mirror of
https://github.com/mozilla/gecko-dev.git
synced 2024-12-11 16:32:59 +00:00
Bug 1480131 - AntiTrackingCommon::IsFirstPartyStorageAccessGrantFor() should not grant permission to sub-sub-iframe channels; r=ehsan
This commit is contained in:
parent
9ea0f46168
commit
04fcbb6556
@ -6255,6 +6255,38 @@ nsGlobalWindowInner::GetParentInternal()
|
|||||||
return outer->GetParentInternal();
|
return outer->GetParentInternal();
|
||||||
}
|
}
|
||||||
|
|
||||||
|
nsIPrincipal*
|
||||||
|
nsGlobalWindowInner::GetTopLevelPrincipal()
|
||||||
|
{
|
||||||
|
nsPIDOMWindowOuter* outerWindow = GetOuterWindowInternal();
|
||||||
|
if (!outerWindow) {
|
||||||
|
return nullptr;
|
||||||
|
}
|
||||||
|
|
||||||
|
nsPIDOMWindowOuter* topLevelOuterWindow = GetTopInternal();
|
||||||
|
if (!topLevelOuterWindow) {
|
||||||
|
return nullptr;
|
||||||
|
}
|
||||||
|
|
||||||
|
if (topLevelOuterWindow == outerWindow) {
|
||||||
|
return nullptr;
|
||||||
|
}
|
||||||
|
|
||||||
|
nsPIDOMWindowInner* topLevelInnerWindow =
|
||||||
|
topLevelOuterWindow->GetCurrentInnerWindow();
|
||||||
|
if (NS_WARN_IF(!topLevelInnerWindow)) {
|
||||||
|
return nullptr;
|
||||||
|
}
|
||||||
|
|
||||||
|
nsIPrincipal* topLevelPrincipal =
|
||||||
|
nsGlobalWindowInner::Cast(topLevelInnerWindow)->GetPrincipal();
|
||||||
|
if (NS_WARN_IF(!topLevelPrincipal)) {
|
||||||
|
return nullptr;
|
||||||
|
}
|
||||||
|
|
||||||
|
return topLevelPrincipal;
|
||||||
|
}
|
||||||
|
|
||||||
nsIPrincipal*
|
nsIPrincipal*
|
||||||
nsGlobalWindowInner::GetTopLevelStorageAreaPrincipal()
|
nsGlobalWindowInner::GetTopLevelStorageAreaPrincipal()
|
||||||
{
|
{
|
||||||
|
@ -1212,7 +1212,12 @@ public:
|
|||||||
public:
|
public:
|
||||||
virtual already_AddRefed<nsPIWindowRoot> GetTopWindowRoot() override;
|
virtual already_AddRefed<nsPIWindowRoot> GetTopWindowRoot() override;
|
||||||
|
|
||||||
// Get the parent principal, returns null if this is a toplevel window.
|
// Get the toplevel principal, returns null if this is a toplevel window.
|
||||||
|
nsIPrincipal* GetTopLevelPrincipal();
|
||||||
|
|
||||||
|
// Get the parent principal, returns null if this or the parent are not a
|
||||||
|
// toplevel window. This is mainly used to determine the anti-tracking storage
|
||||||
|
// area.
