docshell/base/WindowContext.h

   1 /* -*- Mode: C++; tab-width: 8; indent-tabs-mode: nil; c-basic-offset: 2 -*- */
   2 /* vim: set ts=8 sts=2 et sw=2 tw=80: */
   3 /* This Source Code Form is subject to the terms of the Mozilla Public
   4  * License, v. 2.0. If a copy of the MPL was not distributed with this
   5  * file, You can obtain one at http://mozilla.org/MPL/2.0/. */
   6
   7 #ifndef mozilla_dom_WindowContext_h
   8 #define mozilla_dom_WindowContext_h
   9
  10 #include "mozilla/PermissionDelegateHandler.h"
  11 #include "mozilla/WeakPtr.h"
  12 #include "mozilla/Span.h"
  13 #include "mozilla/dom/MaybeDiscarded.h"
  14 #include "mozilla/dom/SyncedContext.h"
  15 #include "mozilla/dom/UserActivation.h"
  16 #include "nsDOMNavigationTiming.h"
  17 #include "nsILoadInfo.h"
  18 #include "nsWrapperCache.h"
  19
  20 class nsIGlobalObject;
  21
  22 class nsGlobalWindowInner;
  23
  24 namespace mozilla {
  25 class LogModule;
  26
  27 namespace dom {
  28
  29 class WindowGlobalChild;
  30 class WindowGlobalParent;
  31 class WindowGlobalInit;
  32 class BrowsingContext;
  33 class BrowsingContextGroup;
  34
  35 #define MOZ_EACH_WC_FIELD(FIELD)                                         \
  36   /* Whether the SHEntry associated with the current top-level           \
  37    * window has already seen user interaction.                           \
  38    * As such, this will be reset to false when a new SHEntry is          \
  39    * created without changing the WC (e.g. when using pushState or       \
  40    * sub-frame navigation)                                               \
  41    * This flag is set for optimization purposes, to avoid                \
  42    * having to get the top SHEntry and update it on every                \
  43    * user interaction.                                                   \
  44    * This is only meaningful on the top-level WC. */                     \
  45   FIELD(SHEntryHasUserInteraction, bool)                                 \
  46   FIELD(CookieBehavior, Maybe<uint32_t>)                                 \
  47   FIELD(IsOnContentBlockingAllowList, bool)                              \
  48   /* Whether the given window hierarchy is third party. See              \
  49    * ThirdPartyUtil::IsThirdPartyWindow for details */                   \
  50   FIELD(IsThirdPartyWindow, bool)                                        \
  51   /* Whether this window's channel has been marked as a third-party      \
  52    * tracking resource */                                                \
  53   FIELD(IsThirdPartyTrackingResourceWindow, bool)                        \
  54   FIELD(ShouldResistFingerprinting, bool)                                \
  55   FIELD(IsSecureContext, bool)                                           \
  56   FIELD(IsOriginalFrameSource, bool)                                     \
  57   /* Mixed-Content: If the corresponding documentURI is https,           \
  58    * then this flag is true. */                                          \
  59   FIELD(IsSecure, bool)                                                  \
  60   /* Whether the user has overriden the mixed content blocker to allow   \
  61    * mixed content loads to happen */                                    \
  62   FIELD(AllowMixedContent, bool)                                         \
  63   /* Whether this window has registered a "beforeunload" event           \
  64    * handler */                                                          \
  65   FIELD(HasBeforeUnload, bool)                                           \
  66   /* Controls whether the WindowContext is currently considered to be    \
  67    * activated by a gesture */                                           \
  68   FIELD(UserActivationState, UserActivation::State)                      \
  69   FIELD(EmbedderPolicy, nsILoadInfo::CrossOriginEmbedderPolicy)          \
  70   /* True if this document tree contained at least a HTMLMediaElement.   \
  71    * This should only be set on top level context. */                    \
  72   FIELD(DocTreeHadMedia, bool)                                           \
