Bug 1646974: Introduce and use isInDevToolsContext flag. r=Honza,dragana a=RyanVM
authorDaisuke Akatsuka <daisuke@birchill.co.jp>
Mon, 29 Jun 2020 09:34:54 +0000
changeset 601888 5304973b102a9f914cf31cc313a40d179dc25d12
parent 601887 9db3d5cb8008c0507e2507da8ff3409fc2e52e91
child 601889 30db13a0b50193ca71c6186b8c27d6b2a7ef85ad
push id13341
push userryanvm@gmail.com
push dateThu, 02 Jul 2020 15:55:10 +0000
treeherdermozilla-beta@a0161364227e [default view] [failures only]
perfherder[talos] [build metrics] [platform microbench] (compared to previous push)
reviewersHonza, dragana, RyanVM
bugs1646974
milestone79.0
Bug 1646974: Introduce and use isInDevToolsContext flag. r=Honza,dragana a=RyanVM Differential Revision: https://phabricator.services.mozilla.com/D80623
devtools/server/actors/network-monitor/network-observer.js
devtools/shared/DevToolsUtils.js
ipc/glue/BackgroundUtils.cpp
netwerk/base/LoadInfo.cpp
netwerk/base/LoadInfo.h
netwerk/base/TRRLoadInfo.cpp
netwerk/base/nsILoadInfo.idl
netwerk/ipc/NeckoChannelParams.ipdlh
--- a/devtools/server/actors/network-monitor/network-observer.js
+++ b/devtools/server/actors/network-monitor/network-observer.js
@@ -85,22 +85,17 @@ function matchRequest(channel, filters) 
   // the flags.testing check. We will move to a better way to serve
   // its needs in bug 1167188, where this check should be removed.
   if (
     !flags.testing &&
     channel.loadInfo &&
     channel.loadInfo.loadingDocument === null &&
     (channel.loadInfo.loadingPrincipal ===
       Services.scriptSecurityManager.getSystemPrincipal() ||
-      // StyleEditor loads stylesheets with not the system principal but the content
-      // principal that same as of the document that loaded the stylesheet in order
-      // to take over the context of Private Browsing etc. Thus, in order to restrict
-      // the networking from StyleEditor, we check the loading policy.
-      channel.loadInfo.internalContentPolicyType ===
-        Ci.nsIContentPolicy.TYPE_INTERNAL_STYLESHEET)
+      channel.loadInfo.isInDevToolsContext)
   ) {
     return false;
   }
 
   if (filters.window) {
     // Since frames support, this.window may not be the top level content
     // frame, so that we can't only compare with win.top.
     let win = NetworkHelper.getWindowForRequest(channel);
--- a/devtools/shared/DevToolsUtils.js
+++ b/devtools/shared/DevToolsUtils.js
@@ -512,16 +512,18 @@ function mainThreadFetch(
     let channel;
     try {
       channel = newChannelForURL(url, aOptions);
     } catch (ex) {
       reject(ex);
       return;
     }
 
+    channel.loadInfo.isInDevToolsContext = true;
+
     // Set the channel options.
     channel.loadFlags = aOptions.loadFromCache
       ? channel.LOAD_FROM_CACHE
       : channel.LOAD_BYPASS_CACHE;
 
