|
Packit |
f0b94e |
/* -*- Mode: C++; tab-width: 2; indent-tabs-mode: nil; c-basic-offset: 2 -*- */
|
|
Packit |
f0b94e |
/* vim: set ts=2 sw=2 et tw=80: */
|
|
Packit |
f0b94e |
/* This Source Code Form is subject to the terms of the Mozilla Public
|
|
Packit |
f0b94e |
* License, v. 2.0. If a copy of the MPL was not distributed with this
|
|
Packit |
f0b94e |
* file, You can obtain one at http://mozilla.org/MPL/2.0/. */
|
|
Packit |
f0b94e |
|
|
Packit |
f0b94e |
#include "mozilla/OriginAttributes.h"
|
|
Packit |
f0b94e |
#include "mozilla/Preferences.h"
|
|
Packit |
f0b94e |
#include "mozilla/dom/URLSearchParams.h"
|
|
Packit |
f0b94e |
#include "mozilla/dom/quota/QuotaManager.h"
|
|
Packit |
f0b94e |
#include "nsIEffectiveTLDService.h"
|
|
Packit |
f0b94e |
#include "nsIURI.h"
|
|
Packit |
f0b94e |
#include "nsIURIWithPrincipal.h"
|
|
Packit |
f0b94e |
|
|
Packit |
f0b94e |
namespace mozilla {
|
|
Packit |
f0b94e |
|
|
Packit |
f0b94e |
using dom::URLParams;
|
|
Packit |
f0b94e |
|
|
Packit |
f0b94e |
bool OriginAttributes::sFirstPartyIsolation = false;
|
|
Packit |
f0b94e |
bool OriginAttributes::sRestrictedOpenerAccess = false;
|
|
Packit |
f0b94e |
|
|
Packit |
f0b94e |
void OriginAttributes::InitPrefs() {
|
|
Packit |
f0b94e |
MOZ_ASSERT(NS_IsMainThread());
|
|
Packit |
f0b94e |
static bool sInited = false;
|
|
Packit |
f0b94e |
if (!sInited) {
|
|
Packit |
f0b94e |
sInited = true;
|
|
Packit |
f0b94e |
Preferences::AddBoolVarCache(&sFirstPartyIsolation,
|
|
Packit |
f0b94e |
"privacy.firstparty.isolate");
|
|
Packit |
f0b94e |
Preferences::AddBoolVarCache(
|
|
Packit |
f0b94e |
&sRestrictedOpenerAccess,
|
|
Packit |
f0b94e |
"privacy.firstparty.isolate.restrict_opener_access");
|
|
Packit |
f0b94e |
}
|
|
Packit |
f0b94e |
}
|
|
Packit |
f0b94e |
|
|
Packit |
f0b94e |
void OriginAttributes::SetFirstPartyDomain(const bool aIsTopLevelDocument,
|
|
Packit |
f0b94e |
nsIURI* aURI) {
|
|
Packit |
f0b94e |
bool isFirstPartyEnabled = IsFirstPartyEnabled();
|
|
Packit |
f0b94e |
|
|
Packit |
f0b94e |
// If the pref is off or this is not a top level load, bail out.
