From 23caed9eac4832ddff3674175dc8fbf944381ead Mon Sep 17 00:00:00 2001 From: Stanca Serban Date: Fri, 29 Mar 2024 20:52:30 +0200 Subject: [PATCH] Backed out 6 changesets (bug 1876574, bug 1876575) for causing multiple failures. CLOSED TREE Backed out changeset 8c7a9f405031 (bug 1876575) Backed out changeset 49739f9ec590 (bug 1876575) Backed out changeset 1c49f0c3b677 (bug 1876575) Backed out changeset 1ca7a0f27bc0 (bug 1876575) Backed out changeset bfa9862e3480 (bug 1876575) Backed out changeset 58576ed7eb22 (bug 1876574) --- caps/OriginAttributes.cpp | 93 +++++---------- caps/OriginAttributes.h | 29 ++--- dom/base/ChromeUtils.cpp | 10 +- dom/base/Document.cpp | 12 -- dom/base/ThirdPartyUtil.cpp | 14 +-- dom/chrome-webidl/ChromeUtils.webidl | 1 - dom/indexedDB/test/test_third_party.html | 8 +- dom/serviceworkers/ServiceWorkerPrivate.cpp | 6 +- dom/serviceworkers/ServiceWorkerScriptCache.cpp | 3 +- dom/workers/ScriptLoader.cpp | 4 +- dom/workers/WorkerLoadInfo.cpp | 2 +- dom/workers/WorkerLoadInfo.h | 2 +- dom/workers/WorkerPrivate.cpp | 7 +- dom/workers/WorkerPrivate.h | 4 +- dom/workers/remoteworkers/RemoteWorkerChild.cpp | 2 +- dom/workers/remoteworkers/RemoteWorkerTypes.ipdlh | 2 +- netwerk/cookie/CookieJarSettings.cpp | 20 +--- netwerk/cookie/CookieJarSettings.h | 4 +- netwerk/protocol/http/HttpBaseChannel.cpp | 1 + .../test_different_domain_in_hierarchy.html | 2 +- .../samesite/sandbox-iframe-nested.https.html.ini | 4 - .../sandbox-iframe-subresource.https.html.ini | 5 - .../partitioned.tentative.https.html.ini | 3 +- ...ageAccess-ABA.tentative.sub.https.window.js.ini | 4 + ...ss-site-sibling-iframes.sub.https.window.js.ini | 4 + .../partitioned-web-locks.tentative.https.html.ini | 10 +- .../components/antitracking/AntiTrackingUtils.cpp | 131 ++++++--------------- .../antitracking/StorageAccessAPIHelper.cpp | 7 +- .../antitracking/StoragePrincipalHelper.cpp | 41 ++----- .../antitracking/StoragePrincipalHelper.h | 8 -- .../antitracking/test/browser/browser.toml | 2 - .../test/browser/browser_doublyNestedTracker.js | 2 +- .../test/browser/browser_partitionedABA.js | 86 -------------- ...torageAccessThirdPartyChecks_alwaysPartition.js | 1 - .../resistfingerprinting/nsRFPService.cpp | 64 ++-------- 35 files changed, 155 insertions(+), 443 deletions(-) create mode 100644 testing/web-platform/meta/storage-access-api/requestStorageAccess-cross-site-sibling-iframes.sub.https.window.js.ini delete mode 100644 toolkit/components/antitracking/test/browser/browser_partitionedABA.js diff --git a/caps/OriginAttributes.cpp b/caps/OriginAttributes.cpp index 0b7b00f91425..211d6b00e7f5 100644 --- a/caps/OriginAttributes.cpp +++ b/caps/OriginAttributes.cpp @@ -22,8 +22,8 @@ static const char kSanitizedChar = '+'; namespace mozilla { static void MakeTopLevelInfo(const nsACString& aScheme, const nsACString& aHost, - int32_t aPort, bool aForeignByAncestorContext, - bool aUseSite, nsAString& aTopLevelInfo) { + int32_t aPort, bool aUseSite, + nsAString& aTopLevelInfo) { if (!aUseSite) { aTopLevelInfo.Assign(NS_ConvertUTF8toUTF16(aHost)); return; @@ -41,26 +41,19 @@ static void MakeTopLevelInfo(const nsACString& aScheme, const nsACString& aHost, site.Append(","); site.AppendInt(aPort); } - if (aForeignByAncestorContext) { - site.Append(",f"); - } site.AppendLiteral(")"); aTopLevelInfo.Assign(NS_ConvertUTF8toUTF16(site)); } static void MakeTopLevelInfo(const nsACString& aScheme, const nsACString& aHost, - bool aForeignByAncestorContext, bool