Bug 1639807 - Isolate image cache per first-party when privacy.partition.network_state is set to true - part 1 - Rename isolation key member in ImageCacheKey, r=timhuang
authorAndrea Marchesini <amarchesini@mozilla.com>
Thu, 21 May 2020 11:28:14 +0000
changeset 531422 ea57e047f524113afc011567a5b83e9f2bad0a0d
parent 531421 a1e751f0ab229fcf45353cc0cdeee8c8714544bf
child 531423 c904f37eb5aded2df116d0457e31521e28f224ea
push id37439
push userbtara@mozilla.com
push dateThu, 21 May 2020 21:49:34 +0000
treeherdermozilla-central@92c11f0bf14b [default view] [failures only]
perfherder[talos] [build metrics] [platform microbench] (compared to previous push)
reviewerstimhuang
bugs1639807
milestone78.0a1
first release with
nightly linux32
nightly linux64
nightly mac
nightly win32
nightly win64
last release without
nightly linux32
nightly linux64
nightly mac
nightly win32
nightly win64
Bug 1639807 - Isolate image cache per first-party when privacy.partition.network_state is set to true - part 1 - Rename isolation key member in ImageCacheKey, r=timhuang Differential Revision: https://phabricator.services.mozilla.com/D76282
image/ImageCacheKey.cpp
image/ImageCacheKey.h
--- a/image/ImageCacheKey.cpp
+++ b/image/ImageCacheKey.cpp
@@ -5,21 +5,23 @@
 
 #include "ImageCacheKey.h"
 
 #include <utility>
 
 #include "mozilla/ContentBlocking.h"
 #include "mozilla/HashFunctions.h"
 #include "mozilla/StorageAccess.h"
+#include "mozilla/StoragePrincipalHelper.h"
 #include "mozilla/Unused.h"
 #include "mozilla/dom/BlobURLProtocolHandler.h"
 #include "mozilla/dom/Document.h"
 #include "mozilla/dom/File.h"
 #include "mozilla/dom/ServiceWorkerManager.h"
+#include "mozilla/StaticPrefs_privacy.h"
 #include "nsContentUtils.h"
 #include "nsHashKeys.h"
 #include "nsLayoutUtils.h"
 #include "nsPrintfCString.h"
 #include "nsString.h"
 
 namespace mozilla {
 
@@ -40,55 +42,55 @@ static Maybe<uint64_t> BlobSerial(nsIURI
   return Nothing();
 }
 
 ImageCacheKey::ImageCacheKey(nsIURI* aURI, const OriginAttributes& aAttrs,
                              Document* aDocument)
     : mURI(aURI),
       mOriginAttributes(aAttrs),
       mControlledDocument(GetSpecialCaseDocumentToken(aDocument)),
-      mTopLevelBaseDomain(GetTopLevelBaseDomain(aDocument, aURI)),
+      mIsolationKey(GetIsolationKey(aDocument, aURI)),
       mIsChrome(false) {
   if (mURI->SchemeIs("blob")) {
     mBlobSerial = BlobSerial(mURI);
   } else if (mURI->SchemeIs("chrome")) {
     mIsChrome = true;
   }
 }
 
 ImageCacheKey::ImageCacheKey(const ImageCacheKey& aOther)
     : mURI(aOther.mURI),
       mBlobSerial(aOther.mBlobSerial),
       mBlobRef(aOther.mBlobRef),
       mOriginAttributes(aOther.mOriginAttributes),
       mControlledDocument(aOther.mControlledDocument),
-      mTopLevelBaseDomain(aOther.mTopLevelBaseDomain),
+      mIsolationKey(aOther.mIsolationKey),
       mHash(aOther.mHash),
       mIsChrome(aOther.mIsChrome) {}
 
