Magic-Mirror/gecko-dev
1
0
Fork 0
mirror of https://github.com/mozilla/gecko-dev.git synced 2024-11-30 00:01:50 +00:00
Code Issues Actions Packages Projects Releases Wiki Activity

Backed out 6 changesets (bug 1484876) for eslint failure on PrivateBrowsingUtils. CLOSED TREE

Browse Source 
Backed out changeset e80737d6af55 (bug 1484876)
Backed out changeset b1cb63d8c8bb (bug 1484876)
Backed out changeset cd2ced689895 (bug 1484876)
Backed out changeset d31e39a47704 (bug 1484876)
Backed out changeset babf6abc7f4c (bug 1484876)
Backed out changeset 1c9895ab06c6 (bug 1484876)
This commit is contained in:
Cosmin Sabou 2018-08-22 16:26:33 +03:00
parent a048df08c4
commit ed624fa8d0
12 changed files with 206 additions and 125 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

12
browser/base/content/browser-contentblocking.js
View File

@ -412,11 +412,13 @@ var ContentBlocking = {
}
// Check whether the user has added an exception for this site.
let type = PrivateBrowsingUtils.isBrowserPrivate(gBrowser.selectedBrowser) ?
"trackingprotection-pb" :
"trackingprotection";
let hasException = Services.perms.testExactPermission(baseURI, type) ==
Services.perms.ALLOW_ACTION;
let hasException = false;
if (PrivateBrowsingUtils.isBrowserPrivate(gBrowser.selectedBrowser)) {
hasException = PrivateBrowsingUtils.existsInTrackingAllowlist(baseURI);
} else {
hasException = Services.perms.testExactPermission(baseURI,
"trackingprotection") == Services.perms.ALLOW_ACTION;
}
this.content.toggleAttribute("detected", detected);
this.content.toggleAttribute("hasException", hasException);

4
browser/installer/package-manifest.in
View File

@ -388,6 +388,10 @@
@RESPATH@/components/nsUrlClassifierListManager.js
@RESPATH@/components/nsUrlClassifierLib.js
; Private Browsing
@RESPATH@/components/PrivateBrowsing.manifest
@RESPATH@/components/PrivateBrowsingTrackingProtectionWhitelist.js
; Security Reports
@RESPATH@/components/SecurityReporter.manifest
@RESPATH@/components/SecurityReporter.js

4
mobile/android/installer/package-manifest.in
View File

@ -253,6 +253,10 @@
@BINPATH@/components/nsUrlClassifierListManager.js
@BINPATH@/components/nsUrlClassifierLib.js
; Private Browsing
@BINPATH@/components/PrivateBrowsing.manifest
@BINPATH@/components/PrivateBrowsingTrackingProtectionWhitelist.js
; Security Reports
@BINPATH@/components/SecurityReporter.manifest
@BINPATH@/components/SecurityReporter.js

