mirror of
https://github.com/mozilla/gecko-dev.git
synced 2024-10-20 00:35:44 +00:00
Backed out 2 changesets (bug 1635050) for XPCshell failures in /xpcshell/test_rejectForeignAllowList.js . CLOSED TREE
Backed out changeset fff7bc5ac710 (bug 1635050) Backed out changeset 451a90be5f40 (bug 1635050)
This commit is contained in:
Dorel Luca
parent
fb839d472b
commit
370459bbe6
@ -31,7 +31,6 @@
|
||||
#include "nsIOService.h"
|
||||
#include "nsIWebProgressListener.h"
|
||||
#include "nsScriptSecurityManager.h"
|
||||
#include "RejectForeignAllowList.h"
|
||||
|
||||
namespace mozilla {
|
||||
|
||||
@ -961,11 +960,6 @@ bool ContentBlocking::ShouldAllowAccessFor(nsPIDOMWindowInner* aWindow,
|
||||
}
|
||||
} else {
|
||||
MOZ_ASSERT(CookieJarSettings::IsRejectThirdPartyWithExceptions(behavior));
|
||||
if (RejectForeignAllowList::Check(document)) {
|
||||
LOG(("This window is whitelisted for reject foreign"));
|
||||
return true;
|
||||
}
|
||||
|
||||
blockedReason = nsIWebProgressListener::STATE_COOKIES_PARTITIONED_FOREIGN;
|
||||
}
|
||||
|
||||
@ -1172,10 +1166,6 @@ bool ContentBlocking::ShouldAllowAccessFor(nsIChannel* aChannel, nsIURI* aURI,
|
||||
}
|
||||
} else {
|
||||
MOZ_ASSERT(CookieJarSettings::IsRejectThirdPartyWithExceptions(behavior));
|
||||
if (httpChannel && RejectForeignAllowList::Check(httpChannel)) {
|
||||
LOG(("This channel is whitelisted"));
|
||||
return true;
|
||||
}
|
||||
blockedReason = nsIWebProgressListener::STATE_COOKIES_BLOCKED_FOREIGN;
|
||||
}
|
||||
|
||||
|
||||
@ -1,100 +0,0 @@
|
||||
/* -*- Mode: C++; tab-width: 8; indent-tabs-mode: nil; c-basic-offset: 2 -*- */
|
||||
/* vim: set ts=8 sts=2 et sw=2 tw=80: */
|
||||
/* This Source Code Form is subject to the terms of the Mozilla Public
|
||||
* License, v. 2.0. If a copy of the MPL was not distributed with this file,
|
||||
* You can obtain one at http://mozilla.org/MPL/2.0/. */
|
||||
|
||||
#include "RejectForeignAllowList.h"
|
||||
#include "mozilla/dom/Document.h"
|
||||
#include "mozilla/ClearOnShutdown.h"
|
||||
#include "mozilla/StaticPtr.h"
|
||||
#include "nsNetUtil.h"
|
||||
|
||||
#define REJECTFOREIGNALLOWLIST_PREF \
|
||||
NS_LITERAL_CSTRING("urlclassifier.trackingAnnotationSkipURLs")
|
||||
#define REJECTFOREIGNALLOWLIST_NAME NS_LITERAL_CSTRING("RejectForeignAllowList")
|
||||
|
||||
namespace mozilla {
|
||||
|
||||
namespace {
|
||||
|
||||
StaticRefPtr<RejectForeignAllowList> gRejectForeignAllowList;
|
||||
|
||||
} // namespace
|
||||
|
||||
// static
|
||||
bool RejectForeignAllowList::Check(dom::Document* aDocument) {
|
||||
MOZ_ASSERT(aDocument);
|
||||
|
||||
nsIURI* documentURI = aDocument->GetDocumentURI();
|
||||
if (!documentURI) {
|
||||
return false;
|
||||
}
|
||||
|
||||
