Mercurial > mozilla-central / changeset / 8c866545bc7cc179067045b3efc760db40fb945b
summary | shortlog | changelog | pushlog | graph | tags | bookmarks | branches | files | changeset | raw | zip | help
Find changesets by keywords (author, files, the commit message), revision number or hash, or revset expression.
Bug 1454027 - Update SameSite cookie handling inside iframes.r=valentin
authorChristoph Kerschbaumer <ckerschb@christophkerschbaumer.com>
Tue, 17 Apr 2018 18:25:59 +0200
changeset 414172 8c866545bc7cc179067045b3efc760db40fb945b
parent 414171 33d4420119d61139f2cb7ced1cd73ba72efe8cc2
child 414173 0e0dec87cddd04f4d6a3fb05e411ed7196d9d339
push id33861
push userccoroiu@mozilla.com
push dateWed, 18 Apr 2018 10:50:38 +0000
treeherdermozilla-central@4af4ae0aee55 [default view] [failures only]
perfherder[talos] [build metrics] [platform microbench] (compared to previous push)
reviewersvalentin
bugs1454027
milestone61.0a1
first release with
nightly linux32
4af4ae0aee55 / 61.0a1 / 20180418112600 / files
nightly linux64
4af4ae0aee55 / 61.0a1 / 20180418112600 / files
nightly mac
4af4ae0aee55 / 61.0a1 / 20180418112600 / files
nightly win32
4af4ae0aee55 / 61.0a1 / 20180418112600 / files
nightly win64
4af4ae0aee55 / 61.0a1 / 20180418112600 / files
last release without
nightly linux32
f94b64e00202 / 61.0a1 / 20180417100054 / files
nightly linux64
f94b64e00202 / 61.0a1 / 20180417100054 / files
nightly mac
f94b64e00202 / 61.0a1 / 20180417100054 / files
nightly win32
f94b64e00202 / 61.0a1 / 20180417100054 / files
nightly win64
f94b64e00202 / 61.0a1 / 20180417100054 / files
Bug 1454027 - Update SameSite cookie handling inside iframes.r=valentin
netwerk/base/nsNetUtil.cpp file | annotate | diff | comparison | revisions 
--- a/netwerk/base/nsNetUtil.cpp
+++ b/netwerk/base/nsNetUtil.cpp
@@ -2155,38 +2155,50 @@ bool NS_IsSameSiteForeign(nsIChannel* aC
   }
 
   nsCOMPtr<mozIThirdPartyUtil> thirdPartyUtil =
     do_GetService(THIRDPARTYUTIL_CONTRACTID);
   if (!thirdPartyUtil) {
     return false;
   }
 
-  bool isForeign = false;
-  thirdPartyUtil->IsThirdPartyChannel(aChannel, uri, &isForeign);
-
+  bool isForeign = true;
+  nsresult rv = thirdPartyUtil->IsThirdPartyChannel(aChannel, uri, &isForeign);
   // if we are dealing with a cross origin request, we can return here
   // because we already know the request is 'foreign'.
-  if (isForeign) {
+  if (NS_FAILED(rv) || isForeign) {
     return true;
   }
 
+  // for loads of TYPE_SUBDOCUMENT we have to perform an additional test, because
+  // a cross-origin iframe might perform a navigation to a same-origin iframe which
+  // would send same-site cookies. Hence, if the iframe navigation was triggered
+  // by a cross-origin triggeringPrincipal, we treat the load as foreign.
+  if (loadInfo->GetExternalContentPolicyType() == nsIContentPolicy::TYPE_SUBDOCUMENT) {
+    nsCOMPtr<nsIURI> triggeringPrincipalURI;
+    loadInfo->TriggeringPrincipal()->GetURI(getter_AddRefs(triggeringPrincipalURI));
+    rv = thirdPartyUtil->IsThirdPartyChannel(aChannel, triggeringPrincipalURI, &isForeign);
+    if (NS_FAILED(rv) || isForeign) {
+      return true;
+    }
+  }
+
   // for the purpose of same-site cookies we have to treat any cross-origin
   // redirects as foreign. E.g. cross-site to same-site redirect is a problem
   // with regards to CSRF.
 
   nsCOMPtr<nsIPrincipal> redirectPrincipal;
   nsCOMPtr<nsIURI> redirectURI;
   for (nsIRedirectHistoryEntry* entry : loadInfo->RedirectChain()) {
     entry->GetPrincipal(getter_AddRefs(redirectPrincipal));
     if (redirectPrincipal) {
       redirectPrincipal->GetURI(getter_AddRefs(redirectURI));
-      thirdPartyUtil->IsThirdPartyChannel(aChannel, redirectURI, &isForeign);
+      rv = thirdPartyUtil->IsThirdPartyChannel(aChannel, redirectURI, &isForeign);
       // if at any point we encounter a cross-origin redirect we can return.
-      if (isForeign) {
+      if (NS_FAILED(rv) || isForeign) {
         return true;
       }
     }
   }
   return isForeign;
 }
 
 bool
mozilla-central
Deployed from 72871ee0a733 at 2021-09-16T18:40:01Z.