mozilla
/
gecko-dev
зеркало из https://github.com/mozilla/gecko-dev.git
1
0
Форкнуть 0
Код Задачи Пакеты Проекты Релизы Вики Активность

Merge mozilla-central to autoland. CLOSED TREE

This commit is contained in:
Butkovits Atila 2021-10-20 01:09:10 +03:00
Родитель d1603184fc b24799980a
Коммит e9c58d9073
14 изменённых файлов: 133 добавлений и 371 удалений
Показать статистику Скачать Patch файл Скачать Diff файл Показать все файлы Свернуть все файлы

17
docshell/base/nsDocShell.cpp
Просмотреть файл

@ -2445,14 +2445,8 @@ void nsDocShell::MaybeCreateInitialClientSource(nsIPrincipal* aPrincipal) {
return;
}
// We cannot get inherited foreign partitioned principal here. Instead, we
// directly check which principal we want to inherit for the service worker.
nsIPrincipal* principal =
aPrincipal
? aPrincipal
: GetInheritedPrincipal(
false, StoragePrincipalHelper::
ShouldUsePartitionPrincipalForServiceWorker(this));
aPrincipal ? aPrincipal : GetInheritedPrincipal(false);
// Sometimes there is no principal available when we are called from
// CreateAboutBlankContentViewer. For example, sometimes the principal
@ -6624,14 +6618,7 @@ nsresult nsDocShell::CreateAboutBlankContentViewer(
partitionedPrincipal = aPartitionedPrincipal;
}
// We cannot get the foreign partitioned prinicpal for the initial
// about:blank page. So, we change to check if we need to use the
// partitioned principal for the service worker here.
MaybeCreateInitialClientSource(
StoragePrincipalHelper::ShouldUsePartitionPrincipalForServiceWorker(
this)
? partitionedPrincipal
: principal);
MaybeCreateInitialClientSource(principal);
// generate (about:blank) document to load
blankDoc = nsContentDLF::CreateBlankDocument(mLoadGroup, principal,

14
dom/base/nsGlobalWindowInner.cpp
Просмотреть файл

@ -82,7 +82,6 @@
#include "mozilla/StaticPrefs_browser.h"
#include "mozilla/StaticPrefs_dom.h"
#include "mozilla/StorageAccess.h"
#include "mozilla/StoragePrincipalHelper.h"
#include "mozilla/TaskCategory.h"
#include "mozilla/Telemetry.h"
#include "mozilla/TelemetryHistogramEnums.h"
@ -1851,12 +1850,6 @@ nsresult nsGlobalWindowInner::EnsureClientSource() {
}
}
nsCOMPtr<nsIPrincipal> foreignPartitionedPrincipal;
nsresult rv = StoragePrincipalHelper::GetPrincipal(
this, StoragePrincipalHelper::eForeignPartitionedPrincipal,
getter_AddRefs(foreignPartitionedPrincipal));
NS_ENSURE_SUCCESS(rv, rv);
// Verify the final ClientSource principal matches the final document
// principal. The ClientChannelHelper handles things like network
// redirects, but there are other ways the document principal can change.
@ -1873,8 +1866,7 @@ nsresult nsGlobalWindowInner::EnsureClientSource() {
auto principalOrErr = mClientSource->Info().GetPrincipal();
nsCOMPtr<nsIPrincipal> clientPrincipal =
principalOrErr.isOk() ? principalOrErr.unwrap() : nullptr;
if (!clientPrincipal ||
!clientPrincipal->Equals(foreignPartitionedPrincipal)) {
if (!clientPrincipal || !clientPrincipal->Equals(mDoc->NodePrincipal())) {
mClientSource.reset();
}
}
@ -1898,7 +1890,7 @@ nsresult nsGlobalWindowInner::EnsureClientSource() {
if (!mClientSource) {
mClientSource = ClientManager::CreateSource(
ClientType::Window, EventTargetFor(TaskCategory::Other),
foreignPartitionedPrincipal);
mDoc->NodePrincipal());
MOZ_DIAGNOSTIC_ASSERT(mClientSource);
newClientSource = true;
@ -1937,7 +1929,7 @@ nsresult nsGlobalWindowInner::EnsureClientSource() {
mClientSource.reset();
mClientSource = ClientManager::CreateSource(
ClientType::Window, EventTargetFor(TaskCategory::Other),
foreignPartitionedPrincipal);
mDoc->NodePrincipal());
MOZ_DIAGNOSTIC_ASSERT(mClientSource);
newClientSource = true;
}

