diff --git a/browser/base/content/browser.js b/browser/base/content/browser.js index 8a71a31afa93..9b63e050e175 100644 --- a/browser/base/content/browser.js +++ b/browser/base/content/browser.js @@ -1484,6 +1484,8 @@ function _loadURI(browser, uri, params = {}) { params || {}; let loadFlags = params.loadFlags || params.flags || Ci.nsIWebNavigation.LOAD_FLAGS_NONE; + let hasValidUserGestureActivation = + document.hasValidTransientUserGestureActivation; if (!triggeringPrincipal) { throw new Error("Must load with a triggering Principal"); @@ -1525,6 +1527,7 @@ function _loadURI(browser, uri, params = {}) { loadFlags, referrerInfo, postData, + hasValidUserGestureActivation, }; try { if (!mustChangeProcess) { diff --git a/docshell/base/nsDocShell.cpp b/docshell/base/nsDocShell.cpp index 9b42c7b1207e..a58f9e850ed7 100644 --- a/docshell/base/nsDocShell.cpp +++ b/docshell/base/nsDocShell.cpp @@ -3937,6 +3937,9 @@ nsresult nsDocShell::LoadErrorPage(nsIURI* aErrorURI, nsIURI* aFailedURI, loadState->SetLoadType(LOAD_ERROR_PAGE); loadState->SetFirstParty(true); loadState->SetSourceBrowsingContext(mBrowsingContext); + loadState->SetHasValidUserGestureActivation( + mBrowsingContext && + mBrowsingContext->HasValidTransientUserGestureActivation()); return InternalLoad(loadState, nullptr, nullptr); } @@ -4041,6 +4044,9 @@ nsDocShell::Reload(uint32_t aReloadFlags) { loadState->SetSrcdocData(srcdoc); loadState->SetSourceBrowsingContext(mBrowsingContext); loadState->SetBaseURI(baseURI); + loadState->SetHasValidUserGestureActivation( + mBrowsingContext && + mBrowsingContext->HasValidTransientUserGestureActivation()); rv = InternalLoad(loadState, nullptr, nullptr); } @@ -5115,6 +5121,8 @@ nsDocShell::ForceRefreshURI(nsIURI* aURI, nsIPrincipal* aPrincipal, loadState->SetTriggeringPrincipal(principal); if (doc) { loadState->SetCsp(doc->GetCsp()); + loadState->SetHasValidUserGestureActivation( + doc->HasValidTransientUserGestureActivation()); } loadState->SetPrincipalIsExplicit(true); @@ -8273,6 +8281,9 @@ nsresult nsDocShell::PerformRetargeting(nsDocShellLoadState* aLoadState, loadState->SetForceAllowDataURI( aLoadState->HasLoadFlags(INTERNAL_LOAD_FLAGS_FORCE_ALLOW_DATA_URI)); + loadState->SetHasValidUserGestureActivation( + aLoadState->HasValidUserGestureActivation()); + rv = win->Open(NS_ConvertUTF8toUTF16(spec), aLoadState->Target(), // window name EmptyString(), // Features @@ -9758,6 +9769,15 @@ nsresult nsDocShell::DoURILoad(nsDocShellLoadState* aLoadState, Maybe(), sandboxFlags); + // in case this docshell load was triggered by a valid transient user gesture, + // or also the load originates from external, then we pass that information on + // to the loadinfo, which allows e.g. setting Sec-Fetch-User request headers. + if (mBrowsingContext->HasValidTransientUserGestureActivation() || + aLoadState->HasValidUserGestureActivation() || + aLoadState->HasLoadFlags(LOAD_FLAGS_FROM_EXTERNAL)) { + loadInfo->SetHasValidUserGestureActivation(true); + } + /* Get the cache Key from SH */ uint32_t cacheKey = 0; if (mLSHE) { @@ -12203,6 +12223,9 @@ nsresult nsDocShell::OnLinkClickSync( loadState->SetFirstParty(true); loadState->SetSourceBrowsingContext(mBrowsingContext); loadState->SetIsFormSubmission(aContent->IsHTMLElement(nsGkAtoms::form)); + loadState->SetHasValidUserGestureActivation( + mBrowsingContext && + mBrowsingContext->HasValidTransientUserGestureActivation()); nsresult rv = InternalLoad(loadState, aDocShell, aRequest); if (NS_SUCCEEDED(rv)) { diff --git a/docshell/base/nsDocShellLoadState.cpp b/docshell/base/nsDocShellLoadState.cpp index 2d54ab4c82cd..b69b0722cc82 100644 --- a/docshell/base/nsDocShellLoadState.cpp +++ b/docshell/base/nsDocShellLoadState.cpp @@ -42,6 +42,7 @@ nsDocShellLoadState::nsDocShellLoadState(nsIURI* aURI) mSrcdocData(VoidString()), mLoadFlags(0), mFirstParty(false), + mHasValidUserGestureActivation(false), mTypeHint(VoidCString()), mFileName(VoidString()), mIsFromProcessingFrameAttributes(false) { @@ -64,6 +65,7 @@ nsDocShellLoadState::nsDocShellLoadState( mTarget = aLoadState.Target(); mLoadFlags = aLoadState.LoadFlags(); mFirstParty = aLoadState.FirstParty(); + mHasValidUserGestureActivation = aLoadState.HasValidUserGestureActivation(); mTypeHint = aLoadState.TypeHint(); mFileName = aLoadState.FileName(); mIsFromProcessingFrameAttributes = @@ -265,6 +267,8 @@ nsresult nsDocShellLoadState::CreateFromLoadURIOptions( loadState->SetLoadFlags(extraFlags); loadState->SetFirstParty(true); + loadState->SetHasValidUserGestureActivation( + aLoadURIOptions.mHasValidUserGestureActivation); loadState->SetPostDataStream(postData); loadState->SetHeadersStream(aLoadURIOptions.mHeaders); loadState->SetBaseURI(aLoadURIOptions.mBaseURI); @@ -492,6 +496,15 @@ void nsDocShellLoadState::SetFirstParty(bool aFirstParty) { mFirstParty = aFirstParty; } +bool nsDocShellLoadState::HasValidUserGestureActivation() const { + return mHasValidUserGestureActivation; +} + +void nsDocShellLoadState::SetHasValidUserGestureActivation( + bool aHasValidUserGestureActivation) { + mHasValidUserGestureActivation = aHasValidUserGestureActivation; +} + const nsCString& nsDocShellLoadState::TypeHint() const { return mTypeHint; } void nsDocShellLoadState::SetTypeHint(const nsCString& aTypeHint) { @@ -662,6 +675,7 @@ DocShellLoadStateInit nsDocShellLoadState::Serialize() { loadState.Target() = mTarget; loadState.LoadFlags() = mLoadFlags; loadState.FirstParty() = mFirstParty; + loadState.HasValidUserGestureActivation() = mHasValidUserGestureActivation; loadState.TypeHint() = mTypeHint; loadState.FileName() = mFileName; loadState.IsFromProcessingFrameAttributes() = diff --git a/docshell/base/nsDocShellLoadState.h b/docshell/base/nsDocShellLoadState.h index 7aaba7b0a8a7..ef486437de23 100644 --- a/docshell/base/nsDocShellLoadState.h +++ b/docshell/base/nsDocShellLoadState.h @@ -177,6 +177,10 @@ class nsDocShellLoadState final { void SetFirstParty(bool aFirstParty); + bool HasValidUserGestureActivation() const; + + void SetHasValidUserGestureActivation(bool HasValidUserGestureActivation); + const nsCString& TypeHint() const; void SetTypeHint(const nsCString& aTypeHint); @@ -355,6 +359,9 @@ class nsDocShellLoadState final { // Is this a First Party Load? bool mFirstParty; + // Is this load triggered by a user gesture? + bool mHasValidUserGestureActivation; + // A hint as to the content-type of the resulting data. If no hint, IsVoid() // should return true. nsCString mTypeHint; diff --git a/dom/base/LocationBase.cpp b/dom/base/LocationBase.cpp index 5397eea792cb..2432c9a4d794 100644 --- a/dom/base/LocationBase.cpp +++ b/dom/base/LocationBase.cpp @@ -103,6 +103,8 @@ already_AddRefed LocationBase::CheckURL( if (referrerInfo) { loadState->SetReferrerInfo(referrerInfo); } + loadState->SetHasValidUserGestureActivation( + doc->HasValidTransientUserGestureActivation()); return loadState.forget(); } @@ -130,7 +132,10 @@ void LocationBase::SetURI(nsIURI* aURI, nsIPrincipal& aSubjectPrincipal, nsCOMPtr sourceWindow = nsContentUtils::CallerInnerWindow(); if (sourceWindow) { - loadState->SetSourceBrowsingContext(sourceWindow->GetBrowsingContext()); + RefPtr sourceBC = sourceWindow->GetBrowsingContext(); + loadState->SetSourceBrowsingContext(sourceBC); + loadState->SetHasValidUserGestureActivation( + sourceBC && sourceBC->HasValidTransientUserGestureActivation()); } loadState->SetLoadFlags(nsIWebNavigation::LOAD_FLAGS_NONE); diff --git a/dom/clients/manager/ClientNavigateOpChild.cpp b/dom/clients/manager/ClientNavigateOpChild.cpp index 867a362b456f..a8bcb094cd06 100644 --- a/dom/clients/manager/ClientNavigateOpChild.cpp +++ b/dom/clients/manager/ClientNavigateOpChild.cpp @@ -258,6 +258,8 @@ RefPtr ClientNavigateOpChild::DoNavigate( loadState->SetSourceBrowsingContext(docShell->GetBrowsingContext()); loadState->SetLoadFlags(nsIWebNavigation::LOAD_FLAGS_NONE); loadState->SetFirstParty(true); + loadState->SetHasValidUserGestureActivation( + doc->HasValidTransientUserGestureActivation()); rv = docShell->LoadURI(loadState, false); if (NS_FAILED(rv)) { /// There are tests that try sending file:/// and mixed-content URLs diff --git a/dom/ipc/DOMTypes.ipdlh b/dom/ipc/DOMTypes.ipdlh index 6780a87c8318..6d4cc6520fd4 100644 --- a/dom/ipc/DOMTypes.ipdlh +++ b/dom/ipc/DOMTypes.ipdlh @@ -255,6 +255,7 @@ struct DocShellLoadStateInit nsIURI BaseURI; uint32_t LoadFlags; bool FirstParty; + bool HasValidUserGestureActivation; nsCString TypeHint; nsString FileName; bool IsFromProcessingFrameAttributes; diff --git a/dom/security/SecFetch.cpp b/dom/security/SecFetch.cpp index 6a5951292b0b..3321092052d8 100644 --- a/dom/security/SecFetch.cpp +++ b/dom/security/SecFetch.cpp @@ -288,12 +288,24 @@ void SecFetch::AddSecFetchSite(nsIHttpChannel* aHTTPChannel) { } void SecFetch::AddSecFetchUser(nsIHttpChannel* aHTTPChannel) { - // TODO: Bug 1621987: Implement Sec-Fetch-User + nsCOMPtr loadInfo = aHTTPChannel->LoadInfo(); + nsContentPolicyType externalType = loadInfo->GetExternalContentPolicyType(); - // nsAutoCString user("?1"); - // nsresult rv = aHTTPChannel->SetRequestHeader( - // NS_LITERAL_CSTRING("Sec-Fetch-User"), user, false); - // Unused << NS_WARN_IF(NS_FAILED(rv)); + // sec-fetch-user only applies to loads of type document or subdocument + if (externalType != nsIContentPolicy::TYPE_DOCUMENT && + externalType != nsIContentPolicy::TYPE_SUBDOCUMENT) { + return; + } + + // sec-fetch-user only applies if the request is user triggered + if (!loadInfo->GetHasValidUserGestureActivation()) { + return; + } + + nsAutoCString user("?1"); + nsresult rv = aHTTPChannel->SetRequestHeader( + NS_LITERAL_CSTRING("Sec-Fetch-User"), user, false); + Unused << NS_WARN_IF(NS_FAILED(rv)); } void SecFetch::AddSecFetchHeader(nsIHttpChannel* aHTTPChannel) { diff --git a/dom/webidl/LoadURIOptions.webidl b/dom/webidl/LoadURIOptions.webidl index 27368717b3a3..7cb05dbf7df2 100644 --- a/dom/webidl/LoadURIOptions.webidl +++ b/dom/webidl/LoadURIOptions.webidl @@ -62,6 +62,12 @@ dictionary LoadURIOptions { */ URI? baseURI = null; + /** + * Set to indicate that the URI to be loaded was triggered by a user + * action. (Mostly used in the context of Sec-Fetch-User). + */ + boolean hasValidUserGestureActivation = false; + /** * If non-0, a value to pass to nsIDocShell::setCancelContentJSEpoch * when initiating the load. diff --git a/ipc/glue/BackgroundUtils.cpp b/ipc/glue/BackgroundUtils.cpp index c014f316744a..a551e00bcfa3 100644 --- a/ipc/glue/BackgroundUtils.cpp +++ b/ipc/glue/BackgroundUtils.cpp @@ -546,6 +546,7 @@ nsresult LoadInfoToLoadInfoArgs(nsILoadInfo* aLoadInfo, aLoadInfo->GetAllowListFutureDocumentsCreatedFromThisRedirectChain(), cspNonce, aLoadInfo->GetSkipContentSniffing(), aLoadInfo->GetHttpsOnlyStatus(), + aLoadInfo->GetHasValidUserGestureActivation(), aLoadInfo->GetAllowDeprecatedSystemRequests(), aLoadInfo->GetParserCreatedScript(), aLoadInfo->GetIsFromProcessingFrameAttributes(), cookieJarSettingsArgs, @@ -747,6 +748,7 @@ nsresult LoadInfoArgsToLoadInfo( loadInfoArgs.allowListFutureDocumentsCreatedFromThisRedirectChain(), loadInfoArgs.cspNonce(), loadInfoArgs.skipContentSniffing(), loadInfoArgs.httpsOnlyStatus(), + loadInfoArgs.hasValidUserGestureActivation(), loadInfoArgs.allowDeprecatedSystemRequests(), loadInfoArgs.parserCreatedScript(), loadInfoArgs.hasStoragePermission(), loadInfoArgs.requestBlockingReason(), loadingContext); @@ -787,6 +789,7 @@ void LoadInfoToParentLoadInfoForwarder( aLoadInfo->GetAllowInsecureRedirectToDataURI(), aLoadInfo->GetBypassCORSChecks(), ipcController, tainting, aLoadInfo->GetSkipContentSniffing(), aLoadInfo->GetHttpsOnlyStatus(), + aLoadInfo->GetHasValidUserGestureActivation(), aLoadInfo->GetAllowDeprecatedSystemRequests(), aLoadInfo->GetParserCreatedScript(), aLoadInfo->GetServiceWorkerTaintingSynthesized(), @@ -827,6 +830,10 @@ nsresult MergeParentLoadInfoForwarder( rv = aLoadInfo->SetHttpsOnlyStatus(aForwarderArgs.httpsOnlyStatus()); NS_ENSURE_SUCCESS(rv, rv); + rv = aLoadInfo->SetHasValidUserGestureActivation( + aForwarderArgs.hasValidUserGestureActivation()); + NS_ENSURE_SUCCESS(rv, rv); + rv = aLoadInfo->SetAllowDeprecatedSystemRequests( aForwarderArgs.allowDeprecatedSystemRequests()); NS_ENSURE_SUCCESS(rv, rv); diff --git a/netwerk/base/LoadInfo.cpp b/netwerk/base/LoadInfo.cpp index 25a2e55aa7bf..554d21182204 100644 --- a/netwerk/base/LoadInfo.cpp +++ b/netwerk/base/LoadInfo.cpp @@ -106,6 +106,7 @@ LoadInfo::LoadInfo( mAllowListFutureDocumentsCreatedFromThisRedirectChain(false), mSkipContentSniffing(false), mHttpsOnlyStatus(nsILoadInfo::HTTPS_ONLY_UNINITIALIZED), + mHasValidUserGestureActivation(false), mAllowDeprecatedSystemRequests(false), mParserCreatedScript(false), mHasStoragePermission(false), @@ -380,6 +381,7 @@ LoadInfo::LoadInfo(nsPIDOMWindowOuter* aOuterWindow, mAllowListFutureDocumentsCreatedFromThisRedirectChain(false), mSkipContentSniffing(false), mHttpsOnlyStatus(nsILoadInfo::HTTPS_ONLY_UNINITIALIZED), + mHasValidUserGestureActivation(false), mAllowDeprecatedSystemRequests(false), mParserCreatedScript(false), mHasStoragePermission(false), @@ -484,6 +486,7 @@ LoadInfo::LoadInfo(dom::CanonicalBrowsingContext* aBrowsingContext, mAllowListFutureDocumentsCreatedFromThisRedirectChain(false), mSkipContentSniffing(false), mHttpsOnlyStatus(nsILoadInfo::HTTPS_ONLY_UNINITIALIZED), + mHasValidUserGestureActivation(false), mAllowDeprecatedSystemRequests(false), mParserCreatedScript(false), mHasStoragePermission(false), @@ -777,6 +780,7 @@ LoadInfo::LoadInfo(const LoadInfo& rhs) mCspNonce(rhs.mCspNonce), mSkipContentSniffing(rhs.mSkipContentSniffing), mHttpsOnlyStatus(rhs.mHttpsOnlyStatus), + mHasValidUserGestureActivation(rhs.mHasValidUserGestureActivation), mAllowDeprecatedSystemRequests(rhs.mAllowDeprecatedSystemRequests), mParserCreatedScript(rhs.mParserCreatedScript), mHasStoragePermission(rhs.mHasStoragePermission), @@ -817,9 +821,10 @@ LoadInfo::LoadInfo( bool aDocumentHasLoaded, bool aAllowListFutureDocumentsCreatedFromThisRedirectChain, const nsAString& aCspNonce, bool aSkipContentSniffing, - uint32_t aHttpsOnlyStatus, bool aAllowDeprecatedSystemRequests, - bool aParserCreatedScript, bool aHasStoragePermission, - uint32_t aRequestBlockingReason, nsINode* aLoadingContext) + uint32_t aHttpsOnlyStatus, bool aHasValidUserGestureActivation, + bool aAllowDeprecatedSystemRequests, bool aParserCreatedScript, + bool aHasStoragePermission, uint32_t aRequestBlockingReason, + nsINode* aLoadingContext) : mLoadingPrincipal(aLoadingPrincipal), mTriggeringPrincipal(aTriggeringPrincipal), mPrincipalToInherit(aPrincipalToInherit), @@ -876,6 +881,7 @@ LoadInfo::LoadInfo( mCspNonce(aCspNonce), mSkipContentSniffing(aSkipContentSniffing), mHttpsOnlyStatus(aHttpsOnlyStatus), + mHasValidUserGestureActivation(aHasValidUserGestureActivation), mAllowDeprecatedSystemRequests(aAllowDeprecatedSystemRequests), mParserCreatedScript(aParserCreatedScript), mHasStoragePermission(aHasStoragePermission), @@ -1725,6 +1731,20 @@ LoadInfo::SetHttpsOnlyStatus(uint32_t aHttpsOnlyStatus) { return NS_OK; } +NS_IMETHODIMP +LoadInfo::GetHasValidUserGestureActivation( + bool* aHasValidUserGestureActivation) { + *aHasValidUserGestureActivation = mHasValidUserGestureActivation; + return NS_OK; +} + +NS_IMETHODIMP +LoadInfo::SetHasValidUserGestureActivation( + bool aHasValidUserGestureActivation) { + mHasValidUserGestureActivation = aHasValidUserGestureActivation; + return NS_OK; +} + NS_IMETHODIMP LoadInfo::GetAllowDeprecatedSystemRequests( bool* aAllowDeprecatedSystemRequests) { diff --git a/netwerk/base/LoadInfo.h b/netwerk/base/LoadInfo.h index a00d30f7160d..bd70ee17ed55 100644 --- a/netwerk/base/LoadInfo.h +++ b/netwerk/base/LoadInfo.h @@ -169,9 +169,10 @@ class LoadInfo final : public nsILoadInfo { bool aDocumentHasUserInteracted, bool aDocumentHasLoaded, bool aAllowListFutureDocumentsCreatedFromThisRedirectChain, const nsAString& aCspNonce, bool aSkipContentSniffing, - uint32_t aHttpsOnlyStatus, bool aAllowDeprecatedSystemRequests, - bool aParserCreatedScript, bool aHasStoragePermission, - uint32_t aRequestBlockingReason, nsINode* aLoadingContext); + uint32_t aHttpsOnlyStatus, bool aHasValidUserGestureActivation, + bool aAllowDeprecatedSystemRequests, bool aParserCreatedScript, + bool aHasStoragePermission, uint32_t aRequestBlockingReason, + nsINode* aLoadingContext); LoadInfo(const LoadInfo& rhs); NS_IMETHOD GetRedirects(JSContext* aCx, @@ -268,6 +269,7 @@ class LoadInfo final : public nsILoadInfo { nsString mCspNonce; bool mSkipContentSniffing; uint32_t mHttpsOnlyStatus; + bool mHasValidUserGestureActivation; bool mAllowDeprecatedSystemRequests; bool