Commit Graph

2520 Commits

Author SHA1 Message Date
Narcis Beleuzu
7eae8c1064 Backed out 16 changesets (bug 1770944) as req by asuth.
Backed out changeset 61af32f40777 (bug 1770944)
Backed out changeset 4ff0c45db93b (bug 1770944)
Backed out changeset 8a217eff7bcd (bug 1770944)
Backed out changeset 6435f48c96bf (bug 1770944)
Backed out changeset 0d2432765ca0 (bug 1770944)
Backed out changeset 58e02566db85 (bug 1770944)
Backed out changeset 0a8c4c2460ee (bug 1770944)
Backed out changeset 9416bafd9982 (bug 1770944)
Backed out changeset 79de4f83fe2e (bug 1770944)
Backed out changeset 63ac518aceb0 (bug 1770944)
Backed out changeset 14952f872b77 (bug 1770944)
Backed out changeset f65e0967ad75 (bug 1770944)
Backed out changeset bd53c42038f7 (bug 1770944)
Backed out changeset 36c378ba8212 (bug 1770944)
Backed out changeset 9ba54ab06348 (bug 1770944)
Backed out changeset fb5a54b3cbe9 (bug 1770944)
2024-02-23 21:11:08 +02:00
Artur Iunusov
72394b518c Bug 1770944 - fixed isolatedMozBrowser related tests, r=smaug,necko-reviewers,jesup
Depends on D192468

Differential Revision: https://phabricator.services.mozilla.com/D192485
2024-02-22 10:13:17 +00:00
Artur Iunusov
bb8df1117c Bug 1770944 - Remove other references to inBrowserElement, r=cookie-reviewers,valentin,janv,decoder
Depends on D183230

Differential Revision: https://phabricator.services.mozilla.com/D189490
2024-02-22 10:13:15 +00:00
Artur Iunusov
8a817efa45 Bug 1770944 - Remove isInIsolatedMozBrowserElement. r=smaug,necko-reviewers,kershaw,valentin
Depends on D183229

Differential Revision: https://phabricator.services.mozilla.com/D183230
2024-02-22 10:13:14 +00:00
Sandor Molnar
be27c149eb Backed out 16 changesets (bug 1770944) for causing asan failures @ dom/base/InProcessBrowserChildMessageManager.cpp
Backed out changeset b73885731e73 (bug 1770944)
Backed out changeset 23d0dc98eb51 (bug 1770944)
Backed out changeset 15661e24d8e1 (bug 1770944)
Backed out changeset 97aa839dc200 (bug 1770944)
Backed out changeset 0d4318bf3239 (bug 1770944)
Backed out changeset be28bb62e9f3 (bug 1770944)
Backed out changeset 708b2671410e (bug 1770944)
Backed out changeset 0a138f3b56b9 (bug 1770944)
Backed out changeset 3a149ef794c2 (bug 1770944)
Backed out changeset 4b6ae7dd0e69 (bug 1770944)
Backed out changeset e3960ad85182 (bug 1770944)
Backed out changeset 9ea253525227 (bug 1770944)
Backed out changeset 1828b66c2f7c (bug 1770944)
Backed out changeset 55b0886f9025 (bug 1770944)
Backed out changeset a4197071d10a (bug 1770944)
Backed out changeset 9b18524f541e (bug 1770944)
2024-02-20 20:34:55 +02:00
Artur Iunusov
5191fef9e8 Bug 1770944 - fixed isolatedMozBrowser related tests, r=smaug,necko-reviewers,jesup
Depends on D192468

Differential Revision: https://phabricator.services.mozilla.com/D192485
2024-02-20 16:53:26 +00:00
Artur Iunusov
981b9eb009 Bug 1770944 - Remove other references to inBrowserElement, r=cookie-reviewers,valentin,janv,decoder
Depends on D183230

Differential Revision: https://phabricator.services.mozilla.com/D189490
2024-02-20 16:53:24 +00:00
Artur Iunusov
ad804b13e8 Bug 1770944 - Remove isInIsolatedMozBrowserElement. r=smaug,necko-reviewers,kershaw,valentin
Depends on D183229