  73   FIELD(AutoplayPermission, uint32_t)                                    \
  74   FIELD(ShortcutsPermission, uint32_t)                                   \
  75   /* Store the Id of the browsing context where active media session     \
  76    * exists on the top level window context */                           \
  77   FIELD(ActiveMediaSessionContextId, Maybe<uint64_t>)                    \
  78   /* ALLOW_ACTION if it is allowed to open popups for the sub-tree       \
  79    * starting and including the current WindowContext */                 \
  80   FIELD(PopupPermission, uint32_t)                                       \
  81   FIELD(DelegatedPermissions,                                            \
  82         PermissionDelegateHandler::DelegatedPermissionList)              \
  83   FIELD(DelegatedExactHostMatchPermissions,                              \
  84         PermissionDelegateHandler::DelegatedPermissionList)              \
  85   FIELD(HasReportedShadowDOMUsage, bool)                                 \
  86   /* Whether the principal of this window is for a local                 \
  87    * IP address */                                                       \
  88   FIELD(IsLocalIP, bool)                                                 \
  89   /* Whether any of the windows in the subtree rooted at this window has \
  90    * active peer connections or not (only set on the top window). */     \
  91   FIELD(HasActivePeerConnections, bool)                                  \
  92   /* Whether we can execute scripts in this WindowContext. Has no effect \
  93    * unless scripts are also allowed in the BrowsingContext. */          \
  94   FIELD(AllowJavascript, bool)                                           \
  95   /* If this field is `true`, it means that this WindowContext's         \
  96    * WindowState was saved to be stored in the legacy (non-SHIP) BFCache \
  97    * implementation. Always false for SHIP */                            \
  98   FIELD(WindowStateSaved, bool)
  99
 100 class WindowContext : public nsISupports, public nsWrapperCache {
 101   MOZ_DECL_SYNCED_CONTEXT(WindowContext, MOZ_EACH_WC_FIELD)
 102
 103   NS_DECL_CYCLE_COLLECTING_ISUPPORTS
 104   NS_DECL_CYCLE_COLLECTION_WRAPPERCACHE_CLASS(WindowContext)
 105
 106  public:
 107   static already_AddRefed<WindowContext> GetById(uint64_t aInnerWindowId);
 108   static LogModule* GetLog();
 109   static LogModule* GetSyncLog();
 110
 111   BrowsingContext* GetBrowsingContext() const { return mBrowsingContext; }
 112   BrowsingContextGroup* Group() const;
 113   uint64_t Id() const { return InnerWindowId(); }
 114   uint64_t InnerWindowId() const { return mInnerWindowId; }
 115   uint64_t OuterWindowId() const { return mOuterWindowId; }
 116   bool IsDiscarded() const { return mIsDiscarded; }
 117
 118   // Returns `true` if this WindowContext is the current WindowContext in its
 119   // BrowsingContext.
 120   bool IsCurrent() const;
 121
 122   // Returns `true` if this WindowContext is currently in the BFCache.
 123   bool IsInBFCache();
 124
 125   bool IsInProcess() const { return mIsInProcess; }
 126
 127   bool HasBeforeUnload() const { return GetHasBeforeUnload(); }
 128
 129   bool IsLocalIP() const { return GetIsLocalIP(); }
 130
 131   bool ShouldResistFingerprinting() const {
 132     return GetShouldResistFingerprinting();
 133   }
 134
 135   nsGlobalWindowInner* GetInnerWindow() const;
 136   Document* GetDocument() const;
 137   Document* GetExtantDoc() const;
 138
 139   WindowGlobalChild* GetWindowGlobalChild() const;
 140
 141   // Get the parent WindowContext of this WindowContext, taking the BFCache into
 142   // account. This will not cross chrome/content <browser> boundaries.
 143   WindowContext* GetParentWindowContext();
 144   WindowContext* TopWindowContext();
 145
 146   bool SameOriginWithTop() const;
 147
 148   bool IsTop() const;
 149
 150   Span<RefPtr<BrowsingContext>> Children() { return mChildren; }
 151
 152   // The filtered version of `Children()`, which contains no browsing contexts
 153   // for synthetic documents as created by object loading content.
