Bug 1535697 - Part 1: Avoid calling AntiTrackingCommon::IsFirstPartyStorageAccessGrantedFor() more than once per channel; r=michal
authorEhsan Akhgari <ehsan@mozilla.com>
Mon, 29 Apr 2019 17:09:32 +0000
changeset 530585 47c353bd446dc5ae4e4a642879e7eb46c3bd5e21
parent 530584 c0101502b8b76ad563a3e84b5df203586394f64d
child 530586 6b122a9ce1a47a7a4084ca0bd4f3d003a6360b11
push id11265
push userffxbld-merge
push dateMon, 13 May 2019 10:53:39 +0000
treeherdermozilla-beta@77e0fe8dbdd3 [default view] [failures only]
perfherder[talos] [build metrics] [platform microbench] (compared to previous push)
reviewersmichal
bugs1535697
milestone68.0a1
first release with
nightly linux32
nightly linux64
nightly mac
nightly win32
nightly win64
last release without
nightly linux32
nightly linux64
nightly mac
nightly win32
nightly win64
Bug 1535697 - Part 1: Avoid calling AntiTrackingCommon::IsFirstPartyStorageAccessGrantedFor() more than once per channel; r=michal Differential Revision: https://phabricator.services.mozilla.com/D28371
netwerk/protocol/http/nsHttpChannel.cpp
netwerk/protocol/http/nsHttpChannel.h
--- a/netwerk/protocol/http/nsHttpChannel.cpp
+++ b/netwerk/protocol/http/nsHttpChannel.cpp
@@ -329,16 +329,18 @@ nsHttpChannel::nsHttpChannel()
       mHasAutoRedirectVetoNotifier(0),
       mPinCacheContent(0),
       mIsCorsPreflightDone(0),
       mStronglyFramed(false),
       mUsedNetwork(0),
       mAuthConnectionRestartable(0),
       mChannelClassifierCancellationPending(0),
       mAsyncResumePending(0),
+      mHasBeenIsolatedChecked(0),
+      mIsIsolated(0),
       mPushedStream(nullptr),
       mLocalBlocklist(false),
       mOnTailUnblock(nullptr),
       mWarningReporter(nullptr),
       mIsReadingFromCache(false),
       mFirstResponseSource(RESPONSE_PENDING),
       mRaceCacheWithNetwork(false),
       mRaceDelay(0),
@@ -620,19 +622,17 @@ nsresult nsHttpChannel::ContinueOnBefore
   if (mTRR) {
     mCaps |= NS_HTTP_LARGE_KEEPALIVE | NS_HTTP_DISABLE_TRR;
   }
 
   if (mLoadFlags & LOAD_DISABLE_TRR) {
     mCaps |= NS_HTTP_DISABLE_TRR;
   }
 
-  bool isIsolated = mPrivateBrowsing ||
-                    !AntiTrackingCommon::IsFirstPartyStorageAccessGrantedFor(
-                        this, mURI, nullptr);
+  bool isIsolated = mPrivateBrowsing || IsIsolated();
 
   // Finalize ConnectionInfo flags before SpeculativeConnect
   mConnectionInfo->SetAnonymous((mLoadFlags & LOAD_ANONYMOUS) != 0);
   mConnectionInfo->SetPrivate(isIsolated);
   mConnectionInfo->SetNoSpdy(mCaps & NS_HTTP_DISALLOW_SPDY);
   mConnectionInfo->SetBeConservative((mCaps & NS_HTTP_BE_CONSERVATIVE) ||
                                      mBeConservative);
   mConnectionInfo->SetTlsFlags(mTlsFlags);
@@ -3890,16 +3890,26 @@ nsresult nsHttpChannel::OpenCacheEntry(b
     if (appCacheContainer) {
       appCacheContainer->GetApplicationCache(getter_AddRefs(mApplicationCache));
     }
   }
 
   return OpenCacheEntryInternal(isHttps, mApplicationCache, true);
 }
 
+bool nsHttpChannel::IsIsolated() {
+  if (mHasBeenIsolatedChecked) {
+    return mIsIsolated;
+  }
+  mIsIsolated = !AntiTrackingCommon::IsFirstPartyStorageAccessGrantedFor(
+      this, mURI, nullptr);
+  mHasBeenIsolatedChecked = true;
+  return mIsIsolated;
+}
+
 nsresult nsHttpChannel::OpenCacheEntryInternal(
     bool isHttps, nsIApplicationCache *applicationCache,
     bool allowApplicationCache) {
   MOZ_ASSERT_IF(!allowApplicationCache, !applicationCache);
 
   nsresult rv;
 
   if (mResuming) {
@@ -4009,19 +4019,17 @@ nsresult nsHttpChannel::OpenCacheEntryIn
 
   if (mPostID) {
     extension.Append(nsPrintfCString("%d", mPostID));
   }
   if (mTRR) {
     extension.Append("TRR");
   }
 
-  if (IsThirdPartyTrackingResource() &&
-      !AntiTrackingCommon::IsFirstPartyStorageAccessGrantedFor(this, mURI,
-                                                               nullptr)) {
+  if (IsThirdPartyTrackingResource() && IsIsolated()) {
     nsCOMPtr<nsIURI> topWindowURI;
     rv = GetTopWindowURI(getter_AddRefs(topWindowURI));
     bool isDocument = false;
     if (NS_FAILED(rv) && NS_SUCCEEDED(GetIsMainDocumentChannel(&isDocument)) &&
         isDocument) {
       // For top-level documents, use the document channel's origin to compute
       // the unique storage space identifier instead of the top Window URI.
       rv = NS_GetFinalChannelURI(this, getter_AddRefs(topWindowURI));
--- a/netwerk/protocol/http/nsHttpChannel.h
+++ b/netwerk/protocol/http/nsHttpChannel.h
@@ -541,16 +541,18 @@ class nsHttpChannel final : public HttpB
 
   void MaybeWarnAboutAppCache();
 
   void SetLoadGroupUserAgentOverride();
 
   void SetOriginHeader();
   void SetDoNotTrack();
 
+  bool IsIsolated();
+
   already_AddRefed<nsChannelClassifier> GetOrCreateChannelClassifier();
 
   // Start an internal redirect to a new InterceptedHttpChannel which will
   // resolve in firing a ServiceWorker FetchEvent.
   MOZ_MUST_USE nsresult RedirectToInterceptedChannel();
 
   // Determines and sets content type in the cache entry. It's called when
   // writing a new entry. The content type is used in cache internally only.
@@ -713,16 +715,24 @@ class nsHttpChannel final : public HttpB
   // to the safe-browsing classifier rules, but the asynchronous cancellation
   // process hasn't finished yet.
   uint32_t mChannelClassifierCancellationPending : 1;
 
   // True only when we are between Resume and async fire of mCallOnResume.
   // Used to suspend any newly created pumps in mCallOnResume handler.
   uint32_t mAsyncResumePending : 1;
 
+  // True only when we have checked whether this channel has been isolated for
+  // anti-tracking purposes.
+  uint32_t mHasBeenIsolatedChecked : 1;
+  // True only when we have determined this channel should be isolated for
+  // anti-tracking purposes.  Can never ben true unless mHasBeenIsolatedChecked
+  // is true.
+  uint32_t mIsIsolated : 1;
+
   nsTArray<nsContinueRedirectionFunc> mRedirectFuncStack;
 
   // Needed for accurate DNS timing
   RefPtr<nsDNSPrefetch> mDNSPrefetch;
 
   Http2PushedStream *mPushedStream;
   // True if the channel's principal was found on a phishing, malware, or
   // tracking (if tracking protection is enabled) blocklist