51
dom/clients/manager/ClientChannelHelper.cpp
Просмотреть файл

@ -12,7 +12,6 @@
#include "mozilla/dom/ClientsBinding.h"
#include "mozilla/dom/ServiceWorkerDescriptor.h"
#include "mozilla/ipc/BackgroundUtils.h"
#include "mozilla/StoragePrincipalHelper.h"
#include "nsContentUtils.h"
#include "nsIAsyncVerifyRedirectCallback.h"
#include "nsIChannel.h"
@ -108,14 +107,15 @@ class ClientChannelHelper : public nsIInterfaceRequestor,
// nsGlobalWindowInner will be controlled as unexpected.
if (oldLoadInfo->GetController().isSome() &&
newLoadInfo->GetController().isNothing()) {
nsCOMPtr<nsIPrincipal> foreignPartitionedPrincipal;
rv = StoragePrincipalHelper::GetPrincipal(
aNewChannel,
StoragePrincipalHelper::eForeignPartitionedPrincipal,
getter_AddRefs(foreignPartitionedPrincipal));
nsIScriptSecurityManager* ssm =
nsContentUtils::GetSecurityManager();
MOZ_DIAGNOSTIC_ASSERT(ssm);
nsCOMPtr<nsIPrincipal> principal;
rv = ssm->GetChannelResultPrincipal(aNewChannel,
getter_AddRefs(principal));
NS_ENSURE_SUCCESS(rv, rv);
reservedClient.reset();
CreateClient(newLoadInfo, foreignPartitionedPrincipal);
CreateClient(newLoadInfo, principal);
} else {
newLoadInfo->SetReservedClientInfo(reservedClientInfo.ref());
}
@ -130,14 +130,17 @@ class ClientChannelHelper : public nsIInterfaceRequestor,
// If it's a cross-origin redirect then we discard the old reserved client
// and create a new one.
else {
nsCOMPtr<nsIPrincipal> foreignPartitionedPrincipal;
rv = StoragePrincipalHelper::GetPrincipal(
aNewChannel, StoragePrincipalHelper::eForeignPartitionedPrincipal,
getter_AddRefs(foreignPartitionedPrincipal));
// If CheckSameOrigin() worked, then the security manager must exist.
nsIScriptSecurityManager* ssm = nsContentUtils::GetSecurityManager();
MOZ_DIAGNOSTIC_ASSERT(ssm);
nsCOMPtr<nsIPrincipal> principal;
rv = ssm->GetChannelResultPrincipal(aNewChannel,
getter_AddRefs(principal));
NS_ENSURE_SUCCESS(rv, rv);
reservedClient.reset();
CreateClient(newLoadInfo, foreignPartitionedPrincipal);
CreateClient(newLoadInfo, principal);
}
uint32_t redirectMode = nsIHttpChannelInternal::REDIRECT_MODE_MANUAL;
@ -296,10 +299,12 @@ nsresult AddClientChannelHelperInternal(nsIChannel* aChannel,
nsCOMPtr<nsILoadInfo> loadInfo = aChannel->LoadInfo();
nsCOMPtr<nsIPrincipal> channelForeignPartitionedPrincipal;
nsresult rv = StoragePrincipalHelper::GetPrincipal(
aChannel, StoragePrincipalHelper::eForeignPartitionedPrincipal,
getter_AddRefs(channelForeignPartitionedPrincipal));
nsIScriptSecurityManager* ssm = nsContentUtils::GetSecurityManager();
NS_ENSURE_TRUE(ssm, NS_ERROR_FAILURE);
nsCOMPtr<nsIPrincipal> channelPrincipal;
nsresult rv = ssm->GetChannelResultPrincipal(
aChannel, getter_AddRefs(channelPrincipal));
NS_ENSURE_SUCCESS(rv, rv);
// Only allow the initial ClientInfo to be set if the current channel
@ -309,10 +314,9 @@ nsresult AddClientChannelHelperInternal(nsIChannel* aChannel,
PrincipalInfoToPrincipal(initialClientInfo.ref().PrincipalInfo());
bool equals = false;
rv = initialPrincipalOrErr.isErr()
? initialPrincipalOrErr.unwrapErr()
: initialPrincipalOrErr.unwrap()->Equals(
channelForeignPartitionedPrincipal, &equals);
rv = initialPrincipalOrErr.isErr() ? initialPrincipalOrErr.unwrapErr()
: initialPrincipalOrErr.unwrap()->Equals(
channelPrincipal, &equals);
if (NS_FAILED(rv) || !equals) {
initialClientInfo.reset();
}
@ -327,8 +331,8 @@ nsresult AddClientChannelHelperInternal(nsIChannel* aChannel,
bool equals = false;
rv = reservedPrincipalOrErr.isErr()
? reservedPrincipalOrErr.unwrapErr()
: reservedPrincipalOrErr.unwrap()->Equals(
channelForeignPartitionedPrincipal, &equals);
: reservedPrincipalOrErr.unwrap()->Equals(channelPrincipal,
&equals);
if (NS_FAILED(rv) || !equals) {
reservedClientInfo.reset();
}
@ -341,8 +345,7 @@ nsresult AddClientChannelHelperInternal(nsIChannel* aChannel,
RefPtr<ClientChannelHelper> helper = new T(outerCallbacks, aEventTarget);
if (initialClientInfo.isNothing() && reservedClientInfo.isNothing()) {
helper->CreateClientForPrincipal(
loadInfo, channelForeignPartitionedPrincipal, aEventTarget);
helper->CreateClientForPrincipal(loadInfo, channelPrincipal, aEventTarget);
}
// Only set the callbacks helper if we are able to reserve the client

