mozilla-central: changeset 414584:4bf15cbc8ffb33e15a3bde7b88e779cac721a813

author	Christoph Kerschbaumer <ckerschb@christophkerschbaumer.com>
	Thu, 19 Apr 2018 20:00:37 +0200
changeset 414584	4bf15cbc8ffb33e15a3bde7b88e779cac721a813
parent 414583	3f5e8a0417a5551580a27cacd085303b25454fce
child 414585	5524e587eff281b0f397d17ccd38c8bb26fb221e
push id	33871
push user	csabou@mozilla.com
push date	Thu, 19 Apr 2018 22:30:08 +0000
treeherder	mozilla-central@5d73549d363f [default view] [failures only]
perfherder	[talos] [build metrics] [platform microbench] (compared to previous push)
reviewers	valentin, kmag
bugs	1454914
milestone	61.0a1
first release with	nightly linux32 5d73549d363f / 61.0a1 / 20180419224145 / files nightly linux64 5d73549d363f / 61.0a1 / 20180419224145 / files nightly mac 5d73549d363f / 61.0a1 / 20180419224145 / files nightly win32 5d73549d363f / 61.0a1 / 20180419224145 / files nightly win64 5d73549d363f / 61.0a1 / 20180419224145 / files
last release without	nightly linux32 8ed49dd81059 / 61.0a1 / 20180419100148 / files nightly linux64 8ed49dd81059 / 61.0a1 / 20180419100148 / files nightly mac 8ed49dd81059 / 61.0a1 / 20180419100148 / files nightly win32 8ed49dd81059 / 61.0a1 / 20180419100148 / files nightly win64 8ed49dd81059 / 61.0a1 / 20180419100148 / files

--- a/netwerk/base/nsNetUtil.cpp
+++ b/netwerk/base/nsNetUtil.cpp
@@ -2139,16 +2139,25 @@ bool NS_IsSameSiteForeign(nsIChannel* aC
 {
   if (!aChannel) {
     return false;
   }
   nsCOMPtr<nsILoadInfo> loadInfo = aChannel->GetLoadInfo();
   if (!loadInfo) {
     return false;
   }
+
+  // Do not treat loads triggered by web extensions as foreign
+  nsCOMPtr<nsIURI> channelURI;
+  NS_GetFinalChannelURI(aChannel, getter_AddRefs(channelURI));
+  if (BasePrincipal::Cast(loadInfo->TriggeringPrincipal())->
+        AddonAllowsLoad(channelURI)) {
+    return false;
+  }
+
   nsCOMPtr<nsIURI> uri;
   if (loadInfo->GetExternalContentPolicyType() == nsIContentPolicy::TYPE_DOCUMENT) {
     // for loads of TYPE_DOCUMENT we query the hostURI from the triggeringPricnipal
     // which returns the URI of the document that caused the navigation.
     loadInfo->TriggeringPrincipal()->GetURI(getter_AddRefs(uri));
   }
   else {
     uri = aHostURI;

--- a/netwerk/cookie/nsCookieService.cpp
+++ b/netwerk/cookie/nsCookieService.cpp
@@ -3482,22 +3482,36 @@ nsCookieService::CanSetCookie(nsIURI*   
     return newCookie;
   }
 
   // If the new cookie is same-site but in a cross site context,
   // browser must ignore the cookie.
   if ((aCookieAttributes.sameSite != nsICookie2::SAMESITE_UNSET) &&
       aThirdPartyUtil &&
       IsSameSiteEnabled()) {
-    bool isThirdParty = false;
-    aThirdPartyUtil->IsThirdPartyChannel(aChannel, aHostURI, &isThirdParty);
-    if (isThirdParty) {
-      COOKIE_LOGFAILURE(SET_COOKIE, aHostURI, savedCookieHeader,
-                        "failed the samesite tests");
-      return newCookie;
+
+    // Do not treat loads triggered by web extensions as foreign
+    bool addonAllowsLoad = false;
+    if (aChannel) {
+      nsCOMPtr<nsIURI> channelURI;
+      NS_GetFinalChannelURI(aChannel, getter_AddRefs(channelURI));
+      nsCOMPtr<nsILoadInfo> loadInfo = aChannel->GetLoadInfo();
+      addonAllowsLoad = loadInfo &&
+        BasePrincipal::Cast(loadInfo->TriggeringPrincipal())->
+          AddonAllowsLoad(channelURI);
+    }
+
+    if (!addonAllowsLoad) {
+      bool isThirdParty = false;
+      nsresult rv = aThirdPartyUtil->IsThirdPartyChannel(aChannel, aHostURI, &isThirdParty);
+      if (NS_FAILED(rv) || isThirdParty) {
+        COOKIE_LOGFAILURE(SET_COOKIE, aHostURI, savedCookieHeader,
+                          "failed the samesite tests");
+        return newCookie;
+      }
     }
   }
 
   aSetCookie = true;
   return newCookie;
 }
 
 // processes a single cookie, and returns true if there are more cookies

netwerk/base/nsNetUtil.cpp		file \| annotate \| diff \| comparison \| revisions
netwerk/cookie/nsCookieService.cpp		file \| annotate \| diff \| comparison \| revisions