     if (aOptions.loadFromCache && channel instanceof Ci.nsICacheInfoChannel) {
       // If DevTools intents to load the content from the cache,
       // we make the LOAD_FROM_CACHE flag preferred over LOAD_BYPASS_CACHE.
--- a/ipc/glue/BackgroundUtils.cpp
+++ b/ipc/glue/BackgroundUtils.cpp
@@ -533,17 +533,17 @@ nsresult LoadInfoToLoadInfoArgs(nsILoadI
       aLoadInfo->GetServiceWorkerTaintingSynthesized(),
       aLoadInfo->GetDocumentHasUserInteracted(),
       aLoadInfo->GetDocumentHasLoaded(),
       aLoadInfo->GetAllowListFutureDocumentsCreatedFromThisRedirectChain(),
       cspNonce, aLoadInfo->GetSkipContentSniffing(),
       aLoadInfo->GetHttpsOnlyStatus(),
       aLoadInfo->GetHasValidUserGestureActivation(),
       aLoadInfo->GetAllowDeprecatedSystemRequests(),
-      aLoadInfo->GetParserCreatedScript(),
+      aLoadInfo->GetIsInDevToolsContext(), aLoadInfo->GetParserCreatedScript(),
       aLoadInfo->GetIsFromProcessingFrameAttributes(), cookieJarSettingsArgs,
       aLoadInfo->GetRequestBlockingReason(), maybeCspToInheritInfo,
       aLoadInfo->GetHasStoragePermission(),
       aLoadInfo->GetLoadingEmbedderPolicy()));
 
   return NS_OK;
 }
 
@@ -762,19 +762,19 @@ nsresult LoadInfoArgsToLoadInfo(
       loadInfoArgs.serviceWorkerTaintingSynthesized(),
       loadInfoArgs.documentHasUserInteracted(),
       loadInfoArgs.documentHasLoaded(),
       loadInfoArgs.allowListFutureDocumentsCreatedFromThisRedirectChain(),
       loadInfoArgs.cspNonce(), loadInfoArgs.skipContentSniffing(),
       loadInfoArgs.httpsOnlyStatus(),
       loadInfoArgs.hasValidUserGestureActivation(),
       loadInfoArgs.allowDeprecatedSystemRequests(),
-      loadInfoArgs.parserCreatedScript(), loadInfoArgs.hasStoragePermission(),
-      loadInfoArgs.requestBlockingReason(), loadingContext,
-      loadInfoArgs.loadingEmbedderPolicy());
+      loadInfoArgs.isInDevToolsContext(), loadInfoArgs.parserCreatedScript(),
+      loadInfoArgs.hasStoragePermission(), loadInfoArgs.requestBlockingReason(),
+      loadingContext, loadInfoArgs.loadingEmbedderPolicy());
 
   if (loadInfoArgs.isFromProcessingFrameAttributes()) {
     loadInfo->SetIsFromProcessingFrameAttributes();
   }
 
   loadInfo.forget(outLoadInfo);
   return NS_OK;
 }
@@ -804,17 +804,17 @@ void LoadInfoToParentLoadInfoForwarder(
   }
 
   *aForwarderArgsOut = ParentLoadInfoForwarderArgs(
       aLoadInfo->GetAllowInsecureRedirectToDataURI(),
       aLoadInfo->GetBypassCORSChecks(), ipcController, tainting,
       aLoadInfo->GetSkipContentSniffing(), aLoadInfo->GetHttpsOnlyStatus(),
       aLoadInfo->GetHasValidUserGestureActivation(),
       aLoadInfo->GetAllowDeprecatedSystemRequests(),
-      aLoadInfo->GetParserCreatedScript(),
+      aLoadInfo->GetIsInDevToolsContext(), aLoadInfo->GetParserCreatedScript(),
       aLoadInfo->GetServiceWorkerTaintingSynthesized(),
       aLoadInfo->GetDocumentHasUserInteracted(),
       aLoadInfo->GetDocumentHasLoaded(),
       aLoadInfo->GetAllowListFutureDocumentsCreatedFromThisRedirectChain(),
       cookieJarSettingsArgs, aLoadInfo->GetRequestBlockingReason(),
       aLoadInfo->GetHasStoragePermission(),
       aLoadInfo->GetIsThirdPartyContextToTopWindow());
 }
@@ -852,16 +852,19 @@ nsresult MergeParentLoadInfoForwarder(
   rv = aLoadInfo->SetHasValidUserGestureActivation(
       aForwarderArgs.hasValidUserGestureActivation());
   NS_ENSURE_SUCCESS(rv, rv);
 
   rv = aLoadInfo->SetAllowDeprecatedSystemRequests(
       aForwarderArgs.allowDeprecatedSystemRequests());
   NS_ENSURE_SUCCESS(rv, rv);
 