Differential Revision: https://phabricator.services.mozilla.com/D183230
2024-02-20 16:53:23 +00:00
Gijs Kruitbosch
6168506717 Bug 1780071 - autofix violations of no-comparison-or-assignment-inside-ok in misc other folders r=webdriver-reviewers,necko-reviewers,sync-reviewers,profiler-reviewers,sgalich,whimboo,markh,kershaw,julienw
Differential Revision: https://phabricator.services.mozilla.com/D198978
2024-02-19 21:47:41 +00:00
Paul Zuehlcke
e8238421ac Bug 1876579 - Add a hash key class for OriginAttributes. r=ckerschb
Differential Revision: https://phabricator.services.mozilla.com/D200817
2024-02-14 09:44:52 +00:00
Cosmin Sabou
7b230cb210 Backed out 8 changesets (bug 1839919, bug 1876579, bug 1878915) for causing non-unified build bustages on nsCOMPtr.h.
Backed out changeset 99ce75dc42c5 (bug 1878915)
Backed out changeset 1ba7f2b78980 (bug 1878915)
Backed out changeset c4675cbf4e84 (bug 1878915)
Backed out changeset df1f8aa6637f (bug 1839919)
Backed out changeset 325f849a24df (bug 1839919)
Backed out changeset e1f7b77f841b (bug 1839919)
Backed out changeset 33e6ffa9f8cc (bug 1876579)
Backed out changeset bae7618dff51 (bug 1876579)
2024-02-13 16:15:27 +02:00
Paul Zuehlcke
98907ddc05 Bug 1876579 - Add a hash key class for OriginAttributes. r=ckerschb
Differential Revision: https://phabricator.services.mozilla.com/D200817
2024-02-13 11:33:05 +00:00
Tooru Fujisawa
31ceef48aa Bug 1861819 - Use JS::ParseJSONWithHandler in BasePrincipal. r=peterv
This avoid intermediate object tree for "JSON to principal" case.

Differential Revision: https://phabricator.services.mozilla.com/D192146
2024-01-26 15:39:39 +00:00
Tooru Fujisawa
3b9cb7a38a Bug 1861787 - Use mfbt/JSONWriter.h in BasePrincipal. r=peterv
This avoid intermediate object tree for "principal to JSON" case.
Bug 1861819 will handle the opposite case.

Differential Revision: https://phabricator.services.mozilla.com/D192145
2024-01-26 15:39:38 +00:00
Tom Ritter
68cae289a0 Bug 1851816: Pass PBM Status into RFPIsEnabledFor r=timhuang
Differential Revision: https://phabricator.services.mozilla.com/D192501
2023-12-18 18:39:33 +00:00
Tooru Fujisawa
8c59289f4f Bug 1864168 - Part 1: Use 1-origin column number in nsIContentSecurityPolicy. r=smaug,devtools-reviewers,ochameau,ckerschb
Differential Revision: https://phabricator.services.mozilla.com/D193369
2023-11-22 12:31:30 +00:00
Natalia Csoregi
705aa81869 Backed out 14 changesets (bug 1865005, bug 1864168, bug 1864155, bug 1862814, bug 1862693) for causing bustage on nsRFPService.cpp. CLOSED TREE
Backed out changeset a4f3e7625abf (bug 1865005)
Backed out changeset ab38141e470b (bug 1862814)
Backed out changeset a679b50dc4a9 (bug 1862814)
Backed out changeset e340886ce62a (bug 1862814)
Backed out changeset 1378502e64b0 (bug 1862814)
Backed out changeset 8ee94e5e79c2 (bug 1862814)
Backed out changeset 6d4ef1cdfabb (bug 1864168)
Backed out changeset 2c30c4d757fc (bug 1864168)
Backed out changeset d4db9576559b (bug 1864168)
Backed out changeset 8ffec0d83028 (bug 1864168)
Backed out changeset fa77d852b494 (bug 1864168)
Backed out changeset f6646771a26a (bug 1864168)
Backed out changeset 7bd0ff6986df (bug 1864155)
Backed out changeset 39867b503289 (bug 1862693)
2023-11-22 14:01:55 +02:00
Tooru Fujisawa
a4a513ad86 Bug 1864168 - Part 1: Use 1-origin column number in nsIContentSecurityPolicy. r=smaug,devtools-reviewers,ochameau,ckerschb
Differential Revision: https://phabricator.services.mozilla.com/D193369
2023-11-22 11:13:54 +00:00
Joel Maher
6c77cecbdd Bug 1859873 - batch 13 xpcshell.ini -> .toml. r=aryx,devtools-reviewers,profiler-reviewers
Differential Revision: https://phabricator.services.mozilla.com/D194161
2023-11-21 12:32:50 +00:00
Timothy Nikkel
6cac46fa3b Bug 1864267. Silence warning in BasePrincipal::GetIsLoopbackHost. r=nchevobbe
Just starting up a debug build you will get 40 copies of this printed.