aUseSite, - nsAString& aTopLevelInfo) { - MakeTopLevelInfo(aScheme, aHost, -1, aForeignByAncestorContext, aUseSite, - aTopLevelInfo); + bool aUseSite, nsAString& aTopLevelInfo) { + MakeTopLevelInfo(aScheme, aHost, -1, aUseSite, aTopLevelInfo); } static void PopulateTopLevelInfoFromURI(const bool aIsTopLevelDocument, - nsIURI* aURI, - bool aForeignByAncestorContext, - bool aIsFirstPartyEnabled, bool aForced, - bool aUseSite, + nsIURI* aURI, bool aIsFirstPartyEnabled, + bool aForced, bool aUseSite, nsString OriginAttributes::*aTarget, OriginAttributes& aOriginAttributes) { nsresult rv; @@ -93,7 +86,7 @@ static void PopulateTopLevelInfoFromURI(const bool aIsTopLevelDocument, if (scheme.EqualsLiteral("about")) { MakeTopLevelInfo(scheme, nsLiteralCString(ABOUT_URI_FIRST_PARTY_DOMAIN), - aForeignByAncestorContext, aUseSite, topLevelInfo); + aUseSite, topLevelInfo); return; } @@ -135,8 +128,7 @@ static void PopulateTopLevelInfoFromURI(const bool aIsTopLevelDocument, nsAutoCString baseDomain; rv = tldService->GetBaseDomain(uri, 0, baseDomain); if (NS_SUCCEEDED(rv)) { - MakeTopLevelInfo(scheme, baseDomain, aForeignByAncestorContext, aUseSite, - topLevelInfo); + MakeTopLevelInfo(scheme, baseDomain, aUseSite, topLevelInfo); return; } @@ -168,14 +160,12 @@ static void PopulateTopLevelInfoFromURI(const bool aIsTopLevelDocument, ipAddr = host; } - MakeTopLevelInfo(scheme, ipAddr, port, aForeignByAncestorContext, aUseSite, - topLevelInfo); + MakeTopLevelInfo(scheme, ipAddr, port, aUseSite, topLevelInfo); return; } if (aUseSite) { - MakeTopLevelInfo(scheme, host, port, aForeignByAncestorContext, aUseSite, - topLevelInfo); + MakeTopLevelInfo(scheme, host, port, aUseSite, topLevelInfo); return; } @@ -183,8 +173,7 @@ static void PopulateTopLevelInfoFromURI(const bool aIsTopLevelDocument, nsAutoCString publicSuffix; rv = tldService->GetPublicSuffix(uri, publicSuffix); if (NS_SUCCEEDED(rv)) { - MakeTopLevelInfo(scheme, publicSuffix, port, aForeignByAncestorContext, - aUseSite, topLevelInfo); + MakeTopLevelInfo(scheme, publicSuffix, port, aUseSite, topLevelInfo); return; } } @@ -193,7 +182,7 @@ static void PopulateTopLevelInfoFromURI(const bool aIsTopLevelDocument, void OriginAttributes::SetFirstPartyDomain(const bool aIsTopLevelDocument, nsIURI* aURI, bool aForced) { PopulateTopLevelInfoFromURI( - aIsTopLevelDocument, aURI, false, IsFirstPartyEnabled(), aForced, + aIsTopLevelDocument, aURI, IsFirstPartyEnabled(), aForced, StaticPrefs::privacy_firstparty_isolate_use_site(), &OriginAttributes::mFirstPartyDomain, *this); } @@ -214,21 +203,19 @@ void OriginAttributes::SetFirstPartyDomain(const bool aIsTopLevelDocument, mFirstPartyDomain = aDomain; } -void OriginAttributes::SetPartitionKey(nsIURI* aURI, - bool aForeignByAncestorContext) { +void OriginAttributes::SetPartitionKey(nsIURI* aURI) { PopulateTopLevelInfoFromURI( - false /* aIsTopLevelDocument */, aURI, aForeignByAncestorContext, - IsFirstPartyEnabled(), true /* aForced */, - StaticPrefs::privacy_dynamic_firstparty_use_site(), + false /* aIsTopLevelDocument */, aURI, IsFirstPartyEnabled(), + true /* aForced */, StaticPrefs::privacy_dynamic_firstparty_use_site(), &OriginAttributes::mPartitionKey, *this); } -void OriginAttributes::SetPartitionKey(const nsACString& aOther) { - SetPartitionKey(NS_ConvertUTF8toUTF16(aOther)); +void OriginAttributes::SetPartitionKey(const nsACString& aDomain) { + SetPartitionKey(NS_ConvertUTF8toUTF16(aDomain)); } -void OriginAttributes::SetPartitionKey(const