Bug 1622111 - Convert security.data_uri.unique_opaque_origin to static pref and remove ClientPrefs. r=njn

Converts security.data_uri.unique_opaque_origin to a static pref. This pref was initialized by the ClientManager in ClientPrefs, so this commit also removes those files. Somehow this pref was getting added in VarCache twice, so it also removes the places where the pref was added in Networking.

Differential Revision: https://phabricator.services.mozilla.com/D67185

--HG--
extra : moz-landing-system : lando
This commit is contained in:
Kristen Wright 2020-03-23 16:08:52 +00:00
parent d4f1210e56
commit 5094f72a18
13 changed files with 25 additions and 78 deletions

View File

@ -37,6 +37,7 @@
#include "mozilla/StaticPrefs_dom.h"
#include "mozilla/StaticPrefs_extensions.h"
#include "mozilla/StaticPrefs_privacy.h"
#include "mozilla/StaticPrefs_security.h"
#include "mozilla/StaticPrefs_ui.h"
#include "mozilla/StaticPrefs_fission.h"
#include "mozilla/StartupTimeline.h"
@ -9860,8 +9861,9 @@ nsresult nsDocShell::DoURILoad(nsDocShellLoadState* aLoadState,
true, // aInheritForAboutBlank
isSrcdoc);
bool isURIUniqueOrigin = nsIOService::IsDataURIUniqueOpaqueOrigin() &&
SchemeIsData(aLoadState->URI());
bool isURIUniqueOrigin =
StaticPrefs::security_data_uri_unique_opaque_origin() &&
SchemeIsData(aLoadState->URI());
inheritPrincipal = inheritAttrs && !isURIUniqueOrigin;
}

View File

@ -89,6 +89,7 @@
#include "mozilla/net/UrlClassifierFeatureFactory.h"
#include "mozilla/LoadInfo.h"
#include "mozilla/PresShell.h"
#include "mozilla/StaticPrefs_security.h"
#include "nsChannelClassifier.h"
#include "nsFocusManager.h"
#include "ReferrerInfo.h"
@ -2276,7 +2277,8 @@ nsresult nsObjectLoadingContent::OpenChannel() {
nsILoadInfo::SEC_ALLOW_CROSS_ORIGIN_DATA_IS_NULL;
bool isURIUniqueOrigin =
nsIOService::IsDataURIUniqueOpaqueOrigin() && mURI->SchemeIs("data");
StaticPrefs::security_data_uri_unique_opaque_origin() &&
mURI->SchemeIs("data");
if (inherit && !isURIUniqueOrigin) {
securityFlags |= nsILoadInfo::SEC_FORCE_INHERIT_PRINCIPAL;

View File

@ -9,7 +9,6 @@
#include "ClientHandle.h"
#include "ClientManagerChild.h"
#include "ClientManagerOpChild.h"
#include "ClientPrefs.h"
#include "ClientSource.h"
#include "mozilla/dom/WorkerPrivate.h"
#include "mozilla/ipc/BackgroundChild.h"
@ -248,8 +247,6 @@ void ClientManager::Startup() {
#ifdef MOZ_DIAGNOSTIC_ASSERT_ENABLED
sClientManagerThreadLocalIndexDuplicate = sClientManagerThreadLocalIndex;
#endif
ClientPrefsInit();
}
// static

View File

@ -1,30 +0,0 @@
/* -*- Mode: C++; tab-width: 8; indent-tabs-mode: nil; c-basic-offset: 2 -*- */
/* vim: set ts=8 sts=2 et sw=2 tw=80: */
/* This Source Code Form is subject to the terms of the Mozilla Public
* License, v. 2.0. If a copy of the MPL was not distributed with this
* file, You can obtain one at http://mozilla.org/MPL/2.0/. */
#include "ClientPrefs.h"
#include "mozilla/Preferences.h"
namespace mozilla {
namespace dom {
namespace {
bool gDataURLUniqueOpaqueOrigin = false;
} // anonymous namespace
void ClientPrefsInit() {
Preferences::AddBoolVarCache(&gDataURLUniqueOpaqueOrigin,
"security.data_uri.unique_opaque_origin", false);
}
bool ClientPrefsGetDataURLUniqueOpaqueOrigin() {
return gDataURLUniqueOpaqueOrigin;
}
} // namespace dom
} // namespace mozilla

View File

@ -1,19 +0,0 @@
/* -*- Mode: C++; tab-width: 8; indent-tabs-mode: nil; c-basic-offset: 2 -*- */
/* vim: set ts=8 sts=2 et sw=2 tw=80: */
/* This Source Code Form is subject to the terms of the Mozilla Public
* License, v. 2.0. If a copy of the MPL was not distributed with this
* file, You can obtain one at http://mozilla.org/MPL/2.0/. */
#ifndef _mozilla_dom_ClientPrefs_h
#define _mozilla_dom_ClientPrefs_h
namespace mozilla {
namespace dom {
void ClientPrefsInit();
bool ClientPrefsGetAllowUniqueOpaqueOrigin();
} // namespace dom
} // namespace mozilla
#endif // _mozilla_dom_ClientPrefs_h