 154   Span<RefPtr<BrowsingContext>> NonSyntheticChildren() {
 155     return mNonSyntheticChildren;
 156   }
 157
 158   // Cast this object to it's parent-process canonical form.
 159   WindowGlobalParent* Canonical();
 160
 161   nsIGlobalObject* GetParentObject() const;
 162   JSObject* WrapObject(JSContext* cx,
 163                        JS::Handle<JSObject*> aGivenProto) override;
 164
 165   void Discard();
 166
 167   struct IPCInitializer {
 168     uint64_t mInnerWindowId;
 169     uint64_t mOuterWindowId;
 170     uint64_t mBrowsingContextId;
 171
 172     FieldValues mFields;
 173   };
 174   IPCInitializer GetIPCInitializer();
 175
 176   static void CreateFromIPC(IPCInitializer&& aInit);
 177
 178   // Add new security state flags.
 179   // These should be some of the nsIWebProgressListener 'HTTPS_ONLY_MODE' or
 180   // 'MIXED' state flags, and should only be called on the top window context.
 181   void AddSecurityState(uint32_t aStateFlags);
 182
 183   // This function would be called when its corresponding window is activated
 184   // by user gesture.
 185   void NotifyUserGestureActivation();
 186
 187   // This function would be called when we want to reset the user gesture
 188   // activation flag.
 189   void NotifyResetUserGestureActivation();
 190
 191   // Return true if its corresponding window has been activated by user
 192   // gesture.
 193   bool HasBeenUserGestureActivated();
 194
 195   // Return true if its corresponding window has transient user gesture
 196   // activation and the transient user gesture activation haven't yet timed
 197   // out.
 198   bool HasValidTransientUserGestureActivation();
 199
 200   // See `mUserGestureStart`.
 201   const TimeStamp& GetUserGestureStart() const;
 202
 203   // Return true if the corresponding window has valid transient user gesture
 204   // activation and the transient user gesture activation had been consumed
 205   // successfully.
 206   bool ConsumeTransientUserGestureActivation();
 207
 208   bool CanShowPopup();
 209
 210   bool AllowJavascript() const { return GetAllowJavascript(); }
 211   bool CanExecuteScripts() const { return mCanExecuteScripts; }
 212
 213   void TransientSetHasActivePeerConnections();
 214
 215  protected:
 216   WindowContext(BrowsingContext* aBrowsingContext, uint64_t aInnerWindowId,
 217                 uint64_t aOuterWindowId, FieldValues&& aFields);
 218   virtual ~WindowContext();
 219
 220   virtual void Init();
 221
 222  private:
 223   friend class BrowsingContext;
 224   friend class WindowGlobalChild;
 225   friend class WindowGlobalActor;
 226
 227   void AppendChildBrowsingContext(BrowsingContext* aBrowsingContext);
 228   void RemoveChildBrowsingContext(BrowsingContext* aBrowsingContext);
 229
 230   // Update non-synthetic children based on whether `aBrowsingContext`
 231   // is synthetic or not. Regardless the synthetic of `aBrowsingContext`, it is
 232   // kept in this WindowContext's all children list.
 233   void UpdateChildSynthetic(BrowsingContext* aBrowsingContext,
 234                             bool aIsSynthetic);
 235
 236   // Send a given `BaseTransaction` object to the correct remote.
 237   void SendCommitTransaction(ContentParent* aParent,
 238                              const BaseTransaction& aTxn, uint64_t aEpoch);
 239   void SendCommitTransaction(ContentChild* aChild, const BaseTransaction& aTxn,
 240                              uint64_t aEpoch);
 241
 242   bool CheckOnlyOwningProcessCanSet(ContentParent* aSource);
 243
 244   // Overload `CanSet` to get notifications for a particular field being set.
