Magic-Mirror/gecko-dev
1
0
Fork 0
mirror of https://github.com/mozilla/gecko-dev.git synced 2024-12-03 10:33:33 +00:00
Code Issues Actions Packages Projects Releases Wiki Activity

Bug 1480131 - AntiTrackingCommon::IsFirstPartyStorageAccessGrantFor() should not grant permission to sub-sub-iframe channels; r=ehsan

Browse Source
This commit is contained in:
Andrea Marchesini 2018-08-10 14:55:27 -04:00 committed by Ehsan Akhgari
parent 9ea0f46168
commit 04fcbb6556
8 changed files with 95 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

32
dom/base/nsGlobalWindowInner.cpp
View File

@ -6255,6 +6255,38 @@ nsGlobalWindowInner::GetParentInternal()
return outer->GetParentInternal();
}
nsIPrincipal*
nsGlobalWindowInner::GetTopLevelPrincipal()
{
nsPIDOMWindowOuter* outerWindow = GetOuterWindowInternal();
if (!outerWindow) {
return nullptr;
}
nsPIDOMWindowOuter* topLevelOuterWindow = GetTopInternal();
if (!topLevelOuterWindow) {
return nullptr;
}
if (topLevelOuterWindow == outerWindow) {
return nullptr;
}
nsPIDOMWindowInner* topLevelInnerWindow =
topLevelOuterWindow->GetCurrentInnerWindow();
if (NS_WARN_IF(!topLevelInnerWindow)) {
return nullptr;
}
nsIPrincipal* topLevelPrincipal =
nsGlobalWindowInner::Cast(topLevelInnerWindow)->GetPrincipal();
if (NS_WARN_IF(!topLevelPrincipal)) {
return nullptr;
}
return topLevelPrincipal;
}
nsIPrincipal*
nsGlobalWindowInner::GetTopLevelStorageAreaPrincipal()
{

7
dom/base/nsGlobalWindowInner.h
View File

@ -1212,7 +1212,12 @@ public:
public:
virtual already_AddRefed<nsPIWindowRoot> GetTopWindowRoot() override;
// Get the parent principal, returns null if this is a toplevel window.
// Get the toplevel principal, returns null if this is a toplevel window.
nsIPrincipal* GetTopLevelPrincipal();
// Get the parent principal, returns null if this or the parent are not a
// toplevel window. This is mainly used to determine the anti-tracking storage
// area.
nsIPrincipal* GetTopLevelStorageAreaPrincipal();
protected:

18
ipc/glue/BackgroundUtils.cpp
View File

@ -339,6 +339,15 @@ LoadInfoToLoadInfoArgs(nsILoadInfo *aLoadInfo,
sandboxedLoadingPrincipalInfo = sandboxedLoadingPrincipalInfoTemp;
}
OptionalPrincipalInfo topLevelPrincipalInfo = mozilla::void_t();
if (aLoadInfo->TopLevelPrincipal()) {
PrincipalInfo topLevelPrincipalInfoTemp;
rv = PrincipalToPrincipalInfo(aLoadInfo->TopLevelPrincipal(),
&topLevelPrincipalInfoTemp);
NS_ENSURE_SUCCESS(rv, rv);
topLevelPrincipalInfo = topLevelPrincipalInfoTemp;
}
OptionalPrincipalInfo topLevelStorageAreaPrincipalInfo = mozilla::void_t();
if (aLoadInfo->TopLevelStorageAreaPrincipal()) {
PrincipalInfo topLevelStorageAreaPrincipalInfoTemp;
@ -408,6 +417,7 @@ LoadInfoToLoadInfoArgs(nsILoadInfo *aLoadInfo,
triggeringPrincipalInfo,
principalToInheritInfo,
sandboxedLoadingPrincipalInfo,
topLevelPrincipalInfo,
topLevelStorageAreaPrincipalInfo,
optionalResultPrincipalURI,
aLoadInfo->GetSecurityFlags(),
@ -488,6 +498,13 @@ LoadInfoArgsToLoadInfo(const OptionalLoadInfoArgs& aOptionalLoadInfoArgs,
NS_ENSURE_SUCCESS(rv, rv);
}
nsCOMPtr<nsIPrincipal> topLevelPrincipal;
if (loadInfoArgs.topLevelPrincipalInfo().type() != OptionalPrincipalInfo::Tvoid_t) {
topLevelPrincipal =
PrincipalInfoToPrincipal(loadInfoArgs.topLevelPrincipalInfo(), &rv);
NS_ENSURE_SUCCESS(rv, rv);
}
nsCOMPtr<nsIPrincipal> topLevelStorageAreaPrincipal;
if (loadInfoArgs.topLevelStorageAreaPrincipalInfo().type() != OptionalPrincipalInfo::Tvoid_t) {
topLevelStorageAreaPrincipal =
@ -561,6 +578,7 @@ LoadInfoArgsToLoadInfo(const OptionalLoadInfoArgs& aOptionalLoadInfoArgs,
triggeringPrincipal,
principalToInherit,
sandboxedLoadingPrincipal,
topLevelPrincipal,
topLevelStorageAreaPrincipal,
resultPrincipalURI,
clientInfo,