 ImageCacheKey::ImageCacheKey(ImageCacheKey&& aOther)
     : mURI(std::move(aOther.mURI)),
       mBlobSerial(std::move(aOther.mBlobSerial)),
       mBlobRef(std::move(aOther.mBlobRef)),
       mOriginAttributes(aOther.mOriginAttributes),
       mControlledDocument(aOther.mControlledDocument),
-      mTopLevelBaseDomain(aOther.mTopLevelBaseDomain),
+      mIsolationKey(aOther.mIsolationKey),
       mHash(aOther.mHash),
       mIsChrome(aOther.mIsChrome) {}
 
 bool ImageCacheKey::operator==(const ImageCacheKey& aOther) const {
   // Don't share the image cache between a controlled document and anything
   // else.
   if (mControlledDocument != aOther.mControlledDocument) {
     return false;
   }
   // Don't share the image cache between two top-level documents of different
   // base domains.
-  if (!mTopLevelBaseDomain.Equals(aOther.mTopLevelBaseDomain,
-                                  nsCaseInsensitiveCStringComparator())) {
+  if (!mIsolationKey.Equals(aOther.mIsolationKey,
+                            nsCaseInsensitiveCStringComparator())) {
     return false;
   }
   // The origin attributes always have to match.
   if (mOriginAttributes != aOther.mOriginAttributes) {
     return false;
   }
   if (mBlobSerial || aOther.mBlobSerial) {
     if (mBlobSerial && mBlobRef.IsEmpty()) {
@@ -133,17 +135,17 @@ void ImageCacheKey::EnsureHash() const {
     }
     hash = HashGeneric(*mBlobSerial, HashString(mBlobRef));
   } else {
     nsAutoCString spec;
     Unused << mURI->GetSpec(spec);
     hash = HashString(spec);
   }
 
-  hash = AddToHash(hash, HashString(suffix), HashString(mTopLevelBaseDomain),
+  hash = AddToHash(hash, HashString(suffix), HashString(mIsolationKey),
                    HashString(ptr));
   mHash.emplace(hash);
 }
 
 /* static */
 void* ImageCacheKey::GetSpecialCaseDocumentToken(Document* aDocument) {
   // Cookie-averse documents can never have storage granted to them.  Since they
   // may not have inner windows, they would require special handling below, so
@@ -158,18 +160,17 @@ void* ImageCacheKey::GetSpecialCaseDocum
   if (swm && aDocument->GetController().isSome()) {
     return aDocument;
   }
 
   return nullptr;
 }
 
 /* static */
-nsCString ImageCacheKey::GetTopLevelBaseDomain(Document* aDocument,
-                                               nsIURI* aURI) {
+nsCString ImageCacheKey::GetIsolationKey(Document* aDocument, nsIURI* aURI) {
   if (!aDocument || !aDocument->GetInnerWindow()) {
     return EmptyCString();
   }
 
   // If the window is 3rd party resource, let's see if first-party storage
   // access is granted for this image.
   if (nsContentUtils::IsThirdPartyWindowOrChannel(aDocument->GetInnerWindow(),
                                                   nullptr, nullptr)) {
--- a/image/ImageCacheKey.h
+++ b/image/ImageCacheKey.h
@@ -58,30 +58,30 @@ class ImageCacheKey final {
   /// belongs to, if any.
   void* ControlledDocument() const { return mControlledDocument; }
 
  private:
   // For ServiceWorker we need to use the document as
   // token for the key. All those exceptions are handled by this method.
   static void* GetSpecialCaseDocumentToken(dom::Document* aDocument);
 
-  // For anti-tracking we need to use the top-level document's base domain for
-  // the key. This is handled by this method.
-  static nsCString GetTopLevelBaseDomain(dom::Document* aDocument,
-                                         nsIURI* aURI);
+  // For anti-tracking we need to use an isolation key. It can be the suffix of
+  // the IntrinsicStoragePrincipal (see StoragePrincipalHelper.h) or the
+  // top-level document's base domain. This is handled by this method.
+  static nsCString GetIsolationKey(dom::Document* aDocument, nsIURI* aURI);
 
   void EnsureHash() const;
   void EnsureBlobRef() const;
 
   nsCOMPtr<nsIURI> mURI;
   Maybe<uint64_t> mBlobSerial;
   mutable nsCString mBlobRef;
   OriginAttributes mOriginAttributes;
   void* mControlledDocument;
-  nsCString mTopLevelBaseDomain;
+  nsCString mIsolationKey;
   mutable Maybe<PLDHashNumber> mHash;
   bool mIsChrome;
 };
 
 }  // namespace image
 }  // namespace mozilla
 
 #endif  // mozilla_image_src_ImageCacheKey_h