return GetOrCreate()->CheckInternal(documentURI);
|
||||
}
|
||||
|
||||
// static
|
||||
bool RejectForeignAllowList::Check(nsIHttpChannel* aChannel) {
|
||||
MOZ_ASSERT(aChannel);
|
||||
|
||||
nsCOMPtr<nsIURI> channelURI;
|
||||
nsresult rv = NS_GetFinalChannelURI(aChannel, getter_AddRefs(channelURI));
|
||||
if (NS_WARN_IF(NS_FAILED(rv))) {
|
||||
return false;
|
||||
}
|
||||
|
||||
return GetOrCreate()->CheckInternal(channelURI);
|
||||
}
|
||||
|
||||
// static
|
||||
RejectForeignAllowList* RejectForeignAllowList::GetOrCreate() {
|
||||
if (!gRejectForeignAllowList) {
|
||||
gRejectForeignAllowList = new RejectForeignAllowList();
|
||||
|
||||
nsCOMPtr<nsIUrlClassifierSkipListService> skipListService =
|
||||
do_GetService("@mozilla.org/url-classifier/skip-list-service;1");
|
||||
if (skipListService) {
|
||||
skipListService->RegisterAndRunSkipListObserver(
|
||||
REJECTFOREIGNALLOWLIST_NAME, REJECTFOREIGNALLOWLIST_PREF,
|
||||
gRejectForeignAllowList);
|
||||
}
|
||||
|
||||
RunOnShutdown([skipListService] {
|
||||
if (gRejectForeignAllowList) {
|
||||
if (skipListService) {
|
||||
skipListService->UnregisterSkipListObserver(
|
||||
REJECTFOREIGNALLOWLIST_NAME, gRejectForeignAllowList);
|
||||
}
|
||||
gRejectForeignAllowList = nullptr;
|
||||
}
|
||||
});
|
||||
}
|
||||
|
||||
return gRejectForeignAllowList;
|
||||
}
|
||||
|
||||
bool RejectForeignAllowList::CheckInternal(nsIURI* aURI) {
|
||||
MOZ_ASSERT(aURI);
|
||||
return nsContentUtils::IsURIInList(aURI, mList);
|
||||
}
|
||||
|
||||
NS_IMETHODIMP
|
||||
RejectForeignAllowList::OnSkipListUpdate(const nsACString& aList) {
|
||||
mList = aList;
|
||||
return NS_OK;
|
||||
}
|
||||
|
||||
RejectForeignAllowList::RejectForeignAllowList() = default;
|
||||
RejectForeignAllowList::~RejectForeignAllowList() = default;
|
||||
|
||||
NS_INTERFACE_MAP_BEGIN(RejectForeignAllowList)
|
||||
NS_INTERFACE_MAP_ENTRY_AMBIGUOUS(nsISupports,
|
||||
nsIUrlClassifierSkipListObserver)
|
||||
NS_INTERFACE_MAP_ENTRY(nsIUrlClassifierSkipListObserver)
|
||||
NS_INTERFACE_MAP_END
|
||||
|
||||
NS_IMPL_ADDREF(RejectForeignAllowList)
|
||||
NS_IMPL_RELEASE(RejectForeignAllowList)
|
||||
|
||||
} // namespace mozilla
|
||||
@ -1,42 +0,0 @@
|
||||
/* -*- Mode: C++; tab-width: 8; indent-tabs-mode: nil; c-basic-offset: 2 -*- */
|
||||
/* vim: set ts=8 sts=2 et sw=2 tw=80: */
|
||||
/* This Source Code Form is subject to the terms of the Mozilla Public
|
||||
* License, v. 2.0. If a copy of the MPL was not distributed with this file,
|
||||
* You can obtain one at http://mozilla.org/MPL/2.0/. */
|
||||
|
||||
#ifndef mozilla_RejectForeignAllowList_h
|
||||
#define mozilla_RejectForeignAllowList_h
|
||||
|
||||
#include "nsIUrlClassifierSkipListService.h"
|
||||
|
||||
class nsIHttpChannel;
|
