Bug 1597726 - use storage principal to generate origin key; r=Ehsan
authorLiang-Heng Chen <xeonchen@gmail.com>
Mon, 20 Jan 2020 19:58:24 +0000
changeset 510913 5f9acc76d590208bfd6c7626c0eab0a73ddc867d
parent 510912 b990267ff717548430ce2debf26f1812e36a38da
child 510914 c5b764728ebc61abf418a55b5e81b2d9fb315326
push id105553
push userxeonchen@gmail.com
push dateTue, 21 Jan 2020 09:57:43 +0000
treeherderautoland@5f9acc76d590 [default view] [failures only]
perfherder[talos] [build metrics] [platform microbench] (compared to previous push)
reviewersEhsan
bugs1597726
milestone74.0a1
first release with
nightly linux32
nightly linux64
nightly mac
nightly win32
nightly win64
last release without
nightly linux32
nightly linux64
nightly mac
nightly win32
nightly win64
Bug 1597726 - use storage principal to generate origin key; r=Ehsan Differential Revision: https://phabricator.services.mozilla.com/D60350
dom/storage/SessionStorageManager.cpp
toolkit/components/antitracking/test/browser/browser_partitionedLocalStorage_events.js
--- a/dom/storage/SessionStorageManager.cpp
+++ b/dom/storage/SessionStorageManager.cpp
@@ -88,17 +88,18 @@ SessionStorageManager::PrecacheStorage(n
   // Nothing to preload.
   return NS_OK;
 }
 
 NS_IMETHODIMP
 SessionStorageManager::GetSessionStorageCache(
     nsIPrincipal* aPrincipal, nsIPrincipal* aStoragePrincipal,
     RefPtr<SessionStorageCache>* aRetVal) {
-  return GetSessionStorageCacheHelper(aPrincipal, true, nullptr, aRetVal);
+  return GetSessionStorageCacheHelper(aStoragePrincipal, true, nullptr,
+                                      aRetVal);
 }
 
 nsresult SessionStorageManager::GetSessionStorageCacheHelper(
     nsIPrincipal* aPrincipal, bool aMakeIfNeeded,
     SessionStorageCache* aCloneFrom, RefPtr<SessionStorageCache>* aRetVal) {
   nsAutoCString originKey;
   nsAutoCString originAttributes;
   nsresult rv = GenerateOriginKey(aPrincipal, originAttributes, originKey);
@@ -180,25 +181,25 @@ NS_IMETHODIMP
 SessionStorageManager::GetStorage(mozIDOMWindow* aWindow,
                                   nsIPrincipal* aPrincipal,
                                   nsIPrincipal* aStoragePrincipal,
                                   bool aPrivate, Storage** aRetval) {
   *aRetval = nullptr;
 
   RefPtr<SessionStorageCache> cache;
   nsresult rv =
-      GetSessionStorageCacheHelper(aPrincipal, false, nullptr, &cache);
+      GetSessionStorageCacheHelper(aStoragePrincipal, false, nullptr, &cache);
   if (NS_FAILED(rv) || !cache) {
     return rv;
   }
 
   nsCOMPtr<nsPIDOMWindowInner> inner = nsPIDOMWindowInner::From(aWindow);
 
   RefPtr<SessionStorage> storage = new SessionStorage(
-      inner, aPrincipal, cache, this, EmptyString(), aPrivate);
+      inner, aStoragePrincipal, cache, this, EmptyString(), aPrivate);
 
   storage.forget(aRetval);
   return NS_OK;
 }
 
 NS_IMETHODIMP
 SessionStorageManager::CloneStorage(Storage* aStorage) {
   if (NS_WARN_IF(!aStorage)) {
@@ -206,17 +207,17 @@ SessionStorageManager::CloneStorage(Stor
   }
 
   if (aStorage->Type() != Storage::eSessionStorage) {
     return NS_ERROR_UNEXPECTED;
   }
 
   RefPtr<SessionStorageCache> cache;
   return GetSessionStorageCacheHelper(
-      aStorage->Principal(), true,
+      aStorage->StoragePrincipal(), true,
       static_cast<SessionStorage*>(aStorage)->Cache(), &cache);
 }
 