61
netwerk/base/nsChannelClassifier.cpp
View File

@ -22,6 +22,7 @@
#include "nsIIOService.h"
#include "nsIParentChannel.h"
#include "nsIPermissionManager.h"
#include "nsIPrivateBrowsingTrackingProtectionWhitelist.h"
#include "nsIProtocolHandler.h"
#include "nsIScriptError.h"
#include "nsIScriptSecurityManager.h"
@ -37,7 +38,6 @@
#include "nsIUrlClassifierDBService.h"
#include "nsIURLFormatter.h"
#include "mozilla/AntiTrackingCommon.h"
#include "mozilla/ErrorNames.h"
#include "mozilla/Logging.h"
#include "mozilla/Preferences.h"
@ -449,8 +449,8 @@ nsChannelClassifier::ShouldEnableTrackingProtectionInternal(
return NS_OK;
}
nsCOMPtr<nsIIOService> ios = services::GetIOService();
NS_ENSURE_TRUE(ios, NS_ERROR_FAILURE);
nsCOMPtr<nsIIOService> ios = do_GetService(NS_IOSERVICE_CONTRACTID, &rv);
NS_ENSURE_SUCCESS(rv, rv);
nsCOMPtr<nsIURI> topWinURI;
rv = chan->GetTopWindowURI(getter_AddRefs(topWinURI));
@ -465,23 +465,68 @@ nsChannelClassifier::ShouldEnableTrackingProtectionInternal(
NS_ENSURE_SUCCESS(rv, rv);
}
rv = AntiTrackingCommon::IsOnContentBlockingAllowList(topWinURI, mIsAllowListed);
// Take the host/port portion so we can allowlist by site. Also ignore the
// scheme, since users who put sites on the allowlist probably don't expect
// allowlisting to depend on scheme.
nsCOMPtr<nsIURL> url = do_QueryInterface(topWinURI, &rv);
if (NS_FAILED(rv)) {
return rv; // normal for some loads, no need to print a warning
}
if (mIsAllowListed) {
*result = false;
nsCString escaped(NS_LITERAL_CSTRING("https://"));
nsAutoCString temp;
rv = url->GetHostPort(temp);
NS_ENSURE_SUCCESS(rv, rv);
escaped.Append(temp);
// Stuff the whole thing back into a URI for the permission manager.
rv = ios->NewURI(escaped, nullptr, nullptr, getter_AddRefs(topWinURI));
NS_ENSURE_SUCCESS(rv, rv);
nsCOMPtr<nsIPermissionManager> permMgr =
do_GetService(NS_PERMISSIONMANAGER_CONTRACTID, &rv);
NS_ENSURE_SUCCESS(rv, rv);
uint32_t permissions = nsIPermissionManager::UNKNOWN_ACTION;
rv = permMgr->TestPermission(topWinURI, "trackingprotection", &permissions);
NS_ENSURE_SUCCESS(rv, rv);
if (permissions == nsIPermissionManager::ALLOW_ACTION) {
if (LOG_ENABLED()) {
nsCString chanSpec = chanURI->GetSpecOrDefault();
chanSpec.Truncate(std::min(chanSpec.Length(), sMaxSpecLength));
LOG(("nsChannelClassifier[%p]: User override on channel[%p] (%s)",
this, aChannel, chanSpec.get()));
LOG(("nsChannelClassifier[%p]: User override on channel[%p] (%s) for %s",
this, aChannel, chanSpec.get(), escaped.get()));
}
mIsAllowListed = true;
*result = false;
} else {
*result = true;
}
// In Private Browsing Mode we also check against an in-memory list.
if (NS_UsePrivateBrowsing(aChannel)) {
nsCOMPtr<nsIPrivateBrowsingTrackingProtectionWhitelist> pbmtpWhitelist =
do_GetService(NS_PBTRACKINGPROTECTIONWHITELIST_CONTRACTID, &rv);
NS_ENSURE_SUCCESS(rv, rv);
bool exists = false;
rv = pbmtpWhitelist->ExistsInAllowList(topWinURI, &exists);
NS_ENSURE_SUCCESS(rv, rv);
if (exists) {
mIsAllowListed = true;
if (LOG_ENABLED()) {
nsCString chanSpec = chanURI->GetSpecOrDefault();
chanSpec.Truncate(std::min(chanSpec.Length(), sMaxSpecLength));
LOG(("nsChannelClassifier[%p]: User override (PBM) on channel[%p] (%s) for %s",
this, aChannel, chanSpec.get(), escaped.get()));
}
}
*result = !exists;
}
// Tracking protection will be enabled so return without updating
// the security state. If any channels are subsequently cancelled
// (page elements blocked) the state will be then updated.