The uri that we fail to get host of is about:newtab. One stack looks like this

#02: mozilla::BasePrincipal::GetIsLoopbackHost(bool*)
#03: mozilla::net::LoadInfo::LoadInfo(nsIPrincipal*, nsIPrincipal*, nsINode*, unsigned int, nsIContentPolicy::nsContentPolicyType, mozilla::Maybe<mozilla::dom::ClientInfo> const&, mozilla::Maybe<mozilla::dom::ServiceWorkerDescriptor> const&, unsigned int, bool
#04: ShouldLoadCachedImage(imgRequest*, mozilla::dom::Document*, nsIPrincipal*, nsIContentPolicy::nsContentPolicyType, bool)
#05: imgLoader::LoadImage(nsIURI*, nsIURI*, nsIReferrerInfo*, nsIPrincipal*, unsigned long long, nsILoadGroup*, imgINotificationObserver*, nsINode*, mozilla::dom::Document*, unsigned int, nsISupports*, nsIContentPolicy::nsContentPolicyType, nsTSubstring<char16
#06: nsContentUtils::LoadImage(nsIURI*, nsINode*, mozilla::dom::Document*, nsIPrincipal*, unsigned long long, nsIReferrerInfo*, imgINotificationObserver*, int, nsTSubstring<char16_t> const&, imgRequestProxy**, nsIContentPolicy::nsContentPolicyType, bool, bool,
#07: mozilla::css::ImageLoader::LoadImage(mozilla::StyleComputedUrl const&, mozilla::dom::Document&)
#08: mozilla::StyleComputedUrl::ResolveImage(mozilla::dom::Document&, mozilla::StyleComputedUrl const*)
#09: nsStyleImageLayers::ResolveImages(mozilla::dom::Document&, nsStyleImageLayers const*)
#10: mozilla::ComputedStyle::StartImageLoads(mozilla::dom::Document&, mozilla::ComputedStyle const*)

Differential Revision: https://phabricator.services.mozilla.com/D193349
2023-11-15 09:56:43 +00:00
Tooru Fujisawa
c8916f8e8e Bug 1862692 - Part 16: Use 1-origin column number type in JS::DescribeScriptedCaller. r=iain
Differential Revision: https://phabricator.services.mozilla.com/D193029
2023-11-09 11:41:10 +00:00
Malte Juergens
182878bbe0 Bug 1855734 - Use innermost nested URI in PopulateTopLevelInfoFromURI r=freddyb,timhuang
Differential Revision: https://phabricator.services.mozilla.com/D190468
2023-11-08 13:44:26 +00:00
Iulian Moraru
7575f7a549 Backed out changeset 54dd41cecdd0 (bug 1855734) for causing bc failures on browser_fpi_nested_uri.js. CLOSED TREE 2023-11-06 12:49:22 +02:00
Malte Juergens
5fcbcf6734 Bug 1855734 - Use innermost nested URI in PopulateTopLevelInfoFromURI r=freddyb,timhuang
Differential Revision: https://phabricator.services.mozilla.com/D190468
2023-11-06 09:50:10 +00:00
Sylvestre Ledru
0ab6c71871 Bug 1856578 - follow up - Empty Lines at end of file r=nataliaCs
Differential Revision: https://phabricator.services.mozilla.com/D189922
2023-10-03 11:35:36 +00:00
Tom Marble
1ca03b1818 Bug 1855295 convert .ini manifests to .toml: batch 8 dom/[a-l]**/mochitest.ini r=jmaher,jgilbert,extension-reviewers,credential-management-reviewers,robwu,sgalich
Differential Revision: https://phabricator.services.mozilla.com/D189381
2023-10-02 17:18:28 +00:00
Tom Marble
a99a113414 Bug 1853244 - convert .ini manifests to .toml: batch 6 {caps,devtools,dom}/**/browser.ini r=jmaher,media-playback-reviewers,devtools-reviewers,profiler-reviewers,alwu,nchevobbe,canaltinova
Differential Revision: https://phabricator.services.mozilla.com/D188856
2023-09-22 20:42:14 +00:00
Valentin Gosu
7f59cce94d Bug 1848694 - Remove/avoid global references to nsIIOService r=mccr8,necko-reviewers,kershaw
This patch removes the static pointer to nsIIOService in nsContentUtils,
replacing it to calls to mozilla::components::IO::Service.