70
dom/localstorage/ActorsParent.cpp
Просмотреть файл

@ -3056,31 +3056,16 @@ void ForceKillAllDatabases() {
}
bool VerifyPrincipalInfo(const PrincipalInfo& aPrincipalInfo,
const PrincipalInfo& aStoragePrincipalInfo,
bool aCheckClientPrincipal) {
const PrincipalInfo& aStoragePrincipalInfo) {
AssertIsOnBackgroundThread();
if (NS_WARN_IF(!QuotaManager::IsPrincipalInfoValid(aPrincipalInfo))) {
return false;
}
// Note that the client prinicpal could have a different spec than the node
// principal but they should have the same origin. It's because the client
// could be initialized when opening the initial about:blank document and pass
// to the newly opened window and reuse over there if the new window has the
// same origin as the initial about:blank document. But, the FilePath could be
// different. Therefore, we have to ignore comparing the Spec of the
// principals if we are verifying clinet principal here. Also, when
// document.domain is set, client principal won't get it. So, we don't compare
// domain for client princpal too.
bool result = aCheckClientPrincipal
? StoragePrincipalHelper::
VerifyValidClientPrincipalInfoForPrincipalInfo(
aStoragePrincipalInfo, aPrincipalInfo)
: StoragePrincipalHelper::
VerifyValidStoragePrincipalInfoForPrincipalInfo(
aStoragePrincipalInfo, aPrincipalInfo);
if (NS_WARN_IF(!result)) {
if (NS_WARN_IF(!StoragePrincipalHelper::
VerifyValidStoragePrincipalInfoForPrincipalInfo(
aStoragePrincipalInfo, aPrincipalInfo))) {
return false;
}
@ -3088,7 +3073,7 @@ bool VerifyPrincipalInfo(const PrincipalInfo& aPrincipalInfo,
}
bool VerifyClientId(const Maybe<ContentParentId>& aContentParentId,
const Maybe<PrincipalInfo>& aPrincipalInfo,
const PrincipalInfo& aPrincipalInfo,
const Maybe<nsID>& aClientId) {
AssertIsOnBackgroundThread();
@ -3097,13 +3082,9 @@ bool VerifyClientId(const Maybe<ContentParentId>& aContentParentId,
return false;
}
if (NS_WARN_IF(aPrincipalInfo.isNothing())) {
return false;
}
RefPtr<ClientManagerService> svc = ClientManagerService::GetInstance();
if (svc && NS_WARN_IF(!svc->HasWindow(
aContentParentId, aPrincipalInfo.ref(), aClientId.ref()))) {
if (svc && NS_WARN_IF(!svc->HasWindow(aContentParentId, aPrincipalInfo,
aClientId.ref()))) {
return false;
}
}
@ -6133,8 +6114,8 @@ bool LSRequestBase::VerifyRequestParams() {
const LSRequestCommonParams& params =
mParams.get_LSRequestPreloadDatastoreParams().commonParams();
if (NS_WARN_IF(!VerifyPrincipalInfo(
params.principalInfo(), params.storagePrincipalInfo(), false))) {
if (NS_WARN_IF(!VerifyPrincipalInfo(params.principalInfo(),
params.storagePrincipalInfo()))) {
return false;
}
@ -6152,21 +6133,14 @@ bool LSRequestBase::VerifyRequestParams() {
const LSRequestCommonParams& commonParams = params.commonParams();
if (NS_WARN_IF(!VerifyPrincipalInfo(commonParams.principalInfo(),
commonParams.storagePrincipalInfo(),
false))) {
return false;
}
if (params.clientPrincipalInfo() &&
NS_WARN_IF(!VerifyPrincipalInfo(commonParams.principalInfo(),
params.clientPrincipalInfo().ref(),
true))) {
if (NS_WARN_IF(
!VerifyPrincipalInfo(commonParams.principalInfo(),
commonParams.storagePrincipalInfo()))) {
return false;
}
if (NS_WARN_IF(!VerifyClientId(mContentParentId,
params.clientPrincipalInfo(),
commonParams.principalInfo(),
params.clientId()))) {
return false;
}
@ -6183,20 +6157,12 @@ bool LSRequestBase::VerifyRequestParams() {
const LSRequestPrepareObserverParams& params =
mParams.get_LSRequestPrepareObserverParams();
if (NS_WARN_IF(!VerifyPrincipalInfo(
params.principalInfo(), params.storagePrincipalInfo(), false))) {
if (NS_WARN_IF(!VerifyPrincipalInfo(params.principalInfo(),
params.storagePrincipalInfo()))) {
return false;
}
if (params.clientPrincipalInfo() &&
NS_WARN_IF(!VerifyPrincipalInfo(params.principalInfo(),
params.clientPrincipalInfo().ref(),
true))) {
return false;
}
if (NS_WARN_IF(!VerifyClientId(mContentParentId,
params.clientPrincipalInfo(),
if (NS_WARN_IF(!VerifyClientId(mContentParentId, params.principalInfo(),
params.clientId()))) {
return false;
}
@ -7816,8 +7782,8 @@ bool LSSimpleRequestBase::VerifyRequestParams() {
const LSSimpleRequestPreloadedParams& params =
mParams.get_LSSimpleRequestPreloadedParams();
if (NS_WARN_IF(!VerifyPrincipalInfo(
params.principalInfo(), params.storagePrincipalInfo(), false))) {
if (NS_WARN_IF(!VerifyPrincipalInfo(params.principalInfo(),
params.storagePrincipalInfo()))) {
return false;
}