67
toolkit/components/antitracking/AntiTrackingCommon.cpp
View File

@ -16,11 +16,9 @@
#include "nsGlobalWindowInner.h"
#include "nsICookiePermission.h"
#include "nsICookieService.h"
#include "nsIIOService.h"
#include "nsIPermissionManager.h"
#include "nsIPrincipal.h"
#include "nsIURI.h"
#include "nsIURL.h"
#include "nsPIDOMWindow.h"
#include "nsScriptSecurityManager.h"
#include "prtime.h"
@ -31,7 +29,6 @@ using namespace mozilla;
using mozilla::dom::ContentChild;
static LazyLogModule gAntiTrackingLog("AntiTracking");
static const nsCString::size_type sMaxSpecLength = 128;
#define LOG(format) MOZ_LOG(gAntiTrackingLog, mozilla::LogLevel::Debug, format)
@ -39,7 +36,6 @@ static const nsCString::size_type sMaxSpecLength = 128;
PR_BEGIN_MACRO \
if (MOZ_LOG_TEST(gAntiTrackingLog, mozilla::LogLevel::Debug)) { \
nsAutoCString _specStr(NS_LITERAL_CSTRING("(null)")); \
_specStr.Truncate(std::min(_specStr.Length(), sMaxSpecLength)); \
if (uri) { \
_specStr = uri->GetSpecOrDefault(); \
} \
@ -646,66 +642,3 @@ AntiTrackingCommon::MaybeIsFirstPartyStorageAccessGrantedFor(nsPIDOMWindowInner*
return result == nsIPermissionManager::ALLOW_ACTION;
}
nsresult
AntiTrackingCommon::IsOnContentBlockingAllowList(nsIURI* aTopWinURI,
bool& aIsAllowListed)
{
aIsAllowListed = false;
LOG_SPEC(("Deciding whether the user has overridden content blocking for %s",
_spec), aTopWinURI);
nsCOMPtr<nsIIOService> ios = services::GetIOService();
NS_ENSURE_TRUE(ios, NS_ERROR_FAILURE);
// Take the host/port portion so we can allowlist by site. Also ignore the
// scheme, since users who put sites on the allowlist probably don't expect
// allowlisting to depend on scheme.
nsresult rv = NS_ERROR_FAILURE;
nsCOMPtr<nsIURL> url = do_QueryInterface(aTopWinURI, &rv);
if (NS_FAILED(rv)) {
return rv; // normal for some loads, no need to print a warning
}
nsCString escaped(NS_LITERAL_CSTRING("https://"));
nsAutoCString temp;
rv = url->GetHostPort(temp);
NS_ENSURE_SUCCESS(rv, rv);
escaped.Append(temp);
// Stuff the whole thing back into a URI for the permission manager.
nsCOMPtr<nsIURI> topWinURI;
rv = ios->NewURI(escaped, nullptr, nullptr, getter_AddRefs(topWinURI));
NS_ENSURE_SUCCESS(rv, rv);
nsCOMPtr<nsIPermissionManager> permMgr =
do_GetService(NS_PERMISSIONMANAGER_CONTRACTID, &rv);
NS_ENSURE_SUCCESS(rv, rv);
// Check both the normal mode and private browsing mode user override permissions.
const char* types[] = {
"trackingprotection",
"trackingprotection-pb"
};
for (size_t i = 0; i < ArrayLength(types); ++i) {
uint32_t permissions = nsIPermissionManager::UNKNOWN_ACTION;
rv = permMgr->TestPermission(topWinURI, types[i], &permissions);
NS_ENSURE_SUCCESS(rv, rv);
if (permissions == nsIPermissionManager::ALLOW_ACTION) {
aIsAllowListed = true;
LOG_SPEC(("Found user override type %s for %s", types[i], _spec),
topWinURI);
// Stop checking the next permisson type if we decided to override.
break;
}
}
if (!aIsAllowListed) {
LOG(("No user override found"));
}
return NS_OK;
}

5
toolkit/components/antitracking/AntiTrackingCommon.h
View File

@ -83,11 +83,6 @@ public:
const nsCString& aGrantedOrigin,
FirstPartyStorageAccessGrantedForOriginResolver&& aResolver);
// Check whether a top window URI is on the content blocking allow list.
static nsresult
IsOnContentBlockingAllowList(nsIURI* aTopWinURI, bool& aIsAllowListed);
};
} // namespace mozilla

