1 /* -*- Mode: C++; tab-width: 8; indent-tabs-mode: nil; c-basic-offset: 2 -*- */
2 /* vim: set ts=8 sts=2 et sw=2 tw=80: */
3 /* This Source Code Form is subject to the terms of the Mozilla Public
4 * License, v. 2.0. If a copy of the MPL was not distributed with this
5 * file, You can obtain one at http://mozilla.org/MPL/2.0/. */
7 #ifndef mozilla_OriginAttributes_h
8 #define mozilla_OriginAttributes_h
10 #include "mozilla/dom/ChromeUtilsBinding.h"
11 #include "mozilla/StaticPrefs_privacy.h"
12 #include "nsIScriptSecurityManager.h"
16 class OriginAttributes
: public dom::OriginAttributesDictionary
{
18 OriginAttributes() = default;
20 explicit OriginAttributes(bool aInIsolatedMozBrowser
) {
21 mInIsolatedMozBrowser
= aInIsolatedMozBrowser
;
24 explicit OriginAttributes(const OriginAttributesDictionary
& aOther
)
25 : OriginAttributesDictionary(aOther
) {}
27 void SetFirstPartyDomain(const bool aIsTopLevelDocument
, nsIURI
* aURI
,
28 bool aForced
= false);
29 void SetFirstPartyDomain(const bool aIsTopLevelDocument
,
30 const nsACString
& aDomain
);
31 void SetFirstPartyDomain(const bool aIsTopLevelDocument
,
32 const nsAString
& aDomain
, bool aForced
= false);
34 void SetPartitionKey(nsIURI
* aURI
);
35 void SetPartitionKey(const nsACString
& aDomain
);
36 void SetPartitionKey(const nsAString
& aDomain
);
39 STRIP_FIRST_PARTY_DOMAIN
= 0x01,
40 STRIP_USER_CONTEXT_ID
= 0x02,
41 STRIP_PRIVATE_BROWSING_ID
= 0x04,
42 STRIP_PARITION_KEY
= 0x08,
45 inline void StripAttributes(uint32_t aFlags
) {
46 if (aFlags
& STRIP_FIRST_PARTY_DOMAIN
) {
47 mFirstPartyDomain
.Truncate();
50 if (aFlags
& STRIP_USER_CONTEXT_ID
) {
51 mUserContextId
= nsIScriptSecurityManager::DEFAULT_USER_CONTEXT_ID
;
54 if (aFlags
& STRIP_PRIVATE_BROWSING_ID
) {
56 nsIScriptSecurityManager::DEFAULT_PRIVATE_BROWSING_ID
;
59 if (aFlags
& STRIP_PARITION_KEY
) {
60 mPartitionKey
.Truncate();
64 bool operator==(const OriginAttributes
& aOther
) const {
65 return EqualsIgnoringFPD(aOther
) &&
66 mFirstPartyDomain
== aOther
.mFirstPartyDomain
&&
67 // FIXME(emilio, bug 1667440): Should this be part of
68 // EqualsIgnoringFPD instead?
69 mPartitionKey
== aOther
.mPartitionKey
;
72 bool operator!=(const OriginAttributes
& aOther
) const {
73 return !(*this == aOther
);
76 [[nodiscard
]] bool EqualsIgnoringFPD(const OriginAttributes
& aOther
) const {
77 return mInIsolatedMozBrowser
== aOther
.mInIsolatedMozBrowser
&&
78 mUserContextId
== aOther
.mUserContextId
&&
79 mPrivateBrowsingId
== aOther
.mPrivateBrowsingId
&&
80 mGeckoViewSessionContextId
== aOther
.mGeckoViewSessionContextId
;
83 // Serializes/Deserializes non-default values into the suffix format, i.e.
84 // |!key1=value1&key2=value2|. If there are no non-default attributes, this
85 // returns an empty string.
86 void CreateSuffix(nsACString
& aStr
) const;
88 // Don't use this method for anything else than debugging!
89 void CreateAnonymizedSuffix(nsACString
& aStr
) const;
91 [[nodiscard
]] bool PopulateFromSuffix(const nsACString
& aStr
);
93 // Populates the attributes from a string like
94 // |uri!key1=value1&key2=value2| and returns the uri without the suffix.
95 [[nodiscard
]] bool PopulateFromOrigin(const nsACString
& aOrigin
,
96 nsACString
& aOriginNoSuffix
);
98 // Helper function to match mIsPrivateBrowsing to existing private browsing
99 // flags. Once all other flags are removed, this can be removed too.