nsAString& aOther) { - mPartitionKey = aOther; +void OriginAttributes::SetPartitionKey(const nsAString& aDomain) { + mPartitionKey = aDomain; } void OriginAttributes::CreateSuffix(nsACString& aStr) const { @@ -432,20 +419,17 @@ bool OriginAttributes::IsPrivateBrowsing(const nsACString& aOrigin) { bool OriginAttributes::ParsePartitionKey(const nsAString& aPartitionKey, nsAString& outScheme, nsAString& outBaseDomain, - int32_t& outPort, - bool& outForeignByAncestorContext) { + int32_t& outPort) { outScheme.Truncate(); outBaseDomain.Truncate(); outPort = -1; - outForeignByAncestorContext = false; - // Partition keys have the format - // "(,[,port][,foreignancestorbit])". The port and - // ancestor bits are optional. For example: "(https,example.com,8443)" or - // "(http,example.org)", or "(http,example.info,f)", or - // "(http,example.biz,8443,f)". When privacy.dynamic_firstparty.use_site = - // false, the partitionKey contains only the host, e.g. "example.com". See - // MakeTopLevelInfo for the partitionKey serialization code. + // Partition keys have the format "(,,[port])". The port + // is optional. For example: "(https,example.com,8443)" or + // "(http,example.org)". + // When privacy.dynamic_firstparty.use_site = false, the partitionKey contains + // only the host, e.g. "example.com". + // See MakeTopLevelInfo for the partitionKey serialization code. if (aPartitionKey.IsEmpty()) { return true; @@ -482,27 +466,14 @@ bool OriginAttributes::ParsePartitionKey(const nsAString& aPartitionKey, } else if (fieldIndex == 1) { outBaseDomain.Assign(field); } else if (fieldIndex == 2) { - // The first optional argument is either "f" or a port number - if (field.EqualsLiteral("f")) { - outForeignByAncestorContext = true; - } else { - // Parse the port which is represented in the partitionKey string as a - // decimal (base 10) number. - long port = strtol(NS_ConvertUTF16toUTF8(field).get(), nullptr, 10); - // Invalid port. - if (NS_WARN_IF(port == 0)) { - return false; - } - outPort = static_cast(port); - } - } else if (fieldIndex == 3) { - // The second optional argument, if it exists, is "f" and the first - // optional argument was a port - if (field.EqualsLiteral("f") || outPort == -1) { - NS_WARNING("Invalid partitionKey. Invalid token."); + // Parse the port which is represented in the partitionKey string as a + // decimal (base 10) number. + long port = strtol(NS_ConvertUTF16toUTF8(field).get(), nullptr, 10); + // Invalid port. + if (NS_WARN_IF(port == 0)) { return false; } - outForeignByAncestorContext = true; + outPort = static_cast(port); } else { NS_WARNING("Invalid partitionKey. Too many tokens"); return false; diff --git a/caps/OriginAttributes.h b/caps/OriginAttributes.h index 52f7afa9427d..faf9d8005078 100644 --- a/caps/OriginAttributes.h +++ b/caps/OriginAttributes.h @@ -27,9 +27,9 @@ class OriginAttributes : public dom::OriginAttributesDictionary { void SetFirstPartyDomain(const bool aIsTopLevelDocument, const nsAString& aDomain, bool aForced = false); - void SetPartitionKey(nsIURI* aURI, bool aForeignByAncestorContext); - void SetPartitionKey(const nsACString& aOther); - void SetPartitionKey(const nsAString& aOther); + void SetPartitionKey(nsIURI* aURI); + void SetPartitionKey(const nsACString& aDomain); + void SetPartitionKey(const nsAString& aDomain); enum { STRIP_FIRST_PARTY_DOMAIN = 0x01, @@ -129,13 +129,13 @@ class OriginAttributes : public dom::OriginAttributesDictionary { // different than 