7
dom/localstorage/LSObject.cpp
Просмотреть файл

@ -35,6 +35,7 @@
#include "mozilla/ipc/BackgroundChild.h"
#include "mozilla/ipc/BackgroundUtils.h"
#include "mozilla/ipc/PBackgroundChild.h"
#include "mozilla/ipc/PBackgroundSharedTypes.h"
#include "nsCOMPtr.h"
#include "nsContentUtils.h"
#include "nsDebug.h"
@ -362,9 +363,6 @@ nsresult LSObject::CreateForWindow(nsPIDOMWindowInner* aWindow,
Maybe<nsID> clientId = Some(clientInfo.ref().Id());
Maybe<PrincipalInfo> clientPrincipalInfo =
Some(clientInfo.ref().PrincipalInfo());
nsString documentURI;
if (nsCOMPtr<Document> doc = aWindow->GetExtantDoc()) {
rv = doc->GetDocumentURI(documentURI);
@ -378,7 +376,6 @@ nsresult LSObject::CreateForWindow(nsPIDOMWindowInner* aWindow,
object->mStoragePrincipalInfo = std::move(storagePrincipalInfo);
object->mPrivateBrowsingId = privateBrowsingId;
object->mClientId = clientId;
object->mClientPrincipalInfo = clientPrincipalInfo;
object->mOrigin = origin;
object->mOriginKey = originKey;
object->mDocumentURI = documentURI;
@ -935,7 +932,6 @@ nsresult LSObject::EnsureDatabase() {
LSRequestPrepareDatastoreParams params;
params.commonParams() = commonParams;
params.clientId() = mClientId;
params.clientPrincipalInfo() = mClientPrincipalInfo;
LSRequestResponse response;
@ -996,7 +992,6 @@ nsresult LSObject::EnsureObserver() {
params.principalInfo() = *mPrincipalInfo;
params.storagePrincipalInfo() = *mStoragePrincipalInfo;
params.clientId() = mClientId;
params.clientPrincipalInfo() = mClientPrincipalInfo;
LSRequestResponse response;

8
dom/localstorage/LSObject.h
Просмотреть файл

@ -15,7 +15,6 @@
#include "mozilla/RefPtr.h"
#include "mozilla/UniquePtr.h"
#include "mozilla/dom/Storage.h"
#include "mozilla/ipc/PBackgroundSharedTypes.h"
#include "nsCycleCollectionParticipant.h"
#include "nsID.h"
#include "nsISupports.h"
@ -32,6 +31,12 @@ namespace mozilla {
class ErrorResult;
namespace ipc {
class PrincipalInfo;
} // namespace ipc
namespace dom {
class LSDatabase;
@ -77,7 +82,6 @@ class LSObject final : public Storage {
uint32_t mPrivateBrowsingId;
Maybe<nsID> mClientId;
Maybe<PrincipalInfo> mClientPrincipalInfo;
nsCString mOrigin;
nsCString mOriginKey;
nsString mDocumentURI;

17
dom/localstorage/PBackgroundLSSharedTypes.ipdlh
Просмотреть файл

@ -29,30 +29,13 @@ struct LSRequestPrepareDatastoreParams
{
LSRequestCommonParams commonParams;
nsID? clientId;
PrincipalInfo? clientPrincipalInfo;
};
/**
* In order to validate the principal with the client, we need to provide an
* additional principalInfo for the client. The client is using the foreign
* principal, see StoragePrincipalHelper.h for details, which is different from
* the principalInfo. So, we need to pass the principalInfo from the client So
* that we can verify it with the given client Id.
*
* Note that the storagePrincipalInfo is used to access the right cookie jar
* according to the Storage Access. This is passed in order to access the
* correct local storage. Essentially, the storage principal and the client
* principal are using the PartitionKey in their OriginAttributes. But, the
* existence of the PartitionKey between them is depending on different
* conditions. Namely, the storage principal depends on the Storage Access but
* the client principal depends on whether it's in a third party.
*/
struct LSRequestPrepareObserverParams
{
PrincipalInfo principalInfo;
PrincipalInfo storagePrincipalInfo;
nsID? clientId;
PrincipalInfo? clientPrincipalInfo;
};
union LSRequestParams

