diff --git a/browser/actors/WebRTCChild.sys.mjs b/browser/actors/WebRTCChild.sys.mjs index 2d966e0a1aea..9febd74b05d0 100644 --- a/browser/actors/WebRTCChild.sys.mjs +++ b/browser/actors/WebRTCChild.sys.mjs @@ -392,14 +392,8 @@ function prompt( Ci.nsIPermissionDelegateHandler ); - const shouldDelegatePermission = - permDelegateHandler.permissionDelegateFPEnabled; - let secondOrigin = undefined; - if ( - shouldDelegatePermission && - permDelegateHandler.maybeUnsafePermissionDelegate(requestTypes) - ) { + if (permDelegateHandler.maybeUnsafePermissionDelegate(requestTypes)) { // We are going to prompt both first party and third party origin. // SecondOrigin should be third party secondOrigin = aContentWindow.document.nodePrincipal.origin; @@ -412,7 +406,6 @@ function prompt( documentURI: aContentWindow.document.documentURI, secure: aSecure, isHandlingUserInput: aIsHandlingUserInput, - shouldDelegatePermission, requestTypes, sharingScreen, sharingAudio, diff --git a/browser/actors/WebRTCParent.sys.mjs b/browser/actors/WebRTCParent.sys.mjs index df92ee4ce31c..f3e956ff52cf 100644 --- a/browser/actors/WebRTCParent.sys.mjs +++ b/browser/actors/WebRTCParent.sys.mjs @@ -95,9 +95,7 @@ export class WebRTCParent extends JSWindowActorParent { this.manager.topWindowContext.documentPrincipal.origin; data.isThirdPartyOrigin = isThirdPartyOrigin; - data.origin = data.shouldDelegatePermission - ? this.manager.topWindowContext.documentPrincipal.origin - : this.manager.documentPrincipal.origin; + data.origin = this.manager.topWindowContext.documentPrincipal.origin; let browser = this.getBrowser(); if (browser.fxrPermissionPrompt) { @@ -397,12 +395,9 @@ export class WebRTCParent extends JSWindowActorParent { } // Don't use persistent permissions from the top-level principal - // if we're in a cross-origin iframe and permission delegation is not - // allowed, or when we're handling a potentially insecure third party + // if we're handling a potentially insecure third party // through a wildcard ("*") allow attribute. - let limited = - (aRequest.isThirdPartyOrigin && !aRequest.shouldDelegatePermission) || - aRequest.secondOrigin; + let limited = aRequest.secondOrigin; let map = lazy.webrtcUI.activePerms.get(this.manager.outerWindowId); // We consider a camera or mic active if it is active or was active within a @@ -1221,15 +1216,9 @@ function prompt(aActor, aBrowser, aRequest) { return false; } - // Don't offer "always remember" action in third party with no permission - // delegation - if (aRequest.isThirdPartyOrigin && !aRequest.shouldDelegatePermission) { - return false; - } - // Don't offer "always remember" action in maybe unsafe permission // delegation - if (aRequest.shouldDelegatePermission && aRequest.secondOrigin) { + if (aRequest.secondOrigin) { return false; } diff --git a/browser/base/content/test/permissions/browser_permission_delegate_geo.js b/browser/base/content/test/permissions/browser_permission_delegate_geo.js index 45e78d451938..4dbbe1ea9793 100644 --- a/browser/base/content/test/permissions/browser_permission_delegate_geo.js +++ b/browser/base/content/test/permissions/browser_permission_delegate_geo.js @@ -119,7 +119,6 @@ add_setup(async function () { set: [ ["dom.security.featurePolicy.header.enabled", true], ["dom.security.featurePolicy.webidl.enabled", true], - ["permissions.delegation.enabled", true], // This is the amount of time before the repeating // NetworkGeolocationProvider timer is stopped. // It needs to be less than 5000ms, or the timer will be diff --git a/browser/base/content/test/permissions/browser_permissions_delegate_vibrate.js b/browser/base/content/test/permissions/browser_permissions_delegate_vibrate.js index 53be5cc17526..9f0066f8e123 100644 --- a/browser/base/content/test/permissions/browser_permissions_delegate_vibrate.js +++ b/browser/base/content/test/permissions/browser_permissions_delegate_vibrate.js @@ -13,7 +13,6 @@ add_task(async function testNoPermissionPrompt() { SpecialPowers.pushPrefEnv( { set: [ - ["permissions.delegation.enabled", true], ["dom.vibrator.enabled", true], ["dom.security.featurePolicy.header.enabled", true], ["dom.security.featurePolicy.webidl.enabled", true], diff --git a/browser/base/content/test/webrtc/browser_devices_get_user_media_in_frame.js