From ba1f8971c72dddf7092de8b62e77398f9853d2de Mon Sep 17 00:00:00 2001 From: Andrea Marchesini Date: Tue, 10 Jul 2018 10:09:59 +0200 Subject: [PATCH] Bug 1469993 - Grant storage access to a 3rd party, tracking resource if a opened document has user-interaction - part 2 - storing first user interaction in nsILoadInfo, r=ehsan --- dom/base/nsContentUtils.cpp | 16 +++++++++-- dom/base/nsGlobalWindowInner.cpp | 6 +++++ dom/base/nsGlobalWindowInner.h | 3 +++ ipc/glue/BackgroundUtils.cpp | 2 ++ netwerk/base/LoadInfo.cpp | 40 ++++++++++++++++++++++++++++ netwerk/base/LoadInfo.h | 2 ++ netwerk/base/nsILoadInfo.idl | 16 ++++++++--- netwerk/ipc/NeckoChannelParams.ipdlh | 1 + 8 files changed, 81 insertions(+), 5 deletions(-) diff --git a/dom/base/nsContentUtils.cpp b/dom/base/nsContentUtils.cpp index 4e4d82fb7f49..3fa938d322b1 100644 --- a/dom/base/nsContentUtils.cpp +++ b/dom/base/nsContentUtils.cpp @@ -8883,12 +8883,24 @@ nsContentUtils::StorageDisabledByAntiTracking(nsPIDOMWindowInner* aWindow, return false; } + // If this is not a tracking resource, nothing is disabled. if (!httpChannel->GetIsTrackingResource()) { return false; } - // TODO storage access check - return true; + nsCOMPtr uri; + nsresult rv = httpChannel->GetURI(getter_AddRefs(uri)); + if (NS_WARN_IF(NS_FAILED(rv))) { + return false; + } + + nsCOMPtr loadInfo; + rv = aChannel->GetLoadInfo(getter_AddRefs(loadInfo)); + if (NS_WARN_IF(NS_FAILED(rv))) { + return false; + } + + return !loadInfo->IsFirstPartyStorageAccessGrantedFor(uri); } // static, private diff --git a/dom/base/nsGlobalWindowInner.cpp b/dom/base/nsGlobalWindowInner.cpp index be2a1d55f9e6..ada32a6f1572 100644 --- a/dom/base/nsGlobalWindowInner.cpp +++ b/dom/base/nsGlobalWindowInner.cpp @@ -8045,6 +8045,12 @@ nsGlobalWindowInner::AddFirstPartyStorageAccessGrantedFor(const nsAString& aOrig } } +const nsTArray& +nsGlobalWindowInner::GetFirstPartyStorageAccessGrantedOrigins() const +{ + return mStorageGrantedOrigins; +} + bool nsGlobalWindowInner::IsFirstPartyStorageAccessGrantedFor(nsIURI* aURI) const { diff --git a/dom/base/nsGlobalWindowInner.h b/dom/base/nsGlobalWindowInner.h index 110cb9993639..3ccb45f7b00c 100644 --- a/dom/base/nsGlobalWindowInner.h +++ b/dom/base/nsGlobalWindowInner.h @@ -720,6 +720,9 @@ public: void AddFirstPartyStorageAccessGrantedFor(const nsAString& aOrigin); + const nsTArray& + GetFirstPartyStorageAccessGrantedOrigins() const; + bool IsFirstPartyStorageAccessGrantedFor(nsIURI* aURI) const; diff --git a/ipc/glue/BackgroundUtils.cpp b/ipc/glue/BackgroundUtils.cpp index 0f2abfe3b591..8472fc8e1954 100644 --- a/ipc/glue/BackgroundUtils.cpp +++ b/ipc/glue/BackgroundUtils.cpp @@ -403,6 +403,7 @@ LoadInfoToLoadInfoArgs(nsILoadInfo *aLoadInfo, aLoadInfo->GetSecurityFlags(), aLoadInfo->InternalContentPolicyType(), static_cast(aLoadInfo->GetTainting()), + aLoadInfo->GetFirstPartyStorageAccessGrantedOrigins(), aLoadInfo->GetUpgradeInsecureRequests(), aLoadInfo->GetBrowserUpgradeInsecureRequests(), aLoadInfo->GetBrowserWouldUpgradeInsecureRequests(), @@ -551,6 +552,7 @@ LoadInfoArgsToLoadInfo(const OptionalLoadInfoArgs& aOptionalLoadInfoArgs, loadInfoArgs.securityFlags(), loadInfoArgs.contentPolicyType(), static_cast(loadInfoArgs.tainting()), + loadInfoArgs.firstPartyStorageAccessGrantedOrigins(), loadInfoArgs.upgradeInsecureRequests(), loadInfoArgs.browserUpgradeInsecureRequests(), loadInfoArgs.browserWouldUpgradeInsecureRequests(), diff --git a/netwerk/base/LoadInfo.cpp b/netwerk/base/LoadInfo.cpp index 3e5dd08b282f..33c5c23f0325 100644 --- a/netwerk/base/LoadInfo.cpp +++ b/netwerk/base/LoadInfo.cpp @@ -150,6 +150,13 @@ LoadInfo::LoadInfo(nsIPrincipal* aLoadingPrincipal, nsCOMPtr parent = contextOuter->GetScriptableParent(); mParentOuterWindowID = parent ? parent->WindowID() : mOuterWindowID; mTopOuterWindowID = FindTopOuterWindowID(contextOuter); + + nsGlobalWindowInner* innerWindow = + nsGlobalWindowInner::Cast(contextOuter->GetCurrentInnerWindow()); + if (innerWindow) { + mFirstPartyStorageAccessGrantedOrigins = + innerWindow->GetFirstPartyStorageAccessGrantedOrigins(); + } } mInnerWindowID = aLoadingContext->OwnerDoc()->InnerWindowID(); @@ -334,6 +341,13 @@ LoadInfo::LoadInfo(nsPIDOMWindowOuter* aOuterWindow, mParentOuterWindowID = parent ? parent->WindowID() : 0; mTopOuterWindowID = FindTopOuterWindowID(aOuterWindow); + nsGlobalWindowInner* innerWindow = + nsGlobalWindowInner::Cast(aOuterWindow->GetCurrentInnerWindow()); + if (innerWindow) { + mFirstPartyStorageAccessGrantedOrigins = + innerWindow->GetFirstPartyStorageAccessGrantedOrigins(); + } + // get the docshell from the outerwindow, and then get the originattributes nsCOMPtr docShell = aOuterWindow->GetDocShell(); MOZ_ASSERT(docShell); @@ -413,6 +427,7 @@ LoadInfo::LoadInfo(nsIPrincipal* aLoadingPrincipal, nsSecurityFlags aSecurityFlags, nsContentPolicyType aContentPolicyType, LoadTainting aTainting, + const nsTArray& aFirstPartyStorageAccessGrantedOrigins, bool aUpgradeInsecureRequests, bool aBrowserUpgradeInsecureRequests, bool aBrowserWouldUpgradeInsecureRequests, @@ -452,6 +467,7 @@ LoadInfo::LoadInfo(nsIPrincipal* aLoadingPrincipal, , mSecurityFlags(aSecurityFlags) , mInternalContentPolicyType(aContentPolicyType) , mTainting(aTainting) + , mFirstPartyStorageAccessGrantedOrigins(aFirstPartyStorageAccessGrantedOrigins) , mUpgradeInsecureRequests(aUpgradeInsecureRequests) , mBrowserUpgradeInsecureRequests(aBrowserUpgradeInsecureRequests) , mBrowserWouldUpgradeInsecureRequests(aBrowserWouldUpgradeInsecureRequests) @@ -1392,5 +1408,29 @@ LoadInfo::GetPerformanceStorage() return mPerformanceStorage; } +const nsTArray& +LoadInfo::GetFirstPartyStorageAccessGrantedOrigins() +{ + return mFirstPartyStorageAccessGrantedOrigins; +} + +bool +LoadInfo::IsFirstPartyStorageAccessGrantedFor(nsIURI* aURI) +{ + MOZ_ASSERT(aURI); + + if (mFirstPartyStorageAccessGrantedOrigins.IsEmpty()) { + return false; + } + + nsAutoString origin; + nsresult rv = nsContentUtils::GetUTFOrigin(aURI, origin); + if (NS_WARN_IF(NS_FAILED(rv))) { + return false; + } + + return mFirstPartyStorageAccessGrantedOrigins.Contains(origin); +} + } // namespace net } // namespace mozilla diff --git a/netwerk/base/LoadInfo.h b/netwerk/base/LoadInfo.h index 7dbfe3843630..1b1b01782d7d 100644 --- a/netwerk/base/LoadInfo.h +++ b/netwerk/base/LoadInfo.h @@ -105,6 +105,7 @@ private: nsSecurityFlags aSecurityFlags, nsContentPolicyType aContentPolicyType, LoadTainting aTainting, + const nsTArray& aFirstPartyStorageAccessGrantedOrigins, bool aUpgradeInsecureRequests, bool aBrowserUpgradeInsecureRequests, bool aBrowserWouldUpgradeInsecureRequests, @@ -173,6 +174,7 @@ private: nsSecurityFlags mSecurityFlags; nsContentPolicyType mInternalContentPolicyType; LoadTainting mTainting; + nsTArray mFirstPartyStorageAccessGrantedOrigins; bool mUpgradeInsecureRequests; bool mBrowserUpgradeInsecureRequests; bool mBrowserWouldUpgradeInsecureRequests; diff --git a/netwerk/base/nsILoadInfo.idl b/netwerk/base/nsILoadInfo.idl index aec5f2d8a19a..e1537a3c0b4f 100644 --- a/netwerk/base/nsILoadInfo.idl +++ b/netwerk/base/nsILoadInfo.idl @@ -34,7 +34,8 @@ class ServiceWorkerDescriptor; [ref] native nsIRedirectHistoryEntryArray(const nsTArray>); native OriginAttributes(mozilla::OriginAttributes); [ref] native const_OriginAttributesRef(const mozilla::OriginAttributes); -[ref] native StringArrayRef(const nsTArray); +[ref] native CStringArrayRef(const nsTArray); +[ref] native StringArrayRef(const nsTArray); [ref] native Uint64ArrayRef(const nsTArray); [ref] native PrincipalArrayRef(const nsTArray>); [ref] native const_ClientInfoRef(const mozilla::dom::ClientInfo); @@ -783,7 +784,7 @@ interface nsILoadInfo : nsISupports * Only call this function when using the SEC_REQUIRE_CORS_DATA_INHERITS mode. */ [noscript, notxpcom, nostdcall] - void setCorsPreflightInfo(in StringArrayRef unsafeHeaders, + void setCorsPreflightInfo(in CStringArrayRef unsafeHeaders, in boolean forcePreflight); /** @@ -792,7 +793,7 @@ interface nsILoadInfo : nsISupports * loadInfo object - use with caution! */ [noscript, notxpcom, nostdcall, binaryname(CorsUnsafeHeaders)] - StringArrayRef corsUnsafeHeaders(); + CStringArrayRef corsUnsafeHeaders(); /** * Returns value set through setCorsPreflightInfo. @@ -1019,4 +1020,13 @@ interface nsILoadInfo : nsISupports */ [noscript, nostdcall, notxpcom] void SynthesizeServiceWorkerTainting(in LoadTainting aTainting); + + /** + * This is the origin that has access storage granted also if 3rd party and + * in the tracking protection list. + */ + [noscript, notxpcom, nostdcall] + StringArrayRef getFirstPartyStorageAccessGrantedOrigins(); + [noscript, notxpcom, nostdcall] + bool isFirstPartyStorageAccessGrantedFor(in nsIURI aURI); }; diff --git a/netwerk/ipc/NeckoChannelParams.ipdlh b/netwerk/ipc/NeckoChannelParams.ipdlh index d2563e5330cc..d2bdb4616fed 100644 --- a/netwerk/ipc/NeckoChannelParams.ipdlh +++ b/netwerk/ipc/NeckoChannelParams.ipdlh @@ -46,6 +46,7 @@ struct LoadInfoArgs uint32_t securityFlags; uint32_t contentPolicyType; uint32_t tainting; + nsString[] firstPartyStorageAccessGrantedOrigins; bool upgradeInsecureRequests; bool browserUpgradeInsecureRequests; bool browserWouldUpgradeInsecureRequests;