|
|
Packit |
f0b94e |
if (!isFirstPartyEnabled || !aIsTopLevelDocument) {
|
|
Packit |
f0b94e |
return;
|
|
Packit |
f0b94e |
}
|
|
Packit |
f0b94e |
|
|
Packit |
f0b94e |
nsCOMPtr<nsIEffectiveTLDService> tldService =
|
|
Packit |
f0b94e |
do_GetService(NS_EFFECTIVETLDSERVICE_CONTRACTID);
|
|
Packit |
f0b94e |
MOZ_ASSERT(tldService);
|
|
Packit |
f0b94e |
if (!tldService) {
|
|
Packit |
f0b94e |
return;
|
|
Packit |
f0b94e |
}
|
|
Packit |
f0b94e |
|
|
Packit |
f0b94e |
nsAutoCString baseDomain;
|
|
Packit |
f0b94e |
nsresult rv = tldService->GetBaseDomain(aURI, 0, baseDomain);
|
|
Packit |
f0b94e |
if (NS_SUCCEEDED(rv)) {
|
|
Packit |
f0b94e |
mFirstPartyDomain = NS_ConvertUTF8toUTF16(baseDomain);
|
|
Packit |
f0b94e |
return;
|
|
Packit |
f0b94e |
}
|
|
Packit |
f0b94e |
|
|
Packit |
f0b94e |
nsAutoCString scheme;
|
|
Packit |
f0b94e |
rv = aURI->GetScheme(scheme);
|
|
Packit |
f0b94e |
NS_ENSURE_SUCCESS_VOID(rv);
|
|
Packit |
f0b94e |
if (scheme.EqualsLiteral("about")) {
|
|
Packit |
f0b94e |
mFirstPartyDomain.AssignLiteral(ABOUT_URI_FIRST_PARTY_DOMAIN);
|
|
Packit |
f0b94e |
} else if (scheme.EqualsLiteral("blob")) {
|
|
Packit |
f0b94e |
nsCOMPtr<nsIURIWithPrincipal> uriPrinc = do_QueryInterface(aURI);
|
|
Packit |
f0b94e |
if (uriPrinc) {
|
|
Packit |
f0b94e |
nsCOMPtr<nsIPrincipal> principal;
|
|
Packit |
f0b94e |
rv = uriPrinc->GetPrincipal(getter_AddRefs(principal));
|
|
Packit |
f0b94e |
NS_ENSURE_SUCCESS_VOID(rv);
|
|
Packit |
f0b94e |
|
|
Packit |
f0b94e |
MOZ_ASSERT(principal, "blob URI but no principal.");
|
|
Packit |
f0b94e |
if (principal) {
|
|
Packit |
f0b94e |
mFirstPartyDomain = principal->OriginAttributesRef().mFirstPartyDomain;
|
|
Packit |
f0b94e |
}
|
|
Packit |
f0b94e |
}
|
|
Packit |
f0b94e |
}
|
|
Packit |
f0b94e |
}
|
|
Packit |
f0b94e |
|
|
Packit |
f0b94e |
void OriginAttributes::SetFirstPartyDomain(const bool aIsTopLevelDocument,
|
|
Packit |
f0b94e |
const nsACString& aDomain) {
|
|
Packit |
f0b94e |
bool isFirstPartyEnabled = IsFirstPartyEnabled();
|
|
Packit |
f0b94e |
|
|
Packit |
f0b94e |
// If the pref is off or this is not a top level load, bail out.
|
|
Packit |
f0b94e |
if (!isFirstPartyEnabled || !aIsTopLevelDocument) {
|
|
Packit |
f0b94e |
return;
|
|
Packit |
f0b94e |
}
|
|
Packit |
f0b94e |
|
|
Packit |
f0b94e |
mFirstPartyDomain = NS_ConvertUTF8toUTF16(aDomain);
|
|
Packit |
f0b94e |
}
|
|
Packit |
f0b94e |
|
|
Packit |
f0b94e |
void OriginAttributes::CreateSuffix(nsACString& aStr) const {
|
|
Packit |
f0b94e |
URLParams params;
|
|
Packit |
f0b94e |
nsAutoString value;
|
|
Packit |
f0b94e |
|
|
Packit |
f0b94e |
//
|
|
Packit |
f0b94e |
// Important: While serializing any string-valued attributes, perform a
|
|
Packit |
f0b94e |
// release-mode assertion to make sure that they don't contain characters that
|
|
Packit |
f0b94e |
// will break the quota manager when it uses the serialization for file
|
|
Packit |
f0b94e |
// naming.
