Bug 1493682 - Part 1: Introduce two new prefs for controlling whether the content blocking allow list would be honoured r=baku a=pascalc
☠☠ backed out by 79125b42f1be ☠ ☠
authorEhsan Akhgari <ehsan@mozilla.com>
Tue, 25 Sep 2018 05:40:12 +0000
changeset 490079 26775fc457272e9ad5320b70f590b8f96b6929af
parent 490078 ae17f86c72f9c2eefd08a5d90e5641dd36bd557e
child 490080 bf1fb942d5ccc1588a7053429c86e15d20ba930e
push id9898
push usereakhgari@mozilla.com
push dateThu, 27 Sep 2018 02:59:46 +0000
treeherdermozilla-beta@41b9ef81d9fa [default view] [failures only]
perfherder[talos] [build metrics] [platform microbench] (compared to previous push)
reviewersbaku, pascalc
bugs1493682
milestone63.0
Bug 1493682 - Part 1: Introduce two new prefs for controlling whether the content blocking allow list would be honoured r=baku a=pascalc Differential Revision: https://phabricator.services.mozilla.com/D6747
browser/app/profile/firefox.js
modules/libpref/init/ContentBlockingDefaultPrefValues.h
modules/libpref/init/StaticPrefList.h
modules/libpref/moz.build
netwerk/base/nsChannelClassifier.cpp
toolkit/components/antitracking/AntiTrackingCommon.cpp
toolkit/components/antitracking/AntiTrackingCommon.h
toolkit/components/antitracking/test/browser/browser_backgroundImageAssertion.js
toolkit/components/antitracking/test/browser/browser_existingCookiesForSubresources.js
toolkit/components/antitracking/test/browser/browser_onBeforeRequestNotificationForTrackingResources.js
toolkit/components/antitracking/test/browser/browser_onModifyRequestNotificationForTrackingResources.js
toolkit/components/antitracking/test/browser/browser_script.js
toolkit/components/antitracking/test/browser/browser_subResources.js
toolkit/components/antitracking/test/browser/head.js
--- a/browser/app/profile/firefox.js
+++ b/browser/app/profile/firefox.js
@@ -1489,23 +1489,26 @@ pref("toolkit.telemetry.hybridContent.en
 pref("browser.ping-centre.telemetry", true);
 pref("browser.ping-centre.log", false);
 pref("browser.ping-centre.staging.endpoint", "https://onyx_tiles.stage.mozaws.net/v3/links/ping-centre");
 pref("browser.ping-centre.production.endpoint", "https://tiles.services.mozilla.com/v3/links/ping-centre");
 
 // Enable GMP support in the addon manager.
 pref("media.gmp-provider.enabled", true);
 
+pref("browser.contentblocking.allowlist.storage.enabled", true);
+
 pref("browser.contentblocking.global-toggle.enabled", true);
 
 // Define a set of default features for the Content Blocking UI
 pref("browser.contentblocking.fastblock.ui.enabled", true);
 pref("browser.contentblocking.fastblock.control-center.ui.enabled", true);
 pref("browser.contentblocking.trackingprotection.ui.enabled", true);
 pref("browser.contentblocking.trackingprotection.control-center.ui.enabled", true);
+pref("browser.contentblocking.rejecttrackers.ui.enabled", true);
 pref("browser.contentblocking.rejecttrackers.ui.recommended", true);
 pref("browser.contentblocking.rejecttrackers.control-center.ui.enabled", true);
 pref("browser.contentblocking.cookies-site-data.ui.reject-trackers.recommended", true);
 pref("browser.contentblocking.cookies-site-data.ui.reject-trackers.enabled", true);
 