|
||||||
nsIPrincipal* GetTopLevelStorageAreaPrincipal();
|
nsIPrincipal* GetTopLevelStorageAreaPrincipal();
|
||||||
|
|
||||||
protected:
|
protected:
|
||||||
|
@ -339,6 +339,15 @@ LoadInfoToLoadInfoArgs(nsILoadInfo *aLoadInfo,
|
|||||||
sandboxedLoadingPrincipalInfo = sandboxedLoadingPrincipalInfoTemp;
|
sandboxedLoadingPrincipalInfo = sandboxedLoadingPrincipalInfoTemp;
|
||||||
}
|
}
|
||||||
|
|
||||||
|
OptionalPrincipalInfo topLevelPrincipalInfo = mozilla::void_t();
|
||||||
|
if (aLoadInfo->TopLevelPrincipal()) {
|
||||||
|
PrincipalInfo topLevelPrincipalInfoTemp;
|
||||||
|
rv = PrincipalToPrincipalInfo(aLoadInfo->TopLevelPrincipal(),
|
||||||
|
&topLevelPrincipalInfoTemp);
|
||||||
|
NS_ENSURE_SUCCESS(rv, rv);
|
||||||
|
topLevelPrincipalInfo = topLevelPrincipalInfoTemp;
|
||||||
|
}
|
||||||
|
|
||||||
OptionalPrincipalInfo topLevelStorageAreaPrincipalInfo = mozilla::void_t();
|
OptionalPrincipalInfo topLevelStorageAreaPrincipalInfo = mozilla::void_t();
|
||||||
if (aLoadInfo->TopLevelStorageAreaPrincipal()) {
|
if (aLoadInfo->TopLevelStorageAreaPrincipal()) {
|
||||||
PrincipalInfo topLevelStorageAreaPrincipalInfoTemp;
|
PrincipalInfo topLevelStorageAreaPrincipalInfoTemp;
|
||||||
@ -408,6 +417,7 @@ LoadInfoToLoadInfoArgs(nsILoadInfo *aLoadInfo,
|
|||||||
triggeringPrincipalInfo,
|
triggeringPrincipalInfo,
|
||||||
principalToInheritInfo,
|
principalToInheritInfo,
|
||||||
sandboxedLoadingPrincipalInfo,
|
sandboxedLoadingPrincipalInfo,
|
||||||
|
topLevelPrincipalInfo,
|
||||||
topLevelStorageAreaPrincipalInfo,
|
topLevelStorageAreaPrincipalInfo,
|
||||||
optionalResultPrincipalURI,
|
optionalResultPrincipalURI,
|
||||||
aLoadInfo->GetSecurityFlags(),
|
aLoadInfo->GetSecurityFlags(),
|
||||||
@ -488,6 +498,13 @@ LoadInfoArgsToLoadInfo(const OptionalLoadInfoArgs& aOptionalLoadInfoArgs,
|
|||||||
NS_ENSURE_SUCCESS(rv, rv);
|
NS_ENSURE_SUCCESS(rv, rv);
|
||||||
}
|
}
|
||||||
|
|
||||||
|
nsCOMPtr<nsIPrincipal> topLevelPrincipal;
|
||||||
|
if (loadInfoArgs.topLevelPrincipalInfo().type() != OptionalPrincipalInfo::Tvoid_t) {
|
||||||
|
topLevelPrincipal =
|
||||||
|
PrincipalInfoToPrincipal(loadInfoArgs.topLevelPrincipalInfo(), &rv);
|
||||||
|
NS_ENSURE_SUCCESS(rv, rv);
|
||||||
|
}
|
||||||
|
|
||||||
nsCOMPtr<nsIPrincipal> topLevelStorageAreaPrincipal;
|
nsCOMPtr<nsIPrincipal> topLevelStorageAreaPrincipal;
|
||||||
if (loadInfoArgs.topLevelStorageAreaPrincipalInfo().type() != OptionalPrincipalInfo::Tvoid_t) {
|
if (loadInfoArgs.topLevelStorageAreaPrincipalInfo().type() != OptionalPrincipalInfo::Tvoid_t) {
|
||||||
topLevelStorageAreaPrincipal =
|
topLevelStorageAreaPrincipal =
|
||||||
@ -561,6 +578,7 @@ LoadInfoArgsToLoadInfo(const OptionalLoadInfoArgs& aOptionalLoadInfoArgs,
|
|||||||
triggeringPrincipal,
|
triggeringPrincipal,
|
||||||
principalToInherit,
|
principalToInherit,
|
||||||
sandboxedLoadingPrincipal,
|
sandboxedLoadingPrincipal,
|
||||||
|
topLevelPrincipal,
|
||||||