 245   bool CanSet(FieldIndex<IDX_IsSecure>, const bool& aIsSecure,
 246               ContentParent* aSource);
 247   bool CanSet(FieldIndex<IDX_AllowMixedContent>, const bool& aAllowMixedContent,
 248               ContentParent* aSource);
 249
 250   bool CanSet(FieldIndex<IDX_HasBeforeUnload>, const bool& aHasBeforeUnload,
 251               ContentParent* aSource);
 252
 253   bool CanSet(FieldIndex<IDX_CookieBehavior>, const Maybe<uint32_t>& aValue,
 254               ContentParent* aSource);
 255
 256   bool CanSet(FieldIndex<IDX_IsOnContentBlockingAllowList>, const bool& aValue,
 257               ContentParent* aSource);
 258
 259   bool CanSet(FieldIndex<IDX_EmbedderPolicy>, const bool& aValue,
 260               ContentParent* aSource) {
 261     return true;
 262   }
 263
 264   bool CanSet(FieldIndex<IDX_IsThirdPartyWindow>,
 265               const bool& IsThirdPartyWindow, ContentParent* aSource);
 266   bool CanSet(FieldIndex<IDX_IsThirdPartyTrackingResourceWindow>,
 267               const bool& aIsThirdPartyTrackingResourceWindow,
 268               ContentParent* aSource);
 269   bool CanSet(FieldIndex<IDX_ShouldResistFingerprinting>,
 270               const bool& aShouldResistFingerprinting, ContentParent* aSource);
 271   bool CanSet(FieldIndex<IDX_IsSecureContext>, const bool& aIsSecureContext,
 272               ContentParent* aSource);
 273   bool CanSet(FieldIndex<IDX_IsOriginalFrameSource>,
 274               const bool& aIsOriginalFrameSource, ContentParent* aSource);
 275   bool CanSet(FieldIndex<IDX_DocTreeHadMedia>, const bool& aValue,
 276               ContentParent* aSource);
 277   bool CanSet(FieldIndex<IDX_AutoplayPermission>, const uint32_t& aValue,
 278               ContentParent* aSource);
 279   bool CanSet(FieldIndex<IDX_ShortcutsPermission>, const uint32_t& aValue,
 280               ContentParent* aSource);
 281   bool CanSet(FieldIndex<IDX_ActiveMediaSessionContextId>,
 282               const Maybe<uint64_t>& aValue, ContentParent* aSource);
 283   bool CanSet(FieldIndex<IDX_PopupPermission>, const uint32_t&,
 284               ContentParent* aSource);
 285   bool CanSet(FieldIndex<IDX_SHEntryHasUserInteraction>,
 286               const bool& aSHEntryHasUserInteraction, ContentParent* aSource) {
 287     return true;
 288   }
 289   bool CanSet(FieldIndex<IDX_DelegatedPermissions>,
 290               const PermissionDelegateHandler::DelegatedPermissionList& aValue,
 291               ContentParent* aSource);
 292   bool CanSet(FieldIndex<IDX_DelegatedExactHostMatchPermissions>,
 293               const PermissionDelegateHandler::DelegatedPermissionList& aValue,
 294               ContentParent* aSource);
 295   bool CanSet(FieldIndex<IDX_UserActivationState>,
 296               const UserActivation::State& aUserActivationState,
 297               ContentParent* aSource) {
 298     return true;
 299   }
 300
 301   bool CanSet(FieldIndex<IDX_HasReportedShadowDOMUsage>, const bool& aValue,
 302               ContentParent* aSource) {
 303     return true;
 304   }
 305
 306   bool CanSet(FieldIndex<IDX_IsLocalIP>, const bool& aValue,
 307               ContentParent* aSource);
 308
 309   bool CanSet(FieldIndex<IDX_AllowJavascript>, bool aValue,
 310               ContentParent* aSource);
 311   void DidSet(FieldIndex<IDX_AllowJavascript>, bool aOldValue);
 312
 313   bool CanSet(FieldIndex<IDX_HasActivePeerConnections>, bool, ContentParent*);
 314
 315   void DidSet(FieldIndex<IDX_HasReportedShadowDOMUsage>, bool aOldValue);
 316
 317   void DidSet(FieldIndex<IDX_SHEntryHasUserInteraction>, bool aOldValue);
 318
 319   bool CanSet(FieldIndex<IDX_WindowStateSaved>, bool aValue,
 320               ContentParent* aSource);
 321
 322   // Overload `DidSet` to get notifications for a particular field being set.
