Bug 1836792, part 2 - Make changes to StorageAccessPermission{Request,Prompt} to allow requesting 3rdPartyFrameStorage, r=anti-tracking-reviewers,timhuang,pbz

Differential Revision: https://phabricator.services.mozilla.com/D180216
This commit is contained in:
Benjamin VanderSloot 2023-06-23 12:14:18 +00:00
parent 61ee4f8919
commit f75b617629
4 changed files with 36 additions and 17 deletions

View File

@ -1298,20 +1298,33 @@ class MIDIPermissionPrompt extends SitePermsAddonInstallRequest {
}
class StorageAccessPermissionPrompt extends PermissionPromptForRequest {
#permissionKey;
constructor(request) {
super();
this.request = request;
this.siteOption = null;
this.#permissionKey = `3rdPartyStorage${lazy.SitePermissions.PERM_KEY_DELIMITER}${this.principal.origin}`;
let types = this.request.types.QueryInterface(Ci.nsIArray);
let perm = types.queryElementAt(0, Ci.nsIContentPermissionType);
let options = perm.options.QueryInterface(Ci.nsIArray);
// If we have an option, we are in a call from requestStorageAccessUnderSite
// which means that the embedding principal is not the current top-level.
// Instead we have to grab the Site string out of the option and use that
// in the UI.
if (options.length) {
this.siteOption = options.queryElementAt(0, Ci.nsISupportsString).data;
// If we have an option, the permission request is different in some way.
// We may be in a call from requestStorageAccessUnderSite or a frame-scoped
// request, which means that the embedding principal is not the current top-level
// or the permission key is different.
if (options.length != 2) {
return;
}
let topLevelOption = options.queryElementAt(0, Ci.nsISupportsString).data;
if (topLevelOption) {
this.siteOption = topLevelOption;
}
let frameOption = options.queryElementAt(1, Ci.nsISupportsString).data;
if (frameOption) {
// We replace the permission key with a frame-specific one that only has a site after the delimiter
this.#permissionKey = `3rdPartyFrameStorage${lazy.SitePermissions.PERM_KEY_DELIMITER}${this.principal.siteOrigin}`;
}
}
@ -1325,7 +1338,7 @@ class StorageAccessPermissionPrompt extends PermissionPromptForRequest {
get permissionKey() {
// Make sure this name is unique per each third-party tracker
return `3rdPartyStorage${lazy.SitePermissions.PERM_KEY_DELIMITER}${this.principal.origin}`;
return this.#permissionKey;
}
get temporaryPermissionURI() {

View File

@ -17178,7 +17178,7 @@ Document::CreatePermissionGrantPromise(
Private(__func__);
RefPtr<StorageAccessPermissionRequest> sapr =
StorageAccessPermissionRequest::Create(
inner, principal, aTopLevelBaseDomain,
inner, principal, aTopLevelBaseDomain, false,
// Allow
[p] {
Telemetry::AccumulateCategorical(

View File

@ -19,16 +19,21 @@ NS_IMPL_ISUPPORTS_CYCLE_COLLECTION_INHERITED_0(StorageAccessPermissionRequest,
StorageAccessPermissionRequest::StorageAccessPermissionRequest(
nsPIDOMWindowInner* aWindow, nsIPrincipal* aNodePrincipal,
const Maybe<nsCString>& aTopLevelBaseDomain, AllowCallback&& aAllowCallback,
CancelCallback&& aCancelCallback)
const Maybe<nsCString>& aTopLevelBaseDomain, bool aFrameOnly,
AllowCallback&& aAllowCallback, CancelCallback&& aCancelCallback)
: ContentPermissionRequestBase(aNodePrincipal, aWindow,
"dom.storage_access"_ns,
"storage-access"_ns),
mAllowCallback(std::move(aAllowCallback)),
mCancelCallback(std::move(aCancelCallback)),
mCallbackCalled(false) {
mOptions.SetLength(2);
if (aTopLevelBaseDomain.isSome()) {
mOptions.AppendElement(NS_ConvertUTF8toUTF16(aTopLevelBaseDomain.value()));
nsCString option = aTopLevelBaseDomain.value();
mOptions.ElementAt(0) = NS_ConvertUTF8toUTF16(option);
}
if (aFrameOnly) {
mOptions.ElementAt(1) = u"1"_ns;
}
mPermissionRequests.AppendElement(PermissionRequest(mType, mOptions));
}
@ -119,15 +124,15 @@ StorageAccessPermissionRequest::Create(nsPIDOMWindowInner* aWindow,
nsIPrincipal* aPrincipal,
AllowCallback&& aAllowCallback,
CancelCallback&& aCancelCallback) {
return Create(aWindow, aPrincipal, Nothing(), std::move(aAllowCallback),
return Create(aWindow, aPrincipal, Nothing(), true, std::move(aAllowCallback),
std::move(aCancelCallback));
}
already_AddRefed<StorageAccessPermissionRequest>
StorageAccessPermissionRequest::Create(
nsPIDOMWindowInner* aWindow, nsIPrincipal* aPrincipal,
const Maybe<nsCString>& aTopLevelBaseDomain, AllowCallback&& aAllowCallback,
CancelCallback&& aCancelCallback) {
const Maybe<nsCString>& aTopLevelBaseDomain, bool aFrameOnly,
AllowCallback&& aAllowCallback, CancelCallback&& aCancelCallback) {
if (!aWindow) {
return nullptr;
}
@ -138,8 +143,8 @@ StorageAccessPermissionRequest::Create(
RefPtr<StorageAccessPermissionRequest> request =
new StorageAccessPermissionRequest(
aWindow, aPrincipal, aTopLevelBaseDomain, std::move(aAllowCallback),
std::move(aCancelCallback));
aWindow, aPrincipal, aTopLevelBaseDomain, aFrameOnly,
std::move(aAllowCallback), std::move(aCancelCallback));
return request.forget();
}

View File

@ -47,7 +47,7 @@ class StorageAccessPermissionRequest final
// of aPrincipal's Top browsing context is used.
static already_AddRefed<StorageAccessPermissionRequest> Create(
nsPIDOMWindowInner* aWindow, nsIPrincipal* aPrincipal,
const Maybe<nsCString>& aTopLevelBaseDomain,
const Maybe<nsCString>& aTopLevelBaseDomain, bool aFrameOnly,
AllowCallback&& aAllowCallback, CancelCallback&& aCancelCallback);
using AutoGrantDelayPromise = MozPromise<bool, bool, true>;
@ -57,6 +57,7 @@ class StorageAccessPermissionRequest final
StorageAccessPermissionRequest(nsPIDOMWindowInner* aWindow,
nsIPrincipal* aNodePrincipal,
const Maybe<nsCString>& aTopLevelBaseDomain,
bool aFrameOnly,
AllowCallback&& aAllowCallback,
CancelCallback&& aCancelCallback);
~StorageAccessPermissionRequest() {