100 void SyncAttributesWithPrivateBrowsing(bool aInPrivateBrowsing
);
102 // check if "privacy.firstparty.isolate" is enabled.
103 static inline bool IsFirstPartyEnabled() {
104 return StaticPrefs::privacy_firstparty_isolate();
107 static inline bool UseSiteForFirstPartyDomain() {
108 if (IsFirstPartyEnabled()) {
109 return StaticPrefs::privacy_firstparty_isolate_use_site();
111 return StaticPrefs::privacy_dynamic_firstparty_use_site();
114 // check if the access of window.opener across different FPDs is restricted.
115 // We only restrict the access of window.opener when first party isolation
116 // is enabled and "privacy.firstparty.isolate.restrict_opener_access" is on.
117 static inline bool IsRestrictOpenerAccessForFPI() {
118 // We always want to restrict window.opener if first party isolation is
120 return !StaticPrefs::privacy_firstparty_isolate() ||
121 StaticPrefs::privacy_firstparty_isolate_restrict_opener_access();
124 // Check whether we block the postMessage across different FPDs when the
125 // targetOrigin is '*'.
126 [[nodiscard
]] static inline bool IsBlockPostMessageForFPI() {
127 return StaticPrefs::privacy_firstparty_isolate() &&
128 StaticPrefs::privacy_firstparty_isolate_block_post_message();
131 // returns true if the originAttributes suffix has mPrivateBrowsingId value
133 static bool IsPrivateBrowsing(const nsACString
& aOrigin
);
136 class OriginAttributesPattern
: public dom::OriginAttributesPatternDictionary
{
138 // To convert a JSON string to an OriginAttributesPattern, do the following:
140 // OriginAttributesPattern pattern;
141 // if (!pattern.Init(aJSONString)) {
142 // ... // handle failure.
144 OriginAttributesPattern() = default;
146 explicit OriginAttributesPattern(
147 const OriginAttributesPatternDictionary
& aOther
)
148 : OriginAttributesPatternDictionary(aOther
) {}
150 // Performs a match of |aAttrs| against this pattern.
151 bool Matches(const OriginAttributes
& aAttrs
) const {
152 if (mInIsolatedMozBrowser
.WasPassed() &&
153 mInIsolatedMozBrowser
.Value() != aAttrs
.mInIsolatedMozBrowser
) {
157 if (mUserContextId
.WasPassed() &&
158 mUserContextId
.Value() != aAttrs
.mUserContextId
) {
162 if (mPrivateBrowsingId
.WasPassed() &&
163 mPrivateBrowsingId
.Value() != aAttrs
.mPrivateBrowsingId
) {
167 if (mFirstPartyDomain
.WasPassed() &&
168 mFirstPartyDomain
.Value() != aAttrs
.mFirstPartyDomain
) {
172 if (mGeckoViewSessionContextId
.WasPassed() &&
173 mGeckoViewSessionContextId
.Value() !=
174 aAttrs
.mGeckoViewSessionContextId
) {
178 if (mPartitionKey
.WasPassed() &&
179 mPartitionKey
.Value() != aAttrs
.mPartitionKey
) {
186 bool Overlaps(const OriginAttributesPattern
& aOther
) const {
187 if (mInIsolatedMozBrowser
.WasPassed() &&
188 aOther
.mInIsolatedMozBrowser
.WasPassed() &&
189 mInIsolatedMozBrowser
.Value() != aOther
.mInIsolatedMozBrowser
.Value()) {
193 if (mUserContextId
.WasPassed() && aOther
.mUserContextId
.WasPassed() &&
194 mUserContextId
.Value() != aOther
.mUserContextId
.Value()) {
198 if (mPrivateBrowsingId
.WasPassed() &&
199 aOther
.mPrivateBrowsingId
.WasPassed() &&
200 mPrivateBrowsingId
.Value() != aOther
.mPrivateBrowsingId
.Value()) {
204 if (mFirstPartyDomain
.WasPassed() && aOther
.mFirstPartyDomain
.WasPassed() &&
205 mFirstPartyDomain
.Value() != aOther
.mFirstPartyDomain
.Value()) {
209 if (mGeckoViewSessionContextId
.WasPassed() &&
210 aOther
.mGeckoViewSessionContextId
.WasPassed() &&
211 mGeckoViewSessionContextId
.Value() !=
212 aOther
.mGeckoViewSessionContextId
.Value()) {
216 if (mPartitionKey
.WasPassed() && aOther
.mPartitionKey
.WasPassed() &&
217 mPartitionKey
.Value() != aOther
.mPartitionKey
.Value()) {
225 } // namespace mozilla
227 #endif /* mozilla_OriginAttributes_h */