrompt: ${showPrompt} and ` + - `topPage: ${topPage}, maxConcurrent: ${maxConcurrent}`); - - if (!showPrompt) { - is(choice, ALLOW, "When not showing a prompt, we can only auto-grant"); - } +async function testDoorHanger(choice) { + info(`Running doorhanger test with choice #${choice}`); await SpecialPowers.flushPrefEnv(); await SpecialPowers.pushPrefEnv({"set": [ ["browser.contentblocking.allowlist.annotations.enabled", true], ["browser.contentblocking.allowlist.storage.enabled", true], [ContentBlocking.prefIntroCount, ContentBlocking.MAX_INTROS], - ["dom.storage_access.auto_grants", true], ["dom.storage_access.enabled", true], - ["dom.storage_access.max_concurrent_auto_grants", maxConcurrent], ["dom.storage_access.prompt.testing", false], ["network.cookie.cookieBehavior", Ci.nsICookieService.BEHAVIOR_REJECT_TRACKER], ["privacy.trackingprotection.enabled", false], @@ -35,19 +23,13 @@ async function testDoorHanger(choice, showPrompt, topPage, maxConcurrent) { await UrlClassifierTestUtils.addTestTrackers(); - let tab = BrowserTestUtils.addTab(gBrowser, topPage); + let tab = BrowserTestUtils.addTab(gBrowser, TEST_TOP_PAGE); gBrowser.selectedTab = tab; let browser = gBrowser.getBrowserForTab(tab); await BrowserTestUtils.browserLoaded(browser); async function runChecks() { - // We need to repeat these constants here since runChecks is stringified - // and sent to the content process. - const BLOCK = 0; - const ALLOW = 1; - const ALLOW_ON_ANY_SITE = 2; - await new Promise(resolve => { addEventListener("message", function onMessage(e) { if (e.data.startsWith("choice:")) { @@ -79,7 +61,7 @@ async function testDoorHanger(choice, showPrompt, topPage, maxConcurrent) { /* import-globals-from storageAccessAPIHelpers.js */ await callRequestStorageAccess(); - if (choice == BLOCK) { + if (choice == 0) { // We've said no, so cookies are still blocked is(document.cookie, "", "Still no cookies for me"); document.cookie = "name=value"; @@ -92,55 +74,49 @@ async function testDoorHanger(choice, showPrompt, topPage, maxConcurrent) { } } - let permChanged = TestUtils.topicObserved("perm-changed", - (subject, data) => { - let result; - if (choice == ALLOW) { - result = subject && - subject.QueryInterface(Ci.nsIPermission) - .type.startsWith("3rdPartyStorage^") && - subject.principal.origin == (new URL(topPage)).origin && - data == "added"; - } else if (choice == ALLOW_ON_ANY_SITE) { - result = subject && - subject.QueryInterface(Ci.nsIPermission) - .type == "cookie" && - subject.principal.origin == "https://tracking.example.org" && - data == "added"; - } - return result; - }); let shownPromise = BrowserTestUtils.waitForEvent(PopupNotifications.panel, "popupshown"); shownPromise.then(async _ => { - if (topPage != gBrowser.currentURI.spec) { - return; - } - ok(showPrompt, "We shouldn't show the prompt when we don't intend to"); - let notification = await new Promise(function poll(resolve) { - let notification = - PopupNotifications.getNotification("storage-access", browser); - if (notification) { - resolve(notification); - return; - } - setTimeout(poll, 10); - }); + let notification = + PopupNotifications.getNotification("storage-access", browser); Assert.ok(notification, "Should have gotten the notification"); - if (choice == BLOCK) { + let permChanged = TestUtils.topicObserved("perm-changed", + (subject, data) => { + let