Bug 1469993 - Grant storage access to a 3rd party, tracking resource if a opened document has user-interaction - part 5 - permission removal propagated to content processes, r=nika

2024-11-28 07:13:20 +00:00 · 2018-07-10 10:09:59 +02:00 · 2018-07-10 10:09:59 +02:00 · 390f7af1c7
commit 390f7af1c7
parent 8afcfe8e31
5 changed files with 42 additions and 0 deletions
--- a/dom/ipc/ContentChild.cpp
+++ b/dom/ipc/ContentChild.cpp
@ -2663,6 +2663,20 @@ ContentChild::RecvAddPermission(const IPC::Permission& permission)
  return IPC_OK();
 }

+mozilla::ipc::IPCResult
+ContentChild::RecvRemoveAllPermissions()
+{
+  nsCOMPtr<nsIPermissionManager> permissionManagerIface =
+    services::GetPermissionManager();
+  nsPermissionManager* permissionManager =
+    static_cast<nsPermissionManager*>(permissionManagerIface.get());
+  MOZ_ASSERT(permissionManager,
+         "We have no permissionManager in the Content process !");
+
+  permissionManager->RemoveAllFromIPC();
+  return IPC_OK();
+}
+
 mozilla::ipc::IPCResult
 ContentChild::RecvFlushMemory(const nsString& reason)
 {
--- a/dom/ipc/ContentChild.h
+++ b/dom/ipc/ContentChild.h
@ -411,6 +411,8 @@ public:

  virtual mozilla::ipc::IPCResult RecvAddPermission(const IPC::Permission& permission) override;

+  virtual mozilla::ipc::IPCResult RecvRemoveAllPermissions() override;
+
  virtual mozilla::ipc::IPCResult RecvFlushMemory(const nsString& reason) override;

  virtual mozilla::ipc::IPCResult RecvActivateA11y(const uint32_t& aMainChromeTid,
--- a/dom/ipc/PContent.ipdl
+++ b/dom/ipc/PContent.ipdl
@ -468,6 +468,7 @@ child:

    // nsIPermissionManager messages
    async AddPermission(Permission permission);
+    async RemoveAllPermissions();

    async FlushMemory(nsString reason);

--- a/extensions/cookie/nsPermissionManager.cpp
+++ b/extensions/cookie/nsPermissionManager.cpp
@ -2117,9 +2117,31 @@ nsPermissionManager::CloseDB(bool aRebuildOnSuccess)
  }
 }

+nsresult
+nsPermissionManager::RemoveAllFromIPC()
+{
+  MOZ_ASSERT(IsChildProcess());
+
+  // Remove from memory and notify immediately. Since the in-memory
+  // database is authoritative, we do not need confirmation from the
+  // on-disk database to notify observers.
+  RemoveAllFromMemory();
+
+  return NS_OK;
+}
+
 nsresult
 nsPermissionManager::RemoveAllInternal(bool aNotifyObservers)
 {
+  ENSURE_NOT_CHILD_PROCESS;
+
+  // Let's broadcast the removeAll() to any content process.
+  nsTArray<ContentParent*> parents;
+  ContentParent::GetAll(parents);
+  for (ContentParent* parent : parents) {
+    Unused << parent->SendRemoveAllPermissions();
+  }
+
  // Remove from memory and notify immediately. Since the in-memory
  // database is authoritative, we do not need confirmation from the
  // on-disk database to notify observers.
--- a/extensions/cookie/nsPermissionManager.h
+++ b/extensions/cookie/nsPermissionManager.h
@ -284,6 +284,9 @@ public:
   */
  static nsTArray<nsCString> GetAllKeysForPrincipal(nsIPrincipal* aPrincipal);

+  // From ContentChild.
+  nsresult RemoveAllFromIPC();
+
 private:
  virtual ~nsPermissionManager();