Bug 1848783, part 6 - Revoke has storage access when the permission is revoked - r=anti-tracking-reviewers,timhuang

Differential Revision: https://phabricator.services.mozilla.com/D187287
2024-10-08 19:04:45 +00:00 · 2023-09-19 11:11:19 +00:00 · 2023-09-19 11:11:19 +00:00 · 5a1eb36a94
commit 5a1eb36a94
parent 1551d09f92
7 changed files with 31 additions and 13 deletions
--- a/dom/base/nsGlobalWindowInner.cpp
+++ b/dom/base/nsGlobalWindowInner.cpp
@ -7461,7 +7461,7 @@ void nsGlobalWindowInner::ForgetSharedWorker(SharedWorker* aSharedWorker) {
  mSharedWorkers.RemoveElement(aSharedWorker);
 }

-void nsGlobalWindowInner::StorageAccessPermissionGranted() {
+void nsGlobalWindowInner::StorageAccessPermissionChanged() {
  // Invalidate cached StorageAllowed field so that calls to GetLocalStorage
  // give us the updated localStorage object.
  ClearStorageAllowedCache();
@ -7649,7 +7649,16 @@ void nsPIDOMWindowInner::SaveStorageAccessPermissionGranted() {
    Unused << wc->SetUsingStorageAccess(true);
  }

-  nsGlobalWindowInner::Cast(this)->StorageAccessPermissionGranted();
+  nsGlobalWindowInner::Cast(this)->StorageAccessPermissionChanged();
+}
+
+void nsPIDOMWindowInner::SaveStorageAccessPermissionRevoked() {
+  WindowContext* wc = GetWindowContext();
+  if (wc) {
+    Unused << wc->SetUsingStorageAccess(false);
+  }
+
+  nsGlobalWindowInner::Cast(this)->StorageAccessPermissionChanged();
 }

 bool nsPIDOMWindowInner::UsingStorageAccess() {
--- a/dom/base/nsGlobalWindowInner.h
+++ b/dom/base/nsGlobalWindowInner.h
@ -1097,9 +1097,9 @@ class nsGlobalWindowInner final : public mozilla::dom::EventTarget,
  nsIPrincipal* GetClientPrincipal();

  // This method is called if this window loads a 3rd party tracking resource
-  // and the storage is just been granted. The window can reset the partitioned
+  // and the storage is just been changed. The window can reset the partitioned
  // storage objects and switch to the first party cookie jar.
-  void StorageAccessPermissionGranted();
+  void StorageAccessPermissionChanged();

 protected:
  static void NotifyDOMWindowDestroyed(nsGlobalWindowInner* aWindow);
--- a/dom/base/nsPIDOMWindow.h
+++ b/dom/base/nsPIDOMWindow.h
@ -639,6 +639,7 @@ class nsPIDOMWindowInner : public mozIDOMWindow {
      mozilla::TaskCategory aCategory) const = 0;

  void SaveStorageAccessPermissionGranted();
+  void SaveStorageAccessPermissionRevoked();

  bool UsingStorageAccess();

--- a/dom/ipc/PWindowGlobal.ipdl
+++ b/dom/ipc/PWindowGlobal.ipdl
@ -220,7 +220,7 @@ parent:
                                      CookieStruct[] cookies);

 child:
-  async NotifyPermissionChange(nsCString type);
+  async NotifyPermissionChange(nsCString type, uint32_t permission);
 };

 } // namespace dom
--- a/dom/ipc/WindowGlobalChild.cpp
+++ b/dom/ipc/WindowGlobalChild.cpp
@ -549,8 +549,8 @@ IPCResult WindowGlobalChild::RecvRawMessage(
  return IPC_OK();
 }

-IPCResult WindowGlobalChild::RecvNotifyPermissionChange(
-    const nsCString& aType) {
+IPCResult WindowGlobalChild::RecvNotifyPermissionChange(const nsCString& aType,
+                                                        uint32_t aPermission) {
  nsCOMPtr<nsIObserverService> observerService = services::GetObserverService();
  NS_ENSURE_TRUE(observerService,
                 IPC_FAIL(this, "Failed to get observer service"));
@ -558,6 +558,13 @@ IPCResult WindowGlobalChild::RecvNotifyPermissionChange(
      static_cast<nsPIDOMWindowInner*>(this->GetWindowGlobal());
  observerService->NotifyObservers(notifyTarget, "perm-changed-notify-only",
                                   NS_ConvertUTF8toUTF16(aType).get());
+  // We only need to handle the revoked permission case here. The permission
+  // grant case is handled via the Storage Access API code.
+  if (this->GetWindowGlobal() &&
+      this->GetWindowGlobal()->UsingStorageAccess() &&
+      aPermission != nsIPermissionManager::ALLOW_ACTION) {
+    this->GetWindowGlobal()->SaveStorageAccessPermissionRevoked();
+  }
  return IPC_OK();
 }

--- a/dom/ipc/WindowGlobalChild.h
+++ b/dom/ipc/WindowGlobalChild.h
@ -201,7 +201,8 @@ class WindowGlobalChild final : public WindowGlobalActor,
      dom::SessionStoreRestoreData* aData,
      RestoreTabContentResolver&& aResolve);

-  mozilla::ipc::IPCResult RecvNotifyPermissionChange(const nsCString& aType);
+  mozilla::ipc::IPCResult RecvNotifyPermissionChange(const nsCString& aType,
+                                                     uint32_t aPermission);

  virtual void ActorDestroy(ActorDestroyReason aWhy) override;

--- a/extensions/permissions/PermissionManager.cpp
+++ b/extensions/permissions/PermissionManager.cpp
@ -604,8 +604,8 @@ bool IsPersistentExpire(uint32_t aExpire, const nsACString& aType) {
 }

 nsresult NotifySecondaryKeyPermissionUpdateInContentProcess(
-    const nsACString& aType, const nsACString& aSecondaryKey,
-    nsIPrincipal* aTopPrincipal) {
+    const nsACString& aType, uint32_t aPermission,
+    const nsACString& aSecondaryKey, nsIPrincipal* aTopPrincipal) {
  NS_ENSURE_ARG_POINTER(aTopPrincipal);
  MOZ_ASSERT(XRE_IsParentProcess());
  AutoTArray<RefPtr<BrowsingContextGroup>, 5> bcGroups;
@ -636,7 +636,7 @@ nsresult NotifySecondaryKeyPermissionUpdateInContentProcess(
            if (!wgp) {
              continue;
            }
-            bool success = wgp->SendNotifyPermissionChange(aType);
+            bool success = wgp->SendNotifyPermissionChange(aType, aPermission);
            Unused << NS_WARN_IF(!success);
          }
        }
@ -1833,8 +1833,8 @@ nsresult PermissionManager::AddInternal(
    nsAutoCString secondaryKey;
    isSecondaryKeyed = GetSecondaryKey(aType, secondaryKey);
    if (isSecondaryKeyed) {
-      NotifySecondaryKeyPermissionUpdateInContentProcess(aType, secondaryKey,
-                                                         aPrincipal);
+      NotifySecondaryKeyPermissionUpdateInContentProcess(
+          aType, aPermission, secondaryKey, aPrincipal);
    }

    nsTArray<ContentParent*> cplist;