Bug 1848783, part 4 - Don't send storage-access status update to same-origin frames in frame-only mode - r=anti-tracking-reviewers,timhuang

We already had cross-origin-but-same-site covered. But the WPT exposed same-origin as a bug. Differential Revision: https://phabricator.services.mozilla.com/D186985
2024-11-24 05:11:16 +00:00 · 2023-09-19 21:03:08 +00:00 · 2023-09-19 21:03:08 +00:00 · e83a883573
commit e83a883573
parent cfc4424236
2 changed files with 25 additions and 16 deletions
--- a/toolkit/components/antitracking/StorageAccessAPIHelper.cpp
+++ b/toolkit/components/antitracking/StorageAccessAPIHelper.cpp
@ -558,9 +558,14 @@ StorageAccessAPIHelper::CompleteAllowAccessFor(
  MOZ_ASSERT(aParentContext->IsInProcess());

  // Let's inform the parent window and the other windows having the
-  // same tracking origin about the storage permission is granted.
-  StorageAccessAPIHelper::UpdateAllowAccessOnCurrentProcess(aParentContext,
-                                                            aTrackingOrigin);
+  // same tracking origin about the storage permission is granted
+  // if it is not a frame-only permission grant which does not propogate.
+  if (aReason != ContentBlockingNotifier::StorageAccessPermissionGrantedReason::
+                     eStorageAccessAPI ||
+      !StaticPrefs::dom_storage_access_frame_only()) {
+    StorageAccessAPIHelper::UpdateAllowAccessOnCurrentProcess(aParentContext,
+                                                              aTrackingOrigin);
+  }

  // Let's inform the parent window.
  nsCOMPtr<nsPIDOMWindowInner> parentInner =
@ -641,9 +646,12 @@ StorageAccessAPIHelper::SaveAccessForOriginOnParentProcess(

  // If the permission is granted on a first-party window, also have to update
  // the permission to all the other windows with the same tracking origin (in
-  // the same tab), if any.
-  StorageAccessAPIHelper::UpdateAllowAccessOnParentProcess(aParentContext,
-                                                           trackingOrigin);
+  // the same tab), if any, only it is not a frame-only permission grant which
+  // does not propogate.
+  if (!aFrameOnly) {
+    StorageAccessAPIHelper::UpdateAllowAccessOnParentProcess(aParentContext,
+                                                             trackingOrigin);
+  }

  return StorageAccessAPIHelper::SaveAccessForOriginOnParentProcess(
      wgp->DocumentPrincipal(), aTrackingPrincipal, aAllowMode, aFrameOnly,
--- a/toolkit/components/antitracking/test/browser/browser_permissionPropagation.js
+++ b/toolkit/components/antitracking/test/browser/browser_permissionPropagation.js
@ -81,14 +81,14 @@ async function createTrackerFrame(params, count, callback) {
  }
 }

-async function testPermission(browser, block, params) {
+async function testPermission(browser, block, params, frameNumber) {
  await SpecialPowers.spawn(
    browser,
-    [block, params],
-    async function (block, params) {
+    [block, params, frameNumber],
+    async function (block, params, frameNumber) {
      for (let i = 0; ; i++) {
        let ifr = content.document.getElementById("ifr" + i);
-        if (!ifr) {
+        if (!ifr || (frameNumber !== undefined && i != frameNumber)) {
          break;
        }

@ -209,8 +209,8 @@ add_task(async function testPermissionGrantedOn3rdParty() {
  // 4. The fourth tab is opened by the first tab but with a different top-level url).
  //    The tab has one tracker iframe, said E.
  //
-  // This test grants permission on iframe A, which then should propagate storage
-  // permission to iframe B & C, but not D, E
+  // This test grants permission on iframe A, which then should not propagate storage
+  // permission to iframe B, C, D, E

  info("Creating the first tab");
  let tab1 = await createTab(top, 2, null, params);
@ -264,11 +264,12 @@ add_task(async function testPermissionGrantedOn3rdParty() {
    });
  });

-  info("Both iframs of the first tab should have stroage permission");
-  await testPermission(browser1, false /* block */, params);
+  info("Second iframe of the first tab should not have stroage permission");
+  await testPermission(browser1, false /* block */, params, 0);
+  await testPermission(browser1, true /* block */, params, 1);

-  info("The iframe of the second tab should have storage permission");
-  await testPermission(browser2, false /* block */, params);
+  info("The iframe of the second tab should not have storage permission");
+  await testPermission(browser2, true /* block */, params);

  info("The iframe of the third tab should not have storage permission");
  await testPermission(browser3, true /* block */, params);