Magic-Mirror/gecko-dev
1
0
Fork 0
mirror of https://github.com/mozilla/gecko-dev.git synced 2024-10-07 18:04:46 +00:00
Code Issues Actions Packages Projects Releases Wiki Activity

Backed out 8 changesets (bug 1830070) for causing assertion failures on nsAboutProtocolUtils.h. CLOSED TREE

Browse Source 
Backed out changeset 05c4b06857fb (bug 1830070)
Backed out changeset f264c5b9c200 (bug 1830070)
Backed out changeset 45032e474c29 (bug 1830070)
Backed out changeset fa89c51ef6fc (bug 1830070)
Backed out changeset f0f70e7c8250 (bug 1830070)
Backed out changeset 785e1775c13d (bug 1830070)
Backed out changeset 582e28b83b50 (bug 1830070)
Backed out changeset de379bee27d0 (bug 1830070)
This commit is contained in:
Natalia Csoregi 2023-06-19 23:51:04 +03:00
parent e57bf2c1c5
commit 37db79aab5
22 changed files with 40 additions and 838 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

12
browser/components/resistfingerprinting/test/browser/browser.ini
View File

@ -17,17 +17,14 @@ support-files =
file_navigator_iframe_worker.sjs
file_hwconcurrency_aboutblank_iframer.html
file_hwconcurrency_aboutblank_iframee.html
file_hwconcurrency_aboutblank_popupmaker.html
file_hwconcurrency_aboutsrcdoc_iframer.html
file_hwconcurrency_aboutsrcdoc_iframee.html
file_hwconcurrency_blob_iframer.html
file_hwconcurrency_blob_iframee.html
file_hwconcurrency_blob_popupmaker.html
file_hwconcurrency_blobcrossorigin_iframer.html
file_hwconcurrency_blobcrossorigin_iframee.html
file_hwconcurrency_data_iframee.html
file_hwconcurrency_data_iframer.html
file_hwconcurrency_data_popupmaker.html
file_hwconcurrency_data_iframee.html
file_hwconcurrency_iframer.html
file_hwconcurrency_iframee.html
file_hwconcurrency_sandboxediframe_double_framee.html
@ -60,13 +57,6 @@ skip-if =
[browser_hwconcurrency_iframes_blobcrossorigin.js]
[browser_hwconcurrency_iframes_data.js]
[browser_hwconcurrency_iframes_sandboxediframe.js]
[browser_hwconcurrency_popups.js]
[browser_hwconcurrency_popups_aboutblank.js]
[browser_hwconcurrency_popups_blob.js]
[browser_hwconcurrency_popups_blob_noopener.js]
[browser_hwconcurrency_popups_data.js]
[browser_hwconcurrency_popups_data_noopener.js]
[browser_hwconcurrency_popups_noopener.js]
[browser_math.js]
[browser_navigator.js]
https_first_disabled = true

2
browser/components/resistfingerprinting/test/browser/browser_hwconcurrency_iframes.js
View File

@ -46,7 +46,7 @@ const allSpoofed = {
hardwareConcurrency: SPOOFED_HW_CONCURRENCY,
};
const uri = `https://${FRAMER_DOMAIN}/browser/browser/components/resistfingerprinting/test/browser/file_hwconcurrency_iframer.html?mode=iframe`;
const uri = `https://${FRAMER_DOMAIN}/browser/browser/components/resistfingerprinting/test/browser/file_hwconcurrency_iframer.html`;
requestLongerTimeout(2);

71
browser/components/resistfingerprinting/test/browser/browser_hwconcurrency_popups.js
View File

@ -1,71 +0,0 @@
/**
* This test tests values in a popup, it does not test them on the page that made the popup
*
* Covers the following cases:
* - RFP is disabled entirely
* - RFP is enabled entirely
*
* - (A) RFP is exempted on the maker and popup
* - (C) RFP is exempted on the maker but not the popup
* - (E) RFP is not exempted on the maker nor the popup
* - (G) RFP is not exempted on the maker but is on the popup
*
*/
"use strict";
const SPOOFED_HW_CONCURRENCY = 2;
const DEFAULT_HARDWARE_CONCURRENCY = navigator.hardwareConcurrency;
// =============================================================================================
// =============================================================================================
async function testHWConcurrency(result, expectedResults, extraData) {
let testDesc = extraData.testDesc;
is(
result.hardwareConcurrency,
expectedResults.hardwareConcurrency,
`Checking ${testDesc} navigator.hardwareConcurrency.`
);
}
// The following are convenience objects that allow you to quickly see what is
// and is not modified from a logical set of values.
// Be sure to always use `let expectedResults = structuredClone(allNotSpoofed)` to do a
// deep copy and avoiding corrupting the original 'const' object
const allNotSpoofed = {
hardwareConcurrency: DEFAULT_HARDWARE_CONCURRENCY,
};
const allSpoofed = {
hardwareConcurrency: SPOOFED_HW_CONCURRENCY,
};
const uri = `https://${FRAMER_DOMAIN}/browser/browser/components/resistfingerprinting/test/browser/file_hwconcurrency_iframer.html?mode=popup`;
requestLongerTimeout(2);
let expectedResults = {};
expectedResults = structuredClone(allNotSpoofed);
add_task(defaultsTest.bind(null, uri, testHWConcurrency, expectedResults));
expectedResults = structuredClone(allSpoofed);
add_task(simpleRFPTest.bind(null, uri, testHWConcurrency, expectedResults));
// (A) RFP is exempted on the maker and popup
expectedResults = structuredClone(allNotSpoofed);
add_task(testA.bind(null, uri, testHWConcurrency, expectedResults));
// (C) RFP is exempted on the maker but not the popup
expectedResults = structuredClone(allSpoofed);
add_task(testC.bind(null, uri, testHWConcurrency, expectedResults));
// (E) RFP is not exempted on the maker nor the popup
expectedResults = structuredClone(allSpoofed);
add_task(testE.bind(null, uri, testHWConcurrency, expectedResults));
// (G) RFP is not exempted on the maker but is on the popup
expectedResults = structuredClone(allSpoofed);
add_task(testG.bind(null, uri, testHWConcurrency, expectedResults));