+  rv = aLoadInfo->SetIsInDevToolsContext(aForwarderArgs.isInDevToolsContext());
+  NS_ENSURE_SUCCESS(rv, rv);
+
   rv = aLoadInfo->SetParserCreatedScript(aForwarderArgs.parserCreatedScript());
   NS_ENSURE_SUCCESS(rv, rv);
 
   MOZ_ALWAYS_SUCCEEDS(aLoadInfo->SetDocumentHasUserInteracted(
       aForwarderArgs.documentHasUserInteracted()));
   MOZ_ALWAYS_SUCCEEDS(
       aLoadInfo->SetDocumentHasLoaded(aForwarderArgs.documentHasLoaded()));
   MOZ_ALWAYS_SUCCEEDS(
--- a/netwerk/base/LoadInfo.cpp
+++ b/netwerk/base/LoadInfo.cpp
@@ -118,16 +118,17 @@ LoadInfo::LoadInfo(
       mServiceWorkerTaintingSynthesized(false),
       mDocumentHasUserInteracted(false),
       mDocumentHasLoaded(false),
       mAllowListFutureDocumentsCreatedFromThisRedirectChain(false),
       mSkipContentSniffing(false),
       mHttpsOnlyStatus(nsILoadInfo::HTTPS_ONLY_UNINITIALIZED),
       mHasValidUserGestureActivation(false),
       mAllowDeprecatedSystemRequests(false),
+      mIsInDevToolsContext(false),
       mParserCreatedScript(false),
       mHasStoragePermission(false),
       mIsFromProcessingFrameAttributes(false),
       mLoadingEmbedderPolicy(nsILoadInfo::EMBEDDER_POLICY_NULL) {
   MOZ_ASSERT(mLoadingPrincipal);
   MOZ_ASSERT(mTriggeringPrincipal);
 
 #ifdef DEBUG
@@ -401,16 +402,17 @@ LoadInfo::LoadInfo(nsPIDOMWindowOuter* a
       mServiceWorkerTaintingSynthesized(false),
       mDocumentHasUserInteracted(false),
       mDocumentHasLoaded(false),
       mAllowListFutureDocumentsCreatedFromThisRedirectChain(false),
       mSkipContentSniffing(false),
       mHttpsOnlyStatus(nsILoadInfo::HTTPS_ONLY_UNINITIALIZED),
       mHasValidUserGestureActivation(false),
       mAllowDeprecatedSystemRequests(false),
+      mIsInDevToolsContext(false),
       mParserCreatedScript(false),
       mHasStoragePermission(false),
       mIsFromProcessingFrameAttributes(false),
       mLoadingEmbedderPolicy(nsILoadInfo::EMBEDDER_POLICY_NULL) {
   // Top-level loads are never third-party
   // Grab the information we can out of the window.
   MOZ_ASSERT(aOuterWindow);
   MOZ_ASSERT(mTriggeringPrincipal);
@@ -504,16 +506,17 @@ LoadInfo::LoadInfo(dom::CanonicalBrowsin
       mServiceWorkerTaintingSynthesized(false),
       mDocumentHasUserInteracted(false),
       mDocumentHasLoaded(false),
       mAllowListFutureDocumentsCreatedFromThisRedirectChain(false),
       mSkipContentSniffing(false),
       mHttpsOnlyStatus(nsILoadInfo::HTTPS_ONLY_UNINITIALIZED),
       mHasValidUserGestureActivation(false),
       mAllowDeprecatedSystemRequests(false),
+      mIsInDevToolsContext(false),
       mParserCreatedScript(false),
       mHasStoragePermission(false),
       mIsFromProcessingFrameAttributes(false),
       mLoadingEmbedderPolicy(nsILoadInfo::EMBEDDER_POLICY_NULL) {
   // Top-level loads are never third-party
   // Grab the information we can out of the window.
   MOZ_ASSERT(aBrowsingContext);
   MOZ_ASSERT(mTriggeringPrincipal);
@@ -591,16 +594,17 @@ LoadInfo::LoadInfo(dom::WindowGlobalPare
       mLoadTriggeredFromExternal(false),
       mServiceWorkerTaintingSynthesized(false),
       mDocumentHasUserInteracted(false),
       mDocumentHasLoaded(false),
       mAllowListFutureDocumentsCreatedFromThisRedirectChain(false),
       mSkipContentSniffing(false),
       mHttpsOnlyStatus(nsILoadInfo::HTTPS_ONLY_UNINITIALIZED),
       mAllowDeprecatedSystemRequests(false),
+      mIsInDevToolsContext(false),
       mParserCreatedScript(false),
       mHasStoragePermission(false),
       mIsFromProcessingFrameAttributes(false),
       mLoadingEmbedderPolicy(nsILoadInfo::EMBEDDER_POLICY_NULL) {
   CanonicalBrowsingContext* parentBC = aParentWGP->BrowsingContext();
   MOZ_ASSERT(parentBC);
   ComputeAncestors(parentBC, mAncestorPrincipals, mAncestorOuterWindowIDs);
 