result; + if (choice == 1) { + result = subject && + subject.QueryInterface(Ci.nsIPermission) + .type.startsWith("3rdPartyStorage^") && + subject.principal.origin == "http://example.net" && + data == "added"; + } else if (choice == 2) { + result = subject && + subject.QueryInterface(Ci.nsIPermission) + .type == "cookie" && + subject.principal.origin == "https://tracking.example.org" && + data == "added"; + } + return result; + }); + if (choice == 0) { await clickMainAction(); - } else if (choice == ALLOW) { + } else if (choice == 1) { await clickSecondaryAction(choice - 1); - } else if (choice == ALLOW_ON_ANY_SITE) { + } else if (choice == 2) { await clickSecondaryAction(choice - 1); } - if (choice != BLOCK) { + if (choice != 0) { await permChanged; } }); - let url = TEST_3RD_PARTY_PAGE + "?disableWaitUntilPermission"; + let url; + if (choice == 2) { + url = TEST_3RD_PARTY_PAGE + "?disableWaitUntilPermission"; + } else { + url = TEST_3RD_PARTY_PAGE; + } let ct = ContentTask.spawn(browser, { page: url, callback: runChecks.toString(), @@ -183,114 +159,13 @@ async function testDoorHanger(choice, showPrompt, topPage, maxConcurrent) { ifr.src = obj.page; }); }); - if (showPrompt) { - await Promise.all([ct, shownPromise]); - } else { - await Promise.all([ct, permChanged]); - } + await Promise.all([ct, shownPromise]); BrowserTestUtils.removeTab(tab); UrlClassifierTestUtils.cleanupTestTrackers(); } -async function preparePermissionsFromOtherSites(topPage) { - info("Faking permissions from other sites"); - let type = "3rdPartyStorage^https://tracking.example.org"; - let permission = Services.perms.ALLOW_ACTION; - let expireType = Services.perms.EXPIRE_SESSION; - if (topPage == TEST_TOP_PAGE) { - // For the first page, don't do anything - } else if (topPage == TEST_TOP_PAGE_2) { - // For the second page, only add the permission from the first page - Services.perms.add(Services.io.newURI(TEST_DOMAIN), - type, - permission, - expireType, - 0); - } else if (topPage == TEST_TOP_PAGE_3) { - // For the third page, add the permissions from the first two pages - Services.perms.add(Services.io.newURI(TEST_DOMAIN), - type, - permission, - expireType, - 0); - Services.perms.add(Services.io.newURI(TEST_DOMAIN_2), - type, - permission, - expireType, - 0); - } else if (topPage == TEST_TOP_PAGE_4) { - // For the fourth page, add the permissions from the first three pages - Services.perms.add(Services.io.newURI(TEST_DOMAIN), - type, - permission, - expireType, - 0); - Services.perms.add(Services.io.newURI(TEST_DOMAIN_2), - type, - permission, - expireType, - 0); - Services.perms.add(Services.io.newURI(TEST_DOMAIN_3), - type, - permission, - expireType, - 0); - } else if (topPage == TEST_TOP_PAGE_5) { - // For the fifth page, add the permissions from the first four pages - Services.perms.add(Services.io.newURI(TEST_DOMAIN), - type, - permission, - expireType, - 0); - Services.perms.add(Services.io.newURI(TEST_DOMAIN_2), - type, - permission, - expireType, - 0); - Services.perms.add(Services.io.newURI(TEST_DOMAIN_3), - type, - permission, - expireType, - 0); - Services.perms.add(Services.io.newURI(TEST_DOMAIN_4), - type, - permission, - expireType, - 0); - } else if (topPage == TEST_TOP_PAGE_6) { - // For the sixth page, add the permissions from the first five pages - Services.perms.add(Services.io.newURI(TEST_DOMAIN), - type, - permission, - expireType, - 