62
browser/components/resistfingerprinting/test/browser/browser_hwconcurrency_popups_aboutblank.js
View File

@ -1,62 +0,0 @@
/**
* This test only tests values in an about:blank document that opened in a popup
* Because there is no interaction with a third party domain, there's a lot fewer tests
*
* Covers the following cases:
* - RFP is disabled entirely
* - RFP is enabled entirely
*
* - (A) RFP is exempted on the popup maker
* - (E) RFP is not exempted on the popup maker
*
*/
"use strict";
const SPOOFED_HW_CONCURRENCY = 2;
const DEFAULT_HARDWARE_CONCURRENCY = navigator.hardwareConcurrency;
// =============================================================================================
// =============================================================================================
async function testHWConcurrency(result, expectedResults, extraData) {
let testDesc = extraData.testDesc;
is(
result.hardwareConcurrency,
expectedResults.hardwareConcurrency,
`Checking ${testDesc} navigator.hardwareConcurrency.`
);
}
// The following are convenience objects that allow you to quickly see what is
// and is not modified from a logical set of values.
// Be sure to always use `let expectedResults = structuredClone(allNotSpoofed)` to do a
// deep copy and avoiding corrupting the original 'const' object
const allNotSpoofed = {
hardwareConcurrency: DEFAULT_HARDWARE_CONCURRENCY,
};
const allSpoofed = {
hardwareConcurrency: SPOOFED_HW_CONCURRENCY,
};
const uri = `https://${FRAMER_DOMAIN}/browser/browser/components/resistfingerprinting/test/browser/file_hwconcurrency_aboutblank_popupmaker.html`;
requestLongerTimeout(2);
let expectedResults = {};
expectedResults = structuredClone(allNotSpoofed);
add_task(defaultsTest.bind(null, uri, testHWConcurrency, expectedResults));
expectedResults = structuredClone(allSpoofed);
add_task(simpleRFPTest.bind(null, uri, testHWConcurrency, expectedResults));
// (A) RFP is exempted on the popup maker
expectedResults = structuredClone(allNotSpoofed);
add_task(testA.bind(null, uri, testHWConcurrency, expectedResults));
// (E) RFP is not exempted on the popup maker
expectedResults = structuredClone(allSpoofed);
add_task(testE.bind(null, uri, testHWConcurrency, expectedResults));

62
browser/components/resistfingerprinting/test/browser/browser_hwconcurrency_popups_blob.js
View File

@ -1,62 +0,0 @@
/**
* This test only tests values in a blob document that is opened in a popup
* Because there is no interaction with a third party domain, there's a lot fewer tests
*
* Covers the following cases:
* - RFP is disabled entirely
* - RFP is enabled entirely
*
* - (A) RFP is exempted on the popup maker
* - (E) RFP is not exempted on the popup maker
*
*/
"use strict";
const SPOOFED_HW_CONCURRENCY = 2;
const DEFAULT_HARDWARE_CONCURRENCY = navigator.hardwareConcurrency;
// =============================================================================================
// =============================================================================================
async function testHWConcurrency(result, expectedResults, extraData) {
let testDesc = extraData.testDesc;
is(
result.hardwareConcurrency,
expectedResults.hardwareConcurrency,
`Checking ${testDesc} navigator.hardwareConcurrency.`
);
}
// The following are convenience objects that allow you to quickly see what is
// and is not modified from a logical set of values.
// Be sure to always use `let expectedResults = structuredClone(allNotSpoofed)` to do a
// deep copy and avoiding corrupting the original 'const' object
const allNotSpoofed = {
hardwareConcurrency: DEFAULT_HARDWARE_CONCURRENCY,
};
const allSpoofed = {
hardwareConcurrency: SPOOFED_HW_CONCURRENCY,
};
const uri = `https://${FRAMER_DOMAIN}/browser/browser/components/resistfingerprinting/test/browser/file_hwconcurrency_blob_popupmaker.html`;
requestLongerTimeout(2);
let expectedResults = {};
expectedResults = structuredClone(allNotSpoofed);
add_task(defaultsTest.bind(null, uri, testHWConcurrency, expectedResults));
expectedResults = structuredClone(allSpoofed);
add_task(simpleRFPTest.bind(null, uri, testHWConcurrency, expectedResults));
// (A) RFP is exempted on the popup maker
expectedResults = structuredClone(allNotSpoofed);
add_task(testA.bind(null, uri, testHWConcurrency, expectedResults));
// (E) RFP is not exempted on the popup maker
expectedResults = structuredClone(allSpoofed);
add_task(testE.bind(null, uri, testHWConcurrency, expectedResults));

74
browser/components/resistfingerprinting/test/browser/browser_hwconcurrency_popups_blob_noopener.js
View File

