Bug 1525245 - Stabilize cookiePolicy/cookiePermission for live documents - part 16 - Always grant storage permission for storage-access door hanger, r=johannh
☠☠ backed out by ca64604d4b78 ☠ ☠
authorAndrea Marchesini <amarchesini@mozilla.com>
Thu, 07 Mar 2019 10:24:06 +0000
changeset 462871 3fd27215698fd862b4daf942a0bb2bd87479a9c7
parent 462870 d9a9e8e7787359fcdbaf2988607a73ea4f4f744f
child 462872 04d9abc278fad265656f3ed797f19b26becf1493
push id79881
push useramarchesini@mozilla.com
push dateThu, 07 Mar 2019 10:41:26 +0000
treeherderautoland@3fd27215698f [default view] [failures only]
perfherder[talos] [build metrics] [platform microbench] (compared to previous push)
reviewersjohannh
bugs1525245
milestone67.0a1
first release with
nightly linux32
nightly linux64
nightly mac
nightly win32
nightly win64
last release without
nightly linux32
nightly linux64
nightly mac
nightly win32
nightly win64
Bug 1525245 - Stabilize cookiePolicy/cookiePermission for live documents - part 16 - Always grant storage permission for storage-access door hanger, r=johannh Differential Revision: https://phabricator.services.mozilla.com/D22273
toolkit/components/antitracking/AntiTrackingCommon.cpp
--- a/toolkit/components/antitracking/AntiTrackingCommon.cpp
+++ b/toolkit/components/antitracking/AntiTrackingCommon.cpp
@@ -988,46 +988,51 @@ AntiTrackingCommon::SaveFirstPartyStorag
     LOG(
         ("Setting 'any site' permission expiry: %u, proceeding to save in the "
          "permission manager",
          expirationTime));
 
     rv = permManager->AddFromPrincipal(
         aTrackingPrincipal, NS_LITERAL_CSTRING("cookie"),
         nsICookiePermission::ACCESS_ALLOW, expirationType, when);
-  } else {
-    uint32_t privateBrowsingId = 0;
-    rv = aParentPrincipal->GetPrivateBrowsingId(&privateBrowsingId);
-    if ((!NS_WARN_IF(NS_FAILED(rv)) && privateBrowsingId > 0) ||
-        (aAllowMode == eAllowAutoGrant)) {
-      // If we are coming from a private window or are automatically granting a
-      // permission, make sure to store a session-only permission which won't
-      // get persisted to disk.
-      expirationType = nsIPermissionManager::EXPIRE_SESSION;
-      when = 0;
-    }
+    Unused << NS_WARN_IF(NS_FAILED(rv));
+  }
+
+  // We must grant the storage permission also if we allow it for any site
+  // because the setting 'cookie' permission is not applied to existing
+  // documents (See CookieSettings documentation).
 
-    nsAutoCString type;
-    CreatePermissionKey(aTrackingOrigin, aGrantedOrigin, type);
+  uint32_t privateBrowsingId = 0;
+  rv = aParentPrincipal->GetPrivateBrowsingId(&privateBrowsingId);
+  if ((!NS_WARN_IF(NS_FAILED(rv)) && privateBrowsingId > 0) ||
+      (aAllowMode == eAllowAutoGrant)) {
+    // If we are coming from a private window or are automatically granting a
+    // permission, make sure to store a session-only permission which won't
+    // get persisted to disk.
+    expirationType = nsIPermissionManager::EXPIRE_SESSION;
+    when = 0;
+  }
 
-    LOG(
-        ("Computed permission key: %s, expiry: %u, proceeding to save in the "
-         "permission manager",
-         type.get(), expirationTime));
+  nsAutoCString type;
+  CreatePermissionKey(aTrackingOrigin, aGrantedOrigin, type);
+
+  LOG(
+      ("Computed permission key: %s, expiry: %u, proceeding to save in the "
+       "permission manager",
+       type.get(), expirationTime));
 
-    rv = permManager->AddFromPrincipal(aParentPrincipal, type,
-                                       nsIPermissionManager::ALLOW_ACTION,
-                                       expirationType, when);
+  rv = permManager->AddFromPrincipal(aParentPrincipal, type,
+                                     nsIPermissionManager::ALLOW_ACTION,
+                                     expirationType, when);
+  Unused << NS_WARN_IF(NS_FAILED(rv));
 
-    if (NS_SUCCEEDED(rv) && (aAllowMode == eAllowAutoGrant)) {
-      // Make sure temporary access grants do not survive more than 24 hours.
-      TemporaryAccessGrantObserver::Create(permManager, aParentPrincipal, type);
-    }
+  if (NS_SUCCEEDED(rv) && (aAllowMode == eAllowAutoGrant)) {
+    // Make sure temporary access grants do not survive more than 24 hours.
+    TemporaryAccessGrantObserver::Create(permManager, aParentPrincipal, type);
   }
-  Unused << NS_WARN_IF(NS_FAILED(rv));
 
   LOG(("Result: %s", NS_SUCCEEDED(rv) ? "success" : "failure"));
   return FirstPartyStorageAccessGrantPromise::CreateAndResolve(rv, __func__);
 }
 
 // static
 bool AntiTrackingCommon::IsStorageAccessPermission(nsIPermission* aPermission,
                                                    nsIPrincipal* aPrincipal) {