Bug 1724376 - Part 2: Add a RejectForeignAllowList::Check() for principal. r=dimi,pbz,ckerschb

We need a helper function for checking principal if it's in the foreign
allow list.

In this patch we will add a BasePrincipal::IsURIInList() because this is
needed for RejectForeignAllowList::Check().

Differential Revision: https://phabricator.services.mozilla.com/D123804

caps/BasePrincipal.cpp

@@ -981,7 +981,7 @@ BasePrincipal::SchemeIs(const char* aScheme, bool* aResult) {
   *aResult = false;
   nsCOMPtr<nsIURI> prinURI;
   nsresult rv = GetURI(getter_AddRefs(prinURI));
-  if (NS_FAILED(rv) || !prinURI) {
+  if (NS_WARN_IF(NS_FAILED(rv)) || !prinURI) {
     return NS_OK;
   }
   *aResult = prinURI->SchemeIs(aScheme);
@@ -1000,6 +1000,20 @@ BasePrincipal::IsURIInPrefList(const char* aPref, bool* aResult) {
   return NS_OK;
 }
 
+NS_IMETHODIMP
+BasePrincipal::IsURIInList(const nsACString& aList, bool* aResult) {
+  *aResult = false;
+  nsCOMPtr<nsIURI> prinURI;
+
+  nsresult rv = GetURI(getter_AddRefs(prinURI));
+  if (NS_FAILED(rv) || !prinURI) {
+    return NS_OK;
+  }
+
+  *aResult = nsContentUtils::IsURIInList(prinURI, nsCString(aList));
+  return NS_OK;
+}
+
 NS_IMETHODIMP
 BasePrincipal::GetIsOriginPotentiallyTrustworthy(bool* aResult) {
   MOZ_ASSERT(NS_IsMainThread());

caps/BasePrincipal.h

@@ -133,6 +133,7 @@ class BasePrincipal : public nsJSPrincipals {
   NS_IMETHOD GetScheme(nsACString& aScheme) override;
   NS_IMETHOD SchemeIs(const char* aScheme, bool* aResult) override;
   NS_IMETHOD IsURIInPrefList(const char* aPref, bool* aResult) override;
+  NS_IMETHOD IsURIInList(const nsACString& aList, bool* aResult) override;
   NS_IMETHOD IsL10nAllowed(nsIURI* aURI, bool* aResult) override;
   NS_IMETHOD GetAboutModuleFlags(uint32_t* flags) override;
   NS_IMETHOD GetIsAddonOrExpandedAddonPrincipal(bool* aResult) override;

caps/nsIPrincipal.idl

@@ -320,6 +320,13 @@ interface nsIPrincipal : nsISupports
     [infallible]
     boolean isURIInPrefList(in string pref);
 
+    /**
+     * Check if the Principal's URI is contained in the given list
+     * @param list The list to be checked
+     */
+    [infallible]
+    boolean isURIInList(in ACString list);
+
     /*
     * Uses NS_Security Compare to determine if the
     * other URI is same-origin as the uri of the Principal

toolkit/components/antitracking/RejectForeignAllowList.cpp

@@ -46,6 +46,11 @@ bool RejectForeignAllowList::Check(nsIHttpChannel* aChannel) {
   return GetOrCreate()->CheckInternal(channelURI);
 }
 
+// static
+bool RejectForeignAllowList::Check(nsIPrincipal* aPrincipal) {
+  return GetOrCreate()->CheckInternal(aPrincipal);
+}
+
 // static
 RejectForeignAllowList* RejectForeignAllowList::GetOrCreate() {
   if (!gRejectForeignAllowList) {
@@ -78,6 +83,20 @@ bool RejectForeignAllowList::CheckInternal(nsIURI* aURI) {
   return nsContentUtils::IsURIInList(aURI, mList);
 }
 
+bool RejectForeignAllowList::CheckInternal(nsIPrincipal* aPrincipal) {
+  MOZ_ASSERT(aPrincipal);
+
+  auto* basePrin = BasePrincipal::Cast(aPrincipal);
+  if (!basePrin) {
+    return false;
+  }
+
+  bool result = false;
+  basePrin->IsURIInList(mList, &result);
+
+  return result;
+}
+
 NS_IMETHODIMP
 RejectForeignAllowList::OnExceptionListUpdate(const nsACString& aList) {
   mList = aList;

toolkit/components/antitracking/RejectForeignAllowList.h

@@ -26,6 +26,7 @@ class RejectForeignAllowList final
 
   static bool Check(dom::Document* aDocument);
   static bool Check(nsIHttpChannel* aChannel);
+  static bool Check(nsIPrincipal* aPrincipal);
 
  private:
   static RejectForeignAllowList* GetOrCreate();
@@ -34,6 +35,7 @@ class RejectForeignAllowList final
   ~RejectForeignAllowList();
 
   bool CheckInternal(nsIURI* aURI);
+  bool CheckInternal(nsIPrincipal* aPrincipal);
 
   nsCString mList;
 };