 NS_IMETHODIMP
 SessionStorageManager::CheckStorage(nsIPrincipal* aPrincipal, Storage* aStorage,
                                     bool* aRetval) {
   if (NS_WARN_IF(!aStorage)) {
     return NS_ERROR_UNEXPECTED;
--- a/toolkit/components/antitracking/test/browser/browser_partitionedLocalStorage_events.js
+++ b/toolkit/components/antitracking/test/browser/browser_partitionedLocalStorage_events.js
@@ -793,16 +793,250 @@ function runAllTests(withStoragePrincipa
       }
     );
 
     BrowserTestUtils.removeTab(normalTab);
 
     UrlClassifierTestUtils.cleanupTestTrackers();
   });
 
+  // An ePartitionOrDeny iframe on different top-level domain tabs
+  add_task(async _ => {
+    log(test);
+
+    await SpecialPowers.pushPrefEnv({
+      set: [
+        ["dom.ipc.processCount", 1],
+        ["network.cookie.cookieBehavior", prefValue],
+        ["privacy.firstparty.isolate", false],
+        ["privacy.trackingprotection.enabled", false],
+        ["privacy.trackingprotection.pbmode.enabled", false],
+        ["privacy.trackingprotection.annotate_channels", true],
+        [
+          "privacy.restrict3rdpartystorage.partitionedHosts",
+          "tracking.example.org,not-tracking.example.com",
+        ],
+        [
+          "privacy.storagePrincipal.enabledForTrackers",
+          storagePrincipalPrefValue,
+        ],
+      ],
+    });
+
+    await UrlClassifierTestUtils.addTestTrackers();
+
+    info("Creating a non-tracker top-level context");
+    let normalTab = BrowserTestUtils.addTab(gBrowser, TEST_TOP_PAGE);
+    let normalBrowser = gBrowser.getBrowserForTab(normalTab);
+    await BrowserTestUtils.browserLoaded(normalBrowser);
+
+    info("The non-tracker page opens a tracker iframe");
+    let result1 = await SpecialPowers.spawn(
+      normalBrowser,
+      [
+        {
+          page: thirdPartyDomain + TEST_PATH + "localStorageEvents.html",
+        },
+      ],
+      async obj => {
+        let ifr = content.document.createElement("iframe");
+        ifr.setAttribute("id", "ifr");
+        ifr.setAttribute("src", obj.page);
+
+        info("Iframe loading...");
+        await new content.Promise(resolve => {
+          ifr.onload = resolve;
+          content.document.body.appendChild(ifr);
+        });
+
+        info("Setting localStorage value in ifr...");
+        ifr.contentWindow.postMessage("setValue", "*");
+
+        info("Getting the value from ifr...");
+        let value = await new Promise(resolve => {
+          content.addEventListener(
+            "message",
+            e => {
+              resolve(e.data);
+            },
+            { once: true }
+          );
+          ifr.contentWindow.postMessage("getValue", "*");
+        });
+
+        ok(value.startsWith("tracker-"), "The value is correctly set in ifr");
+        return value;
+      }
+    );
+    ok(result1.startsWith("tracker-"), "The value is correctly set in tab1");
+
+    info("Creating a non-tracker top-level context");
+    let normalTab2 = BrowserTestUtils.addTab(gBrowser, TEST_TOP_PAGE_2);
+    let normalBrowser2 = gBrowser.getBrowserForTab(normalTab2);
+    await BrowserTestUtils.browserLoaded(normalBrowser2);
+
+    info("The non-tracker page opens a tracker iframe");
+    let result2 = await SpecialPowers.spawn(
+      normalBrowser2,
+      [
+        {
+          page: thirdPartyDomain + TEST_PATH + "localStorageEvents.html",
+        },
+      ],
+      async obj => {
+        let ifr = content.document.createElement("iframe");
+        ifr.setAttribute("id", "ifr");
+        ifr.setAttribute("src", obj.page);
+
+        info("Iframe loading...");
+        await new content.Promise(resolve => {
+          ifr.onload = resolve;
+          content.document.body.appendChild(ifr);
+        });
+
+        info("Getting the value from ifr...");
+        let value = await new Promise(resolve => {
+          content.addEventListener(
+            "message",
+            e => {
+              resolve(e.data);
+            },
+            { once: true }
+          );
+          ifr.contentWindow.postMessage("getValue", "*");
+        });
+        return value;
+      }
+    );
+