10
dom/serviceworkers/ServiceWorkerManager.cpp
Просмотреть файл

@ -61,7 +61,6 @@
#include "mozilla/PermissionManager.h"
#include "mozilla/ScopeExit.h"
#include "mozilla/StaticPrefs_extensions.h"
#include "mozilla/StoragePrincipalHelper.h"
#include "mozilla/Unused.h"
#include "mozilla/EnumSet.h"
@ -2043,13 +2042,8 @@ void ServiceWorkerManager::DispatchFetchEvent(nsIInterceptedChannel* aChannel,
}
// non-subresource request means the URI contains the principal
OriginAttributes attrs = loadInfo->GetOriginAttributes();
StoragePrincipalHelper::GetOriginAttributes(
internalChannel, attrs,
StoragePrincipalHelper::eForeignPartitionedPrincipal);
nsCOMPtr<nsIPrincipal> principal =
BasePrincipal::CreateContentPrincipal(uri, attrs);
nsCOMPtr<nsIPrincipal> principal = BasePrincipal::CreateContentPrincipal(
uri, loadInfo->GetOriginAttributes());
RefPtr<ServiceWorkerRegistrationInfo> registration =
GetServiceWorkerRegistrationInfo(principal, uri);

18
netwerk/base/nsNetUtil.cpp
Просмотреть файл

@ -340,21 +340,13 @@ void AssertLoadingPrincipalAndClientInfoMatch(
return;
}
// Fall back to a slower origin equality test to support null principals.
nsAutoCString loadingOriginNoSuffix;
MOZ_ALWAYS_SUCCEEDS(
aLoadingPrincipal->GetOriginNoSuffix(loadingOriginNoSuffix));
nsAutoCString loadingOrigin;
MOZ_ALWAYS_SUCCEEDS(aLoadingPrincipal->GetOrigin(loadingOrigin));
nsAutoCString clientOriginNoSuffix;
MOZ_ALWAYS_SUCCEEDS(
clientPrincipal->GetOriginNoSuffix(clientOriginNoSuffix));
nsAutoCString clientOrigin;
MOZ_ALWAYS_SUCCEEDS(clientPrincipal->GetOrigin(clientOrigin));
// The client principal will have the partitionKey set if it's in a third
// party context, but the loading principal won't. So, we ignore he
// partitionKey when doing the verification here.
MOZ_DIAGNOSTIC_ASSERT(loadingOriginNoSuffix == clientOriginNoSuffix);
MOZ_DIAGNOSTIC_ASSERT(
aLoadingPrincipal->OriginAttributesRef().EqualsIgnoringPartitionKey(
clientPrincipal->OriginAttributesRef()));
MOZ_DIAGNOSTIC_ASSERT(loadingOrigin == clientOrigin);
}
#endif
}

55
toolkit/components/antitracking/AntiTrackingUtils.cpp
Просмотреть файл

@ -651,9 +651,9 @@ bool AntiTrackingUtils::IsThirdPartyWindow(nsPIDOMWindowInner* aWindow,
}
RefPtr<Document> doc = aWindow->GetDoc();
if (!doc) {
// If we can't get the document from the window, ex, about:blank, fallback
// to use IsThirdPartyWindow check that examine the whole hierarchy.
if (!doc || !doc->GetChannel()) {
// If we can't get channel from the window, ex, about:blank, fallback to use
// IsThirdPartyWindow check that examine the whole hierarchy.
nsCOMPtr<mozIThirdPartyUtil> thirdPartyUtil =
components::ThirdPartyUtil::Service();
Unused << thirdPartyUtil->IsThirdPartyWindow(aWindow->GetOuterWindow(),
@ -661,61 +661,12 @@ bool AntiTrackingUtils::IsThirdPartyWindow(nsPIDOMWindowInner* aWindow,
return thirdParty;
}
if (!doc->GetChannel()) {
// If we can't get the channel from the document, i.e. initial about:blank
// page, we use the browsingContext of the document to check if it's in the
// third-party context.
return IsThirdPartyContext(doc->GetBrowsingContext());
}
// We only care whether the channel is 3rd-party with respect to
// the top-level.
nsCOMPtr<nsILoadInfo> loadInfo = doc->GetChannel()->LoadInfo();
return loadInfo->GetIsThirdPartyContextToTopWindow();
}
/* static */
bool AntiTrackingUtils::IsThirdPartyContext(BrowsingContext* aBrowsingContext) {
MOZ_ASSERT(aBrowsingContext);
MOZ_ASSERT(aBrowsingContext->IsInProcess());
if (aBrowsingContext->IsTopContent()) {
return false;
}
// If the top browsing context is not in the same process, it's cross-origin.
if (!aBrowsingContext->Top()->IsInProcess()) {
return true;
}
nsIDocShell* docShell = aBrowsingContext->GetDocShell();
if (!docShell) {
return true;
}
Document* doc = docShell->GetExtantDocument();
if (!doc) {
return true;
}
nsIPrincipal* principal = doc->NodePrincipal();
nsIDocShell* topDocShell = aBrowsingContext->Top()->GetDocShell();
if (!topDocShell) {
return true;
}
Document* topDoc = topDocShell->GetDocument();
if (!topDoc) {
return true;
}
nsIPrincipal* topPrincipal = topDoc->NodePrincipal();
auto* topBasePrin = BasePrincipal::Cast(topPrincipal);
bool isThirdParty = true;
topBasePrin->IsThirdPartyPrincipal(principal, &isThirdParty);
return isThirdParty;
}
/* static */
nsCString AntiTrackingUtils::GrantedReasonToString(
ContentBlockingNotifier::StorageAccessPermissionGrantedReason aReason) {

