Bug 1535697 - Part 2: Represent whether the channel is isolated by anti-tracking as a separate axis on the connection info hash key; r=michal
authorEhsan Akhgari <ehsan@mozilla.com>
Mon, 29 Apr 2019 17:09:37 +0000
changeset 471769 6b122a9ce1a47a7a4084ca0bd4f3d003a6360b11
parent 471768 47c353bd446dc5ae4e4a642879e7eb46c3bd5e21
child 471770 c79109688f298afc5db560301132b5cfd7f5a56e
push id35934
push usershindli@mozilla.com
push dateMon, 29 Apr 2019 21:53:38 +0000
treeherdermozilla-central@f6766ba4ac77 [default view] [failures only]
perfherder[talos] [build metrics] [platform microbench] (compared to previous push)
reviewersmichal
bugs1535697
milestone68.0a1
first release with
nightly linux32
nightly linux64
nightly mac
nightly win32
nightly win64
last release without
nightly linux32
nightly linux64
nightly mac
nightly win32
nightly win64
Bug 1535697 - Part 2: Represent whether the channel is isolated by anti-tracking as a separate axis on the connection info hash key; r=michal Differential Revision: https://phabricator.services.mozilla.com/D28372
netwerk/protocol/http/nsHttpChannel.cpp
netwerk/protocol/http/nsHttpConnectionInfo.cpp
netwerk/protocol/http/nsHttpConnectionInfo.h
netwerk/protocol/http/nsHttpConnectionMgr.cpp
--- a/netwerk/protocol/http/nsHttpChannel.cpp
+++ b/netwerk/protocol/http/nsHttpChannel.cpp
@@ -622,21 +622,20 @@ nsresult nsHttpChannel::ContinueOnBefore
   if (mTRR) {
     mCaps |= NS_HTTP_LARGE_KEEPALIVE | NS_HTTP_DISABLE_TRR;
   }
 
   if (mLoadFlags & LOAD_DISABLE_TRR) {
     mCaps |= NS_HTTP_DISABLE_TRR;
   }
 
-  bool isIsolated = mPrivateBrowsing || IsIsolated();
-
   // Finalize ConnectionInfo flags before SpeculativeConnect
   mConnectionInfo->SetAnonymous((mLoadFlags & LOAD_ANONYMOUS) != 0);
-  mConnectionInfo->SetPrivate(isIsolated);
+  mConnectionInfo->SetPrivate(mPrivateBrowsing);
+  mConnectionInfo->SetIsolated(IsIsolated());
   mConnectionInfo->SetNoSpdy(mCaps & NS_HTTP_DISALLOW_SPDY);
   mConnectionInfo->SetBeConservative((mCaps & NS_HTTP_BE_CONSERVATIVE) ||
                                      mBeConservative);
   mConnectionInfo->SetTlsFlags(mTlsFlags);
   mConnectionInfo->SetTrrUsed(mTRR);
   mConnectionInfo->SetTrrDisabled(mCaps & NS_HTTP_DISABLE_TRR);
   mConnectionInfo->SetIPv4Disabled(mCaps & NS_HTTP_DISABLE_IPV4);
   mConnectionInfo->SetIPv6Disabled(mCaps & NS_HTTP_DISABLE_IPV6);
--- a/netwerk/protocol/http/nsHttpConnectionInfo.cpp
+++ b/netwerk/protocol/http/nsHttpConnectionInfo.cpp
@@ -126,18 +126,19 @@ void nsHttpConnectionInfo::BuildHashKey(
   // The hashkey has 4 fields followed by host connection info
   // byte 0 is P/T/. {P,T} for Plaintext/TLS Proxy over HTTP
   // byte 1 is S/. S is for end to end ssl such as https:// uris
   // byte 2 is A/. A is for an anonymous channel (no cookies, etc..)
   // byte 3 is P/. P is for a private browising channel
   // byte 4 is I/. I is for insecure scheme on TLS for http:// uris
   // byte 5 is X/. X is for disallow_spdy flag
   // byte 6 is C/. C is for be Conservative
+  // byte 7 is i/. i is for isolated
 
-  mHashKey.AssignLiteral(".......[tlsflags0x00000000]");
+  mHashKey.AssignLiteral("........[tlsflags0x00000000]");
 
   mHashKey.Append(keyHost);
   mHashKey.Append(':');
   mHashKey.AppendInt(keyPort);
   if (!mUsername.IsEmpty()) {
     mHashKey.Append('[');
     mHashKey.Append(mUsername);
     mHashKey.Append(']');
@@ -244,16 +245,17 @@ already_AddRefed<nsHttpConnectionInfo> n
   }
 