@ -1,74 +0,0 @@
/**
* This test only tests values in a blob document that is opened in a popup
* Because there is no interaction with a third party domain, there's a lot fewer tests
*
* Covers the following cases:
* - RFP is disabled entirely
* - RFP is enabled entirely
*
* - (A) RFP is exempted on the popup maker
* - (E) RFP is not exempted on the popup maker
*
*/
"use strict";
const SPOOFED_HW_CONCURRENCY = 2;
const DEFAULT_HARDWARE_CONCURRENCY = navigator.hardwareConcurrency;
// =============================================================================================
// =============================================================================================
async function testHWConcurrency(result, expectedResults, extraData) {
let testDesc = extraData.testDesc;
is(
result.hardwareConcurrency,
expectedResults.hardwareConcurrency,
`Checking ${testDesc} navigator.hardwareConcurrency.`
);
}
// The following are convenience objects that allow you to quickly see what is
// and is not modified from a logical set of values.
// Be sure to always use `let expectedResults = structuredClone(allNotSpoofed)` to do a
// deep copy and avoiding corrupting the original 'const' object
const allNotSpoofed = {
hardwareConcurrency: DEFAULT_HARDWARE_CONCURRENCY,
};
const allSpoofed = {
hardwareConcurrency: SPOOFED_HW_CONCURRENCY,
};
const uri = `https://${FRAMER_DOMAIN}/browser/browser/components/resistfingerprinting/test/browser/file_hwconcurrency_blob_popupmaker.html?submode=noopener`;
const await_uri = loadedURL => loadedURL.startsWith("blob:");
requestLongerTimeout(2);
let extraData = {
noopener: true,
await_uri,
};
let expectedResults = {};
expectedResults = structuredClone(allNotSpoofed);
add_task(
defaultsTest.bind(null, uri, testHWConcurrency, expectedResults, extraData)
);
expectedResults = structuredClone(allSpoofed);
add_task(
simpleRFPTest.bind(null, uri, testHWConcurrency, expectedResults, extraData)
);
// (A) RFP is exempted on the popup maker
// Ordinarily, RFP would be exempted, however because the opener relationship is severed
// there is nothing to grant it an exemption, so it is not exempted.
expectedResults = structuredClone(allSpoofed);
add_task(testA.bind(null, uri, testHWConcurrency, expectedResults, extraData));
// (E) RFP is not exempted on the popup maker
expectedResults = structuredClone(allSpoofed);
add_task(testE.bind(null, uri, testHWConcurrency, expectedResults, extraData));

62
browser/components/resistfingerprinting/test/browser/browser_hwconcurrency_popups_data.js
View File

@ -1,62 +0,0 @@
/**
* This test only tests values in a data document that is opened in a popup
* Because there is no interaction with a third party domain, there's a lot fewer tests
*
* Covers the following cases:
* - RFP is disabled entirely
* - RFP is enabled entirely
*
* - (A) RFP is exempted on the popup maker
* - (E) RFP is not exempted on the popup maker
*
*/
"use strict";
const SPOOFED_HW_CONCURRENCY = 2;
const DEFAULT_HARDWARE_CONCURRENCY = navigator.hardwareConcurrency;
// =============================================================================================
// =============================================================================================
async function testHWConcurrency(result, expectedResults, extraData) {
let testDesc = extraData.testDesc;
is(
result.hardwareConcurrency,
expectedResults.hardwareConcurrency,
`Checking ${testDesc} navigator.hardwareConcurrency.`
);
}
// The following are convenience objects that allow you to quickly see what is
// and is not modified from a logical set of values.
// Be sure to always use `let expectedResults = structuredClone(allNotSpoofed)` to do a
// deep copy and avoiding corrupting the original 'const' object
const allNotSpoofed = {
hardwareConcurrency: DEFAULT_HARDWARE_CONCURRENCY,
};
const allSpoofed = {
hardwareConcurrency: SPOOFED_HW_CONCURRENCY,
};
const uri = `https://${FRAMER_DOMAIN}/browser/browser/components/resistfingerprinting/test/browser/file_hwconcurrency_data_popupmaker.html`;
requestLongerTimeout(2);
let expectedResults = {};
expectedResults = structuredClone(allNotSpoofed);
add_task(defaultsTest.bind(null, uri, testHWConcurrency, expectedResults));
expectedResults = structuredClone(allSpoofed);
add_task(simpleRFPTest.bind(null, uri, testHWConcurrency, expectedResults));
// (A) RFP is exempted on the popup maker
expectedResults = structuredClone(allNotSpoofed);
add_task(testA.bind(null, uri, testHWConcurrency, expectedResults));
// (E) RFP is not exempted on the popup maker
expectedResults = structuredClone(allSpoofed);
add_task(testE.bind(null, uri, testHWConcurrency, expectedResults));

74
browser/components/resistfingerprinting/test/browser/browser_hwconcurrency_popups_data_noopener.js
View File

