Bug 1543068 - P3 Take COEP into account for COOP mismatch r=nika
authorJunior Hsu <juhsu@mozilla.com>
Thu, 08 Aug 2019 19:00:00 +0000
changeset 487058 8dd91127f3e4a1ca6714771ee17af60e15a91caa
parent 487057 0833c215f847cabfd9c2762e3eda522985aaae53
child 487059 d2537bde70ba6e99ac5ed008a882a5ecf7a41c49
push id36411
push userrmaries@mozilla.com
push dateFri, 09 Aug 2019 03:49:20 +0000
treeherdermozilla-central@047e16b38566 [default view] [failures only]
perfherder[talos] [build metrics] [platform microbench] (compared to previous push)
reviewersnika
bugs1543068
milestone70.0a1
first release with
nightly linux32
nightly linux64
nightly mac
nightly win32
nightly win64
last release without
nightly linux32
nightly linux64
nightly mac
nightly win32
nightly win64
Bug 1543068 - P3 Take COEP into account for COOP mismatch r=nika Step 9 in obtain a cross-origin opener-policy https://gist.github.com/annevk/6f2dd8c79c77123f39797f6bdac43f3e Differential Revision: https://phabricator.services.mozilla.com/D38950
ipc/glue/IPCMessageUtils.h
netwerk/base/nsILoadInfo.idl
netwerk/protocol/http/HttpBaseChannel.cpp
netwerk/protocol/http/HttpBaseChannel.h
netwerk/protocol/http/nsHttpChannel.cpp
netwerk/protocol/http/nsHttpChannel.h
--- a/ipc/glue/IPCMessageUtils.h
+++ b/ipc/glue/IPCMessageUtils.h
@@ -1060,16 +1060,18 @@ struct ParamTraits<mozilla::dom::Optiona
   }
 };
 
 struct CrossOriginOpenerPolicyValidator {
   static bool IsLegalValue(nsILoadInfo::CrossOriginOpenerPolicy e) {
     return e == nsILoadInfo::OPENER_POLICY_NULL ||
            e == nsILoadInfo::OPENER_POLICY_SAME_ORIGIN ||
            e == nsILoadInfo::OPENER_POLICY_SAME_SITE ||
+           e == nsILoadInfo::
+                    OPENER_POLICY_SAME_ORIGIN_EMBEDDER_POLICY_REQUIRE_CORP ||
            e == nsILoadInfo::OPENER_POLICY_SAME_ORIGIN_ALLOW_OUTGOING ||
            e == nsILoadInfo::OPENER_POLICY_SAME_SITE_ALLOW_OUTGOING;
   }
 };
 
 template <>
 struct ParamTraits<nsILoadInfo::CrossOriginOpenerPolicy>
     : EnumSerializer<nsILoadInfo::CrossOriginOpenerPolicy,
--- a/netwerk/base/nsILoadInfo.idl
+++ b/netwerk/base/nsILoadInfo.idl
@@ -1191,21 +1191,27 @@ interface nsILoadInfo : nsISupports
   /**
    * This attribute will be true if this is a load triggered by
    * https://html.spec.whatwg.org/multipage/iframe-embed-object.html#process-the-iframe-attributes
    * or https://html.spec.whatwg.org/multipage/obsolete.html#process-the-frame-attributes
    */
   [infallible] readonly attribute boolean isFromProcessingFrameAttributes;
 
