Bug 1525245 - Stabilize cookiePolicy/cookiePermission for live documents - part 12 - new CookieSettings for SharedWorkers and ServiceWorkers, r=Ehsan
☠☠ backed out by 66a4a5cb3fc7 ☠ ☠
authorAndrea Marchesini <amarchesini@mozilla.com>
Wed, 27 Feb 2019 19:58:26 +0000
changeset 519393 009e7457b990b1a0f6c19814cd31526539303ebc
parent 519392 efb2e8fca464952ac811ffc124d47bb543ff3a76
child 519394 3063f37eb7b21e145478f9ee641d2945e0e36986
push id10862
push userffxbld-merge
push dateMon, 11 Mar 2019 13:01:11 +0000
treeherdermozilla-beta@a2e7f5c935da [default view] [failures only]
perfherder[talos] [build metrics] [platform microbench] (compared to previous push)
reviewersEhsan
bugs1525245
milestone67.0a1
first release with
nightly linux32
nightly linux64
nightly mac
nightly win32
nightly win64
last release without
nightly linux32
nightly linux64
nightly mac
nightly win32
nightly win64
Bug 1525245 - Stabilize cookiePolicy/cookiePermission for live documents - part 12 - new CookieSettings for SharedWorkers and ServiceWorkers, r=Ehsan Differential Revision: https://phabricator.services.mozilla.com/D21357
netwerk/base/LoadInfo.cpp
--- a/netwerk/base/LoadInfo.cpp
+++ b/netwerk/base/LoadInfo.cpp
@@ -277,16 +277,27 @@ LoadInfo::LoadInfo(
     // if owner doc has content signature, we enforce SRI
     nsCOMPtr<nsIChannel> channel = aLoadingContext->OwnerDoc()->GetChannel();
     if (channel) {
       nsCOMPtr<nsILoadInfo> loadInfo = channel->LoadInfo();
       mEnforceSRI = loadInfo->GetVerifySignedContent();
     }
   }
 
+  // Create a new CookieSettings for SharedWorkers and ServiceWorkers because
+  // they cannot inherit it from other contexts:
+  // - ServiceWorkers does not belong to any windows.
+  // - SharedWorkers belong to many windows which could have different
+  //   CookieSettings objects.
+  if (!mCookieSettings &&
+      (aContentPolicyType == nsIContentPolicy::TYPE_INTERNAL_SHARED_WORKER ||
+       aContentPolicyType == nsIContentPolicy::TYPE_INTERNAL_SERVICE_WORKER)) {
+    mCookieSettings = CookieSettings::Create();
+  }
+
   // If CSP requires SRI (require-sri-for), then store that information
   // in the loadInfo so we can enforce SRI before loading the subresource.
   if (!mEnforceSRI) {
     // do not look into the CSP if already true:
     // a CSP saying that SRI isn't needed should not
     // overrule GetVerifySignedContent
     if (aLoadingPrincipal) {
       nsCOMPtr<nsIContentSecurityPolicy> csp;