@ -1,74 +0,0 @@
/**
* This test only tests values in a data document that is opened in a popup with noopener
* Because there is no interaction with a third party domain, there's a lot fewer tests
*
* Covers the following cases:
* - RFP is disabled entirely
* - RFP is enabled entirely
*
* - (A) RFP is exempted on the popup maker
* - (E) RFP is not exempted on the popup maker
*
*/
"use strict";
const SPOOFED_HW_CONCURRENCY = 2;
const DEFAULT_HARDWARE_CONCURRENCY = navigator.hardwareConcurrency;
// =============================================================================================
// =============================================================================================
async function testHWConcurrency(result, expectedResults, extraData) {
let testDesc = extraData.testDesc;
is(
result.hardwareConcurrency,
expectedResults.hardwareConcurrency,
`Checking ${testDesc} navigator.hardwareConcurrency.`
);
}
// The following are convenience objects that allow you to quickly see what is
// and is not modified from a logical set of values.
// Be sure to always use `let expectedResults = structuredClone(allNotSpoofed)` to do a
// deep copy and avoiding corrupting the original 'const' object
const allNotSpoofed = {
hardwareConcurrency: DEFAULT_HARDWARE_CONCURRENCY,
};
const allSpoofed = {
hardwareConcurrency: SPOOFED_HW_CONCURRENCY,
};
const uri = `https://${FRAMER_DOMAIN}/browser/browser/components/resistfingerprinting/test/browser/file_hwconcurrency_data_popupmaker.html?submode=noopener`;
const await_uri = loadedURL => loadedURL.startsWith("data:");
requestLongerTimeout(2);
let extraData = {
noopener: true,
await_uri,
};
let expectedResults = {};
expectedResults = structuredClone(allNotSpoofed);
add_task(
defaultsTest.bind(null, uri, testHWConcurrency, expectedResults, extraData)
);
expectedResults = structuredClone(allSpoofed);
add_task(
simpleRFPTest.bind(null, uri, testHWConcurrency, expectedResults, extraData)
);
// (A) RFP is exempted on the popup maker
// Ordinarily, RFP would be exempted, however because the opener relationship is severed
// there is nothing to grant it an exemption, so it is not exempted.
expectedResults = structuredClone(allSpoofed);
add_task(testA.bind(null, uri, testHWConcurrency, expectedResults, extraData));
// (E) RFP is not exempted on the popup maker
expectedResults = structuredClone(allSpoofed);
add_task(testE.bind(null, uri, testHWConcurrency, expectedResults, extraData));

83
browser/components/resistfingerprinting/test/browser/browser_hwconcurrency_popups_noopener.js
View File

@ -1,83 +0,0 @@
/**
* This test tests values in a popup that is opened with noopener, it does not test them on the page that made the popup
*
* Covers the following cases:
* - RFP is disabled entirely
* - RFP is enabled entirely
*
* - (A) RFP is exempted on the maker and popup
* - (C) RFP is exempted on the maker but not the popup
* - (E) RFP is not exempted on the maker nor the popup
* - (G) RFP is not exempted on the maker but is on the popup
*
*/
"use strict";
const SPOOFED_HW_CONCURRENCY = 2;
const DEFAULT_HARDWARE_CONCURRENCY = navigator.hardwareConcurrency;
// =============================================================================================
// =============================================================================================
async function testHWConcurrency(result, expectedResults, extraData) {
let testDesc = extraData.testDesc;
is(
result.hardwareConcurrency,
expectedResults.hardwareConcurrency,
`Checking ${testDesc} navigator.hardwareConcurrency.`
);
}
// The following are convenience objects that allow you to quickly see what is
// and is not modified from a logical set of values.
// Be sure to always use `let expectedResults = structuredClone(allNotSpoofed)` to do a
// deep copy and avoiding corrupting the original 'const' object
const allNotSpoofed = {
hardwareConcurrency: DEFAULT_HARDWARE_CONCURRENCY,
};
const allSpoofed = {
hardwareConcurrency: SPOOFED_HW_CONCURRENCY,
};
const uri = `https://${FRAMER_DOMAIN}/browser/browser/components/resistfingerprinting/test/browser/file_hwconcurrency_iframer.html?mode=popup&submode=noopener`;
const await_uri = `https://${IFRAME_DOMAIN}/browser/browser/components/resistfingerprinting/test/browser/file_hwconcurrency_iframee.html?mode=popup`;
requestLongerTimeout(2);
let extraData = {
noopener: true,
await_uri,
};
let expectedResults = {};
expectedResults = structuredClone(allNotSpoofed);
add_task(
defaultsTest.bind(null, uri, testHWConcurrency, expectedResults, extraData)
);
expectedResults = structuredClone(allSpoofed);
add_task(
simpleRFPTest.bind(null, uri, testHWConcurrency, expectedResults, extraData)
);
// (A) RFP is exempted on the maker and popup
expectedResults = structuredClone(allNotSpoofed);
add_task(testA.bind(null, uri, testHWConcurrency, expectedResults, extraData));
// (C) RFP is exempted on the maker but not the popup
expectedResults = structuredClone(allSpoofed);
add_task(testC.bind(null, uri, testHWConcurrency, expectedResults, extraData));
// (E) RFP is not exempted on the maker nor the popup
expectedResults = structuredClone(allSpoofed);
add_task(testE.bind(null, uri, testHWConcurrency, expectedResults, extraData));
// (G) RFP is not exempted on the maker but is on the popup
// Ordinarily, RFP would not be exempted, however because the opener relationship is severed
// it is safe to exempt the popup
expectedResults = structuredClone(allNotSpoofed);
add_task(testG.bind(null, uri, testHWConcurrency, expectedResults, extraData));

42
browser/components/resistfingerprinting/test/browser/file_hwconcurrency_aboutblank_popupmaker.html
View File

