Bug 1509047 - Part 5: Add heuristics to the storage access API for automatically granting temporary session-scoped storage access without displaying a doorhanger prompt r=johannh

Depends on D12865 Differential Revision: https://phabricator.services.mozilla.com/D12866 --HG-- extra : moz-landing-system : lando
2024-10-19 16:25:38 +00:00 · 2018-11-28 22:02:52 +00:00 · 2018-11-28 22:02:52 +00:00 · 5fc8173685
commit 5fc8173685
parent 27fa0d6ad7
4 changed files with 45 additions and 0 deletions
--- a/browser/app/profile/firefox.js
+++ b/browser/app/profile/firefox.js
@ -1532,6 +1532,9 @@ pref("browser.contentblocking.allowlist.storage.enabled", true);
 pref("dom.storage_access.enabled", true);
 #endif

+pref("dom.storage_access.auto_grants", true);
+pref("dom.storage_access.max_concurrent_auto_grants", 5);
+
 // Define a set of default features for the Content Blocking UI.
 pref("browser.contentblocking.trackingprotection.control-center.ui.enabled", true);
 pref("browser.contentblocking.rejecttrackers.control-center.ui.enabled", true);
--- a/browser/modules/PermissionUI.jsm
+++ b/browser/modules/PermissionUI.jsm
@ -68,6 +68,8 @@ ChromeUtils.defineModuleGetter(this, "SitePermissions",
  "resource:///modules/SitePermissions.jsm");
 ChromeUtils.defineModuleGetter(this, "PrivateBrowsingUtils",
  "resource://gre/modules/PrivateBrowsingUtils.jsm");
+ChromeUtils.defineModuleGetter(this, "URICountListener",
+  "resource:///modules/BrowserUsageTelemetry.jsm");

 XPCOMUtils.defineLazyGetter(this, "gBrowserBundle", function() {
  return Services.strings
@ -922,6 +924,11 @@ PermissionUI.AutoplayPermissionPrompt = AutoplayPermissionPrompt;

 function StorageAccessPermissionPrompt(request) {
  this.request = request;
+
+  XPCOMUtils.defineLazyPreferenceGetter(this, "_autoGrants",
+                                        "dom.storage_access.auto_grants");
+  XPCOMUtils.defineLazyPreferenceGetter(this, "_maxConcurrentAutoGrants",
+                                        "dom.storage_access.max_concurrent_auto_grants");
 }

 StorageAccessPermissionPrompt.prototype = {
@ -1012,6 +1019,38 @@ StorageAccessPermissionPrompt.prototype = {
  get topLevelPrincipal() {
    return this.request.topLevelPrincipal;
  },
+
+  get maxConcurrentAutomaticGrants() {
+    // one percent of the number of top-levels origins visited in the current
+    // session (but not to exceed 24 hours), or the value of the
+    // dom.storage_access.max_concurrent_auto_grants preference, whichever is
+    // higher.
+    return Math.max(Math.max(Math.floor(URICountListener.uniqueOriginsVisitedInPast24Hours / 100),
+                             this._maxConcurrentAutoGrants), 0);
+  },
+
+  getOriginsThirdPartyHasAccessTo(thirdPartyOrigin) {
+    let prefix = `3rdPartyStorage^${thirdPartyOrigin}`;
+    let perms = Services.perms.getAllWithTypePrefix(prefix);
+    let origins = new Set();
+    while (perms.length) {
+      let perm = perms.shift();
+      origins.add(perm.principal.origin);
+    }
+    return origins.size;
+  },
+
+  onBeforeShow() {
+    let thirdPartyOrigin = this.request.principal.origin;
+    if (this._autoGrants &&
+        this.getOriginsThirdPartyHasAccessTo(thirdPartyOrigin) <
+          this.maxConcurrentAutomaticGrants) {
+      // Automatically accept the prompt
+      this.allow({"storage-access": "allow-auto-grant"});
+      return false;
+    }
+    return true;
+  },
 };

 PermissionUI.StorageAccessPermissionPrompt = StorageAccessPermissionPrompt;
--- a/browser/modules/test/browser/browser_PermissionUI_prompts.js
+++ b/browser/modules/test/browser/browser_PermissionUI_prompts.js
@ -39,7 +39,9 @@ add_task(async function test_autoplay_permission_prompt() {

 // Tests that AutoplayPermissionPrompt works as expected
 add_task(async function test_storage_access_permission_prompt() {
+  Services.prefs.setBoolPref("dom.storage_access.auto_grants", false);
  await testPrompt(PermissionUI.StorageAccessPermissionPrompt);
+  Services.prefs.clearUserPref("dom.storage_access.auto_grants");
 });

 async function testPrompt(Prompt) {
--- a/toolkit/components/antitracking/test/browser/browser_storageAccessDoorHanger.js
+++ b/toolkit/components/antitracking/test/browser/browser_storageAccessDoorHanger.js
@ -12,6 +12,7 @@ async function testDoorHanger(choice) {
    ["browser.contentblocking.allowlist.annotations.enabled", true],
    ["browser.contentblocking.allowlist.storage.enabled", true],
    [ContentBlocking.prefIntroCount, ContentBlocking.MAX_INTROS],
+    ["dom.storage_access.auto_grants", false],
    ["dom.storage_access.enabled", true],
    ["dom.storage_access.prompt.testing", false],
    ["network.cookie.cookieBehavior", Ci.nsICookieService.BEHAVIOR_REJECT_TRACKER],