@@ -786,16 +790,17 @@ LoadInfo::LoadInfo(const LoadInfo& rhs)
       mDocumentHasLoaded(rhs.mDocumentHasLoaded),
       mAllowListFutureDocumentsCreatedFromThisRedirectChain(
           rhs.mAllowListFutureDocumentsCreatedFromThisRedirectChain),
       mCspNonce(rhs.mCspNonce),
       mSkipContentSniffing(rhs.mSkipContentSniffing),
       mHttpsOnlyStatus(rhs.mHttpsOnlyStatus),
       mHasValidUserGestureActivation(rhs.mHasValidUserGestureActivation),
       mAllowDeprecatedSystemRequests(rhs.mAllowDeprecatedSystemRequests),
+      mIsInDevToolsContext(rhs.mIsInDevToolsContext),
       mParserCreatedScript(rhs.mParserCreatedScript),
       mHasStoragePermission(rhs.mHasStoragePermission),
       mIsFromProcessingFrameAttributes(rhs.mIsFromProcessingFrameAttributes),
       mLoadingEmbedderPolicy(rhs.mLoadingEmbedderPolicy) {}
 
 LoadInfo::LoadInfo(
     nsIPrincipal* aLoadingPrincipal, nsIPrincipal* aTriggeringPrincipal,
     nsIPrincipal* aPrincipalToInherit, nsIPrincipal* aSandboxedLoadingPrincipal,
@@ -827,19 +832,19 @@ LoadInfo::LoadInfo(
     const nsTArray<uint64_t>& aAncestorOuterWindowIDs,
     const nsTArray<nsCString>& aCorsUnsafeHeaders, bool aForcePreflight,
     bool aIsPreflight, bool aLoadTriggeredFromExternal,
     bool aServiceWorkerTaintingSynthesized, bool aDocumentHasUserInteracted,
     bool aDocumentHasLoaded,
     bool aAllowListFutureDocumentsCreatedFromThisRedirectChain,
     const nsAString& aCspNonce, bool aSkipContentSniffing,
     uint32_t aHttpsOnlyStatus, bool aHasValidUserGestureActivation,
-    bool aAllowDeprecatedSystemRequests, bool aParserCreatedScript,
-    bool aHasStoragePermission, uint32_t aRequestBlockingReason,
-    nsINode* aLoadingContext,
+    bool aAllowDeprecatedSystemRequests, bool aIsInDevToolsContext,
+    bool aParserCreatedScript, bool aHasStoragePermission,
+    uint32_t aRequestBlockingReason, nsINode* aLoadingContext,
     nsILoadInfo::CrossOriginEmbedderPolicy aLoadingEmbedderPolicy)
     : mLoadingPrincipal(aLoadingPrincipal),
       mTriggeringPrincipal(aTriggeringPrincipal),
       mPrincipalToInherit(aPrincipalToInherit),
       mTopLevelPrincipal(aTopLevelPrincipal),
       mTopLevelStorageAreaPrincipal(aTopLevelStorageAreaPrincipal),
       mResultPrincipalURI(aResultPrincipalURI),
       mCookieJarSettings(aCookieJarSettings),
@@ -890,16 +895,17 @@ LoadInfo::LoadInfo(
       mDocumentHasLoaded(aDocumentHasLoaded),
       mAllowListFutureDocumentsCreatedFromThisRedirectChain(
           aAllowListFutureDocumentsCreatedFromThisRedirectChain),
       mCspNonce(aCspNonce),