mParserCreatedScript; bool mHasStoragePermission; diff --git a/netwerk/base/TRRLoadInfo.cpp b/netwerk/base/TRRLoadInfo.cpp index 319e2bc59880..10d3a9637667 100644 --- a/netwerk/base/TRRLoadInfo.cpp +++ b/netwerk/base/TRRLoadInfo.cpp @@ -606,6 +606,18 @@ TRRLoadInfo::SetHttpsOnlyStatus(uint32_t aHttpsOnlyStatus) { return NS_ERROR_NOT_IMPLEMENTED; } +NS_IMETHODIMP +TRRLoadInfo::GetHasValidUserGestureActivation( + bool* aHasValidUserGestureActivation) { + return NS_ERROR_NOT_IMPLEMENTED; +} + +NS_IMETHODIMP +TRRLoadInfo::SetHasValidUserGestureActivation( + bool aHasValidUserGestureActivation) { + return NS_ERROR_NOT_IMPLEMENTED; +} + NS_IMETHODIMP TRRLoadInfo::GetInternalContentPolicyType(nsContentPolicyType* aResult) { *aResult = mInternalContentPolicyType; diff --git a/netwerk/base/nsILoadInfo.idl b/netwerk/base/nsILoadInfo.idl index bb26e4628f63..f0575b60f61d 100644 --- a/netwerk/base/nsILoadInfo.idl +++ b/netwerk/base/nsILoadInfo.idl @@ -457,6 +457,14 @@ interface nsILoadInfo : nsISupports */ [infallible] attribute unsigned long httpsOnlyStatus; + /** + * Returns true if at the time of the loadinfo construction the document + * that triggered this load has the bit hasValidTransientUserGestureActivation + * set or the load was triggered from External. (Mostly this bool is used + * in the context of Sec-Fetch-User.) + */ + [infallible] attribute boolean hasValidUserGestureActivation; + /** * We disallow the SystemPrincipal to initiate requests to * the public web. This flag is to allow exceptions. diff --git a/netwerk/ipc/DocumentLoadListener.cpp b/netwerk/ipc/DocumentLoadListener.cpp index 769f036b8c73..5f4d76262021 100644 --- a/netwerk/ipc/DocumentLoadListener.cpp +++ b/netwerk/ipc/DocumentLoadListener.cpp @@ -289,19 +289,22 @@ already_AddRefed DocumentLoadListener::CreateLoadInfo( securityFlags |= nsILoadInfo::SEC_FORCE_INHERIT_PRINCIPAL; } + RefPtr loadInfo; if (aBrowsingContext->GetParent()) { // Build LoadInfo for TYPE_SUBDOCUMENT - RefPtr loadInfo = - new LoadInfo(aBrowsingContext, aLoadState->TriggeringPrincipal(), - aOuterWindowId, securityFlags, sandboxFlags); - return loadInfo.forget(); + loadInfo = new LoadInfo(aBrowsingContext, aLoadState->TriggeringPrincipal(), + aOuterWindowId, securityFlags, sandboxFlags); + } else { + // Build LoadInfo for TYPE_DOCUMENT + OriginAttributes attrs; + mLoadContext->GetOriginAttributes(attrs); + loadInfo = new LoadInfo(aBrowsingContext, aLoadState->TriggeringPrincipal(), + attrs, aOuterWindowId, securityFlags, sandboxFlags); } - // Build LoadInfo for TYPE_DOCUMENT - OriginAttributes attrs; - mLoadContext->GetOriginAttributes(attrs); - RefPtr loadInfo = - new LoadInfo(aBrowsingContext, aLoadState->TriggeringPrincipal(), attrs, - aOuterWindowId, securityFlags, sandboxFlags); + + loadInfo->SetHasValidUserGestureActivation( + aLoadState->HasValidUserGestureActivation()); + return loadInfo.forget(); } diff --git a/netwerk/ipc/NeckoChannelParams.ipdlh b/netwerk/ipc/NeckoChannelParams.ipdlh index 802929c575ae..9fb2e2135222 100644 --- a/netwerk/ipc/NeckoChannelParams.ipdlh +++ b/netwerk/ipc/NeckoChannelParams.ipdlh @@ -146,6 +146,7 @@ struct LoadInfoArgs nsString cspNonce; bool skipContentSniffing; uint32_t httpsOnlyStatus; + bool hasValidUserGestureActivation; bool allowDeprecatedSystemRequests; bool parserCreatedScript; bool