18
netwerk/base/LoadInfo.cpp
View File

@ -155,6 +155,7 @@ LoadInfo::LoadInfo(nsIPrincipal* aLoadingPrincipal,
nsGlobalWindowInner* innerWindow =
nsGlobalWindowInner::Cast(contextOuter->GetCurrentInnerWindow());
if (innerWindow) {
mTopLevelPrincipal = innerWindow->GetTopLevelPrincipal();
mTopLevelStorageAreaPrincipal =
innerWindow->GetTopLevelStorageAreaPrincipal();
}
@ -346,6 +347,7 @@ LoadInfo::LoadInfo(nsPIDOMWindowOuter* aOuterWindow,
nsGlobalWindowInner* innerWindow =
nsGlobalWindowInner::Cast(aOuterWindow->GetCurrentInnerWindow());
if (innerWindow) {
mTopLevelPrincipal = innerWindow->GetTopLevelPrincipal();
mTopLevelStorageAreaPrincipal =
innerWindow->GetTopLevelStorageAreaPrincipal();
}
@ -371,6 +373,7 @@ LoadInfo::LoadInfo(const LoadInfo& rhs)
, mTriggeringPrincipal(rhs.mTriggeringPrincipal)
, mPrincipalToInherit(rhs.mPrincipalToInherit)
, mSandboxedLoadingPrincipal(rhs.mSandboxedLoadingPrincipal)
, mTopLevelPrincipal(rhs.mTopLevelPrincipal)
, mTopLevelStorageAreaPrincipal(rhs.mTopLevelStorageAreaPrincipal)
, mResultPrincipalURI(rhs.mResultPrincipalURI)
, mClientInfo(rhs.mClientInfo)
@ -423,6 +426,7 @@ LoadInfo::LoadInfo(nsIPrincipal* aLoadingPrincipal,
nsIPrincipal* aTriggeringPrincipal,
nsIPrincipal* aPrincipalToInherit,
nsIPrincipal* aSandboxedLoadingPrincipal,
nsIPrincipal* aTopLevelPrincipal,
nsIPrincipal* aTopLevelStorageAreaPrincipal,
nsIURI* aResultPrincipalURI,
const Maybe<ClientInfo>& aClientInfo,
@ -464,6 +468,7 @@ LoadInfo::LoadInfo(nsIPrincipal* aLoadingPrincipal,
: mLoadingPrincipal(aLoadingPrincipal)
, mTriggeringPrincipal(aTriggeringPrincipal)
, mPrincipalToInherit(aPrincipalToInherit)
, mTopLevelPrincipal(aTopLevelPrincipal)
, mTopLevelStorageAreaPrincipal(aTopLevelStorageAreaPrincipal)
, mResultPrincipalURI(aResultPrincipalURI)
, mClientInfo(aClientInfo)
@ -647,6 +652,19 @@ LoadInfo::GetSandboxedLoadingPrincipal(nsIPrincipal** aPrincipal)
return NS_OK;
}
NS_IMETHODIMP
LoadInfo::GetTopLevelPrincipal(nsIPrincipal** aTopLevelPrincipal)
{
NS_IF_ADDREF(*aTopLevelPrincipal = mTopLevelPrincipal);
return NS_OK;
}
nsIPrincipal*
LoadInfo::TopLevelPrincipal()
{
return mTopLevelPrincipal;
}
NS_IMETHODIMP
LoadInfo::GetTopLevelStorageAreaPrincipal(nsIPrincipal** aTopLevelStorageAreaPrincipal)
{

