Bug 1543219 - Allow Mailnews to check protocol flags for cookie permissions. r=jorgk
authorJorg K <jorgk@jorgk.com>
Thu, 02 May 2019 18:07:51 +0200
changeset 531110 254f28b5aa72908bffdeb155e5ce94d65bbfd234
parent 531109 56a1e86bccf1fba70b8743098b9ff57d7cce366d
child 531111 26916fd0f252f1ea4dfad1206674b9ed7c8791c3
push id11265
push userffxbld-merge
push dateMon, 13 May 2019 10:53:39 +0000
treeherdermozilla-beta@77e0fe8dbdd3 [default view] [failures only]
perfherder[talos] [build metrics] [platform microbench] (compared to previous push)
reviewersjorgk
bugs1543219, 1517057
milestone68.0a1
first release with
nightly linux32
nightly linux64
nightly mac
nightly win32
nightly win64
last release without
nightly linux32
nightly linux64
nightly mac
nightly win32
nightly win64
Bug 1543219 - Allow Mailnews to check protocol flags for cookie permissions. r=jorgk This reinstates nsIProtocolHandler::URI_FORBIDS_COOKIE_ACCESS removed in bug 1517057, Part 1, rev 23a0332b18a1
netwerk/base/nsIProtocolHandler.idl
netwerk/cookie/CookieSettings.cpp
--- a/netwerk/base/nsIProtocolHandler.idl
+++ b/netwerk/base/nsIProtocolHandler.idl
@@ -325,9 +325,15 @@ interface nsIProtocolHandler : nsISuppor
      * The URIs for this protocol can be loaded by extensions.
      */
     const unsigned long URI_LOADABLE_BY_EXTENSIONS = (1 << 21);
 
     /**
      * The URIs for this protocol can not be loaded into private contexts.
      */
     const unsigned long URI_DISALLOW_IN_PRIVATE_CONTEXT = (1 << 22);
+
+    /**
+     * This protocol handler forbids accessing cookies e.g. for mail related
+     * protocols. Only used in Mailnews (comm-central).
+     */
+    const unsigned long URI_FORBIDS_COOKIE_ACCESS = (1 << 23);
 };
--- a/netwerk/cookie/CookieSettings.cpp
+++ b/netwerk/cookie/CookieSettings.cpp
@@ -2,16 +2,19 @@
 /* vim: set ts=8 sts=2 et sw=2 tw=80: */
 /* This Source Code Form is subject to the terms of the Mozilla Public
  * License, v. 2.0. If a copy of the MPL was not distributed with this
  * file, You can obtain one at http://mozilla.org/MPL/2.0/. */
 
 #include "mozilla/net/CookieSettings.h"
 #include "mozilla/Unused.h"
 #include "nsGlobalWindowInner.h"
+#if defined(MOZ_THUNDERBIRD) || defined(MOZ_SUITE)
+#  include "nsIProtocolHandler.h"
+#endif
 #include "nsPermission.h"
 #include "nsPermissionManager.h"
 
 namespace mozilla {
 namespace net {
 
 namespace {
 
@@ -129,18 +132,33 @@ CookieSettings::CookiePermission(nsIPrin
   }
 
   // Let's ask the permission manager.
   nsPermissionManager* pm = nsPermissionManager::GetInstance();
   if (NS_WARN_IF(!pm)) {
     return NS_ERROR_FAILURE;
   }
 
-  rv = pm->TestPermissionFromPrincipal(aPrincipal, NS_LITERAL_CSTRING("cookie"),
-                                       aCookiePermission);
+#if defined(MOZ_THUNDERBIRD) || defined(MOZ_SUITE)
+  // Check if this protocol doesn't allow cookies.
+  bool hasFlags;
+  nsCOMPtr<nsIURI> uri;
+  aPrincipal->GetURI(getter_AddRefs(uri));
+  rv = NS_URIChainHasFlags(uri, nsIProtocolHandler::URI_FORBIDS_COOKIE_ACCESS,
+                           &hasFlags);
+  if (NS_FAILED(rv) || hasFlags) {
+    *aCookiePermission = nsPermissionManager::DENY_ACTION;
+    rv = NS_OK;  // Reset, so it's not caught as a bad status after the `else`.
+  } else         // Note the tricky `else` which controls the call below.
+#endif
+
+    // Note that when compiled for Thunderbird/SeaMonkey, the following
+    // statement is controlled by the `else` in the `#ifdef` block above.
+    rv = pm->TestPermissionFromPrincipal(
+        aPrincipal, NS_LITERAL_CSTRING("cookie"), aCookiePermission);
   if (NS_WARN_IF(NS_FAILED(rv))) {
     return rv;
   }
 
   // Let's store the permission, also if the result is UNKNOWN in order to avoid
   // race conditions.
 
   nsCOMPtr<nsIPermission> permission = nsPermission::Create(