||||
class nsIURI;
|
||||
|
||||
namespace mozilla {
|
||||
|
||||
namespace dom {
|
||||
class Document;
|
||||
}
|
||||
|
||||
class RejectForeignAllowList final : public nsIUrlClassifierSkipListObserver {
|
||||
public:
|
||||
NS_DECL_ISUPPORTS
|
||||
NS_DECL_NSIURLCLASSIFIERSKIPLISTOBSERVER
|
||||
|
||||
static bool Check(dom::Document* aDocument);
|
||||
static bool Check(nsIHttpChannel* aChannel);
|
||||
|
||||
private:
|
||||
static RejectForeignAllowList* GetOrCreate();
|
||||
|
||||
RejectForeignAllowList();
|
||||
~RejectForeignAllowList();
|
||||
|
||||
bool CheckInternal(nsIURI* aURI);
|
||||
|
||||
nsCString mList;
|
||||
};
|
||||
|
||||
} // namespace mozilla
|
||||
|
||||
#endif // mozilla_RejectForeignAllowList_h
|
||||
@ -54,7 +54,6 @@ UNIFIED_SOURCES += [
|
||||
'ContentBlockingNotifier.cpp',
|
||||
'ContentBlockingUserInteraction.cpp',
|
||||
'DynamicFpiRedirectHeuristic.cpp',
|
||||
'RejectForeignAllowList.cpp',
|
||||
'SettingsChangeObserver.cpp',
|
||||
'StorageAccess.cpp',
|
||||
'StoragePrincipalHelper.cpp',
|
||||
|
||||
@ -1,117 +0,0 @@
|
||||
"use strict";
|
||||
|
||||
var { Services } = ChromeUtils.import("resource://gre/modules/Services.jsm");
|
||||
|
||||
// Let's use AddonTestUtils and ExtensionTestUtils to open/close tabs.
|
||||
var { AddonTestUtils, MockAsyncShutdown } = ChromeUtils.import(
|
||||
"resource://testing-common/AddonTestUtils.jsm"
|
||||
);
|
||||
|
||||
// eslint-disable-next-line no-unused-vars
|
||||
XPCOMUtils.defineLazyModuleGetters(this, {
|
||||
ExtensionTestUtils: "resource://testing-common/ExtensionXPCShellUtils.jsm",
|
||||
});
|
||||
|
||||
ExtensionTestUtils.init(this);
|
||||
|
||||
var createHttpServer = (...args) => {
|
||||
AddonTestUtils.maybeInit(this);
|
||||
return AddonTestUtils.createHttpServer(...args);
|
||||
};
|
||||
|
||||
const server = createHttpServer({
|
||||
hosts: ["3rdparty.org", "4thparty.org", "foobar.com"],
|
||||
});
|
||||
|
||||
async function testThings(expected) {
|
||||
let cookiePromise = new Promise(resolve => {
|
||||
server.registerPathHandler("/test3rdPartyChannel", (request, response) => {
|
||||
response.setStatusLine(request.httpVersion, 200, "OK");
|
||||
response.setHeader("Content-Type", "text/html; charset=utf-8", false);
|
||||
response.write(`<html><img src="http://3rdparty.org/img" /></html>`);
|
||||
});
|
||||
|
||||
server.registerPathHandler("/img", (request, response) => {
|
||||
response.setStatusLine(request.httpVersion, 200, "OK");
|
||||
resolve(request.hasHeader("Cookie") ? request.getHeader("Cookie") : "");
|
||||
response.setHeader("Content-Type", "image/png", false);
|
||||
response.write("Not an image");
|
||||
});
|
||||
});
|
||||
|
||||
// Let's load 3rdparty.org loading a 4th-party.
