Bug 1596855 - Update browser_permmgr_sync.js for Fission. r=pbz
authorJohann Hofmann <jhofmann@mozilla.com>
Wed, 20 May 2020 16:45:01 +0000
changeset 531471 7c209c5db0267a0efb9fed1494b63e54029a9b2a
parent 531470 4675dce01d8b5baca47a1a7c938352677a383f16
child 531472 ea5c6d4d3de83189c0b11bca9030a4f3e125c75e
push id37440
push userabutkovits@mozilla.com
push dateFri, 22 May 2020 09:43:16 +0000
treeherdermozilla-central@fbf71e4d2e21 [default view] [failures only]
perfherder[talos] [build metrics] [platform microbench] (compared to previous push)
reviewerspbz
bugs1596855
milestone78.0a1
first release with
nightly linux32
nightly linux64
nightly mac
nightly win32
nightly win64
last release without
nightly linux32
nightly linux64
nightly mac
nightly win32
nightly win64
Bug 1596855 - Update browser_permmgr_sync.js for Fission. r=pbz The test was updated to ensure that under Fission we're not syncing all permission information to a "parent" content process, and instead just to the specific iframe that needs it. Differential Revision: https://phabricator.services.mozilla.com/D76103
extensions/permissions/test/browser.ini
extensions/permissions/test/browser_permmgr_sync.js
--- a/extensions/permissions/test/browser.ini
+++ b/extensions/permissions/test/browser.ini
@@ -1,10 +1,9 @@
 [DEFAULT]
 
 [browser_permmgr_sync.js]
-fail-if = fission
 # The browser_permmgr_sync test tests e10s specific behavior, and runs code
 # paths which would hit the debug only assertion in
 # PermissionManager::PermissionKey::CreateFromPrincipal. Because of this, it
 # is only run in e10s opt builds.
 skip-if = debug || !e10s
 [browser_permmgr_viewsrc.js]
--- a/extensions/permissions/test/browser_permmgr_sync.js
+++ b/extensions/permissions/test/browser_permmgr_sync.js
@@ -73,125 +73,173 @@ add_task(async function() {
               "https://somerandomwebsite.com"
             ),
             "cookie"
           ),
           Services.perms.ALLOW_ACTION,
           "cookie-1"
         );
 
+        let iframe = content.document.createElement("iframe");
+
         // Perform a load of example.com
         await new Promise(resolve => {
-          let iframe = content.document.createElement("iframe");
           iframe.setAttribute("src", "http://example.com");
           iframe.onload = resolve;
           content.document.body.appendChild(iframe);
         });
 
-        // After the load finishes, we should know about example.com, but not foo.bar.example.com
+        // After the load finishes, the iframe process should know about example.com, but not foo.bar.example.com
+        await content.SpecialPowers.spawn(iframe, [], async function() {
+          is(
+            Services.perms.testPermissionFromPrincipal(
+              Services.scriptSecurityManager.createContentPrincipalFromOrigin(
+                "http://example.com"
+              ),
+              "perm1"
+            ),
+            Services.perms.ALLOW_ACTION,
+            "perm1-2"
+          );
+
+          is(
+            Services.perms.testPermissionFromPrincipal(
+              Services.scriptSecurityManager.createContentPrincipalFromOrigin(
+                "http://foo.bar.example.com"
+              ),
+              "perm2"
+            ),
+            Services.perms.UNKNOWN_ACTION,
+            "perm2-2"
+          );
+
+          is(
+            Services.perms.testPermissionFromPrincipal(
+              Services.scriptSecurityManager.createContentPrincipalFromOrigin(
+                "about:home"
+              ),
+              "perm3"
+            ),
+            Services.perms.ALLOW_ACTION,
+            "perm3-2"
+          );
+
+          is(
+            Services.perms.testPermissionFromPrincipal(
+              Services.scriptSecurityManager.createContentPrincipalFromOrigin(
+                "https://example.com"
+              ),
+              "perm4"
+            ),
+            Services.perms.UNKNOWN_ACTION,
+            "perm4-2"
+          );
+
+          is(
+            Services.perms.testPermissionFromPrincipal(
+              Services.scriptSecurityManager.createContentPrincipalFromOrigin(
+                "https://somerandomwebsite.com"
+              ),
+              "cookie"
+            ),
+            Services.perms.ALLOW_ACTION,
+            "cookie-2"
+          );
+        });
+
+        // In Fission only, the parent process should have no knowledge about the child
+        // process permissions
         is(
           Services.perms.testPermissionFromPrincipal(
             Services.scriptSecurityManager.createContentPrincipalFromOrigin(
               "http://example.com"
             ),
             "perm1"
           ),
-          Services.perms.ALLOW_ACTION,
-          "perm1-2"
+          SpecialPowers.useRemoteSubframes
+            ? Services.perms.UNKNOWN_ACTION
+            : Services.perms.ALLOW_ACTION,
+          "perm1-3"
         );
+
         is(
           Services.perms.testPermissionFromPrincipal(
             Services.scriptSecurityManager.createContentPrincipalFromOrigin(
               "http://foo.bar.example.com"
             ),
             "perm2"
           ),
           Services.perms.UNKNOWN_ACTION,
-          "perm2-2"
+          "perm2-3"
         );
-        is(
-          Services.perms.testPermissionFromPrincipal(
-            Services.scriptSecurityManager.createContentPrincipalFromOrigin(
-              "about:home"
-            ),
-            "perm3"
-          ),
-          Services.perms.ALLOW_ACTION,
-          "perm3-2"
-        );
+
         is(
           Services.perms.testPermissionFromPrincipal(
             Services.scriptSecurityManager.createContentPrincipalFromOrigin(
               "https://example.com"
             ),
             "perm4"
           ),
           Services.perms.UNKNOWN_ACTION,
-          "perm4-2"
-        );
-        is(
-          Services.perms.testPermissionFromPrincipal(
-            Services.scriptSecurityManager.createContentPrincipalFromOrigin(
-              "https://somerandomwebsite.com"
-            ),
-            "cookie"
-          ),
-          Services.perms.ALLOW_ACTION,
-          "cookie-2"
+          "perm4-3"
         );
       });
 