topLevelStorageAreaPrincipal,
|
topLevelStorageAreaPrincipal,
|
||||||
resultPrincipalURI,
|
resultPrincipalURI,
|
||||||
clientInfo,
|
clientInfo,
|
||||||
|
@ -155,6 +155,7 @@ LoadInfo::LoadInfo(nsIPrincipal* aLoadingPrincipal,
|
|||||||
nsGlobalWindowInner* innerWindow =
|
nsGlobalWindowInner* innerWindow =
|
||||||
nsGlobalWindowInner::Cast(contextOuter->GetCurrentInnerWindow());
|
nsGlobalWindowInner::Cast(contextOuter->GetCurrentInnerWindow());
|
||||||
if (innerWindow) {
|
if (innerWindow) {
|
||||||
|
mTopLevelPrincipal = innerWindow->GetTopLevelPrincipal();
|
||||||
mTopLevelStorageAreaPrincipal =
|
mTopLevelStorageAreaPrincipal =
|
||||||
innerWindow->GetTopLevelStorageAreaPrincipal();
|
innerWindow->GetTopLevelStorageAreaPrincipal();
|
||||||
}
|
}
|
||||||
@ -346,6 +347,7 @@ LoadInfo::LoadInfo(nsPIDOMWindowOuter* aOuterWindow,
|
|||||||
nsGlobalWindowInner* innerWindow =
|
nsGlobalWindowInner* innerWindow =
|
||||||
nsGlobalWindowInner::Cast(aOuterWindow->GetCurrentInnerWindow());
|
nsGlobalWindowInner::Cast(aOuterWindow->GetCurrentInnerWindow());
|
||||||
if (innerWindow) {
|
if (innerWindow) {
|
||||||
|
mTopLevelPrincipal = innerWindow->GetTopLevelPrincipal();
|
||||||
mTopLevelStorageAreaPrincipal =
|
mTopLevelStorageAreaPrincipal =
|
||||||
innerWindow->GetTopLevelStorageAreaPrincipal();
|
innerWindow->GetTopLevelStorageAreaPrincipal();
|
||||||
}
|
}
|
||||||
@ -371,6 +373,7 @@ LoadInfo::LoadInfo(const LoadInfo& rhs)
|
|||||||
, mTriggeringPrincipal(rhs.mTriggeringPrincipal)
|
, mTriggeringPrincipal(rhs.mTriggeringPrincipal)
|
||||||
, mPrincipalToInherit(rhs.mPrincipalToInherit)
|
, mPrincipalToInherit(rhs.mPrincipalToInherit)
|
||||||
, mSandboxedLoadingPrincipal(rhs.mSandboxedLoadingPrincipal)
|
, mSandboxedLoadingPrincipal(rhs.mSandboxedLoadingPrincipal)
|
||||||
|
, mTopLevelPrincipal(rhs.mTopLevelPrincipal)
|
||||||
, mTopLevelStorageAreaPrincipal(rhs.mTopLevelStorageAreaPrincipal)
|
, mTopLevelStorageAreaPrincipal(rhs.mTopLevelStorageAreaPrincipal)
|
||||||
, mResultPrincipalURI(rhs.mResultPrincipalURI)
|
, mResultPrincipalURI(rhs.mResultPrincipalURI)
|
||||||
, mClientInfo(rhs.mClientInfo)
|
, mClientInfo(rhs.mClientInfo)
|
||||||
@ -423,6 +426,7 @@ LoadInfo::LoadInfo(nsIPrincipal* aLoadingPrincipal,
|
|||||||
nsIPrincipal* aTriggeringPrincipal,
|
nsIPrincipal* aTriggeringPrincipal,
|
||||||
nsIPrincipal* aPrincipalToInherit,
|
nsIPrincipal* aPrincipalToInherit,
|
||||||
nsIPrincipal* aSandboxedLoadingPrincipal,
|
nsIPrincipal* aSandboxedLoadingPrincipal,
|
||||||
|
nsIPrincipal* aTopLevelPrincipal,
|
||||||
nsIPrincipal* aTopLevelStorageAreaPrincipal,
|
nsIPrincipal* aTopLevelStorageAreaPrincipal,
|
||||||
nsIURI* aResultPrincipalURI,
|
nsIURI* aResultPrincipalURI,
|
||||||
const Maybe<ClientInfo>& aClientInfo,
|
const Maybe<ClientInfo>& aClientInfo,
|
||||||
@ -464,6 +468,7 @@ LoadInfo::LoadInfo(nsIPrincipal* aLoadingPrincipal,
|
|||||||
: mLoadingPrincipal(aLoadingPrincipal)
|