 // Enable the Report Breakage UI on Nightly and Beta but not on Release yet.
 #ifdef EARLY_BETA_OR_EARLIER
 pref("browser.contentblocking.reportBreakage.enabled", true);
deleted file mode 100644
--- a/modules/libpref/init/ContentBlockingDefaultPrefValues.h
+++ /dev/null
@@ -1,22 +0,0 @@
-/* -*- Mode: C++; tab-width: 8; indent-tabs-mode: nil; c-basic-offset: 2 -*- */
-/* vim: set ts=8 sts=2 et sw=2 tw=80: */
-/* This Source Code Form is subject to the terms of the Mozilla Public
- * License, v. 2.0. If a copy of the MPL was not distributed with this
- * file, You can obtain one at http://mozilla.org/MPL/2.0/. */
-
-// Default value of browser.contentblocking.enabled.
-// Please note that privacy protections provided by Gecko may depend on this preference.
-// Turning this off may disable some protections.  Please do not turn this pref off without
-// realizing the implications of what you're doing.
-#define CONTENTBLOCKING_ENABLED true
-
-// Default value of browser.contentblocking.ui.enabled.
-// Enable the new Content Blocking UI only on Nightly.
-#ifdef NIGHTLY_BUILD
-# define CONTENTBLOCKING_UI_ENABLED true
-#else
-# define CONTENTBLOCKING_UI_ENABLED false
-#endif
-
-// Default value of browser.contentblocking.rejecttrackers.ui.enabled.
-#define CONTENTBLOCKING_REJECTTRACKERS_UI_ENABLED true
--- a/modules/libpref/init/StaticPrefList.h
+++ b/modules/libpref/init/StaticPrefList.h
@@ -1271,42 +1271,48 @@ VARCACHE_PREF(
 //---------------------------------------------------------------------------
 
 PREF("preferences.allow.omt-write", bool, true)
 
 //---------------------------------------------------------------------------
 // Privacy prefs
 //---------------------------------------------------------------------------
 
-#include "ContentBlockingDefaultPrefValues.h"
-
 // Whether Content Blocking has been enabled.
 VARCACHE_PREF(
   "browser.contentblocking.enabled",
    browser_contentblocking_enabled,
-  bool, CONTENTBLOCKING_ENABLED
+  bool, true
 )
 
+#ifdef NIGHTLY_BUILD
+# define PREF_VALUE true
+#else
+# define PREF_VALUE false
+#endif
 // Whether Content Blocking UI has been enabled.
 VARCACHE_PREF(
   "browser.contentblocking.ui.enabled",
    browser_contentblocking_ui_enabled,
-  bool, CONTENTBLOCKING_UI_ENABLED
+  bool, PREF_VALUE
 )
+#undef PREF_VALUE
 
 // Whether Content Blocking Third-Party Cookies UI has been enabled.
 VARCACHE_PREF(
-  "browser.contentblocking.rejecttrackers.ui.enabled",
-   browser_contentblocking_rejecttrackers_ui_enabled,
-  bool, CONTENTBLOCKING_REJECTTRACKERS_UI_ENABLED
+  "browser.contentblocking.allowlist.storage.enabled",
+   browser_contentblocking_allowlist_storage_enabled,
+  bool, false
 )
 
-#undef CONTENTBLOCKING_ENABLED
-#undef CONTENTBLOCKING_UI_ENABLED
-#undef CONTENTBLOCKING_REJECTTRACKERS_UI_ENABLED
+VARCACHE_PREF(
+  "browser.contentblocking.allowlist.annotations.enabled",
+   browser_contentblocking_allowlist_annotations_enabled,
+  bool, true
+)
 
 // Whether FastBlock has been enabled.
 VARCACHE_PREF(
   "browser.fastblock.enabled",
   browser_fastblock_enabled,
   bool, false
 )
 
--- a/modules/libpref/moz.build
+++ b/modules/libpref/moz.build
@@ -20,17 +20,16 @@ XPIDL_SOURCES += [
     'nsIPrefLocalizedString.idl',
     'nsIPrefService.idl',
     'nsIRelativeFilePref.idl',
 ]
 
 XPIDL_MODULE = 'pref'
 
 EXPORTS.mozilla += [
-    'init/ContentBlockingDefaultPrefValues.h',
     'init/StaticPrefList.h',
     'nsRelativeFilePref.h',
     'Preferences.h',
     'StaticPrefs.h',
 ]
 