       addPerm("http://example.com", "newperm1");
       addPerm("http://foo.bar.example.com", "newperm2");
       addPerm("about:home", "newperm3");
       addPerm("https://example.com", "newperm4");
       addPerm("https://someotherrandomwebsite.com", "cookie");
 
       await SpecialPowers.spawn(aBrowser, [], async function() {
         // The new permissions should be available, but only for
-        // http://example.com, and about:home
+        // http://example.com (without Fission), and about:home.
         is(
           Services.perms.testPermissionFromPrincipal(
             Services.scriptSecurityManager.createContentPrincipalFromOrigin(
               "http://example.com"
             ),
             "perm1"
           ),
-          Services.perms.ALLOW_ACTION,
-          "perm1-3"
+          SpecialPowers.useRemoteSubframes
+            ? Services.perms.UNKNOWN_ACTION
+            : Services.perms.ALLOW_ACTION,
+          "perm1-4"
         );
         is(
           Services.perms.testPermissionFromPrincipal(
             Services.scriptSecurityManager.createContentPrincipalFromOrigin(
               "http://example.com"
             ),
             "newperm1"
           ),
-          Services.perms.ALLOW_ACTION,
-          "newperm1-3"
+          SpecialPowers.useRemoteSubframes
+            ? Services.perms.UNKNOWN_ACTION
+            : Services.perms.ALLOW_ACTION,
+          "newperm1-1"
         );
         is(
           Services.perms.testPermissionFromPrincipal(
             Services.scriptSecurityManager.createContentPrincipalFromOrigin(
               "http://foo.bar.example.com"
             ),
             "perm2"
           ),
           Services.perms.UNKNOWN_ACTION,
-          "perm2-3"
+          "perm2-4"
         );
         is(
           Services.perms.testPermissionFromPrincipal(
             Services.scriptSecurityManager.createContentPrincipalFromOrigin(
               "http://foo.bar.example.com"
             ),
             "newperm2"
           ),
           Services.perms.UNKNOWN_ACTION,
-          "newperm2-3"
+          "newperm2-1"
         );
         is(
           Services.perms.testPermissionFromPrincipal(
             Services.scriptSecurityManager.createContentPrincipalFromOrigin(
               "about:home"
             ),
             "perm3"
           ),
@@ -201,37 +249,37 @@ add_task(async function() {
         is(
           Services.perms.testPermissionFromPrincipal(
             Services.scriptSecurityManager.createContentPrincipalFromOrigin(
               "about:home"
             ),
             "newperm3"
           ),
           Services.perms.ALLOW_ACTION,
-          "newperm3-3"
+          "newperm3-1"
         );
         is(
           Services.perms.testPermissionFromPrincipal(
             Services.scriptSecurityManager.createContentPrincipalFromOrigin(
               "https://example.com"
             ),
             "perm4"
           ),
           Services.perms.UNKNOWN_ACTION,
-          "perm4-3"
+          "perm4-4"
         );
         is(
           Services.perms.testPermissionFromPrincipal(
             Services.scriptSecurityManager.createContentPrincipalFromOrigin(
               "https://example.com"
             ),
             "newperm4"
           ),
           Services.perms.UNKNOWN_ACTION,
-          "newperm4-3"
+          "newperm4-1"
         );
         is(
           Services.perms.testPermissionFromPrincipal(
             Services.scriptSecurityManager.createContentPrincipalFromOrigin(
               "https://somerandomwebsite.com"
             ),
             "cookie"
           ),
@@ -244,65 +292,121 @@ add_task(async function() {
               "https://someotherrandomwebsite.com"
             ),
             "cookie"
           ),
           Services.perms.ALLOW_ACTION,
           "othercookie-3"
         );
 
+        let iframe = content.document.createElement("iframe");
         // Loading a subdomain now, on https
         await new Promise(resolve => {
-          let iframe = content.document.createElement("iframe");
           iframe.setAttribute("src", "https://sub1.test1.example.com");
           iframe.onload = resolve;
           content.document.body.appendChild(iframe);
         });
 