|
||||
let contentPage = await ExtensionTestUtils.loadContentPage(
|
||||
"http://foobar.com/test3rdPartyChannel"
|
||||
);
|
||||
Assert.equal(await cookiePromise, expected, "Cookies received?");
|
||||
await contentPage.close();
|
||||
|
||||
cookiePromise = new Promise(resolve => {
|
||||
server.registerPathHandler("/test3rdPartyDocument", (request, response) => {
|
||||
response.setStatusLine(request.httpVersion, 200, "OK");
|
||||
response.setHeader("Content-Type", "text/html; charset=utf-8", false);
|
||||
response.write(
|
||||
`<html><iframe src="http://3rdparty.org/iframe" /></html>`
|
||||
);
|
||||
});
|
||||
|
||||
server.registerPathHandler("/iframe", (request, response) => {
|
||||
response.setStatusLine(request.httpVersion, 200, "OK");
|
||||
resolve(request.hasHeader("Cookie") ? request.getHeader("Cookie") : "");
|
||||
response.setHeader("Content-Type", "text/html; charset=utf-8", false);
|
||||
response.write(`<html><img src="http://4thparty.org/img" /></html>`);
|
||||
});
|
||||
|
||||
server.registerPathHandler("/img", (request, response) => {
|
||||
response.setStatusLine(request.httpVersion, 200, "OK");
|
||||
resolve(request.hasHeader("Cookie") ? request.getHeader("Cookie") : "");
|
||||
response.setHeader("Content-Type", "image/png", false);
|
||||
response.write("Not an image");
|
||||
});
|
||||
});
|
||||
|
||||
// Let's load 3rdparty.org as a 3rd-party.
|
||||
contentPage = await ExtensionTestUtils.loadContentPage(
|
||||
"http://foobar.com/test3rdPartyDocument"
|
||||
);
|
||||
Assert.equal(await cookiePromise, expected, "Cookies received?");
|
||||
await contentPage.close();
|
||||
}
|
||||
|
||||
add_task(async function test_rejectForeignAllowList() {
|
||||
Services.prefs.setIntPref("network.cookie.cookieBehavior", 1);
|
||||
Services.prefs.setBoolPref(
|
||||
"network.cookie.rejectForeignWithExceptions.enabled",
|
||||
true
|
||||
);
|
||||
|
||||
// We don't want to have 'secure' cookies because our test http server doesn't run in https.
|
||||
Services.prefs.setBoolPref(
|
||||
"network.cookie.sameSite.noneRequiresSecure",
|
||||
false
|
||||
);
|
||||
|
||||
server.registerPathHandler("/setCookies", (request, response) => {
|
||||
response.setStatusLine(request.httpVersion, 200, "OK");
|
||||
response.setHeader("Content-Type", "text/html; charset=utf-8", false);
|
||||
response.setHeader("Set-Cookie", "cookie=wow; sameSite=none", true);
|
||||
response.write("<html></html>");
|
||||
});
|
||||
|
||||
// Let's set a cookie.
|
||||
let contentPage = await ExtensionTestUtils.loadContentPage(
|
||||
"http://3rdparty.org/setCookies"
|
||||
);
|
||||
await contentPage.close();
|
||||
Assert.equal(Services.cookies.cookies.length, 1);
|
||||
|
||||
// Without whitelisting, no cookies should be shared.
|
||||
await testThings("");
|
||||
|
||||
// Let's whitelist 3rdparty.org
|
||||
Services.prefs.setCharPref(
|
||||
"urlclassifier.trackingAnnotationSkipURLs",
|
||||
"3rdparty.org"
|
||||
);
|
||||
await testThings("cookie=wow");
|
||||
});
|
||||
@ -3,4 +3,3 @@ head = head.js ../../../../components/url-classifier/tests/unit/head_urlclassifi
|
||||
|
||||
[test_purge_trackers.js]
|
||||
[test_tracking_db_service.js]
|
||||
[test_rejectForeignAllowList.js]
|
||||
|
||||
Loading…
Reference in New Issue
Block a user