2
netwerk/base/LoadInfo.h
View File

@ -97,6 +97,7 @@ private:
nsIPrincipal* aTriggeringPrincipal,
nsIPrincipal* aPrincipalToInherit,
nsIPrincipal* aSandboxedLoadingPrincipal,
nsIPrincipal* aTopLevelPrincipal,
nsIPrincipal* aTopLevelStorageAreaPrincipal,
nsIURI* aResultPrincipalURI,
const Maybe<mozilla::dom::ClientInfo>& aClientInfo,
@ -161,6 +162,7 @@ private:
nsCOMPtr<nsIPrincipal> mTriggeringPrincipal;
nsCOMPtr<nsIPrincipal> mPrincipalToInherit;
nsCOMPtr<nsIPrincipal> mSandboxedLoadingPrincipal;
nsCOMPtr<nsIPrincipal> mTopLevelPrincipal;
nsCOMPtr<nsIPrincipal> mTopLevelStorageAreaPrincipal;
nsCOMPtr<nsIURI> mResultPrincipalURI;

12
netwerk/base/nsILoadInfo.idl
View File

@ -883,6 +883,18 @@ interface nsILoadInfo : nsISupports
*/
[noscript] readonly attribute nsIPrincipal sandboxedLoadingPrincipal;
/**
* Return the top-level principal, which is the principal of the top-level
* window.
*/
[noscript] readonly attribute nsIPrincipal topLevelPrincipal;
/**
* A C++-friendly version of topLevelPrincipal.
*/
[noscript, notxpcom, nostdcall, binaryname(TopLevelPrincipal)]
nsIPrincipal binaryTopLevelPrincipal();
/**
* Return the top-level storage area principal, which is the principal of
* the top-level window if it's not a 3rd party context, non tracking

1
netwerk/ipc/NeckoChannelParams.ipdlh
View File

@ -42,6 +42,7 @@ struct LoadInfoArgs
PrincipalInfo triggeringPrincipalInfo;
OptionalPrincipalInfo principalToInheritInfo;
OptionalPrincipalInfo sandboxedLoadingPrincipalInfo;
OptionalPrincipalInfo topLevelPrincipalInfo;
OptionalPrincipalInfo topLevelStorageAreaPrincipalInfo;
OptionalURIParams resultPrincipalURI;
uint32_t securityFlags;

6
toolkit/components/antitracking/AntiTrackingCommon.cpp
View File

@ -237,6 +237,12 @@ AntiTrackingCommon::IsFirstPartyStorageAccessGrantedFor(nsIHttpChannel* aChannel
nsIPrincipal* parentPrincipal = loadInfo->TopLevelStorageAreaPrincipal();
if (!parentPrincipal) {
// parentPrincipal can be null if the parent window is not the top-level
// window.
if (loadInfo->TopLevelPrincipal()) {
return false;
}
parentPrincipal = loadInfo->TriggeringPrincipal();
if (NS_WARN_IF(!parentPrincipal)) {
// Why we are here?!?