0); - Services.perms.add(Services.io.newURI(TEST_DOMAIN_2), - type, - permission, - expireType, - 0); - Services.perms.add(Services.io.newURI(TEST_DOMAIN_3), - type, - permission, - expireType, - 0); - Services.perms.add(Services.io.newURI(TEST_DOMAIN_4), - type, - permission, - expireType, - 0); - Services.perms.add(Services.io.newURI(TEST_DOMAIN_5), - type, - permission, - expireType, - 0); - } else { - ok(false, "Unexpected top page: " + topPage); - } -} - async function cleanUp() { info("Cleaning up."); await new Promise(resolve => { @@ -298,30 +173,13 @@ async function cleanUp() { }); } -async function runRound(topPage, showPrompt, maxConcurrent) { - if (showPrompt) { - await preparePermissionsFromOtherSites(topPage); - await testDoorHanger(BLOCK, showPrompt, topPage, maxConcurrent); - await cleanUp(); - await preparePermissionsFromOtherSites(topPage); - await testDoorHanger(ALLOW, showPrompt, topPage, maxConcurrent); - await cleanUp(); - await preparePermissionsFromOtherSites(topPage); - await testDoorHanger(ALLOW_ON_ANY_SITE, showPrompt, topPage, maxConcurrent); - } else { - await preparePermissionsFromOtherSites(topPage); - await testDoorHanger(ALLOW, showPrompt, topPage, maxConcurrent); - } +async function runRound(n) { + await testDoorHanger(n); await cleanUp(); } add_task(async function() { - await runRound(TEST_TOP_PAGE, false, 1); - await runRound(TEST_TOP_PAGE_2, true, 1); - await runRound(TEST_TOP_PAGE, false, 5); - await runRound(TEST_TOP_PAGE_2, false, 5); - await runRound(TEST_TOP_PAGE_3, false, 5); - await runRound(TEST_TOP_PAGE_4, false, 5); - await runRound(TEST_TOP_PAGE_5, false, 5); - await runRound(TEST_TOP_PAGE_6, true, 5); + await runRound(0); + await runRound(1); + await runRound(2); }); diff --git a/toolkit/components/antitracking/test/browser/head.js b/toolkit/components/antitracking/test/browser/head.js index 7cd73c09f87a..15e5916f53e2 100644 --- a/toolkit/components/antitracking/test/browser/head.js +++ b/toolkit/components/antitracking/test/browser/head.js @@ -1,9 +1,4 @@ const TEST_DOMAIN = "http://example.net"; -const TEST_DOMAIN_2 = "http://xn--exmple-cua.test"; -const TEST_DOMAIN_3 = "https://xn--hxajbheg2az3al.xn--jxalpdlp"; -const TEST_DOMAIN_4 = "http://prefixexample.com"; -const TEST_DOMAIN_5 = "http://test"; -const TEST_DOMAIN_6 = "http://mochi.test:8888"; const TEST_3RD_PARTY_DOMAIN = "https://tracking.example.org"; const TEST_3RD_PARTY_DOMAIN_TP = "https://tracking.example.com"; const TEST_4TH_PARTY_DOMAIN = "http://not-tracking.example.com"; @@ -12,11 +7,6 @@ const TEST_ANOTHER_3RD_PARTY_DOMAIN = "https://another-tracking.example.net"; const TEST_PATH = "/browser/toolkit/components/antitracking/test/browser/"; const TEST_TOP_PAGE = TEST_DOMAIN + TEST_PATH + "page.html"; -const TEST_TOP_PAGE_2 = TEST_DOMAIN_2 + TEST_PATH + "page.html"; -const TEST_TOP_PAGE_3 = TEST_DOMAIN_3 + TEST_PATH + "page.html"; -const TEST_TOP_PAGE_4 = TEST_DOMAIN_4 + TEST_PATH + "page.html"; -const TEST_TOP_PAGE_5 = TEST_DOMAIN_5 + TEST_PATH + "page.html"; -const TEST_TOP_PAGE_6 = TEST_DOMAIN_6 + TEST_PATH + "page.html"; const TEST_EMBEDDER_PAGE = TEST_DOMAIN + TEST_PATH + "embedder.html"; const TEST_POPUP_PAGE = TEST_DOMAIN + TEST_PATH + "popup.html"; const TEST_3RD_PARTY_PAGE = TEST_3RD_PARTY_DOMAIN + TEST_PATH + "3rdParty.html";