4
toolkit/components/antitracking/AntiTrackingUtils.h
Просмотреть файл

@ -121,10 +121,6 @@ class AntiTrackingUtils final {
// Otherwise, it will continue to check if the window is third-party.
static bool IsThirdPartyWindow(nsPIDOMWindowInner* aWindow, nsIURI* aURI);
// Given a browsing context, this function determines if this browsing context
// is considered as a third party in respect to the top-level context.
static bool IsThirdPartyContext(dom::BrowsingContext* aBrowsingContext);
static nsCString GrantedReasonToString(
ContentBlockingNotifier::StorageAccessPermissionGrantedReason aReason);

207
toolkit/components/antitracking/StoragePrincipalHelper.cpp
Просмотреть файл

@ -11,7 +11,6 @@
#include "mozilla/ScopeExit.h"
#include "mozilla/StorageAccess.h"
#include "nsContentUtils.h"
#include "nsIDocShell.h"
#include "nsIEffectiveTLDService.h"
namespace mozilla {
@ -84,78 +83,6 @@ bool ChooseOriginAttributes(nsIChannel* aChannel, OriginAttributes& aAttrs,
return true;
}
bool VerifyValidPartitionedPrincipalInfoForPrincipalInfoInternal(
const ipc::PrincipalInfo& aPartitionedPrincipalInfo,
const ipc::PrincipalInfo& aPrincipalInfo,
bool aIgnoreSpecForContentPrincipal,
bool aIgnoreDomainForContentPrincipal) {
if (aPartitionedPrincipalInfo.type() != aPrincipalInfo.type()) {
return false;
}
if (aPartitionedPrincipalInfo.type() ==
mozilla::ipc::PrincipalInfo::TContentPrincipalInfo) {
const mozilla::ipc::ContentPrincipalInfo& spInfo =
aPartitionedPrincipalInfo.get_ContentPrincipalInfo();
const mozilla::ipc::ContentPrincipalInfo& pInfo =
aPrincipalInfo.get_ContentPrincipalInfo();
return spInfo.attrs().EqualsIgnoringPartitionKey(pInfo.attrs()) &&
spInfo.originNoSuffix() == pInfo.originNoSuffix() &&
(aIgnoreSpecForContentPrincipal || spInfo.spec() == pInfo.spec()) &&
(aIgnoreDomainForContentPrincipal ||
spInfo.domain() == pInfo.domain()) &&
spInfo.baseDomain() == pInfo.baseDomain();
}
if (aPartitionedPrincipalInfo.type() ==
mozilla::ipc::PrincipalInfo::TSystemPrincipalInfo) {
// Nothing to check here.
return true;
}
if (aPartitionedPrincipalInfo.type() ==
mozilla::ipc::PrincipalInfo::TNullPrincipalInfo) {
const mozilla::ipc::NullPrincipalInfo& spInfo =
aPartitionedPrincipalInfo.get_NullPrincipalInfo();
const mozilla::ipc::NullPrincipalInfo& pInfo =
aPrincipalInfo.get_NullPrincipalInfo();
return spInfo.spec() == pInfo.spec() &&
spInfo.attrs().EqualsIgnoringPartitionKey(pInfo.attrs());
}
if (aPartitionedPrincipalInfo.type() ==
mozilla::ipc::PrincipalInfo::TExpandedPrincipalInfo) {
const mozilla::ipc::ExpandedPrincipalInfo& spInfo =
aPartitionedPrincipalInfo.get_ExpandedPrincipalInfo();
const mozilla::ipc::ExpandedPrincipalInfo& pInfo =
aPrincipalInfo.get_ExpandedPrincipalInfo();
if (!spInfo.attrs().EqualsIgnoringPartitionKey(pInfo.attrs())) {
return false;
}
if (spInfo.allowlist().Length() != pInfo.allowlist().Length()) {
return false;
}
for (uint32_t i = 0; i < spInfo.allowlist().Length(); ++i) {
if (!VerifyValidPartitionedPrincipalInfoForPrincipalInfoInternal(
spInfo.allowlist()[i], pInfo.allowlist()[i],
aIgnoreSpecForContentPrincipal,
aIgnoreDomainForContentPrincipal)) {
return false;
}
}
return true;
}
MOZ_CRASH("Invalid principalInfo type");
return false;
}
} // namespace
// static
@ -231,16 +158,71 @@ StoragePrincipalHelper::PrepareEffectiveStoragePrincipalOriginAttributes(
bool StoragePrincipalHelper::VerifyValidStoragePrincipalInfoForPrincipalInfo(
const mozilla::ipc::PrincipalInfo& aStoragePrincipalInfo,
const mozilla::ipc::PrincipalInfo& aPrincipalInfo) {
return VerifyValidPartitionedPrincipalInfoForPrincipalInfoInternal(
aStoragePrincipalInfo, aPrincipalInfo, false, false);
}
if (aStoragePrincipalInfo.type() != aPrincipalInfo.type()) {
return false;
}
// static
bool StoragePrincipalHelper::VerifyValidClientPrincipalInfoForPrincipalInfo(
const mozilla::ipc::PrincipalInfo& aClientPrincipalInfo,
const mozilla::ipc::PrincipalInfo& aPrincipalInfo) {
return VerifyValidPartitionedPrincipalInfoForPrincipalInfoInternal(
aClientPrincipalInfo, aPrincipalInfo, true, true);
if (aStoragePrincipalInfo.type() ==
mozilla::ipc::PrincipalInfo::TContentPrincipalInfo) {
const mozilla::ipc::ContentPrincipalInfo& spInfo =
aStoragePrincipalInfo.get_ContentPrincipalInfo();
