Bug 1612349 - Use SandboxFlags in BrowsingContext when adding storage permission. r=timhuang,baku
authorDimi Lee <dlee@mozilla.com>
Wed, 25 Mar 2020 22:23:08 +0000
changeset 520448 42851ca92a16c34b5a0f374a69b89c8708144f16
parent 520447 5f32745a79fe357e7e247b35d3e7ba09f453b688
child 520449 226fadaecac6ba43e035cd128479248fcd724c6d
push id37251
push usermalexandru@mozilla.com
push dateThu, 26 Mar 2020 09:33:08 +0000
treeherdermozilla-central@3e5a7430c8d7 [default view] [failures only]
perfherder[talos] [build metrics] [platform microbench] (compared to previous push)
reviewerstimhuang, baku
bugs1612349
milestone76.0a1
first release with
nightly linux32
nightly linux64
nightly mac
nightly win32
nightly win64
last release without
nightly linux32
nightly linux64
nightly mac
nightly win32
nightly win64
Bug 1612349 - Use SandboxFlags in BrowsingContext when adding storage permission. r=timhuang,baku Differential Revision: https://phabricator.services.mozilla.com/D66376
dom/base/Document.cpp
dom/base/Document.h
toolkit/components/antitracking/ContentBlocking.cpp
--- a/dom/base/Document.cpp
+++ b/dom/base/Document.cpp
@@ -16037,19 +16037,24 @@ void Document::ReportShadowDOMUsage() {
       nsContentUtils::ReportToConsoleNonLocalized(
           msg, nsIScriptError::infoFlag, NS_LITERAL_CSTRING("DOM"), topLevel);
     }
   }
 
   mHasReportedShadowDOMUsage = true;
 }
 
-bool Document::StorageAccessSandboxed() const {
+// static
+bool Document::StorageAccessSandboxed(uint32_t aSandboxFlags) {
   return StaticPrefs::dom_storage_access_enabled() &&
-         (GetSandboxFlags() & SANDBOXED_STORAGE_ACCESS) != 0;
+         (aSandboxFlags & SANDBOXED_STORAGE_ACCESS) != 0;
+}
+
+bool Document::StorageAccessSandboxed() const {
+  return Document::StorageAccessSandboxed(GetSandboxFlags());
 }
 
 bool Document::GetCachedSizes(nsTabSizes* aSizes) {
   if (mCachedTabSizeGeneration == 0 ||
       GetGeneration() != mCachedTabSizeGeneration) {
     return false;
   }
   aSizes->mDom += mCachedTabSizes.mDom;
--- a/dom/base/Document.h
+++ b/dom/base/Document.h
@@ -1418,16 +1418,20 @@ class Document : public nsINode,
   // canceled by the URL classifier (Safebrowsing).
   //
   already_AddRefed<nsSimpleContentList> BlockedNodesByClassifier() const;
 
   // Helper method that returns true if the document has storage-access sandbox
   // flag.
   bool StorageAccessSandboxed() const;
 
+  // Helper method that returns true if storage access API is enabled and
+  // the passed flag has storage-access sandbox flag.
+  static bool StorageAccessSandboxed(uint32_t aSandboxFlags);
+
   // Returns the cookie jar settings for this and sub contexts.
   nsICookieJarSettings* CookieJarSettings();
 
   // Increments the document generation.
   inline void Changed() { ++mGeneration; }
 
   // Returns the current generation.
   inline int32_t GetGeneration() const { return mGeneration; }
--- a/toolkit/components/antitracking/ContentBlocking.cpp
+++ b/toolkit/components/antitracking/ContentBlocking.cpp
@@ -337,16 +337,23 @@ ContentBlocking::AllowAccessFor(
          "early"));
     return StorageAccessGrantPromise::CreateAndReject(false, __func__);
   }
 
   if (ContentBlockingAllowList::Check(parentInner)) {
     return StorageAccessGrantPromise::CreateAndResolve(true, __func__);
   }
 
+  // Make sure storage access isn't disabled
+  if (!aParentContext->IsTopContent() &&
+      Document::StorageAccessSandboxed(aParentContext->GetSandboxFlags())) {
+    LOG(("Our document is sandboxed"));
+    return StorageAccessGrantPromise::CreateAndReject(false, __func__);
+  }
+
   nsCOMPtr<nsIPrincipal> topLevelStoragePrincipal;
   nsAutoCString trackingOrigin;
   nsCOMPtr<nsIPrincipal> trackingPrincipal;
 
   RefPtr<nsGlobalWindowInner> parentWindow =
       nsGlobalWindowInner::Cast(parentInner);
   nsGlobalWindowOuter* outerParentWindow =
       nsGlobalWindowOuter::Cast(parentWindow->GetOuterWindow());
@@ -394,23 +401,16 @@ ContentBlocking::AllowAccessFor(
       } else if (behavior ==
                  nsICookieService::
                      BEHAVIOR_REJECT_TRACKER_AND_PARTITION_FOREIGN) {
         LOG(("Our window isn't a third-party window"));
       }
       return StorageAccessGrantPromise::CreateAndReject(false, __func__);
     }
 
-    Document* doc = parentWindow->GetExtantDoc();
-    // Make sure storage access isn't disabled
-    if (doc && (doc->StorageAccessSandboxed())) {
-      LOG(("Our document is sandboxed"));
-      return StorageAccessGrantPromise::CreateAndReject(false, __func__);
-    }
-
     if (!GetParentPrincipalAndTrackingOrigin(
             parentWindow,
             // Don't request the ETP specific behaviour of allowing only
             // singly-nested iframes here, because we are recording an allow
             // permission.
             nsICookieService::BEHAVIOR_ACCEPT,
             getter_AddRefs(topLevelStoragePrincipal), trackingOrigin,
             getter_AddRefs(trackingPrincipal))) {