   cenum CrossOriginOpenerPolicy : 8 {
-    OPENER_POLICY_NULL           = 0,
-    OPENER_POLICY_SAME_ORIGIN    = 1,
-    OPENER_POLICY_SAME_SITE      = 2,
+    OPENER_POLICY_NULL = 0,
+    OPENER_POLICY_SAME_ORIGIN = 1,
+    OPENER_POLICY_SAME_SITE = 2,
+    OPENER_POLICY_EMBEDDER_POLICY_REQUIRE_CORP_FLAG = 0x10,
     OPENER_POLICY_UNSAFE_ALLOW_OUTGOING_FLAG = 0x80,
-    OPENER_POLICY_SAME_ORIGIN_ALLOW_OUTGOING = OPENER_POLICY_SAME_ORIGIN | OPENER_POLICY_UNSAFE_ALLOW_OUTGOING_FLAG,
-    OPENER_POLICY_SAME_SITE_ALLOW_OUTGOING = OPENER_POLICY_SAME_SITE | OPENER_POLICY_UNSAFE_ALLOW_OUTGOING_FLAG
+    OPENER_POLICY_SAME_ORIGIN_EMBEDDER_POLICY_REQUIRE_CORP =
+        OPENER_POLICY_SAME_ORIGIN |
+        OPENER_POLICY_EMBEDDER_POLICY_REQUIRE_CORP_FLAG,
+    OPENER_POLICY_SAME_ORIGIN_ALLOW_OUTGOING =
+        OPENER_POLICY_SAME_ORIGIN | OPENER_POLICY_UNSAFE_ALLOW_OUTGOING_FLAG,
+    OPENER_POLICY_SAME_SITE_ALLOW_OUTGOING =
+        OPENER_POLICY_SAME_SITE | OPENER_POLICY_UNSAFE_ALLOW_OUTGOING_FLAG
   };
 
   cenum CrossOriginEmbedderPolicy : 8 {
     EMBEDDER_POLICY_NULL = 0,
     EMBEDDER_POLICY_REQUIRE_CORP = 1,
   };
 };
--- a/netwerk/protocol/http/HttpBaseChannel.cpp
+++ b/netwerk/protocol/http/HttpBaseChannel.cpp
@@ -4273,16 +4273,37 @@ HttpBaseChannel::CancelByURLClassifier(n
       UrlClassifierFeatureFactory::IsClassifierBlockingErrorCode(aErrorCode));
   return Cancel(aErrorCode);
 }
 
 void HttpBaseChannel::SetIPv4Disabled() { mCaps |= NS_HTTP_DISABLE_IPV4; }
 
 void HttpBaseChannel::SetIPv6Disabled() { mCaps |= NS_HTTP_DISABLE_IPV6; }
 
+nsresult HttpBaseChannel::GetResponseEmbedderPolicy(
+    nsILoadInfo::CrossOriginEmbedderPolicy* aResponseEmbedderPolicy) {
+  if (!mResponseHead) {
+    return NS_ERROR_NOT_AVAILABLE;
+  }
+
+  nsILoadInfo::CrossOriginEmbedderPolicy policy =
+      nsILoadInfo::EMBEDDER_POLICY_NULL;
+
+  nsAutoCString content;
+  Unused << mResponseHead->GetHeader(nsHttp::Cross_Origin_Embedder_Policy,
+                                     content);
+
+  if (content.EqualsLiteral("require-corp")) {
+    policy = nsILoadInfo::EMBEDDER_POLICY_REQUIRE_CORP;
+  }
+
+  *aResponseEmbedderPolicy = policy;
+  return NS_OK;
+}
+
 NS_IMETHODIMP HttpBaseChannel::GetCrossOriginOpenerPolicy(
     nsILoadInfo::CrossOriginOpenerPolicy* aPolicy) {
   if (!mResponseHead) {
     return NS_ERROR_NOT_AVAILABLE;
   }
 
   nsAutoCString openerPolicy;
   Unused << mResponseHead->GetHeader(nsHttp::Cross_Origin_Opener_Policy,
@@ -4323,14 +4344,26 @@ NS_IMETHODIMP HttpBaseChannel::GetCrossO
     }
   } else if (sameness.EqualsLiteral("same-site")) {
     policy = nsILoadInfo::OPENER_POLICY_SAME_SITE;
     if (allowOutgoing) {
       policy = nsILoadInfo::OPENER_POLICY_SAME_SITE_ALLOW_OUTGOING;
     }
   }
 
+  // Step 9 in obtain a cross-origin opener-policy
+  // https://gist.github.com/annevk/6f2dd8c79c77123f39797f6bdac43f3e
+  if (policy == nsILoadInfo::OPENER_POLICY_SAME_ORIGIN) {
+    nsILoadInfo::CrossOriginEmbedderPolicy coep =
+        nsILoadInfo::EMBEDDER_POLICY_NULL;
+    if (NS_SUCCEEDED(GetResponseEmbedderPolicy(&coep)) &&
+        coep == nsILoadInfo::EMBEDDER_POLICY_REQUIRE_CORP) {
+      policy =
+          nsILoadInfo::OPENER_POLICY_SAME_ORIGIN_EMBEDDER_POLICY_REQUIRE_CORP;
+    }
+  }
+
   *aPolicy = policy;
   return NS_OK;
 }
 