 323   //
 324   // You can also overload the variant that gets the old value if you need it.
 325   template <size_t I>
 326   void DidSet(FieldIndex<I>) {}
 327   template <size_t I, typename T>
 328   void DidSet(FieldIndex<I>, T&& aOldValue) {}
 329   void DidSet(FieldIndex<IDX_UserActivationState>);
 330
 331   // Recomputes whether we can execute scripts in this WindowContext based on
 332   // the value of AllowJavascript() and whether scripts are allowed in the
 333   // BrowsingContext.
 334   void RecomputeCanExecuteScripts(bool aApplyChanges = true);
 335
 336   const uint64_t mInnerWindowId;
 337   const uint64_t mOuterWindowId;
 338   RefPtr<BrowsingContext> mBrowsingContext;
 339   WeakPtr<WindowGlobalChild> mWindowGlobalChild;
 340
 341   // --- NEVER CHANGE `mChildren` DIRECTLY! ---
 342   // Changes to this list need to be synchronized to the list within our
 343   // `mBrowsingContext`, and should only be performed through the
 344   // `AppendChildBrowsingContext` and `RemoveChildBrowsingContext` methods.
 345   nsTArray<RefPtr<BrowsingContext>> mChildren;
 346
 347   // --- NEVER CHANGE `mNonSyntheticChildren` DIRECTLY! ---
 348   // Same reason as for mChildren.
 349   // mNonSyntheticChildren contains the same browsing contexts except browsing
 350   // contexts created by the synthetic document for object loading contents
 351   // loading images. This is used to discern browsing contexts created when
 352   // loading images in <object> or <embed> elements, so that they can be hidden
 353   // from named targeting, `Window.frames` etc.
 354   nsTArray<RefPtr<BrowsingContext>> mNonSyntheticChildren;
 355
 356   bool mIsDiscarded = false;
 357   bool mIsInProcess = false;
 358
 359   // Determines if we can execute scripts in this WindowContext. True if
 360   // AllowJavascript() is true and script execution is allowed in the
 361   // BrowsingContext.
 362   bool mCanExecuteScripts = true;
 363
 364   // The start time of user gesture, this is only available if the window
 365   // context is in process.
 366   TimeStamp mUserGestureStart;
 367 };
 368
 369 using WindowContextTransaction = WindowContext::BaseTransaction;
 370 using WindowContextInitializer = WindowContext::IPCInitializer;
 371 using MaybeDiscardedWindowContext = MaybeDiscarded<WindowContext>;
 372
 373 // Don't specialize the `Transaction` object for every translation unit it's
 374 // used in. This should help keep code size down.
 375 extern template class syncedcontext::Transaction<WindowContext>;
 376
 377 }  // namespace dom
 378
 379 namespace ipc {
 380 template <>
 381 struct IPDLParamTraits<dom::MaybeDiscarded<dom::WindowContext>> {
 382   static void Write(IPC::MessageWriter* aWriter, IProtocol* aActor,
 383                     const dom::MaybeDiscarded<dom::WindowContext>& aParam);
 384   static bool Read(IPC::MessageReader* aReader, IProtocol* aActor,
 385                    dom::MaybeDiscarded<dom::WindowContext>* aResult);
 386 };
 387
 388 template <>
 389 struct IPDLParamTraits<dom::WindowContext::IPCInitializer> {
 390   static void Write(IPC::MessageWriter* aWriter, IProtocol* aActor,
 391                     const dom::WindowContext::IPCInitializer& aInitializer);
 392
 393   static bool Read(IPC::MessageReader* aReader, IProtocol* aActor,
 394                    dom::WindowContext::IPCInitializer* aInitializer);
 395 };
 396 }  // namespace ipc
 397 }  // namespace mozilla
 398
 399 #endif  // !defined(mozilla_dom_WindowContext_h)