@ -1,42 +0,0 @@
<!DOCTYPE html>
<meta charset="utf8">
<script src="shared_test_funcs.js"></script>
<script>
var popup;
window.addEventListener("load", async function listener(event) {
let s = `
window.addEventListener('message', async function listener(event) {
if (event.data[0] == 'popup_is_ready') {
window.opener.postMessage(["popup_ready"], "*");
} else if (event.data[0] == 'popup_request') {
let result = {
hardwareConcurrency : navigator.hardwareConcurrency
};
window.opener.postMessage(['popup_response', result], '*');
}
});`;
popup = window.open("about:blank", "");
popup.eval(s);
});
async function runTheTest(iframe_domain, cross_origin_domain, mode) {
popup.postMessage(["popup_is_ready", cross_origin_domain], "*");
await waitForMessage("popup_ready", `*`);
const promiseForRFPTest = new Promise(resolve => {
window.addEventListener("message", event => {
resolve(event.data[1]);
}, { once: true });
});
popup.postMessage(["popup_request", cross_origin_domain], "*");
var result = await promiseForRFPTest;
popup.close();
return result;
}
</script>
<output id="result"></output>

57
browser/components/resistfingerprinting/test/browser/file_hwconcurrency_blob_popupmaker.html
View File

@ -1,57 +0,0 @@
<!DOCTYPE html>
<meta charset="utf8">
<script src="shared_test_funcs.js"></script>
<script type="text/javascript">
var popup;
async function runTheTest(iframe_domain, cross_origin_domain, mode) {
let s = `<html><script>
function give_result() {
return {
hardwareConcurrency : navigator.hardwareConcurrency
};
}
window.addEventListener('load', async function listener(event) {
window.opener.postMessage(["popup_ready"], "*");
});
window.addEventListener('message', async function listener(event) {
if (event.data[0] == 'popup_request') {
let result = give_result();
window.opener.postMessage(['popup_response', result], '*');
}
});`;
// eslint-disable-next-line
s += `</` + `script></html>`;
let params = new URLSearchParams(document.location.search);
let options = "";
if (params.get("submode") == "noopener") {
options = "noopener";
}
let b = new Blob([s], { type: "text/html" });
let url = URL.createObjectURL(b);
popup = window.open(url, "", options);
if (params.get("submode") == "noopener") {
return {};
}
await waitForMessage("popup_ready", `*`);
const promiseForRFPTest = new Promise(resolve => {
window.addEventListener("message", event => {
resolve(event.data[1]);
}, { once: true });
});
popup.postMessage(["popup_request", cross_origin_domain], "*");
var result = await promiseForRFPTest;
popup.close();
return result;
}
</script>
<body>
<output id="result"></output>
</body>

58
browser/components/resistfingerprinting/test/browser/file_hwconcurrency_data_popupmaker.html
View File

@ -1,58 +0,0 @@
<!DOCTYPE html>
<meta charset="utf8">
<script src="shared_test_funcs.js"></script>
<script type="text/javascript">
var popup;
async function runTheTest(iframe_domain, cross_origin_domain, mode) {
let s = `<!DOCTYPE html><html><script>
function give_result() {
return {
hardwareConcurrency : navigator.hardwareConcurrency
};
}
window.addEventListener('load', async function listener(event) {
window.opener.postMessage(["popup_ready"], "*");
});
window.addEventListener('message', async function listener(event) {
if (event.data[0] == 'popup_is_ready') {
window.opener.postMessage(["popup_ready"], "*");
} else if (event.data[0] == 'popup_request') {
let result = give_result();
window.opener.postMessage(['popup_response', result], '*');
}
});`;
// eslint-disable-next-line
s += `</` + `script></html>`;
let params = new URLSearchParams(document.location.search);
let options = "";
if (params.get("submode") == "noopener") {
options = "noopener";
}
let url = "data:text/html;charset=utf-8," + s;
popup = window.open(url, "", options);
if (params.get("submode") == "noopener") {
return {};
}
await waitForMessage("popup_ready", `*`);
const promiseForRFPTest = new Promise(resolve => {
window.addEventListener("message", event => {
resolve(event.data[1]);
}, { once: true });
});
popup.postMessage(["popup_request", cross_origin_domain], "*");
var result = await promiseForRFPTest;
popup.close();
return result;
}
</script>
<body>
<output id="result"></output>
</body>

22
browser/components/resistfingerprinting/test/browser/file_hwconcurrency_iframee.html
View File

@ -1,29 +1,17 @@
<!DOCTYPE html>
<meta charset="utf8">
<script>
var parent_window;
let params = new URLSearchParams(document.location.search);
if (params.get("mode") == "popup") {
parent_window = window.opener;
} else {
parent_window = window.parent;
}
window.onload = async () => {
parent_window.postMessage("ready", "*");
parent.postMessage("ready", "*");
}
window.addEventListener("message", async function listener(event) {
if (event.data[0] == "gimme") {
let result = give_result();
parent_window.postMessage(result, "*")
}
});
function give_result() {
return {
let result = {
hardwareConcurrency : navigator.hardwareConcurrency
};
}
parent.postMessage(result, "*")
}
});
</script>
<output id="result"></output>

32
browser/components/resistfingerprinting/test/browser/file_hwconcurrency_iframer.html
View File