|
|
Packit |
f0b94e |
//
|
|
Packit |
f0b94e |
|
|
Packit |
f0b94e |
if (mAppId != nsIScriptSecurityManager::NO_APP_ID) {
|
|
Packit |
f0b94e |
value.AppendInt(mAppId);
|
|
Packit |
f0b94e |
params.Set(NS_LITERAL_STRING("appId"), value);
|
|
Packit |
f0b94e |
}
|
|
Packit |
f0b94e |
|
|
Packit |
f0b94e |
if (mInIsolatedMozBrowser) {
|
|
Packit |
f0b94e |
params.Set(NS_LITERAL_STRING("inBrowser"), NS_LITERAL_STRING("1"));
|
|
Packit |
f0b94e |
}
|
|
Packit |
f0b94e |
|
|
Packit |
f0b94e |
if (mUserContextId != nsIScriptSecurityManager::DEFAULT_USER_CONTEXT_ID) {
|
|
Packit |
f0b94e |
value.Truncate();
|
|
Packit |
f0b94e |
value.AppendInt(mUserContextId);
|
|
Packit |
f0b94e |
params.Set(NS_LITERAL_STRING("userContextId"), value);
|
|
Packit |
f0b94e |
}
|
|
Packit |
f0b94e |
|
|
Packit |
f0b94e |
if (mPrivateBrowsingId) {
|
|
Packit |
f0b94e |
value.Truncate();
|
|
Packit |
f0b94e |
value.AppendInt(mPrivateBrowsingId);
|
|
Packit |
f0b94e |
params.Set(NS_LITERAL_STRING("privateBrowsingId"), value);
|
|
Packit |
f0b94e |
}
|
|
Packit |
f0b94e |
|
|
Packit |
f0b94e |
if (!mFirstPartyDomain.IsEmpty()) {
|
|
Packit |
f0b94e |
MOZ_RELEASE_ASSERT(mFirstPartyDomain.FindCharInSet(
|
|
Packit |
f0b94e |
dom::quota::QuotaManager::kReplaceChars) ==
|
|
Packit |
f0b94e |
kNotFound);
|
|
Packit |
f0b94e |
params.Set(NS_LITERAL_STRING("firstPartyDomain"), mFirstPartyDomain);
|
|
Packit |
f0b94e |
}
|
|
Packit |
f0b94e |
|
|
Packit |
f0b94e |
aStr.Truncate();
|
|
Packit |
f0b94e |
|
|
Packit |
f0b94e |
params.Serialize(value);
|
|
Packit |
f0b94e |
if (!value.IsEmpty()) {
|
|
Packit |
f0b94e |
aStr.AppendLiteral("^");
|
|
Packit |
f0b94e |
aStr.Append(NS_ConvertUTF16toUTF8(value));
|
|
Packit |
f0b94e |
}
|
|
Packit |
f0b94e |
|
|
Packit |
f0b94e |
// In debug builds, check the whole string for illegal characters too (just in
|
|
Packit |
f0b94e |
// case).
|
|
Packit |
f0b94e |
#ifdef DEBUG
|
|
Packit |
f0b94e |
nsAutoCString str;
|
|
Packit |
f0b94e |
str.Assign(aStr);
|
|
Packit |
f0b94e |
MOZ_ASSERT(str.FindCharInSet(dom::quota::QuotaManager::kReplaceChars) ==
|
|
Packit |
f0b94e |
kNotFound);
|
|
Packit |
f0b94e |
#endif
|
|
Packit |
f0b94e |
}
|
|
Packit |
f0b94e |
|
|
Packit |
f0b94e |
void OriginAttributes::CreateAnonymizedSuffix(nsACString& aStr) const {
|
|
Packit |
f0b94e |
OriginAttributes attrs = *this;
|
|
Packit |
f0b94e |
|
|
Packit |
f0b94e |
if (!attrs.mFirstPartyDomain.IsEmpty()) {
|
|
Packit |
f0b94e |
attrs.mFirstPartyDomain.AssignLiteral("_anonymizedFirstPartyDomain_");
|
|
Packit |
f0b94e |
}
|
|
Packit |
f0b94e |
|
|
Packit |
f0b94e |
attrs.CreateSuffix(aStr);
|
|
Packit |
f0b94e |
}
|
|
Packit |
f0b94e |
|
|
Packit |
f0b94e |
namespace {
|
|
Packit |
f0b94e |
|
|
Packit |
f0b94e |
class MOZ_STACK_CLASS PopulateFromSuffixIterator final
|
|
Packit |
f0b94e |
: public URLParams::ForEachIterator {
|
|
Packit |
f0b94e |
public:
|
|
Packit |
f0b94e |
explicit PopulateFromSuffixIterator(OriginAttributes* aOriginAttributes)
|
|
Packit |
f0b94e |
: mOriginAttributes(aOriginAttributes) {
|
|
Packit |
f0b94e |
MOZ_ASSERT(aOriginAttributes);
|
|
Packit |
f0b94e |
// If mPrivateBrowsingId is passed in as >0 and is not present in the
|
|
Packit |
f0b94e |
// suffix, then it will remain >0 when it should be 0 according to the
|
|
Packit |
f0b94e |
// suffix. Set to 0 before iterating to fix this.