const mozilla::ipc::ContentPrincipalInfo& pInfo =
aPrincipalInfo.get_ContentPrincipalInfo();
if (!spInfo.attrs().EqualsIgnoringFPD(pInfo.attrs()) ||
spInfo.originNoSuffix() != pInfo.originNoSuffix() ||
spInfo.spec() != pInfo.spec() || spInfo.domain() != pInfo.domain() ||
spInfo.baseDomain() != pInfo.baseDomain()) {
return false;
}
return true;
}
if (aStoragePrincipalInfo.type() ==
mozilla::ipc::PrincipalInfo::TSystemPrincipalInfo) {
// Nothing to check here.
return true;
}
if (aStoragePrincipalInfo.type() ==
mozilla::ipc::PrincipalInfo::TNullPrincipalInfo) {
const mozilla::ipc::NullPrincipalInfo& spInfo =
aStoragePrincipalInfo.get_NullPrincipalInfo();
const mozilla::ipc::NullPrincipalInfo& pInfo =
aPrincipalInfo.get_NullPrincipalInfo();
return spInfo.spec() == pInfo.spec() &&
spInfo.attrs().EqualsIgnoringFPD(pInfo.attrs());
}
if (aStoragePrincipalInfo.type() ==
mozilla::ipc::PrincipalInfo::TExpandedPrincipalInfo) {
const mozilla::ipc::ExpandedPrincipalInfo& spInfo =
aStoragePrincipalInfo.get_ExpandedPrincipalInfo();
const mozilla::ipc::ExpandedPrincipalInfo& pInfo =
aPrincipalInfo.get_ExpandedPrincipalInfo();
if (!spInfo.attrs().EqualsIgnoringFPD(pInfo.attrs())) {
return false;
}
if (spInfo.allowlist().Length() != pInfo.allowlist().Length()) {
return false;
}
for (uint32_t i = 0; i < spInfo.allowlist().Length(); ++i) {
if (!VerifyValidStoragePrincipalInfoForPrincipalInfo(
spInfo.allowlist()[i], pInfo.allowlist()[i])) {
return false;
}
}
return true;
}
MOZ_CRASH("Invalid principalInfo type");
return false;
}
// static
@ -267,25 +249,6 @@ nsresult StoragePrincipalHelper::GetPrincipal(nsIChannel* aChannel,
return rv;
}
// The aChannel might not be opened in some cases, e.g. getting principal
// for the new channel during a redirect. So, the value
// `IsThirdPartyToTopWindow` is incorrect in this case because this value is
// calculated during opening a channel. And we need to know the value in order
// to get the correct principal. To fix this, we compute the value here even
// the channel hasn't been opened yet.
//
// Note that we don't need to compute the value if there is no browsing
// context ID assigned. This could happen in a GTest or XPCShell.
//
// ToDo: The AntiTrackingUtils::ComputeIsThirdPartyToTopWindow() is only
// available in the parent process. So, this can only work in the parent
// process. It's fine for now, but we should change this to also work in
// content processes. Bug 1736452 will address this.
//
if (XRE_IsParentProcess() && loadInfo->GetBrowsingContextID() != 0) {
AntiTrackingUtils::ComputeIsThirdPartyToTopWindow(aChannel);
}
nsCOMPtr<nsIPrincipal> outPrincipal = principal;
switch (aPrincipalType) {
@ -357,48 +320,6 @@ nsresult StoragePrincipalHelper::GetPrincipal(nsPIDOMWindowInner* aWindow,
return NS_OK;
}
// static
bool StoragePrincipalHelper::ShouldUsePartitionPrincipalForServiceWorker(
nsIDocShell* aDocShell) {
MOZ_ASSERT(aDocShell);
RefPtr<Document> document = aDocShell->GetExtantDocument();
// If we cannot get the document from the docShell, we turn to get its
// parent's document.
if (!document) {
nsCOMPtr<nsIDocShellTreeItem> parentItem;
aDocShell->GetInProcessSameTypeParent(getter_AddRefs(parentItem));
if (parentItem) {
document = parentItem->GetDocument();
}
}
nsCOMPtr<nsICookieJarSettings> cookieJarSettings;
if (document) {
cookieJarSettings = document->CookieJarSettings();
} else {
// If there was no document, we create one cookieJarSettings here in order
// to get the cookieBehavior.
cookieJarSettings = CookieJarSettings::Create(CookieJarSettings::eRegular);
}
// We only support partitioned service workers when dFPI is enabled.
if (cookieJarSettings->GetCookieBehavior() !=
nsICookieService::BEHAVIOR_REJECT_TRACKER_AND_PARTITION_FOREIGN) {
return false;
}
// Only the third-party context will need to use the partitioned principal. A
// first-party context is still using the regular principal for the service
// worker.
return AntiTrackingUtils::IsThirdPartyContext(
document ? document->GetBrowsingContext()
: aDocShell->GetBrowsingContext());
}
// static
bool StoragePrincipalHelper::GetOriginAttributes(
nsIChannel* aChannel, mozilla::OriginAttributes& aAttributes,