 UNIFIED_SOURCES += [
     'Preferences.cpp',
--- a/netwerk/base/nsChannelClassifier.cpp
+++ b/netwerk/base/nsChannelClassifier.cpp
@@ -512,17 +512,21 @@ nsChannelClassifier::ShouldEnableTrackin
 
     if (!topWinURI && CachedPrefs::GetInstance()->IsAllowListExample()) {
       LOG(("nsChannelClassifier[%p]: Allowlisting test domain\n", this));
       rv = ios->NewURI(NS_LITERAL_CSTRING("http://allowlisted.example.com"),
                        nullptr, nullptr, getter_AddRefs(topWinURI));
       NS_ENSURE_SUCCESS(rv, rv);
     }
 
-    rv = AntiTrackingCommon::IsOnContentBlockingAllowList(topWinURI, mIsAllowListed);
+    rv = AntiTrackingCommon::IsOnContentBlockingAllowList(topWinURI,
+                                                          aAnnotationsOnly ?
+                                                            AntiTrackingCommon::eTrackingAnnotations :
+                                                            AntiTrackingCommon::eTrackingProtection,
+                                                          mIsAllowListed);
     if (NS_FAILED(rv)) {
       return rv; // normal for some loads, no need to print a warning
     }
 
     if (mIsAllowListed) {
       *result = false;
       if (LOG_ENABLED()) {
         nsCString chanSpec = chanURI->GetSpecOrDefault();
--- a/toolkit/components/antitracking/AntiTrackingCommon.cpp
+++ b/toolkit/components/antitracking/AntiTrackingCommon.cpp
@@ -139,17 +139,19 @@ CookiesBehavior(nsIPrincipal* aPrincipal
   return StaticPrefs::network_cookie_cookieBehavior();
 }
 
 bool
 CheckContentBlockingAllowList(nsIURI* aTopWinURI)
 {
   bool isAllowed = false;
   nsresult rv =
-    AntiTrackingCommon::IsOnContentBlockingAllowList(aTopWinURI, isAllowed);
+    AntiTrackingCommon::IsOnContentBlockingAllowList(aTopWinURI,
+                                                     AntiTrackingCommon::eStorageChecks,
+                                                     isAllowed);
   if (NS_SUCCEEDED(rv) && isAllowed) {
     LOG_SPEC(("The top-level window (%s) is on the content blocking allow list, "
               "bail out early", _spec), aTopWinURI);
     return true;
   }
   if (NS_FAILED(rv)) {
     LOG_SPEC(("Checking the content blocking allow list for %s failed with %" PRIx32,
               _spec, static_cast<uint32_t>(rv)), aTopWinURI);
@@ -253,28 +255,18 @@ ReportBlockingToConsole(nsPIDOMWindowOut
                                   message,
                                   params, ArrayLength(params));
 }
 } // anonymous
 
 /* static */ bool
 AntiTrackingCommon::ShouldHonorContentBlockingCookieRestrictions()
 {
-#include "mozilla/ContentBlockingDefaultPrefValues.h"
-
-  return StaticPrefs::browser_contentblocking_enabled() ==
-           CONTENTBLOCKING_ENABLED &&
-         StaticPrefs::browser_contentblocking_ui_enabled() ==
-           CONTENTBLOCKING_UI_ENABLED &&
-         StaticPrefs::browser_contentblocking_rejecttrackers_ui_enabled() ==
-           CONTENTBLOCKING_REJECTTRACKERS_UI_ENABLED;
-
-#undef CONTENTBLOCKING_ENABLED
-#undef CONTENTBLOCKING_UI_ENABLED
-#undef CONTENTBLOCKING_REJECTTRACKERS_UI_ENABLED
+  return StaticPrefs::browser_contentblocking_enabled() &&
+         StaticPrefs::browser_contentblocking_ui_enabled();
 }
 