0. static bool IsPrivateBrowsing(const nsACString& aOrigin); - // Parse a partitionKey of the format - // "(,,[port],[ancestorbit])" into its components. Returns - // false if the partitionKey cannot be parsed because the format is invalid. + // Parse a partitionKey of the format "(,,[port])" into + // its components. + // Returns false if the partitionKey cannot be parsed because the format is + // invalid. static bool ParsePartitionKey(const nsAString& aPartitionKey, nsAString& outScheme, nsAString& outBaseDomain, - int32_t& outPort, - bool& outForeignByAncestorContext); + int32_t& outPort); }; class OriginAttributesPattern : public dom::OriginAttributesPatternDictionary { @@ -193,9 +193,8 @@ class OriginAttributesPattern : public dom::OriginAttributesPatternDictionary { nsString scheme; nsString baseDomain; int32_t port; - bool ancestor; bool success = OriginAttributes::ParsePartitionKey( - aAttrs.mPartitionKey, scheme, baseDomain, port, ancestor); + aAttrs.mPartitionKey, scheme, baseDomain, port); if (!success) { return false; } @@ -211,10 +210,6 @@ class OriginAttributesPattern : public dom::OriginAttributesPatternDictionary { if (pkPattern.mPort.WasPassed() && pkPattern.mPort.Value() != port) { return false; } - if (pkPattern.mForeignByAncestorContext.WasPassed() && - pkPattern.mForeignByAncestorContext.Value() != ancestor) { - return false; - } } } @@ -267,12 +262,6 @@ class OriginAttributesPattern : public dom::OriginAttributesPatternDictionary { self.mPort.Value() != other.mPort.Value()) { return false; } - if (self.mForeignByAncestorContext.WasPassed() && - other.mForeignByAncestorContext.WasPassed() && - self.mForeignByAncestorContext.Value() != - other.mForeignByAncestorContext.Value()) { - return false; - } } return true; diff --git a/dom/base/ChromeUtils.cpp b/dom/base/ChromeUtils.cpp index 407f33e04496..8d111c70bf70 100644 --- a/dom/base/ChromeUtils.cpp +++ b/dom/base/ChromeUtils.cpp @@ -1289,10 +1289,9 @@ void ChromeUtils::GetBaseDomainFromPartitionKey(dom::GlobalObject& aGlobal, nsString scheme; nsString pkBaseDomain; int32_t port; - bool ancestor; - if (!mozilla::OriginAttributes::ParsePartitionKey( - aPartitionKey, scheme, pkBaseDomain, port, ancestor)) { + if (!mozilla::OriginAttributes::ParsePartitionKey(aPartitionKey, scheme, + pkBaseDomain, port)) { aRv.Throw(NS_ERROR_FAILURE); return; } @@ -1318,10 +1317,7 @@ void ChromeUtils::GetPartitionKeyFromURL(dom::GlobalObject& aGlobal, } mozilla::OriginAttributes attrs; - // For now, uses assume the partition key is cross-site. - // We will need to not make this assumption to allow access - // to same-site partitioned cookies in the cookie extension API. - attrs.SetPartitionKey(uri, false); + attrs.SetPartitionKey(uri); aPartitionKey = attrs.mPartitionKey; } diff --git a/dom/base/Document.cpp b/dom/base/Document.cpp index 99dae97ca5cc..abcaecea9131 100644 --- a/dom/base/Document.cpp +++ b/dom/base/Document.cpp @@ -17516,18 +17516,6 @@ Document::CreatePermissionGrantPromise( p = new StorageAccessAPIHelper::StorageAccessPermissionGrantPromise:: Private(__func__); - // Before we prompt, see if we are same-site - if (aFrameOnly) { - nsIChannel* channel = self->GetChannel(); - if (channel) { - nsCOMPtr loadInfo = channel->LoadInfo(); - if (!loadInfo->GetIsThirdPartyContextToTopWindow()) { - p->Resolve(StorageAccessAPIHelper::eAllow, __func__); - return p; - } - } - } - RefPtr promise; // Test the permission MOZ_ASSERT(XRE_IsContentProcess()); diff --git