View File

@ -6,7 +6,7 @@
#include "ClientValidation.h"
#include "ClientPrefs.h"
#include "mozilla/StaticPrefs_security.h"
#include "mozilla/net/MozURL.h"
namespace mozilla {
@ -111,7 +111,7 @@ bool ClientIsValidCreationURL(const PrincipalInfo& aPrincipalInfo,
// We have some tests that use data: URL windows without an opaque
// origin. This should only happen when a pref is set.
if (!ClientPrefsGetDataURLUniqueOpaqueOrigin() &&
if (!StaticPrefs::security_data_uri_unique_opaque_origin() &&
scheme.LowerCaseEqualsLiteral("data")) {
return true;
}
@ -135,7 +135,7 @@ bool ClientIsValidCreationURL(const PrincipalInfo& aPrincipalInfo,
scheme.LowerCaseEqualsLiteral("javascript") ||
scheme.LowerCaseEqualsLiteral("view-source") ||
(!ClientPrefsGetDataURLUniqueOpaqueOrigin() &&
(!StaticPrefs::security_data_uri_unique_opaque_origin() &&
scheme.LowerCaseEqualsLiteral("data"));
}
case PrincipalInfo::TNullPrincipalInfo: {

View File

@ -36,7 +36,6 @@ UNIFIED_SOURCES += [
'ClientNavigateOpChild.cpp',
'ClientNavigateOpParent.cpp',
'ClientOpenWindowUtils.cpp',
'ClientPrefs.cpp',
'ClientPrincipalUtils.cpp',
'ClientSource.cpp',
'ClientSourceChild.cpp',

View File

@ -159,7 +159,7 @@ nsresult ChannelFromScriptURL(
bool isData = uri->SchemeIs("data");
bool isURIUniqueOrigin =
net::nsIOService::IsDataURIUniqueOpaqueOrigin() && isData;
StaticPrefs::security_data_uri_unique_opaque_origin() && isData;
if (inheritAttrs && !isURIUniqueOrigin) {
secFlags |= nsILoadInfo::SEC_FORCE_INHERIT_PRINCIPAL;
}

View File

@ -7969,6 +7969,16 @@
value: 40
mirror: always
# TODO: Bug 1324406: Treat 'data:' documents as unique, opaque origins
# If true, data: URIs will be treated as unique opaque origins, hence will use
# a NullPrincipal as the security context.
# Otherwise it will inherit the origin from parent node, this is the legacy
# behavior of Firefox.
- name: security.data_uri.unique_opaque_origin
type: RelaxedAtomicBool
value: true
mirror: always
# Allowed by default so it doesn't affect Thunderbird/SeaMonkey, but
# not allowed for Firefox Desktop in firefox.js
- name: security.allow_parent_unrestricted_js_loads

View File

@ -4639,13 +4639,6 @@ pref("dom.maxHardwareConcurrency", 16);
pref("osfile.reset_worker_delay", 30000);
#endif
// TODO: Bug 1324406: Treat 'data:' documents as unique, opaque origins
// If true, data: URIs will be treated as unique opaque origins, hence will use
// a NullPrincipal as the security context.
// Otherwise it will inherit the origin from parent node, this is the legacy
// behavior of Firefox.
pref("security.data_uri.unique_opaque_origin", true);
// If true, all toplevel data: URI navigations will be blocked.
// Please note that manually entering a data: URI in the
// URL-Bar will not be blocked when flipping this pref.

View File

@ -182,7 +182,6 @@ static const char kProfileDoChange[] = "profile-do-change";
uint32_t nsIOService::gDefaultSegmentSize = 4096;
uint32_t nsIOService::gDefaultSegmentCount = 24;
bool nsIOService::sIsDataURIUniqueOpaqueOrigin = false;
bool nsIOService::sBlockToplevelDataUriNavigations = false;
////////////////////////////////////////////////////////////////////////////////
@ -282,8 +281,6 @@ nsresult nsIOService::Init() {
} else
NS_WARNING("failed to get observer service");
Preferences::AddBoolVarCache(&sIsDataURIUniqueOpaqueOrigin,
"security.data_uri.unique_opaque_origin", false);
Preferences::AddBoolVarCache(
&sBlockToplevelDataUriNavigations,
"security.data_uri.block_toplevel_data_uri_navigations", false);
@ -1947,11 +1944,6 @@ nsIOService::SpeculativeAnonymousConnect(nsIURI* aURI, nsIPrincipal* aPrincipal,
return SpeculativeConnectInternal(aURI, aPrincipal, aCallbacks, true);
}
/*static*/
bool nsIOService::IsDataURIUniqueOpaqueOrigin() {
return sIsDataURIUniqueOpaqueOrigin;
}
/*static*/
bool nsIOService::BlockToplevelDataUriNavigations() {
return sBlockToplevelDataUriNavigations;

View File

@ -227,7 +227,6 @@ class nsIOService final : public nsIIOService,
Mutex mMutex;
nsTArray<int32_t> mRestrictedPortList;
static bool sIsDataURIUniqueOpaqueOrigin;
static bool sBlockToplevelDataUriNavigations;
uint32_t mTotalRequests;

View File

@ -37,6 +37,7 @@
#include "nsIViewSourceChannel.h"
#include "nsIOService.h"
#include "mozilla/dom/WindowGlobalParent.h"
#include "mozilla/StaticPrefs_security.h"
mozilla::LazyLogModule gDocumentChannelLog("DocumentChannel");
#define LOG(fmt) MOZ_LOG(gDocumentChannelLog, mozilla::LogLevel::Verbose, fmt)
@ -266,8 +267,9 @@ already_AddRefed<LoadInfo> DocumentLoadListener::CreateLoadInfo(
true, // aInheritForAboutBlank
isSrcdoc);
bool isURIUniqueOrigin = nsIOService::IsDataURIUniqueOpaqueOrigin() &&
SchemeIsData(aLoadState->URI());
bool isURIUniqueOrigin =
StaticPrefs::security_data_uri_unique_opaque_origin() &&
SchemeIsData(aLoadState->URI());
inheritPrincipal = inheritAttrs && !isURIUniqueOrigin;
}