 /* static */ RefPtr<AntiTrackingCommon::StorageAccessGrantPromise>
 AntiTrackingCommon::AddFirstPartyStorageAccessGrantedFor(const nsAString& aOrigin,
                                                          nsPIDOMWindowInner* aParentWindow)
 {
   MOZ_ASSERT(aParentWindow);
 
@@ -903,20 +895,33 @@ AntiTrackingCommon::MaybeIsFirstPartySto
             result == nsIPermissionManager::ALLOW_ACTION ?
               "success" : "failure"), parentPrincipalURI);
 
   return result == nsIPermissionManager::ALLOW_ACTION;
 }
 
 nsresult
 AntiTrackingCommon::IsOnContentBlockingAllowList(nsIURI* aTopWinURI,
-                                                 bool& aIsAllowListed)
+  AntiTrackingCommon::ContentBlockingAllowListPurpose aPurpose,
+  bool& aIsAllowListed)
 {
   aIsAllowListed = false;
 
+  // For storage checks, check the storage pref, and for annotations checks,
+  // check the corresponding pref as well.  This allows each set of checks to
+  // be disabled individually if needed.
+  if ((aPurpose == eStorageChecks &&
+       !StaticPrefs::browser_contentblocking_allowlist_storage_enabled()) ||
+      (aPurpose == eTrackingAnnotations &&
+       !StaticPrefs::browser_contentblocking_allowlist_annotations_enabled())) {
+    LOG(("Attempting to check the content blocking allow list aborted because "
+         "the third-party cookies UI has been disabled."));
+    return NS_OK;
+  }
+
   LOG_SPEC(("Deciding whether the user has overridden content blocking for %s",
             _spec), aTopWinURI);
 
   nsCOMPtr<nsIIOService> ios = services::GetIOService();
   NS_ENSURE_TRUE(ios, NS_ERROR_FAILURE);
 
   // Take the host/port portion so we can allowlist by site. Also ignore the
   // scheme, since users who put sites on the allowlist probably don't expect
--- a/toolkit/components/antitracking/AntiTrackingCommon.h
+++ b/toolkit/components/antitracking/AntiTrackingCommon.h
@@ -103,20 +103,27 @@ public:
 
   // For IPC only.
   static void
   SaveFirstPartyStorageAccessGrantedForOriginOnParentProcess(nsIPrincipal* aPrincipal,
                                                              const nsCString& aParentOrigin,
                                                              const nsCString& aGrantedOrigin,
                                                              FirstPartyStorageAccessGrantedForOriginResolver&& aResolver);
 
+  enum ContentBlockingAllowListPurpose {
+    eStorageChecks,
+    eTrackingProtection,
+    eTrackingAnnotations,
+  };
 
   // Check whether a top window URI is on the content blocking allow list.
   static nsresult
-  IsOnContentBlockingAllowList(nsIURI* aTopWinURI, bool& aIsAllowListed);
+  IsOnContentBlockingAllowList(nsIURI* aTopWinURI,
+                               ContentBlockingAllowListPurpose aPurpose,
+                               bool& aIsAllowListed);
 
   // This method can be called on the parent process or on the content process.
   // The notification is propagated to the child channel if aChannel is a parent
   // channel proxy.
   //
   // aRejectedReason must be one of these values:
   //  * nsIWebProgressListener::STATE_COOKIES_BLOCKED_BY_PERMISSION
   //  * nsIWebProgressListener::STATE_COOKIES_BLOCKED_TRACKER
--- a/toolkit/components/antitracking/test/browser/browser_backgroundImageAssertion.js
+++ b/toolkit/components/antitracking/test/browser/browser_backgroundImageAssertion.js
@@ -1,18 +1,19 @@
 ChromeUtils.import("resource://gre/modules/Services.jsm");
 
 add_task(async function() {
   info("Starting subResources test");
 
   await SpecialPowers.flushPrefEnv();
   await SpecialPowers.pushPrefEnv({"set": [
+    ["browser.contentblocking.allowlist.annotations.enabled", true],
+    ["browser.contentblocking.allowlist.storage.enabled", true],
     ["browser.contentblocking.enabled", true],
     ["browser.contentblocking.ui.enabled", true],
-    ["browser.contentblocking.ui.rejecttrackers.enabled", true],
     ["network.cookie.cookieBehavior", Ci.nsICookieService.BEHAVIOR_REJECT_TRACKER],
     ["privacy.trackingprotection.enabled", false],
     ["privacy.trackingprotection.pbmode.enabled", false],
     ["privacy.trackingprotection.annotate_channels", true],
   ]});
 
   await UrlClassifierTestUtils.addTestTrackers();
 