: mLoadingPrincipal(aLoadingPrincipal)
|
||||||
, mTriggeringPrincipal(aTriggeringPrincipal)
|
, mTriggeringPrincipal(aTriggeringPrincipal)
|
||||||
, mPrincipalToInherit(aPrincipalToInherit)
|
, mPrincipalToInherit(aPrincipalToInherit)
|
||||||
|
, mTopLevelPrincipal(aTopLevelPrincipal)
|
||||||
, mTopLevelStorageAreaPrincipal(aTopLevelStorageAreaPrincipal)
|
, mTopLevelStorageAreaPrincipal(aTopLevelStorageAreaPrincipal)
|
||||||
, mResultPrincipalURI(aResultPrincipalURI)
|
, mResultPrincipalURI(aResultPrincipalURI)
|
||||||
, mClientInfo(aClientInfo)
|
, mClientInfo(aClientInfo)
|
||||||
@ -647,6 +652,19 @@ LoadInfo::GetSandboxedLoadingPrincipal(nsIPrincipal** aPrincipal)
|
|||||||
return NS_OK;
|
return NS_OK;
|
||||||
}
|
}
|
||||||
|
|
||||||
|
NS_IMETHODIMP
|
||||||
|
LoadInfo::GetTopLevelPrincipal(nsIPrincipal** aTopLevelPrincipal)
|
||||||
|
{
|
||||||
|
NS_IF_ADDREF(*aTopLevelPrincipal = mTopLevelPrincipal);
|
||||||
|
return NS_OK;
|
||||||
|
}
|
||||||
|
|
||||||
|
nsIPrincipal*
|
||||||
|
LoadInfo::TopLevelPrincipal()
|
||||||
|
{
|
||||||
|
return mTopLevelPrincipal;
|
||||||
|
}
|
||||||
|
|
||||||
NS_IMETHODIMP
|
NS_IMETHODIMP
|
||||||
LoadInfo::GetTopLevelStorageAreaPrincipal(nsIPrincipal** aTopLevelStorageAreaPrincipal)
|
LoadInfo::GetTopLevelStorageAreaPrincipal(nsIPrincipal** aTopLevelStorageAreaPrincipal)
|
||||||
{
|
{
|
||||||
|
@ -97,6 +97,7 @@ private:
|
|||||||
nsIPrincipal* aTriggeringPrincipal,
|
nsIPrincipal* aTriggeringPrincipal,
|
||||||
nsIPrincipal* aPrincipalToInherit,
|
nsIPrincipal* aPrincipalToInherit,
|
||||||
nsIPrincipal* aSandboxedLoadingPrincipal,
|
nsIPrincipal* aSandboxedLoadingPrincipal,
|
||||||
|
nsIPrincipal* aTopLevelPrincipal,
|
||||||
nsIPrincipal* aTopLevelStorageAreaPrincipal,
|
nsIPrincipal* aTopLevelStorageAreaPrincipal,
|
||||||
nsIURI* aResultPrincipalURI,
|
nsIURI* aResultPrincipalURI,
|
||||||
const Maybe<mozilla::dom::ClientInfo>& aClientInfo,
|
const Maybe<mozilla::dom::ClientInfo>& aClientInfo,
|
||||||
@ -161,6 +162,7 @@ private:
|
|||||||
nsCOMPtr<nsIPrincipal> mTriggeringPrincipal;
|
nsCOMPtr<nsIPrincipal> mTriggeringPrincipal;
|
||||||
nsCOMPtr<nsIPrincipal> mPrincipalToInherit;
|
nsCOMPtr<nsIPrincipal> mPrincipalToInherit;
|
||||||
nsCOMPtr<nsIPrincipal> mSandboxedLoadingPrincipal;
|
nsCOMPtr<nsIPrincipal> mSandboxedLoadingPrincipal;
|
||||||
|
nsCOMPtr<nsIPrincipal> mTopLevelPrincipal;
|
||||||
nsCOMPtr<nsIPrincipal> mTopLevelStorageAreaPrincipal;
|
nsCOMPtr<nsIPrincipal> mTopLevelStorageAreaPrincipal;
|
||||||
nsCOMPtr<nsIURI> mResultPrincipalURI;
|
nsCOMPtr<nsIURI> mResultPrincipalURI;
|
||||||
|
|
||||||
|
@ -883,6 +883,18 @@ interface nsILoadInfo : nsISupports
|
|||||||
*/
|
*/
|
||||||
[noscript] readonly attribute nsIPrincipal sandboxedLoadingPrincipal;
|
[noscript] readonly attribute nsIPrincipal sandboxedLoadingPrincipal;
|
||||||
|
|
||||||
|
/**
|
||||||
|
* Return the top-level principal, which is the principal of the top-level
|
||||||
|
* window.