-        // Now that the https subdomain has loaded, we want to make sure that the
-        // permissions are also available for its parent domain, https://example.com!
+        // After the load finishes, the iframe process should not know about
+        // the permissions of its base domain.
+        await content.SpecialPowers.spawn(iframe, [], async function() {
+          is(
+            Services.perms.testPermissionFromPrincipal(
+              Services.scriptSecurityManager.createContentPrincipalFromOrigin(
+                "https://example.com"
+              ),
+              "perm4"
+            ),
+            Services.perms.ALLOW_ACTION,
+            "perm4-5"
+          );
+
+          // In Fission not across schemes, though.
+          is(
+            Services.perms.testPermissionFromPrincipal(
+              Services.scriptSecurityManager.createContentPrincipalFromOrigin(
+                "http://example.com"
+              ),
+              "perm1"
+            ),
+            SpecialPowers.useRemoteSubframes
+              ? Services.perms.UNKNOWN_ACTION
+              : Services.perms.ALLOW_ACTION,
+            "perm1-5"
+          );
+          is(
+            Services.perms.testPermissionFromPrincipal(
+              Services.scriptSecurityManager.createContentPrincipalFromOrigin(
+                "http://example.com"
+              ),
+              "newperm1"
+            ),
+            SpecialPowers.useRemoteSubframes
+              ? Services.perms.UNKNOWN_ACTION
+              : Services.perms.ALLOW_ACTION,
+            "newperm1-2"
+          );
+        });
+
+        // The parent process should still have no permission under Fission.
         is(
           Services.perms.testPermissionFromPrincipal(
             Services.scriptSecurityManager.createContentPrincipalFromOrigin(
               "http://example.com"
             ),
             "perm1"
           ),
-          Services.perms.ALLOW_ACTION,
+          SpecialPowers.useRemoteSubframes
+            ? Services.perms.UNKNOWN_ACTION
+            : Services.perms.ALLOW_ACTION,
           "perm1-4"
         );
         is(
           Services.perms.testPermissionFromPrincipal(
             Services.scriptSecurityManager.createContentPrincipalFromOrigin(
               "http://example.com"
             ),
             "newperm1"
           ),
-          Services.perms.ALLOW_ACTION,
-          "newperm1-4"
+          SpecialPowers.useRemoteSubframes
+            ? Services.perms.UNKNOWN_ACTION
+            : Services.perms.ALLOW_ACTION,
+          "newperm1-3"
+        );
+        is(
+          Services.perms.testPermissionFromPrincipal(
+            Services.scriptSecurityManager.createContentPrincipalFromOrigin(
+              "https://example.com"
+            ),
+            "perm4"
+          ),
+          SpecialPowers.useRemoteSubframes
+            ? Services.perms.UNKNOWN_ACTION
+            : Services.perms.ALLOW_ACTION,
+          "perm4-6"
         );
         is(
           Services.perms.testPermissionFromPrincipal(
             Services.scriptSecurityManager.createContentPrincipalFromOrigin(
               "http://foo.bar.example.com"
             ),
             "perm2"
           ),
           Services.perms.UNKNOWN_ACTION,
-          "perm2-4"
+          "perm2-5"
         );
         is(
           Services.perms.testPermissionFromPrincipal(
             Services.scriptSecurityManager.createContentPrincipalFromOrigin(
               "http://foo.bar.example.com"
             ),
             "newperm2"
           ),
           Services.perms.UNKNOWN_ACTION,
-          "newperm2-4"
+          "newperm2-2"
         );
         is(
           Services.perms.testPermissionFromPrincipal(
             Services.scriptSecurityManager.createContentPrincipalFromOrigin(
               "about:home"
             ),
             "perm3"
           ),
@@ -312,37 +416,17 @@ add_task(async function() {
         is(
           Services.perms.testPermissionFromPrincipal(
             Services.scriptSecurityManager.createContentPrincipalFromOrigin(
               "about:home"
             ),
             "newperm3"
           ),
           Services.perms.ALLOW_ACTION,
-          "newperm3-4"
-        );
-        is(
-          Services.perms.testPermissionFromPrincipal(
-            Services.scriptSecurityManager.createContentPrincipalFromOrigin(
-              "https://example.com"
-            ),
-            "perm4"
-          ),
-          Services.perms.ALLOW_ACTION,
-          "perm4-4"
-        );
-        is(
-          Services.perms.testPermissionFromPrincipal(
-            Services.scriptSecurityManager.createContentPrincipalFromOrigin(
-              "https://example.com"
-            ),
-            "newperm4"
-          ),
-          Services.perms.ALLOW_ACTION,
-          "newperm4-4"
+          "newperm3-2"
         );
         is(
           Services.perms.testPermissionFromPrincipal(
             Services.scriptSecurityManager.createContentPrincipalFromOrigin(
               "https://somerandomwebsite.com"
             ),
             "cookie"
           ),