@ -5,29 +5,9 @@
<title></title>
<script src="shared_test_funcs.js"></script>
<script>
async function runTheTest(iframe_domain, cross_origin_domain, mode) {
var child_reference;
let url = `https://${iframe_domain}/browser/browser/components/resistfingerprinting/test/browser/file_hwconcurrency_iframee.html?mode=`
let params = new URLSearchParams(document.location.search);
if (params.get("mode") == 'iframe') {
const iframes = document.querySelectorAll("iframe");
iframes[0].src = url + 'iframe';
child_reference = iframes[0].contentWindow;
} else if (params.get("mode") == "popup") {
let options = "";
if (params.get("submode") == "noopener") {
options = "noopener";
}
const popup = window.open(url + 'popup', '', options);
if (params.get("submode") == "noopener") {
return {};
}
child_reference = popup;
} else {
throw new Error("Unknown page mode specified");
}
async function runTheTest(iframe_domain, cross_origin_domain) {
const iframes = document.querySelectorAll("iframe");
iframes[0].src = `https://${iframe_domain}/browser/browser/components/resistfingerprinting/test/browser/file_hwconcurrency_iframee.html`;
await waitForMessage("ready", `https://${iframe_domain}`);
const promiseForRFPTest = new Promise(resolve => {
@ -38,13 +18,9 @@ async function runTheTest(iframe_domain, cross_origin_domain, mode) {
resolve(event.data);
}, { once: true });
});
child_reference.postMessage(["gimme", cross_origin_domain], "*");
iframes[0].contentWindow.postMessage(["gimme", cross_origin_domain], "*");
var result = await promiseForRFPTest;
if (params.get("mode") == "popup") {
child_reference.close();
}
return result;
}
</script>

40
browser/components/resistfingerprinting/test/browser/head.js
View File

@ -650,32 +650,9 @@ async function runActualTest(uri, testFunction, expectedResults, extraData) {
url: uri,
},
async function (browser) {
/*
* We expect that `runTheTest` is going to be able to communicate with the iframe
* or tab that it opens, but if it cannot (because we are using noopener), we kind
* of hack around and get the data directly.
*/
if ("noopener" in extraData) {
var tabPromise = BrowserTestUtils.waitForNewTab(
gBrowser,
extraData.await_uri
);
}
// In SpecialPowers.spawn, extraData goes through a structuredClone, which cannot clone
// functions. await_uri is sometimes a function. This filters out keys that are used by
// this function (runActualTest) and not by runTheTest or testFunction. It avoids the
// cloning issue, and avoids polluting the object in those called functions.
let filterExtraData = function (x) {
let banned_keys = ["noopener", "await_uri"];
return Object.fromEntries(
Object.entries(x).filter(([k, v]) => !banned_keys.includes(k))
);
};
let result = await SpecialPowers.spawn(
browser,
[IFRAME_DOMAIN, CROSS_ORIGIN_DOMAIN, filterExtraData(extraData)],
[IFRAME_DOMAIN, CROSS_ORIGIN_DOMAIN, extraData],
async function (iframe_domain_, cross_origin_domain_, extraData_) {
return content.wrappedJSObject.runTheTest(
iframe_domain_,
@ -685,21 +662,6 @@ async function runActualTest(uri, testFunction, expectedResults, extraData) {
}
);
if ("noopener" in extraData) {
await tabPromise;
let second_tabs_browser = gBrowser.tabs[gBrowser.tabs.length - 1];
result = await SpecialPowers.spawn(
second_tabs_browser.linkedBrowser,
[],
async function () {
let r = content.wrappedJSObject.give_result();
return r;
}
);
BrowserTestUtils.removeTab(second_tabs_browser);
}
testFunction(result, expectedResults, extraData);
}
);

19
caps/BasePrincipal.cpp
View File

@ -1107,25 +1107,6 @@ BasePrincipal::IsURIInList(const nsACString& aList, bool* aResult) {
return NS_OK;
}
NS_IMETHODIMP
BasePrincipal::IsContentAccessibleAboutURI(bool* aResult) {
*aResult = false;
if (NS_FAILED(SchemeIs("about", aResult)) || !aResult) {
return NS_OK;
}
nsCOMPtr<nsIURI> prinURI;
nsresult rv = GetURI(getter_AddRefs(prinURI));
if (NS_FAILED(rv) || !prinURI) {
return NS_OK;
}
*aResult = NS_IsContentAccessibleAboutURI(prinURI);
return NS_OK;
}
NS_IMETHODIMP
BasePrincipal::GetIsOriginPotentiallyTrustworthy(bool* aResult) {
AssertIsOnMainThread();

1
caps/BasePrincipal.h
View File

@ -137,7 +137,6 @@ class BasePrincipal : public nsJSPrincipals {
NS_IMETHOD SchemeIs(const char* aScheme, bool* aResult) override;
NS_IMETHOD IsURIInPrefList(const char* aPref, bool* aResult) override;
NS_IMETHOD IsURIInList(const nsACString& aList, bool* aResult) override;
NS_IMETHOD IsContentAccessibleAboutURI(bool* aResult) override;
NS_IMETHOD IsL10nAllowed(nsIURI* aURI, bool* aResult) override;
NS_IMETHOD GetAboutModuleFlags(uint32_t* flags) override;
NS_IMETHOD GetIsAddonOrExpandedAddonPrincipal(bool* aResult) override;

8
caps/nsIPrincipal.idl
View File

@ -394,14 +394,6 @@ interface nsIPrincipal : nsISupports
[infallible]
boolean isURIInList(in ACString list);
/**
* Check if the Principal's URI is a content-accessible about: page
*
* May be called from any thread.
*/
[infallible]
boolean isContentAccessibleAboutURI();
/**
* Uses NS_Security Compare to determine if the
* other URI is same-origin as the uri of the Principal