   // Make sure the anonymous, insecure-scheme, and private flags are transferred
   clone->SetAnonymous(GetAnonymous());
   clone->SetPrivate(GetPrivate());
   clone->SetInsecureScheme(GetInsecureScheme());
   clone->SetNoSpdy(GetNoSpdy());
   clone->SetBeConservative(GetBeConservative());
+  clone->SetIsolated(GetIsolated());
   clone->SetTlsFlags(GetTlsFlags());
   clone->SetTrrUsed(GetTrrUsed());
   clone->SetTrrDisabled(GetTrrDisabled());
   clone->SetIPv4Disabled(GetIPv4Disabled());
   clone->SetIPv6Disabled(GetIPv6Disabled());
   MOZ_ASSERT(clone->Equals(this));
 
   return clone.forget();
@@ -270,16 +272,17 @@ void nsHttpConnectionInfo::CloneAsDirect
       new nsHttpConnectionInfo(mOrigin, mOriginPort, EmptyCString(), mUsername,
                                mProxyInfo, mOriginAttributes, mEndToEndSSL);
   // Make sure the anonymous, insecure-scheme, and private flags are transferred
   clone->SetAnonymous(GetAnonymous());
   clone->SetPrivate(GetPrivate());
   clone->SetInsecureScheme(GetInsecureScheme());
   clone->SetNoSpdy(GetNoSpdy());
   clone->SetBeConservative(GetBeConservative());
+  clone->SetIsolated(GetIsolated());
   clone->SetTlsFlags(GetTlsFlags());
   clone->SetTrrUsed(GetTrrUsed());
   clone->SetTrrDisabled(GetTrrDisabled());
   clone->SetIPv4Disabled(GetIPv4Disabled());
   clone->SetIPv6Disabled(GetIPv6Disabled());
 
   clone.forget(outCI);
 }
@@ -323,17 +326,17 @@ void nsHttpConnectionInfo::SetIPv6Disabl
     mIPv6Disabled = aNoIPv6;
     BuildHashKey();
   }
 }
 
 void nsHttpConnectionInfo::SetTlsFlags(uint32_t aTlsFlags) {
   mTlsFlags = aTlsFlags;
 
-  mHashKey.Replace(18, 8, nsPrintfCString("%08x", mTlsFlags));
+  mHashKey.Replace(19, 8, nsPrintfCString("%08x", mTlsFlags));
 }
 
 bool nsHttpConnectionInfo::UsingProxy() {
   if (!mProxyInfo) return false;
   return !mProxyInfo->IsDirect();
 }
 
 bool nsHttpConnectionInfo::HostIsLocalIPLiteral() const {
--- a/netwerk/protocol/http/nsHttpConnectionInfo.h
+++ b/netwerk/protocol/http/nsHttpConnectionInfo.h
@@ -117,16 +117,21 @@ class nsHttpConnectionInfo final : publi
   void SetNoSpdy(bool aNoSpdy) { mHashKey.SetCharAt(aNoSpdy ? 'X' : '.', 5); }
   bool GetNoSpdy() const { return mHashKey.CharAt(5) == 'X'; }
 
   void SetBeConservative(bool aBeConservative) {
     mHashKey.SetCharAt(aBeConservative ? 'C' : '.', 6);
   }
   bool GetBeConservative() const { return mHashKey.CharAt(6) == 'C'; }
 
+  void SetIsolated(bool aIsolated) {
+    mHashKey.SetCharAt(aIsolated ? 'i' : '.', 7);
+  }
+  bool GetIsolated() const { return mHashKey.CharAt(7) == 'i'; }
+
   void SetTlsFlags(uint32_t aTlsFlags);
   uint32_t GetTlsFlags() const { return mTlsFlags; }
 
   // TrrUsed means that this connection is used to send TRR requests over
   void SetTrrUsed(bool aUsed) { mTrrUsed = aUsed; }
   bool GetTrrUsed() const { return mTrrUsed; }
 
   // SetTrrDisabled means don't use TRR to resolve host names for this
--- a/netwerk/protocol/http/nsHttpConnectionMgr.cpp
+++ b/netwerk/protocol/http/nsHttpConnectionMgr.cpp
@@ -4020,17 +4020,19 @@ nsresult nsHttpConnectionMgr::nsHalfOpen
 
   if (mCaps & NS_HTTP_DISABLE_TRR) {
     tmpFlags = nsISocketTransport::DISABLE_TRR;
   }
 
   if (mCaps & NS_HTTP_LOAD_ANONYMOUS)
     tmpFlags |= nsISocketTransport::ANONYMOUS_CONNECT;
 
-  if (ci->GetPrivate()) tmpFlags |= nsISocketTransport::NO_PERMANENT_STORAGE;
+  if (ci->GetPrivate() || ci->GetIsolated()) {
+    tmpFlags |= nsISocketTransport::NO_PERMANENT_STORAGE;
+  }
 
   if (ci->GetLessThanTls13()) {
     tmpFlags |= nsISocketTransport::DONT_TRY_ESNI;
   }
 
   if ((mCaps & NS_HTTP_BE_CONSERVATIVE) || ci->GetBeConservative()) {
     LOG(("Setting Socket to BE_CONSERVATIVE"));
     tmpFlags |= nsISocketTransport::BE_CONSERVATIVE;