1
toolkit/components/moz.build
View File

@ -49,6 +49,7 @@ DIRS += [
'perf',
'perfmonitoring',
'places',
'privatebrowsing',
'processsingleton',
'promiseworker',
'prompts',

2
toolkit/components/privatebrowsing/PrivateBrowsing.manifest Normal file
View File

@ -0,0 +1,2 @@
component {a319b616-c45d-4037-8d86-01c592b5a9af} PrivateBrowsingTrackingProtectionWhitelist.js
contract @mozilla.org/pbm-tp-whitelist;1 {a319b616-c45d-4037-8d86-01c592b5a9af}

62
toolkit/components/privatebrowsing/PrivateBrowsingTrackingProtectionWhitelist.js Normal file
View File

@ -0,0 +1,62 @@
/* This Source Code Form is subject to the terms of the Mozilla Public
* License, v. 2.0. If a copy of the MPL was not distributed with this
* file, You can obtain one at http://mozilla.org/MPL/2.0/. */
ChromeUtils.import("resource://gre/modules/XPCOMUtils.jsm");
ChromeUtils.import("resource://gre/modules/Services.jsm");
function PrivateBrowsingTrackingProtectionWhitelist() {
// The list of URIs explicitly excluded from tracking protection.
this._allowlist = [];
Services.obs.addObserver(this, "last-pb-context-exited", true);
}
PrivateBrowsingTrackingProtectionWhitelist.prototype = {
classID: Components.ID("{a319b616-c45d-4037-8d86-01c592b5a9af}"),
QueryInterface: ChromeUtils.generateQI([Ci.nsIPrivateBrowsingTrackingProtectionWhitelist, Ci.nsIObserver, Ci.nsISupportsWeakReference]),
_xpcom_factory: XPCOMUtils.generateSingletonFactory(PrivateBrowsingTrackingProtectionWhitelist),
/**
* Add the provided URI to the list of allowed tracking sites.
*
* @param uri nsIURI
* The URI to add to the list.
*/
addToAllowList(uri) {
if (!this._allowlist.includes(uri.spec)) {
this._allowlist.push(uri.spec);
}
},
/**
* Remove the provided URI from the list of allowed tracking sites.
*
* @param uri nsIURI
* The URI to add to the list.
*/
removeFromAllowList(uri) {
let index = this._allowlist.indexOf(uri.spec);
if (index !== -1) {
this._allowlist.splice(index, 1);
}
},
/**
* Check if the provided URI exists in the list of allowed tracking sites.
*
* @param uri nsIURI
* The URI to add to the list.
*/
existsInAllowList(uri) {
return this._allowlist.includes(uri.spec);
},
observe(subject, topic, data) {
if (topic == "last-pb-context-exited") {
this._allowlist = [];
}
}
};
this.NSGetFactory = XPCOMUtils.generateNSGetFactory([PrivateBrowsingTrackingProtectionWhitelist]);

19
toolkit/components/privatebrowsing/moz.build Normal file
View File

@ -0,0 +1,19 @@
# -*- Mode: python; indent-tabs-mode: nil; tab-width: 40 -*-
# vim: set filetype=python:
# This Source Code Form is subject to the terms of the Mozilla Public
# License, v. 2.0. If a copy of the MPL was not distributed with this
# file, You can obtain one at http://mozilla.org/MPL/2.0/.
with Files('**'):
BUG_COMPONENT = ('Core', 'DOM: Security')
XPIDL_SOURCES += [
'nsIPrivateBrowsingTrackingProtectionWhitelist.idl',
]
XPIDL_MODULE = 'privatebrowsing'
EXTRA_COMPONENTS += [
'PrivateBrowsing.manifest',
'PrivateBrowsingTrackingProtectionWhitelist.js',
]

46
toolkit/components/privatebrowsing/nsIPrivateBrowsingTrackingProtectionWhitelist.idl Normal file
View File