31
dom/base/Document.cpp
View File

@ -16164,26 +16164,17 @@ void Document::SendPageUseCounters() {
bool Document::RecomputeResistFingerprinting() {
const bool previous = mShouldResistFingerprinting;
RefPtr<BrowsingContext> opener =
GetBrowsingContext() ? GetBrowsingContext()->GetOpener() : nullptr;
// If we have a parent or opener document, defer to it only when we have a
// null principal (e.g. a sandboxed iframe or a data: uri) or when the
// document's principal matches. This means we will defer about:blank,
// about:srcdoc, blob and same-origin iframes/popups to the parent/opener,
// but not cross-origin ones. Cross-origin iframes/popups may inherit a
// CookieJarSettings.mShouldRFP = false bit however, which will be respected.
auto shouldInheritFrom = [this](Document* aDoc) {
return aDoc && (this->NodePrincipal()->Equals(aDoc->NodePrincipal()) ||
this->NodePrincipal()->GetIsNullPrincipal());
};
if (shouldInheritFrom(mParentDocument)) {
mShouldResistFingerprinting = mParentDocument->ShouldResistFingerprinting(
RFPTarget::IsAlwaysEnabledForPrecompute);
} else if (opener && shouldInheritFrom(opener->GetDocument())) {
mShouldResistFingerprinting =
opener->GetDocument()->ShouldResistFingerprinting(
RFPTarget::IsAlwaysEnabledForPrecompute);
if (mParentDocument &&
(NodePrincipal()->Equals(mParentDocument->NodePrincipal()) ||
NodePrincipal()->GetIsNullPrincipal())) {
// If we have a parent document, defer to it only when we have a null
// principal (e.g. a sandboxed iframe or a data: uri) or when the parent
// document's principal matches. This means we will defer about:blank,
// about:srcdoc, blob and same-origin iframes to the parent, but not
// cross-origin iframes.
mShouldResistFingerprinting = !nsContentUtils::IsChromeDoc(this) &&
mParentDocument->ShouldResistFingerprinting(
RFPTarget::IsAlwaysEnabledForPrecompute);
} else {
mShouldResistFingerprinting =
!nsContentUtils::IsChromeDoc(this) &&

42
dom/base/nsContentUtils.cpp
View File

@ -2166,7 +2166,6 @@ bool nsContentUtils::ShouldResistFingerprinting(nsIGlobalObject* aGlobalObject,
}
// Newer Should RFP Functions ----------------------------------
// Utilities ---------------------------------------------------
inline void LogDomainAndPrefList(const char* exemptedDomainsPrefName,
nsAutoCString& url, bool isExemptDomain) {
@ -2201,29 +2200,9 @@ inline bool CookieJarSettingsSaysShouldResistFingerprinting(
return cookieJarSettings->GetShouldResistFingerprinting();
}
inline bool SchemeSaysShouldNotResistFingerprinting(nsIURI* aURI) {
return aURI->SchemeIs("chrome") || aURI->SchemeIs("resource") ||
aURI->SchemeIs("view-source") || aURI->SchemeIs("moz-extension") ||
(aURI->SchemeIs("about") && !NS_IsContentAccessibleAboutURI(aURI));
}
inline bool SchemeSaysShouldNotResistFingerprinting(nsIPrincipal* aPrincipal) {
if (aPrincipal->SchemeIs("chrome") || aPrincipal->SchemeIs("resource") ||
aPrincipal->SchemeIs("view-source") ||
aPrincipal->SchemeIs("moz-extension")) {
return true;
}
bool isSpecialAboutURI;
Unused << aPrincipal->IsContentAccessibleAboutURI(&isSpecialAboutURI);
return isSpecialAboutURI;
}
const char* kExemptedDomainsPrefName =
"privacy.resistFingerprinting.exemptedDomains";
// Functions ---------------------------------------------------
/* static */
bool nsContentUtils::ShouldResistFingerprinting(const char* aJustification,
RFPTarget aTarget) {
@ -2361,7 +2340,9 @@ bool nsContentUtils::ShouldResistFingerprinting_dangerous(
}
// Exclude internal schemes and web extensions
if (SchemeSaysShouldNotResistFingerprinting(aURI)) {
if (aURI->SchemeIs("about") || aURI->SchemeIs("chrome") ||
aURI->SchemeIs("resource") || aURI->SchemeIs("view-source") ||
aURI->SchemeIs("moz-extension")) {
return false;
}
@ -2442,8 +2423,9 @@ bool nsContentUtils::ShouldResistFingerprinting_dangerous(
}
}
// Exclude internal schemes and web extensions
if (SchemeSaysShouldNotResistFingerprinting(aPrincipal)) {
// Exclude internal schemes
if (aPrincipal->SchemeIs("about") || aPrincipal->SchemeIs("chrome") ||
aPrincipal->SchemeIs("resource") || aPrincipal->SchemeIs("view-source")) {
return false;
}
@ -2471,18 +2453,18 @@ bool nsContentUtils::ShouldResistFingerprinting_dangerous(
// So perform this last-ditch check for that scenario.
// We arbitrarily use https as the scheme, but it doesn't matter.
nsCOMPtr<nsIURI> uri;
nsresult rv;
if (isExemptDomain && StaticPrefs::privacy_firstparty_isolate() &&
!originAttributes.mFirstPartyDomain.IsEmpty()) {
nsresult rv =
NS_NewURI(getter_AddRefs(uri),
u"https://"_ns + originAttributes.mFirstPartyDomain);
rv = NS_NewURI(getter_AddRefs(uri),
u"https://"_ns + originAttributes.mFirstPartyDomain);
if (!NS_FAILED(rv)) {
isExemptDomain =
nsContentUtils::IsURIInPrefList(uri, kExemptedDomainsPrefName);
}
} else if (isExemptDomain && !originAttributes.mPartitionKey.IsEmpty()) {
nsresult rv = NS_NewURI(getter_AddRefs(uri),
u"https://"_ns + originAttributes.mPartitionKey);
rv = NS_NewURI(getter_AddRefs(uri),
u"https://"_ns + originAttributes.mPartitionKey);
if (!NS_FAILED(rv)) {
isExemptDomain =
nsContentUtils::IsURIInPrefList(uri, kExemptedDomainsPrefName);
@ -2492,8 +2474,6 @@ bool nsContentUtils::ShouldResistFingerprinting_dangerous(
return !isExemptDomain;
}
// --------------------------------------------------------------------
/* static */
void nsContentUtils::CalcRoundedWindowSizeForResistingFingerprinting(
int32_t aChromeWidth, int32_t aChromeHeight, int32_t aScreenWidth,

