Bug 1301274 - use default firstPartyDomain in PermissionManager. r=baku
authorYoshi Huang <allstars.chh@mozilla.com>
Thu, 08 Sep 2016 18:56:31 +0800
changeset 314395 34f11f589c4c69ee97495ed726f89c8495dfdda5
parent 314394 75ac3067a19e6b60b71aef39785533fe7af1c9e6
child 314396 6036b8acdab58eb565f15e12f8184f8abe7c6413
push id20571
push userkwierso@gmail.com
push dateMon, 19 Sep 2016 22:56:59 +0000
treeherderfx-team@671c2af548b2 [default view] [failures only]
perfherder[talos] [build metrics] [platform microbench] (compared to previous push)
reviewersbaku
bugs1301274
milestone51.0a1
Bug 1301274 - use default firstPartyDomain in PermissionManager. r=baku
extensions/cookie/nsPermissionManager.cpp
--- a/extensions/cookie/nsPermissionManager.cpp
+++ b/extensions/cookie/nsPermissionManager.cpp
@@ -117,50 +117,58 @@ GetOriginFromPrincipal(nsIPrincipal* aPr
   if (!attrs.PopulateFromSuffix(suffix)) {
     return NS_ERROR_FAILURE;
   }
 
   // mPrivateBrowsingId must be set to false because PermissionManager is not supposed to have
   // any knowledge of private browsing. Allowing it to be true changes the suffix being hashed.
   attrs.mPrivateBrowsingId = 0;
 
+  // TODO: Bug 1302047 - Ignore userContextId and firstPartyDomain when matching permissions.
+
   // set to default to disable user context isolation for permissions
   attrs.mUserContextId = nsIScriptSecurityManager::DEFAULT_USER_CONTEXT_ID;
 
+  // set to default to disable firstParty isolation for permissions.
+  attrs.mFirstPartyDomain.Truncate();
+
   attrs.CreateSuffix(suffix);
   aOrigin.Append(suffix);
   return NS_OK;
 }
 
 nsresult
 GetPrincipalFromOrigin(const nsACString& aOrigin, nsIPrincipal** aPrincipal)
 {
   nsAutoCString originNoSuffix;
   mozilla::PrincipalOriginAttributes attrs;
   if (!attrs.PopulateFromOrigin(aOrigin, originNoSuffix)) {
     return NS_ERROR_FAILURE;
   }
 
+  // TODO: Bug 1302047 - Ignore userContextId and firstPartyDomain when matching permissions.
+
   // set to default to disable user context isolation for permissions
   attrs.mUserContextId = nsIScriptSecurityManager::DEFAULT_USER_CONTEXT_ID;
 
+  // set to default to disable firstParty isolation for permissions.
+  attrs.mFirstPartyDomain.Truncate();
+
   nsCOMPtr<nsIURI> uri;
   nsresult rv = NS_NewURI(getter_AddRefs(uri), originNoSuffix);
   NS_ENSURE_SUCCESS(rv, rv);
 
   nsCOMPtr<nsIPrincipal> principal = mozilla::BasePrincipal::CreateCodebasePrincipal(uri, attrs);
   principal.forget(aPrincipal);
   return NS_OK;
 }
 
-
 nsresult
 GetPrincipal(nsIURI* aURI, uint32_t aAppId, bool aIsInIsolatedMozBrowserElement, nsIPrincipal** aPrincipal)
 {
-  // TODO: Bug 1165267 - Use OriginAttributes for nsCookieService
   mozilla::PrincipalOriginAttributes attrs(aAppId, aIsInIsolatedMozBrowserElement);
   nsCOMPtr<nsIPrincipal> principal = mozilla::BasePrincipal::CreateCodebasePrincipal(aURI, attrs);
   NS_ENSURE_TRUE(principal, NS_ERROR_FAILURE);
 
   principal.forget(aPrincipal);
   return NS_OK;
 }
 
@@ -2195,19 +2203,24 @@ nsPermissionManager::GetPermissionHashKe
     if (NS_FAILED(rv)) {
       return nullptr;
     }
 
     // Copy the attributes over
     mozilla::PrincipalOriginAttributes attrs =
       mozilla::BasePrincipal::Cast(aPrincipal)->OriginAttributesRef();
 
+    // TODO: Bug 1302047 - Ignore userContextId and firstPartyDomain when matching permissions.
+
     // ensure that the user context isolation is disabled
     attrs.mUserContextId = nsIScriptSecurityManager::DEFAULT_USER_CONTEXT_ID;
 
+    // ensure firstPartyIsolation is disabled.
+    attrs.mFirstPartyDomain.Truncate();
+
     nsCOMPtr<nsIPrincipal> principal =
       mozilla::BasePrincipal::CreateCodebasePrincipal(newURI, attrs);
 
     return GetPermissionHashKey(principal, aType, aExactHostMatch);
   }
 
   // No entry, really...
   return nullptr;