isFromProcessingFrameAttributes; @@ -189,6 +190,12 @@ struct ParentLoadInfoForwarderArgs uint32_t httpsOnlyStatus; + // Returns true if at the time of the loadinfo construction the document + // that triggered this load has the bit hasValidTransientUserGestureActivation + // set or the load was triggered from External. (Mostly this bool is used + // in the context of Sec-Fetch-User.) + bool hasValidUserGestureActivation; + // The SystemPrincipal is disallowed to make requests to the public web // and all requests will be cancelled. Setting this flag to true prevents // the request from being cancelled. diff --git a/testing/web-platform/meta/fetch/metadata/form.https.sub.html.ini b/testing/web-platform/meta/fetch/metadata/form.https.sub.html.ini deleted file mode 100644 index e5fda980207d..000000000000 --- a/testing/web-platform/meta/fetch/metadata/form.https.sub.html.ini +++ /dev/null @@ -1,9 +0,0 @@ -[form.https.sub.html] - [web-platform.test -> web-platform.test:8443 iframe: user-activated: sec-fetch-user] - expected: FAIL - - [web-platform.test -> www.web-platform.test:8443 iframe: user-activated: sec-fetch-user] - expected: FAIL - - [web-platform.test -> www.not-web-platform.test:8443 iframe: user-activated: sec-fetch-user] - expected: FAIL diff --git a/testing/web-platform/meta/fetch/metadata/iframe.https.sub.html.ini b/testing/web-platform/meta/fetch/metadata/iframe.https.sub.html.ini deleted file mode 100644 index 4ccc958a9e03..000000000000 --- a/testing/web-platform/meta/fetch/metadata/iframe.https.sub.html.ini +++ /dev/null @@ -1,9 +0,0 @@ -[iframe.https.sub.html] - [web-platform.test -> web-platform.test:8443 iframe: user-activated: sec-fetch-user] - expected: FAIL - - [web-platform.test -> www.web-platform.test:8443 iframe: user-activated: sec-fetch-user] - expected: FAIL - - [web-platform.test -> www.not-web-platform.test:8443 iframe: user-activated: sec-fetch-user] - expected: FAIL diff --git a/testing/web-platform/meta/fetch/metadata/window-open.https.sub.html.ini b/testing/web-platform/meta/fetch/metadata/window-open.https.sub.html.ini index b1d3ea48a6b5..53da52b63012 100644 --- a/testing/web-platform/meta/fetch/metadata/window-open.https.sub.html.ini +++ b/testing/web-platform/meta/fetch/metadata/window-open.https.sub.html.ini @@ -1,16 +1,7 @@ [window-open.https.sub.html] - [Cross-site window, user-activated: sec-fetch-user] - expected: FAIL - [Cross-site window, forced, reloaded] expected: [PASS, FAIL] - [Same-origin window, user-activated: sec-fetch-user] - expected: FAIL - - [Same-site window, user-activated: sec-fetch-user] - expected: FAIL - [Same-site window, forced, reloaded] expected: if os == "android": ["PASS", "FAIL"] diff --git a/toolkit/components/windowwatcher/nsWindowWatcher.cpp b/toolkit/components/windowwatcher/nsWindowWatcher.cpp index 4479a018c628..c174643a37a2 100644 --- a/toolkit/components/windowwatcher/nsWindowWatcher.cpp +++ b/toolkit/components/windowwatcher/nsWindowWatcher.cpp @@ -1147,6 +1147,8 @@ nsresult nsWindowWatcher::OpenWindowInternal( loadState = new nsDocShellLoadState(uriToLoad); loadState->SetSourceBrowsingContext(parentBC); + loadState->SetHasValidUserGestureActivation( + parentBC && parentBC->HasValidTransientUserGestureActivation()); if (subjectPrincipal) { loadState->SetTriggeringPrincipal(subjectPrincipal);