|
|
Packit |
f0b94e |
mOriginAttributes->mPrivateBrowsingId = 0;
|
|
Packit |
f0b94e |
}
|
|
Packit |
f0b94e |
|
|
Packit |
f0b94e |
bool URLParamsIterator(const nsAString& aName,
|
|
Packit |
f0b94e |
const nsAString& aValue) override {
|
|
Packit |
f0b94e |
if (aName.EqualsLiteral("appId")) {
|
|
Packit |
f0b94e |
nsresult rv;
|
|
Packit |
f0b94e |
int64_t val = aValue.ToInteger64(&rv;;
|
|
Packit |
f0b94e |
NS_ENSURE_SUCCESS(rv, false);
|
|
Packit |
f0b94e |
NS_ENSURE_TRUE(val <= UINT32_MAX, false);
|
|
Packit |
f0b94e |
mOriginAttributes->mAppId = static_cast<uint32_t>(val);
|
|
Packit |
f0b94e |
|
|
Packit |
f0b94e |
return true;
|
|
Packit |
f0b94e |
}
|
|
Packit |
f0b94e |
|
|
Packit |
f0b94e |
if (aName.EqualsLiteral("inBrowser")) {
|
|
Packit |
f0b94e |
if (!aValue.EqualsLiteral("1")) {
|
|
Packit |
f0b94e |
return false;
|
|
Packit |
f0b94e |
}
|
|
Packit |
f0b94e |
|
|
Packit |
f0b94e |
mOriginAttributes->mInIsolatedMozBrowser = true;
|
|
Packit |
f0b94e |
return true;
|
|
Packit |
f0b94e |
}
|
|
Packit |
f0b94e |
|
|
Packit |
f0b94e |
if (aName.EqualsLiteral("addonId")) {
|
|
Packit |
f0b94e |
// No longer supported. Silently ignore so that legacy origin strings
|
|
Packit |
f0b94e |
// don't cause failures.
|
|
Packit |
f0b94e |
return true;
|
|
Packit |
f0b94e |
}
|
|
Packit |
f0b94e |
|
|
Packit |
f0b94e |
if (aName.EqualsLiteral("userContextId")) {
|
|
Packit |
f0b94e |
nsresult rv;
|
|
Packit |
f0b94e |
int64_t val = aValue.ToInteger64(&rv;;
|
|
Packit |
f0b94e |
NS_ENSURE_SUCCESS(rv, false);
|
|
Packit |
f0b94e |
NS_ENSURE_TRUE(val <= UINT32_MAX, false);
|
|
Packit |
f0b94e |
mOriginAttributes->mUserContextId = static_cast<uint32_t>(val);
|
|
Packit |
f0b94e |
|
|
Packit |
f0b94e |
return true;
|
|
Packit |
f0b94e |
}
|
|
Packit |
f0b94e |
|
|
Packit |
f0b94e |
if (aName.EqualsLiteral("privateBrowsingId")) {
|
|
Packit |
f0b94e |
nsresult rv;
|
|
Packit |
f0b94e |
int64_t val = aValue.ToInteger64(&rv;;
|
|
Packit |
f0b94e |
NS_ENSURE_SUCCESS(rv, false);
|
|
Packit |
f0b94e |
NS_ENSURE_TRUE(val >= 0 && val <= UINT32_MAX, false);
|
|
Packit |
f0b94e |
mOriginAttributes->mPrivateBrowsingId = static_cast<uint32_t>(val);
|
|
Packit |
f0b94e |
|
|
Packit |
f0b94e |
return true;
|
|
Packit |
f0b94e |
}
|
|
Packit |
f0b94e |
|
|
Packit |
f0b94e |
if (aName.EqualsLiteral("firstPartyDomain")) {
|
|
Packit |
f0b94e |
MOZ_RELEASE_ASSERT(mOriginAttributes->mFirstPartyDomain.IsEmpty());
|
|
Packit |
f0b94e |
mOriginAttributes->mFirstPartyDomain.Assign(aValue);
|
|
Packit |
f0b94e |
return true;
|
|
Packit |
f0b94e |
}
|
|
Packit |
f0b94e |
|
|
Packit |
f0b94e |
// No other attributes are supported.