18
toolkit/components/antitracking/StoragePrincipalHelper.h
Просмотреть файл

@ -212,7 +212,6 @@
class nsIChannel;
class nsICookieJarSettings;
class nsIDocShell;
class nsILoadGroup;
class nsIPrincipal;
class nsIURI;
@ -243,19 +242,10 @@ class StoragePrincipalHelper final {
static nsresult PrepareEffectiveStoragePrincipalOriginAttributes(
nsIChannel* aChannel, OriginAttributes& aOriginAttributes);
// A helper function to verify storage principal info with the principal info.
static bool VerifyValidStoragePrincipalInfoForPrincipalInfo(
const mozilla::ipc::PrincipalInfo& aStoragePrincipalInfo,
const mozilla::ipc::PrincipalInfo& aPrincipalInfo);
// A helper function to verify client principal info with the principal info.
//
// Note that the client principal refers the principal of the client, which is
// supposed to be the foreign partitioned principal.
static bool VerifyValidClientPrincipalInfoForPrincipalInfo(
const mozilla::ipc::PrincipalInfo& aClientPrincipalInfo,
const mozilla::ipc::PrincipalInfo& aPrincipalInfo);
enum PrincipalType {
// This is the first-party principal.
eRegularPrincipal,
@ -295,12 +285,6 @@ class StoragePrincipalHelper final {
PrincipalType aPrincipalType,
nsIPrincipal** aPrincipal);
// Check if we need to use the partitioned principal for the service worker of
// the given docShell. Please do not use this API unless you cannot get the
// foreign partitioned principal, e.g. creating the inital about:blank page.
static bool ShouldUsePartitionPrincipalForServiceWorker(
nsIDocShell* aDocShell);
/**
* Extract the right OriginAttributes from the channel's triggering
* principal.
@ -317,7 +301,7 @@ class StoragePrincipalHelper final {
// These methods return the correct originAttributes to be used for network
// state components (HSTS, network cache, image-cache, and so on).
static bool GetOriginAttributesForNetworkState(nsIChannel* aChannel,
static bool GetOriginAttributesForNetworkState(nsIChannel* aChanel,
OriginAttributes& aAttributes);
static void GetOriginAttributesForNetworkState(dom::Document* aDocument,
OriginAttributes& aAttributes);

8
toolkit/components/antitracking/test/browser/browser_partitionedServiceWorkers.js
Просмотреть файл

@ -69,13 +69,7 @@ PartitionedStorageHelper.runTest(
win1stParty.sw.postMessage(win3rdParty.location.href);
let msg = await msgPromise;
// The service worker will always be partitioned. So, the first party window
// won't have control on the third-party window.
is(
false,
msg,
"We won't have the 3rd party window controlled regardless of StorageAccess."
);
is(allowed, msg, "We want to have the 3rd party window controlled.");
},
async _ => {