Bug 1774854, part 2 - Create helper function for the forward-declared storage access handoff permission, r=timhuang

Differential Revision: https://phabricator.services.mozilla.com/D149661
2024-10-09 03:15:11 +00:00 · 2022-07-08 12:36:43 +00:00 · 2022-07-08 12:36:43 +00:00 · e175bc03d6
commit e175bc03d6
parent 5b9e145ce3
3 changed files with 32 additions and 2 deletions
--- a/extensions/permissions/PermissionManager.cpp
+++ b/extensions/permissions/PermissionManager.cpp
@ -169,8 +169,8 @@ bool IsOAForceStripPermission(const nsACString& aType) {
 // Array of permission prefixes which should be isolated only by site.
 // These site-scoped permissions are stored under their site's principal.
 // GetAllForPrincipal also needs to look for these especially.
-static constexpr std::array<nsLiteralCString, 1> kSiteScopedPermissions = {
-    {"3rdPartyStorage^"_ns}};
+static constexpr std::array<nsLiteralCString, 2> kSiteScopedPermissions = {
+    {"3rdPartyStorage^"_ns, "AllowStorageAccessRequest^"_ns}};

 bool IsSiteScopedPermission(const nsACString& aType) {
  if (aType.IsEmpty()) {
--- a/toolkit/components/antitracking/AntiTrackingUtils.cpp
+++ b/toolkit/components/antitracking/AntiTrackingUtils.cpp
@ -19,6 +19,7 @@
 #include "mozilla/net/NeckoChannelParams.h"
 #include "mozilla/PermissionManager.h"
 #include "mozIThirdPartyUtil.h"
+#include "nsEffectiveTLDService.h"
 #include "nsGlobalWindowInner.h"
 #include "nsIChannel.h"
 #include "nsIHttpChannel.h"
@ -122,6 +123,28 @@ bool AntiTrackingUtils::CreateStoragePermissionKey(nsIPrincipal* aPrincipal,
  return true;
 }

+// static
+bool AntiTrackingUtils::CreateStorageRequestPermissionKey(
+    nsIURI* aURI, nsACString& aPermissionKey) {
+  MOZ_ASSERT(aPermissionKey.IsEmpty());
+  RefPtr<nsEffectiveTLDService> eTLDService =
+      nsEffectiveTLDService::GetInstance();
+  if (!eTLDService) {
+    return false;
+  }
+  nsCString site;
+  nsresult rv = eTLDService->GetSite(aURI, site);
+  if (NS_FAILED(rv)) {
+    return false;
+  }
+  static const nsLiteralCString prefix =
+      nsLiteralCString("AllowStorageAccessRequest^");
+  aPermissionKey.SetCapacity(prefix.Length() + site.Length());
+  aPermissionKey.Append(prefix);
+  aPermissionKey.Append(site);
+  return true;
+}
+
 // static
 bool AntiTrackingUtils::IsStorageAccessPermission(nsIPermission* aPermission,
                                                  nsIPrincipal* aPrincipal) {
--- a/toolkit/components/antitracking/AntiTrackingUtils.h
+++ b/toolkit/components/antitracking/AntiTrackingUtils.h
@ -49,6 +49,13 @@ class AntiTrackingUtils final {
  static bool CreateStoragePermissionKey(nsIPrincipal* aPrincipal,
                                         nsACString& aKey);

+  // Given and embedded URI, returns the permission for allowing storage access
+  // requests from that URI's site. This permission is site-scoped in two ways:
+  // the principal it is stored under and the suffix built from aURI are both
+  // the Site rather than Origin.
+  static bool CreateStorageRequestPermissionKey(nsIURI* aURI,
+                                                nsACString& aPermissionKey);
+
  // Returns true if the permission passed in is a storage access permission
  // for the passed in principal argument.
  static bool IsStorageAccessPermission(nsIPermission* aPermission,