Commit Graph

9 Commits

Author SHA1 Message Date
Tim Huang
15c3ab7c9c Bug 1492607 - Part 1: Making postMessage to be aware of OAs when the targetOrigin is "*." r=arthuredelstein,baku
This patch adds a MOZ_DIAGNOSTIC_ASSERT for assuring the OAs
are matching when the targetOrigin is "*" for the postMessage().
But it ignores the FPD in OA since the FPDs are possible to be
different.

We also add a new pref 'privacy.firstparty.isolate.block_post_message'
for allowing blocking postMessage across different FPDs.

Differential Revision: https://phabricator.services.mozilla.com/D8521

--HG--
extra : moz-landing-system : lando
2018-10-25 06:47:08 +00:00
Andrea Marchesini
f6768a8ff6 Bug 1228139 - Remove nsIURIWithPrincipal - part 3 - main part, r=bz
nsIURIWithPrincipal is currently used to retrieve the nsIPrincipal from a
BlobURL object.  BlobURLProtocolHandler has a hashtable containing, for each
blobURL, a BlobImpl and its nsIPrincipal. This patch introduces
BlobURLProtocolHandler::GetBlobURLPrincipal() that retrieves the nsIPrincipal
from this hashtable.

This patch fixes also a bug in how the revocation of blobURLs is broadcasted to
other processes. This should be done immediately because each process creates
its own timer to revoke them after 5 seconds.

An important change is related to NS_SecurityCompareURIs() where, if 1 (or
both) of the 2 URIs to compare, is a revoked BlobURL, we will QI its URL to
nsIStandardURL and fail out at that point.
2018-07-24 22:15:57 +02:00
Andrea Marchesini
212fc6788b Bug 1228139 - Remove nsIURIWithPrincipal - part 1 - Use of NullPrincipal when nsIURIWithPrincipal.getPrincipal() returns a nullptr, r=bz 2018-07-24 22:15:17 +02:00
Tim Huang
c0118a2d73 Bug 1473247 - Part 1: Fixing the issue that the IP addresses won't be set for first party domains. r=arthuredelstein,baku
Right now, the firstPartyDomain won't be set when using IP addresses as
first party domains. It is because of that the TLD service won't accept
IP addresses as valid hosts. The patch fixes this problem by detecting
that if the host is a IP address. If it is, we will still set the
firstPartyDoamin with the IP address.

Differential Revision: https://phabricator.services.mozilla.com/D1977

--HG--
extra : moz-landing-system : lando
2018-07-13 19:53:15 +00:00
Tim Huang
f5dcf5b4b6 Bug 1470156 - Part 2: Fixing the crashing problem when using an invalid character in a firstPartyDomain. r=baku
This patch adds a sanitization of firstPartyDomain when calling the
OriginAttributes::CreateSuffix() and remove the release assert there.
The cookies API for the web extension can use a arbitrary string for the
firstPartyDomain. So, we should sanitize the firstPartyDomain before
we creating a suffix. The release assert is not required anymore since
the firstPartyDomain is sanitized

Depends on D1845.

Differential Revision: https://phabricator.services.mozilla.com/D1856

--HG--
extra : moz-landing-system : lando
2018-07-03 13:47:45 +00:00
Anthony Ramine
0f6e750881 Bug 1431449 - Make URLParams::ParseInput call URLParams::Parse instead of the opposite; r=bz
This trades off more virtual calls in URLParams::ParseInput, while removing any extra
allocation when calling URLParams::Parse.

MozReview-Commit-ID: HrIqsguQjrk

--HG--
extra : rebase_source : fd6d4f0455f5c3df72bd3518b98359ac8759a89d
2018-01-18 13:13:51 +01:00
Anthony Ramine
fbcfbecb79 Bug 1431449 - Introduce URLParams::Parse; r=bz
MozReview-Commit-ID: LicbWjZHxjz

--HG--
extra : rebase_source : c49df723c73c03d64b4b9ca5f6d3a52735e38b7d
2018-01-18 12:53:35 +01:00
Yoshi Huang
332addc285 Bug 1344170: set firstPartyDomai on blob: URI. r=smaug
A web page could generate an URL by URl.createObjectURL(new Blob(...));
then navigate to this generated URL.

In this case the (top-level) document URI will be blob:{origin}:{uuid}.
And we try to add firstPartyDomain on this top-level document with blob URI, so
the following request from this document could have correct origin
attributes.
2017-04-24 14:12:03 +08:00
Andrea Marchesini
8d7c2746ea Bug 1349512 - Move OriginAttributes class in separate files, r=qdot
--HG--
rename : caps/BasePrincipal.cpp => caps/OriginAttributes.cpp
rename : caps/BasePrincipal.h => caps/OriginAttributes.h
2017-03-22 18:45:40 +01:00