a/dom/base/ThirdPartyUtil.cpp b/dom/base/ThirdPartyUtil.cpp index 0ced8aa7d8ee..2c71ab3d946b 100644 --- a/dom/base/ThirdPartyUtil.cpp +++ b/dom/base/ThirdPartyUtil.cpp @@ -200,9 +200,9 @@ ThirdPartyUtil::IsThirdPartyWindow(mozIDOMWindowProxy* aWindow, nsIURI* aURI, bool result; - // Ignore about:blank and about:srcdoc URIs here since they have no domain - // and attempting to compare against them will fail. - if (aURI && !NS_IsAboutBlank(aURI) && !NS_IsAboutSrcdoc(aURI)) { + // Ignore about:blank URIs here since they have no domain and attempting to + // compare against them will fail. + if (aURI && !NS_IsAboutBlank(aURI)) { nsCOMPtr prin; nsresult rv = GetPrincipalFromWindow(aWindow, getter_AddRefs(prin)); NS_ENSURE_SUCCESS(rv, rv); @@ -320,10 +320,10 @@ ThirdPartyUtil::IsThirdPartyChannel(nsIChannel* aChannel, nsIURI* aURI, } } - // Special consideration must be done for about:blank and about:srcdoc URIs - // because those inherit the principal from the parent context. For them, - // let's consider the principal URI. - if (NS_IsAboutBlank(channelURI) || NS_IsAboutSrcdoc(channelURI)) { + // Special consideration must be done for about:blank URIs because those + // inherit the principal from the parent context. For them, let's consider the + // principal URI. + if (NS_IsAboutBlank(channelURI)) { nsCOMPtr principalToInherit = loadInfo->FindPrincipalToInherit(aChannel); if (!principalToInherit) { diff --git a/dom/chrome-webidl/ChromeUtils.webidl b/dom/chrome-webidl/ChromeUtils.webidl index e1a4c3bedf79..3ccb125a1e04 100644 --- a/dom/chrome-webidl/ChromeUtils.webidl +++ b/dom/chrome-webidl/ChromeUtils.webidl @@ -975,7 +975,6 @@ dictionary PartitionKeyPatternDictionary { DOMString scheme; DOMString baseDomain; long port; - boolean foreignByAncestorContext; }; dictionary CompileScriptOptionsDictionary { diff --git a/dom/indexedDB/test/test_third_party.html b/dom/indexedDB/test/test_third_party.html index 439f50d75427..ee90de8dac60 100644 --- a/dom/indexedDB/test/test_third_party.html +++ b/dom/indexedDB/test/test_third_party.html @@ -25,12 +25,12 @@ { host: "http://sub1.test2.example.org:8000", cookieBehavior: BEHAVIOR_REJECT, expectedResultFrame1: false, expectedResultFrame2: false }, { host: "http://" + window.location.host, cookieBehavior: BEHAVIOR_REJECTFOREIGN, expectedResultFrame1: true, expectedResultFrame2: true }, - { host: "http://example.com", cookieBehavior: BEHAVIOR_REJECTFOREIGN, expectedResultFrame1: false, expectedResultFrame2: false }, - { host: "http://sub1.test2.example.org:8000", cookieBehavior: BEHAVIOR_REJECTFOREIGN, expectedResultFrame1: false, expectedResultFrame2: false }, + { host: "http://example.com", cookieBehavior: BEHAVIOR_REJECTFOREIGN, expectedResultFrame1: false, expectedResultFrame2: true }, + { host: "http://sub1.test2.example.org:8000", cookieBehavior: BEHAVIOR_REJECTFOREIGN, expectedResultFrame1: false, expectedResultFrame2: true }, { host: "http://" + window.location.host, cookieBehavior: BEHAVIOR_LIMITFOREIGN, expectedResultFrame1: true, expectedResultFrame2: true }, - { host: "http://example.com", cookieBehavior: BEHAVIOR_LIMITFOREIGN, expectedResultFrame1: false, expectedResultFrame2: false }, - { host: "http://sub1.test2.example.org:8000", cookieBehavior: BEHAVIOR_LIMITFOREIGN, expectedResultFrame1: false, expectedResultFrame2: false }, + { host: "http://example.com", cookieBehavior: BEHAVIOR_LIMITFOREIGN, expectedResultFrame1: false, expectedResultFrame2: true }, + { host: "http://sub1.test2.example.org:8000", cookieBehavior: BEHAVIOR_LIMITFOREIGN, expectedResultFrame1: false, expectedResultFrame2: true }, ]; const iframe1Path = diff --git a/dom/serviceworkers/ServiceWorkerPrivate.cpp b/dom/serviceworkers/ServiceWorkerPrivate.cpp index 5d95452503e2..864a59800648 100644 --- a/dom/serviceworkers/ServiceWorkerPrivate.cpp +++ b/dom/serviceworkers/ServiceWorkerPrivate.cpp @@ -544,11 +544,10 @@ nsresult ServiceWorkerPrivate::Initialize() { nsAutoString scheme; nsAutoString pkBaseDomain; int32_t unused; - bool unused2; if (OriginAttributes::ParsePartitionKey( principal->OriginAttributesRef().mPartitionKey, scheme, - pkBaseDomain, unused, unused2)) { + pkBaseDomain, unused)) { nsCOMPtr firstPartyURI; rv = NS_NewURI(getter_AddRefs(firstPartyURI), scheme + u"://"_ns + pkBaseDomain); @@ -593,8 +592,7 @@ nsresult ServiceWorkerPrivate::Initialize() { } } } else { - net::CookieJarSettings::Cast(cookieJarSettings) - ->SetPartitionKey(uri, false); + net::CookieJarSettings::Cast(cookieJarSettings)->SetPartitionKey(uri); // The service worker is for a first-party context, we can use the uri of // the service worker as the first-party domain to get the fingerprinting diff --git a/dom/serviceworkers/ServiceWorkerScriptCache.cpp b/dom/serviceworkers/ServiceWorkerScriptCache.cpp index 07635adbc567..f1569ffe5fad 100644 --- a/dom/serviceworkers/ServiceWorkerScriptCache.cpp +++ b/dom/serviceworkers/ServiceWorkerScriptCache.cpp @@ -678,8 +678,7 @@ nsresult CompareNetwork::Initialize(nsIPrincipal* aPrincipal, net::CookieJarSettings::Cast(cookieJarSettings) ->SetPartitionKey(aPrincipal->OriginAttributesRef().mPartitionKey); } else { - net::CookieJarSettings::Cast(cookieJarSettings) - ->SetPartitionKey(uri, false); + net::CookieJarSettings::Cast(cookieJarSettings)->SetPartitionKey(uri); } // Note that because there is no "serviceworker" RequestContext type, we can diff --git a/dom/workers/ScriptLoader.cpp b/dom/workers/ScriptLoader.cpp index e5eeffeaa4c7..ecbf87646196 100644 --- a/dom/workers/ScriptLoader.cpp +++ b/dom/workers/ScriptLoader.cpp @@ -1063,8 +1063,8 @@ nsresult WorkerScriptLoader::LoadScript( // This flag reflects the fact that if the worker is created under a // third-party context. nsCOMPtr loadInfo = channel->LoadInfo(); - loadInfo->SetIsInThirdPartyContext( - mWorkerRef->Private()->IsThirdPartyContext()); + loadInfo->SetIsThirdPartyContextToTopWindow( + mWorkerRef->Private()->IsThirdPartyContextToTopWindow()); Maybe clientInfo; clientInfo.emplace(loadContext->mClientInfo.ref()); diff --git a/dom/workers/WorkerLoadInfo.cpp b/dom/workers/WorkerLoadInfo.cpp index 29fb69c2128d..0dec07a675c5 100644 --- a/dom/workers/WorkerLoadInfo.cpp +++ b/dom/workers/WorkerLoadInfo.cpp @@ -101,7 +101,7 @@ WorkerLoadInfoData::WorkerLoadInfoData() mUsingStorageAccess(false), mServiceWorkersTestingInWindow(false), mShouldResistFingerprinting(false), - mIsThirdPartyContext(true), + mIsThirdPartyContextToTopWindow(true), mSecureContext(eNotSet) {} nsresult WorkerLoadInfo::SetPrincipalsAndCSPOnMainThread( diff --git a/dom/workers/WorkerLoadInfo.h b/dom/workers/WorkerLoadInfo.h index c86538145cc8..722e71d6f3d5 100644 --- a/dom/workers/WorkerLoadInfo.h +++ b/dom/workers/WorkerLoadInfo.h @@ -147,7 +147,7 @@ struct WorkerLoadInfoData { bool mShouldResistFingerprinting; Maybe mOverriddenFingerprintingSettings; OriginAttributes mOriginAttributes; - bool mIsThirdPartyContext; + bool mIsThirdPartyContextToTopWindow; enum { eNotSet, diff --git a/dom/workers/WorkerPrivate.cpp b/dom/workers/WorkerPrivate.cpp index 037b79c74e9a..3644851a7e1b 100644 --- a/dom/workers/WorkerPrivate.cpp +++ b/dom/workers/WorkerPrivate.cpp @@ -2791,7 +2791,8 @@ nsresult WorkerPrivate::GetLoadInfo( loadInfo.mOriginAttributes = aParent->GetOriginAttributes(); loadInfo.mServiceWorkersTestingInWindow = aParent->ServiceWorkersTestingInWindow(); - loadInfo.mIsThirdPartyContext = aParent->IsThirdPartyContext(); + loadInfo.mIsThirdPartyContextToTopWindow = + aParent->IsThirdPartyContextToTopWindow(); loadInfo.mShouldResistFingerprinting = aParent->ShouldResistFingerprinting( RFPTarget::IsAlwaysEnabledForPrecompute); loadInfo.mOverriddenFingerprintingSettings = @@ -2952,7 +2953,7 @@ nsresult WorkerPrivate::GetLoadInfo( StorageAllowedForDocument(document) != StorageAccess::eAllow) { loadInfo.mUsingStorageAccess = false; } - loadInfo.mIsThirdPartyContext = + loadInfo.mIsThirdPartyContextToTopWindow = AntiTrackingUtils::IsThirdPartyWindow(globalWindow, nullptr); loadInfo.mCookieJarSettings = document->CookieJarSettings(); if (loadInfo.mCookieJarSettings) { @@ -3020,7 +3021,7 @@ nsresult WorkerPrivate::GetLoadInfo( cookieJarSettings->Serialize(loadInfo.mCookieJarSettingsArgs); loadInfo.mOriginAttributes = OriginAttributes(); - loadInfo.mIsThirdPartyContext = false; + loadInfo.mIsThirdPartyContextToTopWindow = false; } MOZ_ASSERT(loadInfo.mLoadingPrincipal); diff --git a/dom/workers/WorkerPrivate.h b/dom/workers/WorkerPrivate.h index ce754ba9f6c2..a670d009759d 100644 --- a/dom/workers/WorkerPrivate.h +++ b/dom/workers/WorkerPrivate.h @@ -972,7 +972,9 @@ class WorkerPrivate final } // Determine if the worker was created under a third-party context. - bool IsThirdPartyContext() const { return mLoadInfo.mIsThirdPartyContext; } + bool IsThirdPartyContextToTopWindow() const { + return mLoadInfo.mIsThirdPartyContextToTopWindow; + } bool IsWatchedByDevTools() const { return mLoadInfo.mWatchedByDevTools; } diff --git a/dom/workers/remoteworkers/RemoteWorkerChild.cpp b/dom/workers/remoteworkers/RemoteWorkerChild.cpp index bf63c1729cf7..feb294f3fc2b 100644 --- a/dom/workers/remoteworkers/RemoteWorkerChild.cpp +++ b/dom/workers/remoteworkers/RemoteWorkerChild.cpp @@ -286,7 +286,7 @@ nsresult RemoteWorkerChild::ExecWorkerOnMainThread(RemoteWorkerData&& aData) { info.mStorageAccess = aData.storageAccess(); info.mUseRegularPrincipal = aData.useRegularPrincipal(); info.mUsingStorageAccess = aData.usingStorageAccess(); - info.mIsThirdPartyContext = aData.isThirdPartyContext(); + info.mIsThirdPartyContextToTopWindow = aData.isThirdPartyContextToTopWindow(); info.mOriginAttributes = BasePrincipal::Cast(principal)->OriginAttributesRef(); info.mShouldResistFingerprinting = aData.shouldResistFingerprinting(); diff --git a/dom/workers/remoteworkers/RemoteWorkerTypes.ipdlh b/dom/workers/remoteworkers/RemoteWorkerTypes.ipdlh index 08fb5700feb0..8894450b72ba 100644 --- a/dom/workers/remoteworkers/RemoteWorkerTypes.ipdlh +++ b/dom/workers/remoteworkers/RemoteWorkerTypes.ipdlh @@ -76,7 +76,7 @@ struct RemoteWorkerData StorageAccess storageAccess; - bool isThirdPartyContext; + bool isThirdPartyContextToTopWindow; bool shouldResistFingerprinting; diff --git a/netwerk/cookie/CookieJarSettings.cpp b/netwerk/cookie/CookieJarSettings.cpp index 9e598c296f2f..027382b1ee19 100644 --- a/netwerk/cookie/CookieJarSettings.cpp +++ b/netwerk/cookie/CookieJarSettings.cpp @@ -4,11 +4,9 @@ * License, v. 2.0. If a copy of the MPL