b/browser/base/content/test/webrtc/browser_devices_get_user_media_in_frame.js index 81e04cebced3..d5c2cdca89f8 100644 --- a/browser/base/content/test/webrtc/browser_devices_get_user_media_in_frame.js +++ b/browser/base/content/test/webrtc/browser_devices_get_user_media_in_frame.js @@ -2,10 +2,6 @@ * License, v. 2.0. If a copy of the MPL was not distributed with this * file, You can obtain one at http://mozilla.org/MPL/2.0/. */ -SpecialPowers.pushPrefEnv({ - set: [["permissions.delegation.enabled", true]], -}); - // This test has been seen timing out locally in non-opt debug builds. requestLongerTimeout(2); diff --git a/browser/base/content/test/webrtc/browser_devices_get_user_media_in_xorigin_frame.js b/browser/base/content/test/webrtc/browser_devices_get_user_media_in_xorigin_frame.js index 8c0b0476f38a..1fbbae1c8cf8 100644 --- a/browser/base/content/test/webrtc/browser_devices_get_user_media_in_xorigin_frame.js +++ b/browser/base/content/test/webrtc/browser_devices_get_user_media_in_xorigin_frame.js @@ -786,7 +786,6 @@ var gTests = [ add_task(async function test() { await SpecialPowers.pushPrefEnv({ set: [ - ["permissions.delegation.enabled", true], ["dom.security.featurePolicy.header.enabled", true], ["dom.security.featurePolicy.webidl.enabled", true], ], diff --git a/browser/base/content/test/webrtc/browser_devices_get_user_media_in_xorigin_frame_chain.js b/browser/base/content/test/webrtc/browser_devices_get_user_media_in_xorigin_frame_chain.js index ad398994f0b7..181e18b17913 100644 --- a/browser/base/content/test/webrtc/browser_devices_get_user_media_in_xorigin_frame_chain.js +++ b/browser/base/content/test/webrtc/browser_devices_get_user_media_in_xorigin_frame_chain.js @@ -239,7 +239,6 @@ var gTests = [ add_task(async function test() { await SpecialPowers.pushPrefEnv({ set: [ - ["permissions.delegation.enabled", true], ["dom.security.featurePolicy.header.enabled", true], ["dom.security.featurePolicy.webidl.enabled", true], ], diff --git a/dom/interfaces/base/nsIPermissionDelegateHandler.idl b/dom/interfaces/base/nsIPermissionDelegateHandler.idl index 4207077532eb..e855ecda9b72 100644 --- a/dom/interfaces/base/nsIPermissionDelegateHandler.idl +++ b/dom/interfaces/base/nsIPermissionDelegateHandler.idl @@ -23,9 +23,4 @@ interface nsIPermissionDelegateHandler : nsISupports * @param aTypes the permission types to check */ boolean maybeUnsafePermissionDelegate(in Array aTypes); - - /* - * Return true if permissions.delegation.enabled is true. - */ - readonly attribute boolean permissionDelegateFPEnabled; }; diff --git a/dom/media/systemservices/CamerasParent.cpp b/dom/media/systemservices/CamerasParent.cpp index d560381bc08a..5b42c879c545 100644 --- a/dom/media/systemservices/CamerasParent.cpp +++ b/dom/media/systemservices/CamerasParent.cpp @@ -706,12 +706,10 @@ static bool HasCameraPermission(const uint64_t& aWindowId) { return false; } - // If we delegate permission from first party, we should use the top level + // when we delegate permission from first party, we should use the top level // window - if (StaticPrefs::permissions_delegation_enabled()) { - RefPtr topBC = window->BrowsingContext()->Top(); - window = topBC->Canonical()->GetCurrentWindowGlobal(); - } + RefPtr topBC = window->BrowsingContext()->Top(); + window = topBC->Canonical()->GetCurrentWindowGlobal(); // Return false if the window is not the currently-active window for its // BrowsingContext. diff --git a/dom/notification/test/mochitest/test_notification_permissions.html b/dom/notification/test/mochitest/test_notification_permissions.html index f074ccf58e6c..0290fb9c876d 100644 --- a/dom/notification/test/mochitest/test_notification_permissions.html +++ b/dom/notification/test/mochitest/test_notification_permissions.html @@ -21,8 +21,6 @@ add_task(async function test_notifications_permission() { await SpecialPowers.clearUserPref("notification.prompt.testing"); await SpecialPowers.pushPrefEnv({ set: [ - // Set pref to exercise relevant code path for regression test. - ["permissions.delegation.enabled", true], // Automatically dismiss the permission request when it appears. ["dom.webnotifications.requireuserinteraction", true], ], diff --git a/dom/permission/tests/test_cross_origin_iframe.html b/dom/permission/tests/test_cross_origin_iframe.html index 218cae62ef85..43ef9f086804 