--- a/toolkit/components/antitracking/test/browser/browser_existingCookiesForSubresources.js
+++ b/toolkit/components/antitracking/test/browser/browser_existingCookiesForSubresources.js
@@ -68,19 +68,20 @@ add_task(async function() {
 
   info("Removing the tab");
   BrowserTestUtils.removeTab(tab);
 
   Services.perms.removeAll();
 
   // Now set up our prefs
   await SpecialPowers.pushPrefEnv({"set": [
+    ["browser.contentblocking.allowlist.annotations.enabled", true],
+    ["browser.contentblocking.allowlist.storage.enabled", true],
     ["browser.contentblocking.enabled", true],
     ["browser.contentblocking.ui.enabled", true],
-    ["browser.contentblocking.rejecttrackers.ui.enabled", true],
     ["network.cookie.cookieBehavior", Ci.nsICookieService.BEHAVIOR_REJECT_TRACKER],
   ]});
 
   info("Creating a new tab");
   tab = BrowserTestUtils.addTab(gBrowser, TEST_TOP_PAGE);
   gBrowser.selectedTab = tab;
 
   browser = gBrowser.getBrowserForTab(tab);
--- a/toolkit/components/antitracking/test/browser/browser_onBeforeRequestNotificationForTrackingResources.js
+++ b/toolkit/components/antitracking/test/browser/browser_onBeforeRequestNotificationForTrackingResources.js
@@ -47,19 +47,20 @@ add_task(async function() {
   await extension.awaitMessage("ready");
 });
 
 add_task(async function() {
   info("Starting subResources test");
 
   await SpecialPowers.flushPrefEnv();
   await SpecialPowers.pushPrefEnv({"set": [
+    ["browser.contentblocking.allowlist.annotations.enabled", true],
+    ["browser.contentblocking.allowlist.storage.enabled", true],
     ["browser.contentblocking.enabled", true],
     ["browser.contentblocking.ui.enabled", true],
-    ["browser.contentblocking.rejecttrackers.ui.enabled", true],
     ["privacy.trackingprotection.enabled", true],
     // the test doesn't open a private window, so we don't care about this pref's value
     ["privacy.trackingprotection.pbmode.enabled", false],
     // tracking annotations aren't needed in this test, only TP is needed
     ["privacy.trackingprotection.annotate_channels", false],
     // prevent the content blocking on-boarding UI to start mid-way through the test!
     [ContentBlocking.prefIntroCount, ContentBlocking.MAX_INTROS],
   ]});
--- a/toolkit/components/antitracking/test/browser/browser_onModifyRequestNotificationForTrackingResources.js
+++ b/toolkit/components/antitracking/test/browser/browser_onModifyRequestNotificationForTrackingResources.js
@@ -42,19 +42,20 @@ async function onModifyRequest() {
   });
 }
 
 add_task(async function() {
   info("Starting subResources test");
 
   await SpecialPowers.flushPrefEnv();
   await SpecialPowers.pushPrefEnv({"set": [
+    ["browser.contentblocking.allowlist.annotations.enabled", true],
+    ["browser.contentblocking.allowlist.storage.enabled", true],
     ["browser.contentblocking.enabled", true],
     ["browser.contentblocking.ui.enabled", true],
-    ["browser.contentblocking.rejecttrackers.ui.enabled", true],
     ["privacy.trackingprotection.enabled", true],
     // the test doesn't open a private window, so we don't care about this pref's value
     ["privacy.trackingprotection.pbmode.enabled", false],
     // tracking annotations aren't needed in this test, only TP is needed
     ["privacy.trackingprotection.annotate_channels", false],
     // prevent the content blocking on-boarding UI to start mid-way through the test!
     [ContentBlocking.prefIntroCount, ContentBlocking.MAX_INTROS],
   ]});
--- a/toolkit/components/antitracking/test/browser/browser_script.js
+++ b/toolkit/components/antitracking/test/browser/browser_script.js
@@ -1,18 +1,19 @@
 ChromeUtils.import("resource://gre/modules/Services.jsm");
 