|
|
Packit |
f0b94e |
return false;
|
|
Packit |
f0b94e |
}
|
|
Packit |
f0b94e |
|
|
Packit |
f0b94e |
private:
|
|
Packit |
f0b94e |
OriginAttributes* mOriginAttributes;
|
|
Packit |
f0b94e |
};
|
|
Packit |
f0b94e |
|
|
Packit |
f0b94e |
} // namespace
|
|
Packit |
f0b94e |
|
|
Packit |
f0b94e |
bool OriginAttributes::PopulateFromSuffix(const nsACString& aStr) {
|
|
Packit |
f0b94e |
if (aStr.IsEmpty()) {
|
|
Packit |
f0b94e |
return true;
|
|
Packit |
f0b94e |
}
|
|
Packit |
f0b94e |
|
|
Packit |
f0b94e |
if (aStr[0] != '^') {
|
|
Packit |
f0b94e |
return false;
|
|
Packit |
f0b94e |
}
|
|
Packit |
f0b94e |
|
|
Packit |
f0b94e |
PopulateFromSuffixIterator iterator(this);
|
|
Packit |
f0b94e |
return URLParams::Parse(Substring(aStr, 1, aStr.Length() - 1), iterator);
|
|
Packit |
f0b94e |
}
|
|
Packit |
f0b94e |
|
|
Packit |
f0b94e |
bool OriginAttributes::PopulateFromOrigin(const nsACString& aOrigin,
|
|
Packit |
f0b94e |
nsACString& aOriginNoSuffix) {
|
|
Packit |
f0b94e |
// RFindChar is only available on nsCString.
|
|
Packit |
f0b94e |
nsCString origin(aOrigin);
|
|
Packit |
f0b94e |
int32_t pos = origin.RFindChar('^');
|
|
Packit |
f0b94e |
|
|
Packit |
f0b94e |
if (pos == kNotFound) {
|
|
Packit |
f0b94e |
aOriginNoSuffix = origin;
|
|
Packit |
f0b94e |
return true;
|
|
Packit |
f0b94e |
}
|
|
Packit |
f0b94e |
|
|
Packit |
f0b94e |
aOriginNoSuffix = Substring(origin, 0, pos);
|
|
Packit |
f0b94e |
return PopulateFromSuffix(Substring(origin, pos));
|
|
Packit |
f0b94e |
}
|
|
Packit |
f0b94e |
|
|
Packit |
f0b94e |
void OriginAttributes::SyncAttributesWithPrivateBrowsing(
|
|
Packit |
f0b94e |
bool aInPrivateBrowsing) {
|
|
Packit |
f0b94e |
mPrivateBrowsingId = aInPrivateBrowsing ? 1 : 0;
|
|
Packit |
f0b94e |
}
|
|
Packit |
f0b94e |
|
|
Packit |
f0b94e |
/* static */
|
|
Packit |
f0b94e |
bool OriginAttributes::IsPrivateBrowsing(const nsACString& aOrigin) {
|
|
Packit |
f0b94e |
nsAutoCString dummy;
|
|
Packit |
f0b94e |
OriginAttributes attrs;
|
|
Packit |
f0b94e |
if (NS_WARN_IF(!attrs.PopulateFromOrigin(aOrigin, dummy))) {
|
|
Packit |
f0b94e |
return false;
|
|
Packit |
f0b94e |
}
|
|
Packit |
f0b94e |
|
|
Packit |
f0b94e |
return !!attrs.mPrivateBrowsingId;
|
|
Packit |
f0b94e |
}
|
|
Packit |
f0b94e |
|
|
Packit |
f0b94e |
} // namespace mozilla
|