@ -0,0 +1,46 @@
/* This Source Code Form is subject to the terms of the Mozilla Public
* License, v. 2.0. If a copy of the MPL was not distributed with this
* file, You can obtain one at http://mozilla.org/MPL/2.0/. */
#include "nsISupports.idl"
interface nsIURI;
/**
* The Private Browsing Tracking Protection service checks a URI against an
* in-memory list of tracking sites.
*/
[scriptable, uuid(c77ddfac-6cd6-43a9-84e8-91682a1a7b18)]
interface nsIPrivateBrowsingTrackingProtectionWhitelist : nsISupports
{
/**
* Add a URI to the list of allowed tracking sites in Private Browsing mode
* (essentially a tracking whitelist). This operation will cause the URI to
* be registered if it does not currently exist. If it already exists, then
* the operation is essentially a no-op.
*
* @param uri the uri to add to the list
*/
void addToAllowList(in nsIURI uri);
/**
* Remove a URI from the list of allowed tracking sites in Private Browsing
* mode (the tracking whitelist). If the URI is not already in the list,
* then the operation is essentially a no-op.
*
* @param uri the uri to remove from the list
*/
void removeFromAllowList(in nsIURI uri);
/**
* Check if a URI exists in the list of allowed tracking sites in Private
* Browsing mode (the tracking whitelist).
*
* @param uri the uri to look for in the list
*/
bool existsInAllowList(in nsIURI uri);
};
%{ C++
#define NS_PBTRACKINGPROTECTIONWHITELIST_CONTRACTID "@mozilla.org/pbm-tp-whitelist;1"
%}

48
toolkit/modules/PrivateBrowsingUtils.jsm
View File

@ -7,40 +7,9 @@ var EXPORTED_SYMBOLS = ["PrivateBrowsingUtils"];
ChromeUtils.import("resource://gre/modules/Services.jsm");
ChromeUtils.import("resource://gre/modules/XPCOMUtils.jsm");
function PrivateBrowsingContentBlockingAllowList() {
Services.obs.addObserver(this, "last-pb-context-exited", true);
}
PrivateBrowsingContentBlockingAllowList.prototype = {
QueryInterface: ChromeUtils.generateQI([Ci.nsIObserver, Ci.nsISupportsWeakReference]),
/**
* Add the provided URI to the list of allowed tracking sites.
*
* @param uri nsIURI
* The URI to add to the list.
*/
addToAllowList(uri) {
Services.perms.add(uri, "trackingprotection-pb", Ci.nsIPermissionManager.ALLOW_ACTION,
Ci.nsIPermissionManager.EXPIRE_SESSION);
},
/**
* Remove the provided URI from the list of allowed tracking sites.
*
* @param uri nsIURI
* The URI to remove from the list.
*/
removeFromAllowList(uri) {
Services.perms.remove(uri, "trackingprotection-pb");
},
observe(subject, topic, data) {
if (topic == "last-pb-context-exited") {
Services.perms.removeByType("trackingprotection-pb");
}
}
};
XPCOMUtils.defineLazyServiceGetter(this, "gPBMTPWhitelist",
"@mozilla.org/pbm-tp-whitelist;1",
"nsIPrivateBrowsingTrackingProtectionWhitelist");
const kAutoStartPref = "browser.privatebrowsing.autostart";
@ -87,17 +56,16 @@ var PrivateBrowsingUtils = {
return aWindow.docShell.QueryInterface(Ci.nsILoadContext);
},
get _pbCBAllowList() {
delete this._pbCBAllowList;
return this._pbCBAllowList = new PrivateBrowsingContentBlockingAllowList();
addToTrackingAllowlist(aURI) {
gPBMTPWhitelist.addToAllowList(aURI);
},
addToTrackingAllowlist(aURI) {
this._pbCBAllowList.addToAllowList(aURI);
existsInTrackingAllowlist(aURI) {
return gPBMTPWhitelist.existsInAllowList(aURI);
},
removeFromTrackingAllowlist(aURI) {
this._pbCBAllowList.removeFromAllowList(aURI);
gPBMTPWhitelist.removeFromAllowList(aURI);
},
get permanentPrivateBrowsing() {