 }  // namespace net
 }  // namespace mozilla
--- a/netwerk/protocol/http/HttpBaseChannel.h
+++ b/netwerk/protocol/http/HttpBaseChannel.h
@@ -540,16 +540,19 @@ class HttpBaseChannel : public nsHashPro
   static void CallTypeSniffers(void* aClosure, const uint8_t* aData,
                                uint32_t aCount);
 
   nsresult CheckRedirectLimit(uint32_t aRedirectFlags) const;
 
   bool MaybeWaitForUploadStreamLength(nsIStreamListener* aListener,
                                       nsISupports* aContext);
 
+  nsresult GetResponseEmbedderPolicy(
+      nsILoadInfo::CrossOriginEmbedderPolicy* aResponseEmbedderPolicy);
+
   friend class PrivateBrowsingChannel<HttpBaseChannel>;
   friend class InterceptFailedOnStop;
 
  protected:
   // this section is for main-thread-only object
   // all the references need to be proxy released on main thread.
   nsCOMPtr<nsIURI> mURI;
   nsCOMPtr<nsIURI> mOriginalURI;
--- a/netwerk/protocol/http/nsHttpChannel.cpp
+++ b/netwerk/protocol/http/nsHttpChannel.cpp
@@ -7474,37 +7474,16 @@ nsresult nsHttpChannel::ComputeCrossOrig
   if (!ctx->Canonical()->GetCurrentWindowGlobal()->IsInitialDocument()) {
     mHasCrossOriginOpenerPolicyMismatch = true;
     return NS_OK;
   }
 
   return NS_OK;
 }
 
-nsresult nsHttpChannel::GetResponseEmbedderPolicy(
-    nsILoadInfo::CrossOriginEmbedderPolicy* aResponseEmbedderPolicy) {
-  if (!mResponseHead) {
-    return NS_ERROR_NOT_AVAILABLE;
-  }
-
-  nsILoadInfo::CrossOriginEmbedderPolicy policy =
-      nsILoadInfo::EMBEDDER_POLICY_NULL;
-
-  nsAutoCString content;
-  Unused << mResponseHead->GetHeader(nsHttp::Cross_Origin_Embedder_Policy,
-                                     content);
-
-  if (content.EqualsLiteral("require-corp")) {
-    policy = nsILoadInfo::EMBEDDER_POLICY_REQUIRE_CORP;
-  }
-
-  *aResponseEmbedderPolicy = policy;
-  return NS_OK;
-}
-
 // https://mikewest.github.io/corpp/#process-navigation-response
 nsresult nsHttpChannel::ProcessCrossOriginEmbedderPolicyHeader() {
   nsresult rv;
   if (!StaticPrefs::browser_tabs_remote_useCrossOriginEmbedderPolicy()) {
     return NS_OK;
   }
 
   // Only consider Cross-Origin-Embedder-Policy for document loads.
--- a/netwerk/protocol/http/nsHttpChannel.h
+++ b/netwerk/protocol/http/nsHttpChannel.h
@@ -475,18 +475,16 @@ class nsHttpChannel final : public HttpB
   MOZ_MUST_USE nsresult
   ProcessContentSignatureHeader(nsHttpResponseHead* aResponseHead);
 
   /**
    * A function that will, if the feature is enabled, send security reports.
    */
   void ProcessSecurityReport(nsresult status);
 
-  nsresult GetResponseEmbedderPolicy(
-      nsILoadInfo::CrossOriginEmbedderPolicy* aResponseEmbedderPolicy);
   nsresult ProcessCrossOriginEmbedderPolicyHeader();
   nsresult ProcessCrossOriginResourcePolicyHeader();
 
   nsresult ComputeCrossOriginOpenerPolicyMismatch();
 
   /**
    * A function to process a single security header (STS or PKP), assumes
    * some basic sanity checks have been applied to the channel. Called