It also makes nsScriptSecurityManager::sIOService a StaticRefPtr.

Differential Revision: https://phabricator.services.mozilla.com/D188714
2023-09-22 12:49:44 +00:00
Sandor Molnar
bf0bc531b4 Backed out changeset b858a0740582 (bug 1848694) for causing build bustages on dom/base/Element.cpp CLOSED TREE 2023-09-21 16:45:57 +03:00
Valentin Gosu
32014974c0 Bug 1848694 - Remove/avoid global references to nsIIOService r=mccr8,necko-reviewers,kershaw
This patch removes the static pointer to nsIIOService in nsContentUtils,
replacing it to calls to mozilla::components::IO::Service.

It also makes nsScriptSecurityManager::sIOService a StaticRefPtr.

Differential Revision: https://phabricator.services.mozilla.com/D188714
2023-09-21 12:39:20 +00:00
Tom Marble
9e40a719f2 Bug 1850545 - convert .ini manifests to .toml: batch 3 chrome.ini (bis) r=jmaher,geckoview-reviewers,extension-reviewers,credential-management-reviewers,devtools-reviewers,fxview-reviewers,places-reviewers,profiler-reviewers,m_kato,mak,mtigley
Differential Revision: https://phabricator.services.mozilla.com/D187597
2023-09-13 18:28:32 +00:00
Tooru Fujisawa
357b9c51d8 Bug 1847469 - Part 24: Use column number types in JS::DescribeScriptedCaller. r=iain
Differential Revision: https://phabricator.services.mozilla.com/D185762
2023-08-16 17:31:42 +00:00
Tooru Fujisawa
264b992ca0 Bug 1847469 - Part 23: Use uint32_t for line and column in DescribeScriptedCaller* functions as a preparation to use column number types. r=iain
Differential Revision: https://phabricator.services.mozilla.com/D185761
2023-08-16 17:31:41 +00:00
Cristian Tuns
4fe9ed8f30 Backed out 27 changesets (bug 1847469) for causing spidermonkey bustages in Script.cpp CLOSED TREE
Backed out changeset 9d6e2651a013 (bug 1847469)
Backed out changeset 9b72d668efd2 (bug 1847469)
Backed out changeset 86abf5cf0a22 (bug 1847469)
Backed out changeset 46833087f8ac (bug 1847469)
Backed out changeset f3e2207fdeec (bug 1847469)
Backed out changeset aed75776cfff (bug 1847469)
Backed out changeset 8292a38bd99f (bug 1847469)
Backed out changeset 1320f83fb8c7 (bug 1847469)
Backed out changeset df9f925f9837 (bug 1847469)
Backed out changeset 69f32cf1862a (bug 1847469)
Backed out changeset b2ddddec8818 (bug 1847469)
Backed out changeset 056eed7abc97 (bug 1847469)
Backed out changeset 5df4f43ac0bf (bug 1847469)
Backed out changeset cb57923f6532 (bug 1847469)
Backed out changeset a0993f2a2195 (bug 1847469)
Backed out changeset 782499fbedf2 (bug 1847469)
Backed out changeset cf84fb98c5e1 (bug 1847469)
Backed out changeset 1fa5ab59814b (bug 1847469)
Backed out changeset f5f78944df81 (bug 1847469)
Backed out changeset aa14337bf5c6 (bug 1847469)
Backed out changeset 6757db4575d7 (bug 1847469)
Backed out changeset 236ff135701e (bug 1847469)
Backed out changeset 9b4d5b435020 (bug 1847469)
Backed out changeset a0f789621bc8 (bug 1847469)
Backed out changeset c19b81f48055 (bug 1847469)
Backed out changeset b4521e546d7e (bug 1847469)
Backed out changeset f26a10289316 (bug 1847469)
2023-08-16 07:08:01 -04:00
Tooru Fujisawa
5c4dc17c44 Bug 1847469 - Part 24: Use column number types in JS::DescribeScriptedCaller. r=iain
Differential Revision: https://phabricator.services.mozilla.com/D185762
2023-08-16 10:26:33 +00:00
Tooru Fujisawa
f61ba91ee2 Bug 1847469 - Part 23: Use uint32_t for line and column in DescribeScriptedCaller* functions as a preparation to use column number types. r=iain
Differential Revision: https://phabricator.services.mozilla.com/D185761
2023-08-16 10:26:33 +00:00
Kagami Sascha Rosylight
b46a392d48 Bug 1798493 - Part 1: Use nsIPrincipal instead of ContentPrincipalInfo for PLockManager r=asuth
Differential Revision: https://phabricator.services.mozilla.com/D163337
2023-06-28 20:48:14 +00:00
Kershaw Chang
705e17a537 Bug 1838829 - Skip failed tests, r=necko-reviewers,extension-reviewers,credential-management-reviewers,devtools-reviewers,dimi,valentin,robwu
Differential Revision: https://phabricator.services.mozilla.com/D181251
2023-06-28 13:21:00 +00:00
Nika Layzell
1fdee2314c Bug 1839920 - Rename Get{ASCII,UTF}Origin to GetWebExposedOriginSerialization, r=smaug,necko-reviewers,anti-tracking-reviewers,bvandersloot,jesup
This should make uses of the type more clearly indicating where the
origin came from, and should help avoid potential confusion between this
origin and nsIPrincipal::origin in new code.