20
netwerk/base/LoadInfo.cpp
View File

@ -421,27 +421,15 @@ LoadInfo::LoadInfo(dom::CanonicalBrowsingContext* aBrowsingContext,
}
#endif
// If we think we should not resist fingerprinting, defer to the opener's
// RFP bit (if there is an opener.) If the opener is also exempted, it stays
// true, otherwise we will put a false into the CJS and that will be respected
// on this document.
// Let's take the current cookie behavior and current cookie permission
// for the documents' loadInfo. Note that for any other loadInfos,
// cookieBehavior will be BEHAVIOR_REJECT for security reasons.
bool isPrivate = mOriginAttributes.mPrivateBrowsingId > 0;
bool shouldResistFingerprinting =
nsContentUtils::ShouldResistFingerprinting_dangerous(
aURI, mOriginAttributes,
"We are creating CookieJarSettings, so we can't have one already.",
RFPTarget::IsAlwaysEnabledForPrecompute);
RefPtr<BrowsingContext> opener = aBrowsingContext->GetOpener();
if (!shouldResistFingerprinting && opener &&
opener->GetCurrentWindowContext()) {
shouldResistFingerprinting =
opener->GetCurrentWindowContext()->ShouldResistFingerprinting();
}
const bool isPrivate = mOriginAttributes.mPrivateBrowsingId > 0;
// Let's take the current cookie behavior and current cookie permission
// for the documents' loadInfo. Note that for any other loadInfos,
// cookieBehavior will be BEHAVIOR_REJECT for security reasons.
mCookieJarSettings = CookieJarSettings::Create(
isPrivate ? CookieJarSettings::ePrivate : CookieJarSettings::eRegular,
shouldResistFingerprinting);

4
toolkit/components/resistfingerprinting/docs/implementation.rst
View File

@ -33,13 +33,13 @@ As you can see in the callgraph below, directly calling a *dangerous* function w
SRFP_channel["ShouldResistFingerprinting(nsIChannel*)"]
click SRFP_channel href "https://searchfox.org/mozilla-central/search?q=symbol:_ZN14nsContentUtils26ShouldResistFingerprintingEP10nsIChannelN7mozilla9RFPTargetE&redirect=false"
SRFP_uri["ShouldResistFingerprinting_dangerous(nsIURI*, OriginAttributes)<br />PBM Check<br />Scheme (inc WebExtension) Check<br />About Page Check<br />URI Exempt Check"]
SRFP_uri["ShouldResistFingerprinting_dangerous(nsIURI*, OriginAttributes)<br />PBM Check<br />Scheme (inc WebExtension) Check<br />URI Exempt Check"]
click SRFP_uri href "https://searchfox.org/mozilla-central/search?q=symbol:_ZN14nsContentUtils36ShouldResistFingerprinting_dangerousEP6nsIURIRKN7mozilla16OriginAttributesEPKcNS2_9RFPTargetE&redirect=false"
SRFP_loadinfo["ShouldResistFingerprinting(nsILoadInfo)<br />CookieJarSettingsSaysShouldResistFingerprinting Check<br />System Principal Check"]
click SRFP_loadinfo href "https://searchfox.org/mozilla-central/search?q=symbol:_ZN14nsContentUtils26ShouldResistFingerprintingEP11nsILoadInfoN7mozilla9RFPTargetE&redirect=false"
SRFP_principal["ShouldResistFingerprinting_dangerous(nsIPrincipal*)<br />System Principal Check<br />PBM Check<br />Scheme Check<br />About Page Check<br />Web Extension Principal Check<br />URI Exempt Check"]
SRFP_principal["ShouldResistFingerprinting_dangerous(nsIPrincipal*)<br />System Principal Check<br />PBM Check<br />Scheme Check<br />Web Extension Principal Check<br />URI Exempt Check"]
click SRFP_principal href "https://searchfox.org/mozilla-central/search?q=symbol:_ZN14nsContentUtils36ShouldResistFingerprinting_dangerousEP12nsIPrincipalPKcN7mozilla9RFPTargetE&redirect=false"