100644 --- a/dom/permission/tests/test_cross_origin_iframe.html +++ b/dom/permission/tests/test_cross_origin_iframe.html @@ -301,9 +301,7 @@ SimpleTest.executeSoon(nextTest); } - SpecialPowers.pushPrefEnv({"set": [ - ["permissions.delegation.enabled", true], - ]}).then(nextTest); + nextTest() diff --git a/dom/quota/test/browser/browser_permissionsCrossOrigin.js b/dom/quota/test/browser/browser_permissionsCrossOrigin.js index 759eff73a34c..785897784c18 100644 --- a/dom/quota/test/browser/browser_permissionsCrossOrigin.js +++ b/dom/quota/test/browser/browser_permissionsCrossOrigin.js @@ -24,7 +24,6 @@ addTest(async function testNoPermissionPrompt() { SpecialPowers.pushPrefEnv( { set: [ - ["permissions.delegation.enabled", true], ["dom.security.featurePolicy.header.enabled", true], ["dom.security.featurePolicy.webidl.enabled", true], ], diff --git a/extensions/permissions/PermissionDelegateHandler.cpp b/extensions/permissions/PermissionDelegateHandler.cpp index fd343be49215..b5be2ea14144 100644 --- a/extensions/permissions/PermissionDelegateHandler.cpp +++ b/extensions/permissions/PermissionDelegateHandler.cpp @@ -86,10 +86,6 @@ NS_IMETHODIMP PermissionDelegateHandler::MaybeUnsafePermissionDelegate( const nsTArray& aTypes, bool* aMaybeUnsafe) { *aMaybeUnsafe = false; - if (!StaticPrefs::permissions_delegation_enabled()) { - return NS_OK; - } - for (auto& type : aTypes) { const DelegateInfo* info = GetPermissionDelegateInfo(NS_ConvertUTF8toUTF16(type)); @@ -107,23 +103,12 @@ PermissionDelegateHandler::MaybeUnsafePermissionDelegate( return NS_OK; } -NS_IMETHODIMP -PermissionDelegateHandler::GetPermissionDelegateFPEnabled(bool* aEnabled) { - MOZ_ASSERT(NS_IsMainThread()); - *aEnabled = StaticPrefs::permissions_delegation_enabled(); - return NS_OK; -} - /* static */ nsresult PermissionDelegateHandler::GetDelegatePrincipal( const nsACString& aType, nsIContentPermissionRequest* aRequest, nsIPrincipal** aResult) { MOZ_ASSERT(aRequest); - if (!StaticPrefs::permissions_delegation_enabled()) { - return aRequest->GetPrincipal(aResult); - } - const DelegateInfo* info = GetPermissionDelegateInfo(NS_ConvertUTF8toUTF16(aType)); if (!info) { @@ -203,10 +188,6 @@ bool PermissionDelegateHandler::HasPermissionDelegated( return false; } - if (!StaticPrefs::permissions_delegation_enabled()) { - return true; - } - if (info->mPolicy == DelegatePolicy::ePersistDeniedCrossOrigin && !mDocument->IsTopLevelContentDocument() && IsCrossOriginContentToTop(mDocument)) { @@ -239,11 +220,6 @@ nsresult PermissionDelegateHandler::GetPermission(const nsACString& aType, aExactHostMatch ? &nsIPermissionManager::TestExactPermissionFromPrincipal : &nsIPermissionManager::TestPermissionFromPrincipal; - if (!StaticPrefs::permissions_delegation_enabled()) { - return (mPermissionManager->*testPermission)(mPrincipal, aType, - aPermission); - } - if (info->mPolicy == DelegatePolicy::ePersistDeniedCrossOrigin && !mDocument->IsTopLevelContentDocument() && IsCrossOriginContentToTop(mDocument)) { diff --git a/modules/libpref/init/StaticPrefList.yaml b/modules/libpref/init/StaticPrefList.yaml index 495f4f316ef0..097c758ad5de 100644 --- a/modules/libpref/init/StaticPrefList.yaml +++ b/modules/libpref/init/StaticPrefList.yaml @@ -12778,11 +12778,6 @@ value: 1 mirror: always -- name: permissions.delegation.enabled - type: bool - value: true - mirror: always - - name: permissions.isolateBy.userContext type: RelaxedAtomicBool value: false diff --git a/testing/web-platform/meta/permissions/permissions-query-feature-policy-attribute.https.sub.html.ini b/testing/web-platform/meta/permissions/permissions-query-feature-policy-attribute.https.sub.html.ini index cce4d0c109c3..866ce7a05126 100644 --- a/testing/web-platform/meta/permissions/permissions-query-feature-policy-attribute.https.sub.html.ini +++ b/testing/web-platform/meta/permissions/permissions-query-feature-policy-attribute.https.sub.html.ini @@ -1,4 +1,4 @@ -prefs: [permissions.delegation.enabled:true, dom.security.featurePolicy.header.enabled:true, dom.security.featurePolicy.webidl.enabled:true] +prefs: [dom.security.featurePolicy.header.enabled:true, dom.security.featurePolicy.webidl.enabled:true] [permissions-query-feature-policy-attribute.https.sub.html] expected: if (os == "android") and fission: [OK, TIMEOUT]