This new name is long, but explicit. The string returned from this
function corresponds to the "serialization of an origin" from the WHATWG
html spec:
https://html.spec.whatwg.org/multipage/browsers.html#ascii-serialisation-of-an-origin

Differential Revision: https://phabricator.services.mozilla.com/D181794
2023-06-27 19:59:15 +00:00
Otto Länd
bfac3d8ff7 Bug 1830070: apply code formatting via Lando
# ignore-this-changeset
2023-06-27 03:34:34 +00:00
Tom Ritter
502de3fe32 Bug 1830070: Correctly apply RFP Checks to about: documents and deal with pop-ups r=smaug,necko-reviewers,emilio
This patch has three parts to it:

1) Use NS_IsContentAccessibleAboutURI to ensure that only safe
   about: documents get exempted.

   With this change, we will no longer allow about:blank or
   about:srcdoc to be exempted base on URI.  If they are to be
   exempted, it will need to be base on other information.

2) In Document::RecomputeResistFingerprinting we previously
   deferred to a Parent Document if we had one, and either the
   principals matched or we were a null principal.

   We will do the same thing, except we will also defer to our
   opener as well as the parent document.  Now about:blank
   documents can be exempted.

   However, this deferral only works if the opener is
   same-process. For cross-process openers, we make the decision
   ourselves.

We can make the wrong decision though. CookieJarSettings is
inherited through iframes but it is _not_ inherited through popups.
(Yet. There's some discussion there, but it's not implemented.)

Conceptually; however, we do want CJS to inherit, and we do want
RFP to inherit as well.  Because a popup can collude with its
opener to bypass RFP and Storage restrictions, we should propagate
the CJS information.

This does lead to an unusual situation: if you have exempted
b.com, and a.com (which is not exempted) creates a popup for b.com
then that popup will not be exempted.  But an open tab for b.com
would be.  And it might be hard to tell those two apart, or why
they behave differently.

The third part of the patch:

3) In LoadInfo we want to populate information down from the
   opener to the popup.  This is needed because otherwise a
   cross-origin popup will not defer to its opener (because in
   Fission they're in different processes) and will decide if
   it should be exempted itself. It's the CookieJarSettings
   object that prevents the cross-origin document from thinking
   it should be exempted - CJS tells it 'No, you're a child
   (either a subdocument or a popup) and if I say you don't get
   an exemption, you don't.'


Finally, there is one more caveat: we can only defer to a parent
document or opener if it still exists.  A popup may outlive its
opener. If that happens, and something induces a call to
RecomputeResistFingerprinting, then (e.g.) an about:blank popup
may lose an RFP exemption that it had received from its parent.
This isn't expected to happen in practice -
RecomputeResistFingerprinting is only called on document creation
and pref changes I believe.