was not distributed with this * file, You can obtain one at http://mozilla.org/MPL/2.0/. */ -#include "mozIThirdPartyUtil.h" #include "mozilla/AntiTrackingUtils.h" #include "mozilla/BasePrincipal.h" #include "mozilla/ClearOnShutdown.h" -#include "mozilla/Components.h" #include "mozilla/ContentBlockingAllowList.h" #include "mozilla/dom/BrowsingContext.h" #include "mozilla/net/CookieJarSettings.h" @@ -17,7 +15,6 @@ #include "mozilla/PermissionManager.h" #include "mozilla/SchedulerGroup.h" #include "mozilla/StaticPrefs_network.h" -#include "mozilla/StoragePrincipalHelper.h" #include "mozilla/Unused.h" #include "nsIPrincipal.h" #if defined(MOZ_THUNDERBIRD) || defined(MOZ_SUITE) @@ -199,7 +196,7 @@ CookieJarSettings::InitWithURI(nsIURI* aURI, bool aIsPrivate) { mCookieBehavior = nsICookieManager::GetCookieBehavior(aIsPrivate); - SetPartitionKey(aURI, false); + SetPartitionKey(aURI); return NS_OK; } @@ -529,25 +526,14 @@ void CookieJarSettings::Merge(const CookieJarSettingsArgs& aData) { } } -void CookieJarSettings::SetPartitionKey(nsIURI* aURI, - bool aForeignByAncestorContext) { +void CookieJarSettings::SetPartitionKey(nsIURI* aURI) { MOZ_ASSERT(aURI); OriginAttributes attrs; - attrs.SetPartitionKey(aURI, aForeignByAncestorContext); + attrs.SetPartitionKey(aURI); mPartitionKey = std::move(attrs.mPartitionKey); } -void CookieJarSettings::UpdatePartitionKeyForDocumentLoadedByChannel( - nsIChannel* aChannel) { - nsCOMPtr loadInfo = aChannel->LoadInfo(); - bool thirdParty = AntiTrackingUtils::IsThirdPartyChannel(aChannel); - bool foreignByAncestorContext = - thirdParty && !loadInfo->GetIsThirdPartyContextToTopWindow(); - StoragePrincipalHelper::UpdatePartitionKeyWithForeignAncestorBit( - mPartitionKey, foreignByAncestorContext); -} - void CookieJarSettings::UpdateIsOnContentBlockingAllowList( nsIChannel* aChannel) { MOZ_DIAGNOSTIC_ASSERT(XRE_IsParentProcess()); diff --git a/netwerk/cookie/CookieJarSettings.h b/netwerk/cookie/CookieJarSettings.h index cf3c9ff41890..c1554175fb76 100644 --- a/netwerk/cookie/CookieJarSettings.h +++ b/netwerk/cookie/CookieJarSettings.h @@ -161,14 +161,12 @@ class CookieJarSettings final : public nsICookieJarSettings { void UpdateIsOnContentBlockingAllowList(nsIChannel* aChannel); - void SetPartitionKey(nsIURI* aURI, bool aForeignByAncestorContext); + void SetPartitionKey(nsIURI* aURI); void SetPartitionKey(const nsAString& aPartitionKey) { mPartitionKey = aPartitionKey; } const nsAString& GetPartitionKey() { return mPartitionKey; }; - void UpdatePartitionKeyForDocumentLoadedByChannel(nsIChannel* aChannel); - void SetFingerprintingRandomizationKey(const nsTArray& aKey) { mFingerprintingRandomKey.reset(); diff --git a/netwerk/protocol/http/HttpBaseChannel.cpp b/netwerk/protocol/http/HttpBaseChannel.cpp index 768d08658c45..aeb6083fff88 100644 --- a/netwerk/protocol/http/HttpBaseChannel.cpp +++ b/netwerk/protocol/http/HttpBaseChannel.cpp @@ -2423,6 +2423,7 @@ HttpBaseChannel::GetDocumentURI(nsIURI** aDocumentURI) { NS_IMETHODIMP HttpBaseChannel::SetDocumentURI(nsIURI* aDocumentURI) { ENSURE_CALLED_BEFORE_CONNECT(); + mDocumentURI = aDocumentURI; return NS_OK; } diff --git a/netwerk/test/mochitests/test_different_domain_in_hierarchy.html b/netwerk/test/mochitests/test_different_domain_in_hierarchy.html index 1a4abad676c7..0ec6d35d4d98 100644 --- a/netwerk/test/mochitests/test_different_domain_in_hierarchy.html +++ b/netwerk/test/mochitests/test_different_domain_in_hierarchy.html @@ -5,7 +5,7 @@ - +