 add_task(async function() {
   info("Starting subResources test");
 
   await SpecialPowers.flushPrefEnv();
   await SpecialPowers.pushPrefEnv({"set": [
+    ["browser.contentblocking.allowlist.annotations.enabled", true],
+    ["browser.contentblocking.allowlist.storage.enabled", true],
     ["browser.contentblocking.enabled", true],
     ["browser.contentblocking.ui.enabled", true],
-    ["browser.contentblocking.rejecttrackers.ui.enabled", true],
     ["network.cookie.cookieBehavior", Ci.nsICookieService.BEHAVIOR_REJECT_TRACKER],
     ["privacy.trackingprotection.enabled", false],
     ["privacy.trackingprotection.pbmode.enabled", false],
     ["privacy.trackingprotection.annotate_channels", true],
   ]});
 
   await UrlClassifierTestUtils.addTestTrackers();
 
--- a/toolkit/components/antitracking/test/browser/browser_subResources.js
+++ b/toolkit/components/antitracking/test/browser/browser_subResources.js
@@ -1,18 +1,19 @@
 ChromeUtils.import("resource://gre/modules/Services.jsm");
 
 add_task(async function() {
   info("Starting subResources test");
 
   await SpecialPowers.flushPrefEnv();
   await SpecialPowers.pushPrefEnv({"set": [
+    ["browser.contentblocking.allowlist.annotations.enabled", true],
+    ["browser.contentblocking.allowlist.storage.enabled", true],
     ["browser.contentblocking.enabled", true],
     ["browser.contentblocking.ui.enabled", true],
-    ["browser.contentblocking.rejecttrackers.ui.enabled", true],
     ["network.cookie.cookieBehavior", Ci.nsICookieService.BEHAVIOR_REJECT_TRACKER],
     ["privacy.trackingprotection.enabled", false],
     ["privacy.trackingprotection.pbmode.enabled", false],
     ["privacy.trackingprotection.annotate_channels", true],
   ]});
 
   await UrlClassifierTestUtils.addTestTrackers();
 
--- a/toolkit/components/antitracking/test/browser/head.js
+++ b/toolkit/components/antitracking/test/browser/head.js
@@ -372,19 +372,20 @@ this.AntiTracking = {
     }
   },
 
   async _setupTest(win, cookieBehavior, blockingByContentBlocking,
                    blockingByContentBlockingUI, blockingByContentBlockingRTUI,
                    extraPrefs) {
     await SpecialPowers.flushPrefEnv();
     await SpecialPowers.pushPrefEnv({"set": [
+      ["browser.contentblocking.allowlist.annotations.enabled", blockingByContentBlockingRTUI],
+      ["browser.contentblocking.allowlist.storage.enabled", blockingByContentBlockingRTUI],
       ["browser.contentblocking.enabled", blockingByContentBlocking],
       ["browser.contentblocking.ui.enabled", blockingByContentBlockingUI],
-      ["browser.contentblocking.rejecttrackers.ui.enabled", blockingByContentBlockingRTUI],
       ["network.cookie.cookieBehavior", cookieBehavior],
       ["privacy.trackingprotection.enabled", false],
       ["privacy.trackingprotection.pbmode.enabled", false],
       ["privacy.trackingprotection.annotate_channels", cookieBehavior != BEHAVIOR_ACCEPT],
       [win.ContentBlocking.prefIntroCount, win.ContentBlocking.MAX_INTROS],
     ]});
 
     if (extraPrefs && Array.isArray(extraPrefs) && extraPrefs.length) {