It is not possible for a popup to _gain_ an exemption though,
because even if the parent document is gone, the CJS lives on and
restricts it.

Differential Revision: https://phabricator.services.mozilla.com/D178866
2023-06-27 03:31:02 +00:00
Norisz Fay
07a91b8c6a Backed out 2 changesets (bug 1838829) for causing perma mochitest failure with dom/websocket/tests being skipped CLOSED TREE
Backed out changeset 19a5d4f1850a (bug 1838829)
Backed out changeset 97cd8a256954 (bug 1838829)
2023-06-27 02:52:52 +03:00
Butkovits Atila
fdecfc4373 Backed out 9 changesets (bug 1830070) for causing failures at browser_hwconcurrency_popups_blob_noopener.js. CLOSED TREE
Backed out changeset 62f439f5b2ad (bug 1830070)
Backed out changeset 92b5f8af326f (bug 1830070)
Backed out changeset ae685d3825b7 (bug 1830070)
Backed out changeset 4800b1312e99 (bug 1830070)
Backed out changeset 7ea9676f22ae (bug 1830070)
Backed out changeset 7a86f85ae0e8 (bug 1830070)
Backed out changeset 0a2d5f339e41 (bug 1830070)
Backed out changeset 7e5b72c73304 (bug 1830070)
Backed out changeset e4490bf3d040 (bug 1830070)
2023-06-27 00:12:07 +03:00
Otto Länd
e0ce52807a Bug 1830070: apply code formatting via Lando
# ignore-this-changeset
2023-06-26 17:28:39 +00:00
Tom Ritter
78fae782d0 Bug 1830070: Correctly apply RFP Checks to about: documents and deal with pop-ups r=smaug,necko-reviewers,emilio
This patch has three parts to it:

1) Use NS_IsContentAccessibleAboutURI to ensure that only safe
   about: documents get exempted.

   With this change, we will no longer allow about:blank or
   about:srcdoc to be exempted base on URI.  If they are to be
   exempted, it will need to be base on other information.

2) In Document::RecomputeResistFingerprinting we previously
   deferred to a Parent Document if we had one, and either the
   principals matched or we were a null principal.

   We will do the same thing, except we will also defer to our
   opener as well as the parent document.  Now about:blank
   documents can be exempted.

   However, this deferral only works if the opener is
   same-process. For cross-process openers, we make the decision
   ourselves.

We can make the wrong decision though. CookieJarSettings is
inherited through iframes but it is _not_ inherited through popups.
(Yet. There's some discussion there, but it's not implemented.)

Conceptually; however, we do want CJS to inherit, and we do want
RFP to inherit as well.  Because a popup can collude with its
opener to bypass RFP and Storage restrictions, we should propagate
the CJS information.

This does lead to an unusual situation: if you have exempted
b.com, and a.com (which is not exempted) creates a popup for b.com
then that popup will not be exempted.  But an open tab for b.com
would be.  And it might be hard to tell those two apart, or why
they behave differently.

The third part of the patch:

3) In LoadInfo we want to populate information down from the
   opener to the popup.  This is needed because otherwise a
   cross-origin popup will not defer to its opener (because in
   Fission they're in different processes) and will decide if
   it should be exempted itself. It's the CookieJarSettings
   object that prevents the cross-origin document from thinking
   it should be exempted - CJS tells it 'No, you're a child
   (either a subdocument or a popup) and if I say you don't get
   an exemption, you don't.'


Finally, there is one more caveat: we can only defer to a parent
document or opener if it still exists.  A popup may outlive its
opener. If that happens, and something induces a call to
RecomputeResistFingerprinting, then (e.g.) an about:blank popup
may lose an RFP exemption that it had received from its parent.
This isn't expected to happen in practice -
RecomputeResistFingerprinting is only called on document creation
and pref changes I believe.

It is not possible for a popup to _gain_ an exemption though,
because even if the parent document is gone, the CJS lives on and
restricts it.