|
||||||
|
*/
|
||||||
|
[noscript] readonly attribute nsIPrincipal topLevelPrincipal;
|
||||||
|
|
||||||
|
/**
|
||||||
|
* A C++-friendly version of topLevelPrincipal.
|
||||||
|
*/
|
||||||
|
[noscript, notxpcom, nostdcall, binaryname(TopLevelPrincipal)]
|
||||||
|
nsIPrincipal binaryTopLevelPrincipal();
|
||||||
|
|
||||||
/**
|
/**
|
||||||
* Return the top-level storage area principal, which is the principal of
|
* Return the top-level storage area principal, which is the principal of
|
||||||
* the top-level window if it's not a 3rd party context, non tracking
|
* the top-level window if it's not a 3rd party context, non tracking
|
||||||
|
@ -42,6 +42,7 @@ struct LoadInfoArgs
|
|||||||
PrincipalInfo triggeringPrincipalInfo;
|
PrincipalInfo triggeringPrincipalInfo;
|
||||||
OptionalPrincipalInfo principalToInheritInfo;
|
OptionalPrincipalInfo principalToInheritInfo;
|
||||||
OptionalPrincipalInfo sandboxedLoadingPrincipalInfo;
|
OptionalPrincipalInfo sandboxedLoadingPrincipalInfo;
|
||||||
|
OptionalPrincipalInfo topLevelPrincipalInfo;
|
||||||
OptionalPrincipalInfo topLevelStorageAreaPrincipalInfo;
|
OptionalPrincipalInfo topLevelStorageAreaPrincipalInfo;
|
||||||
OptionalURIParams resultPrincipalURI;
|
OptionalURIParams resultPrincipalURI;
|
||||||
uint32_t securityFlags;
|
uint32_t securityFlags;
|
||||||
|
@ -237,6 +237,12 @@ AntiTrackingCommon::IsFirstPartyStorageAccessGrantedFor(nsIHttpChannel* aChannel
|
|||||||
|
|
||||||
nsIPrincipal* parentPrincipal = loadInfo->TopLevelStorageAreaPrincipal();
|
nsIPrincipal* parentPrincipal = loadInfo->TopLevelStorageAreaPrincipal();
|
||||||
if (!parentPrincipal) {
|
if (!parentPrincipal) {
|
||||||
|
// parentPrincipal can be null if the parent window is not the top-level
|
||||||
|
// window.
|
||||||
|
if (loadInfo->TopLevelPrincipal()) {
|
||||||
|
return false;
|
||||||
|
}
|
||||||
|
|
||||||
parentPrincipal = loadInfo->TriggeringPrincipal();
|
parentPrincipal = loadInfo->TriggeringPrincipal();
|
||||||
if (NS_WARN_IF(!parentPrincipal)) {
|
if (NS_WARN_IF(!parentPrincipal)) {
|
||||||
// Why we are here?!?
|
// Why we are here?!?
|
||||||
|
Loading…
Reference in New Issue
Block a user