Bug 1805860 - Add IPC to test for storage access permission - r=anti-tracking-reviewers,timhuang,pbz

Differential Revision: https://phabricator.services.mozilla.com/D182244
2024-11-27 06:43:32 +00:00 · 2023-07-19 14:51:12 +00:00 · 2023-07-19 14:51:12 +00:00 · 855f57d52d
commit 855f57d52d
parent 0129b6667c
3 changed files with 68 additions and 0 deletions
--- a/dom/ipc/PWindowGlobal.ipdl
+++ b/dom/ipc/PWindowGlobal.ipdl
@ -210,6 +210,8 @@ parent:
  async DiscoverIdentityCredentialFromExternalSource(IdentityCredentialRequestOptions aOptions) 
      returns (IPCIdentityCredential? identityCredential);

+  async HasStorageAccessPermission() returns(bool granted);
+
 child:
  async NotifyPermissionChange(nsCString type);
 };
--- a/dom/ipc/WindowGlobalParent.cpp
+++ b/dom/ipc/WindowGlobalParent.cpp
@ -8,6 +8,7 @@

 #include <algorithm>

+#include "mozilla/AntiTrackingUtils.h"
 #include "mozilla/AsyncEventDispatcher.h"
 #include "mozilla/ClearOnShutdown.h"
 #include "mozilla/ContentBlockingAllowList.h"
@ -1374,6 +1375,68 @@ IPCResult WindowGlobalParent::RecvDiscoverIdentityCredentialFromExternalSource(
  return IPC_OK();
 }

+IPCResult WindowGlobalParent::RecvHasStorageAccessPermission(
+    HasStorageAccessPermissionResolver&& aResolve) {
+  WindowGlobalParent* top = TopWindowContext();
+  if (!top) {
+    return IPC_FAIL_NO_REASON(this);
+  }
+  nsIPrincipal* topPrincipal = top->DocumentPrincipal();
+  nsIPrincipal* principal = DocumentPrincipal();
+
+  nsCOMPtr<nsIPermissionManager> permMgr =
+      components::PermissionManager::Service();
+  if (!permMgr) {
+    return IPC_FAIL(
+        this,
+        "Storage Access Permission: Failed to get Permission Manager service");
+  }
+
+  // Build the permission keys
+  nsAutoCString requestPermissionKey;
+  bool success = AntiTrackingUtils::CreateStoragePermissionKey(
+      principal, requestPermissionKey);
+  if (!success) {
+    return IPC_FAIL(
+        this,
+        "Storage Access Permission: Failed to create top level permission key");
+  }
+
+  nsAutoCString requestFramePermissionKey;
+  success = AntiTrackingUtils::CreateStorageFramePermissionKey(
+      principal, requestFramePermissionKey);
+  if (!success) {
+    return IPC_FAIL(
+        this,
+        "Storage Access Permission: Failed to create frame permission key");
+  }
+
+  // Test the permission
+  uint32_t access = nsIPermissionManager::UNKNOWN_ACTION;
+  nsresult rv = permMgr->TestPermissionFromPrincipal(
+      topPrincipal, requestPermissionKey, &access);
+  if (NS_WARN_IF(NS_FAILED(rv))) {
+    return IPC_FAIL(this,
+                    "Storage Access Permission: Permission Manager failed to "
+                    "test permission");
+  }
+  if (access == nsIPermissionManager::ALLOW_ACTION) {
+    aResolve(true);
+    return IPC_OK();
+  }
+
+  uint32_t frameAccess = nsIPermissionManager::UNKNOWN_ACTION;
+  rv = permMgr->TestPermissionFromPrincipal(
+      topPrincipal, requestFramePermissionKey, &frameAccess);
+  if (NS_WARN_IF(NS_FAILED(rv))) {
+    return IPC_FAIL(this,
+                    "Storage Access Permission: Permission Manager failed to "
+                    "test permission");
+  }
+  aResolve(frameAccess == nsIPermissionManager::ALLOW_ACTION);
+  return IPC_OK();
+}
+
 void WindowGlobalParent::ActorDestroy(ActorDestroyReason aWhy) {
  if (GetBrowsingContext()->IsTopContent()) {
    Telemetry::Accumulate(Telemetry::ORB_DID_EVER_BLOCK_RESPONSE,
--- a/dom/ipc/WindowGlobalParent.h
+++ b/dom/ipc/WindowGlobalParent.h
@ -310,6 +310,9 @@ class WindowGlobalParent final : public WindowContext,
      const IdentityCredentialRequestOptions& aOptions,
      const DiscoverIdentityCredentialFromExternalSourceResolver& aResolver);

+  mozilla::ipc::IPCResult RecvHasStorageAccessPermission(
+      HasStorageAccessPermissionResolver&& aResolve);
+
 private:
  WindowGlobalParent(CanonicalBrowsingContext* aBrowsingContext,
                     uint64_t aInnerWindowId, uint64_t aOuterWindowId,