+    is(result2, null, "The value is equal");
+
+    BrowserTestUtils.removeTab(normalTab);
+    BrowserTestUtils.removeTab(normalTab2);
+
+    UrlClassifierTestUtils.cleanupTestTrackers();
+  });
+
+  // Like the previous test, but accepting trackers
+  add_task(async _ => {
+    log(test);
+
+    await SpecialPowers.pushPrefEnv({
+      set: [
+        ["dom.ipc.processCount", 1],
+        ["network.cookie.cookieBehavior", Ci.nsICookieService.BEHAVIOR_ACCEPT],
+        ["privacy.firstparty.isolate", false],
+        ["privacy.trackingprotection.enabled", false],
+        ["privacy.trackingprotection.pbmode.enabled", false],
+        ["privacy.trackingprotection.annotate_channels", true],
+        [
+          "privacy.restrict3rdpartystorage.partitionedHosts",
+          "tracking.example.org,not-tracking.example.com",
+        ],
+        [
+          "privacy.storagePrincipal.enabledForTrackers",
+          storagePrincipalPrefValue,
+        ],
+      ],
+    });
+
+    await UrlClassifierTestUtils.addTestTrackers();
+
+    info("Creating a non-tracker top-level context");
+    let normalTab = BrowserTestUtils.addTab(gBrowser, TEST_TOP_PAGE);
+    let normalBrowser = gBrowser.getBrowserForTab(normalTab);
+    await BrowserTestUtils.browserLoaded(normalBrowser);
+
+    info("The non-tracker page opens a tracker iframe");
+    let result1 = await SpecialPowers.spawn(
+      normalBrowser,
+      [
+        {
+          page: thirdPartyDomain + TEST_PATH + "localStorageEvents.html",
+        },
+      ],
+      async obj => {
+        let ifr = content.document.createElement("iframe");
+        ifr.setAttribute("id", "ifr");
+        ifr.setAttribute("src", obj.page);
+
+        info("Iframe loading...");
+        await new content.Promise(resolve => {
+          ifr.onload = resolve;
+          content.document.body.appendChild(ifr);
+        });
+
+        info("Setting localStorage value in ifr...");
+        ifr.contentWindow.postMessage("setValue", "*");
+
+        info("Getting the value from ifr...");
+        let value = await new Promise(resolve => {
+          content.addEventListener(
+            "message",
+            e => {
+              resolve(e.data);
+            },
+            { once: true }
+          );
+          ifr.contentWindow.postMessage("getValue", "*");
+        });
+
+        ok(value.startsWith("tracker-"), "The value is correctly set in ifr");
+        return value;
+      }
+    );
+    ok(result1.startsWith("tracker-"), "The value is correctly set in tab1");
+
+    info("Creating a non-tracker top-level context");
+    let normalTab2 = BrowserTestUtils.addTab(gBrowser, TEST_TOP_PAGE_2);
+    let normalBrowser2 = gBrowser.getBrowserForTab(normalTab2);
+    await BrowserTestUtils.browserLoaded(normalBrowser2);
+
+    info("The non-tracker page opens a tracker iframe");
+    let result2 = await SpecialPowers.spawn(
+      normalBrowser2,
+      [
+        {
+          page: thirdPartyDomain + TEST_PATH + "localStorageEvents.html",
+        },
+      ],
+      async obj => {
+        let ifr = content.document.createElement("iframe");
+        ifr.setAttribute("id", "ifr");
+        ifr.setAttribute("src", obj.page);
+
+        info("Iframe loading...");
+        await new content.Promise(resolve => {
+          ifr.onload = resolve;
+          content.document.body.appendChild(ifr);
+        });
+
+        info("Getting the value from ifr...");
+        let value = await new Promise(resolve => {
+          content.addEventListener(
+            "message",
+            e => {
+              resolve(e.data);
+            },
+            { once: true }
+          );
+          ifr.contentWindow.postMessage("getValue", "*");
+        });
+        return value;
+      }
+    );
+
+    is(result1, result2, "The value is undefined");
+
+    BrowserTestUtils.removeTab(normalTab);
+    BrowserTestUtils.removeTab(normalTab2);
+
+    UrlClassifierTestUtils.cleanupTestTrackers();
+  });
+
   // Cleanup data.
   add_task(async _ => {
     await new Promise(resolve => {
       Services.clearData.deleteData(Ci.nsIClearDataService.CLEAR_ALL, value =>
         resolve()
       );
     });
   });