Differential Revision: https://phabricator.services.mozilla.com/D178866
2023-06-26 17:04:40 +00:00
Kershaw Chang
75c68b6864 Bug 1838829 - Skip failed tests, r=necko-reviewers,extension-reviewers,credential-management-reviewers,devtools-reviewers,dimi,valentin,robwu
Differential Revision: https://phabricator.services.mozilla.com/D181251
2023-06-26 14:22:14 +00:00
Norisz Fay
e86f1fa0e9 Backed out 5 changesets (bug 1838829) for causing mochitest failures CLOSED TREE
Backed out changeset 693d34c8447d (bug 1838829)
Backed out changeset 903d9ff4afaa (bug 1838829)
Backed out changeset 5e51feff7467 (bug 1838829)
Backed out changeset e125be49d2a6 (bug 1838829)
Backed out changeset 1a8cf3c83dc4 (bug 1838829)
2023-06-22 03:37:07 +03:00
Kershaw Chang
2cdb6b3a96 Bug 1838829 - Skip failed tests, r=necko-reviewers,extension-reviewers,credential-management-reviewers,devtools-reviewers,dimi,valentin,robwu
Differential Revision: https://phabricator.services.mozilla.com/D181251
2023-06-21 19:43:33 +00:00
Natalia Csoregi
37db79aab5 Backed out 8 changesets (bug 1830070) for causing assertion failures on nsAboutProtocolUtils.h. CLOSED TREE
Backed out changeset 05c4b06857fb (bug 1830070)
Backed out changeset f264c5b9c200 (bug 1830070)
Backed out changeset 45032e474c29 (bug 1830070)
Backed out changeset fa89c51ef6fc (bug 1830070)
Backed out changeset f0f70e7c8250 (bug 1830070)
Backed out changeset 785e1775c13d (bug 1830070)
Backed out changeset 582e28b83b50 (bug 1830070)
Backed out changeset de379bee27d0 (bug 1830070)
2023-06-19 23:51:04 +03:00
Tom Ritter
bc2e6a72ad Bug 1830070: Correctly apply RFP Checks to about: documents and deal with pop-ups r=smaug,necko-reviewers,emilio
This patch has three parts to it:

1) Use NS_IsContentAccessibleAboutURI to ensure that only safe
   about: documents get exempted.

   With this change, we will no longer allow about:blank or
   about:srcdoc to be exempted base on URI.  If they are to be
   exempted, it will need to be base on other information.

2) In Document::RecomputeResistFingerprinting we previously
   deferred to a Parent Document if we had one, and either the
   principals matched or we were a null principal.

   We will do the same thing, except we will also defer to our
   opener as well as the parent document.  Now about:blank
   documents can be exempted.

   However, this deferral only works if the opener is
   same-process. For cross-process openers, we make the decision
   ourselves.

We can make the wrong decision though. CookieJarSettings is
inherited through iframes but it is _not_ inherited through popups.
(Yet. There's some discussion there, but it's not implemented.)

Conceptually; however, we do want CJS to inherit, and we do want
RFP to inherit as well.  Because a popup can collude with its
opener to bypass RFP and Storage restrictions, we should propagate
the CJS information.

This does lead to an unusual situation: if you have exempted
b.com, and a.com (which is not exempted) creates a popup for b.com
then that popup will not be exempted.  But an open tab for b.com
would be.  And it might be hard to tell those two apart, or why
they behave differently.

The third part of the patch:

3) In LoadInfo we want to populate information down from the
   opener to the popup.  This is needed because otherwise a
   cross-origin popup will not defer to its opener (because in
   Fission they're in different processes) and will decide if
   it should be exempted itself. It's the CookieJarSettings
   object that prevents the cross-origin document from thinking
   it should be exempted - CJS tells it 'No, you're a child
   (either a subdocument or a popup) and if I say you don't get
   an exemption, you don't.'


Finally, there is one more caveat: we can only defer to a parent
document or opener if it still exists.  A popup may outlive its
opener. If that happens, and something induces a call to
RecomputeResistFingerprinting, then (e.g.) an about:blank popup
may lose an RFP exemption that it had received from its parent.
This isn't expected to happen in practice -
RecomputeResistFingerprinting is only called on document creation
and pref changes I believe.

It is not possible for a popup to _gain_ an exemption though,
because even if the parent document is gone, the CJS lives on and
restricts it.

Differential Revision: https://phabricator.services.mozilla.com/D178866
2023-06-19 20:03:27 +00:00