       mSkipContentSniffing(aSkipContentSniffing),
       mHttpsOnlyStatus(aHttpsOnlyStatus),
       mHasValidUserGestureActivation(aHasValidUserGestureActivation),
       mAllowDeprecatedSystemRequests(aAllowDeprecatedSystemRequests),
+      mIsInDevToolsContext(aIsInDevToolsContext),
       mParserCreatedScript(aParserCreatedScript),
       mHasStoragePermission(aHasStoragePermission),
       mIsFromProcessingFrameAttributes(false),
       mLoadingEmbedderPolicy(aLoadingEmbedderPolicy) {
   // Only top level TYPE_DOCUMENT loads can have a null loadingPrincipal
   MOZ_ASSERT(mLoadingPrincipal ||
              aContentPolicyType == nsIContentPolicy::TYPE_DOCUMENT);
   MOZ_ASSERT(mTriggeringPrincipal);
@@ -1803,16 +1809,28 @@ LoadInfo::GetAllowDeprecatedSystemReques
 NS_IMETHODIMP
 LoadInfo::SetAllowDeprecatedSystemRequests(
     bool aAllowDeprecatedSystemRequests) {
   mAllowDeprecatedSystemRequests = aAllowDeprecatedSystemRequests;
   return NS_OK;
 }
 
 NS_IMETHODIMP
+LoadInfo::GetIsInDevToolsContext(bool* aIsInDevToolsContext) {
+  *aIsInDevToolsContext = mIsInDevToolsContext;
+  return NS_OK;
+}
+
+NS_IMETHODIMP
+LoadInfo::SetIsInDevToolsContext(bool aIsInDevToolsContext) {
+  mIsInDevToolsContext = aIsInDevToolsContext;
+  return NS_OK;
+}
+
+NS_IMETHODIMP
 LoadInfo::GetParserCreatedScript(bool* aParserCreatedScript) {
   *aParserCreatedScript = mParserCreatedScript;
   return NS_OK;
 }
 
 NS_IMETHODIMP
 LoadInfo::SetParserCreatedScript(bool aParserCreatedScript) {
   mParserCreatedScript = aParserCreatedScript;
--- a/netwerk/base/LoadInfo.h
+++ b/netwerk/base/LoadInfo.h
@@ -180,19 +180,19 @@ class LoadInfo final : public nsILoadInf
            const nsTArray<uint64_t>& aAncestorOuterWindowIDs,
            const nsTArray<nsCString>& aUnsafeHeaders, bool aForcePreflight,
            bool aIsPreflight, bool aLoadTriggeredFromExternal,
            bool aServiceWorkerTaintingSynthesized,
            bool aDocumentHasUserInteracted, bool aDocumentHasLoaded,
            bool aAllowListFutureDocumentsCreatedFromThisRedirectChain,
            const nsAString& aCspNonce, bool aSkipContentSniffing,
            uint32_t aHttpsOnlyStatus, bool aHasValidUserGestureActivation,
-           bool aAllowDeprecatedSystemRequests, bool aParserCreatedScript,
-           bool aHasStoragePermission, uint32_t aRequestBlockingReason,
-           nsINode* aLoadingContext,
+           bool aAllowDeprecatedSystemRequests, bool aIsDevToolsContext,
+           bool aParserCreatedScript, bool aHasStoragePermission,
+           uint32_t aRequestBlockingReason, nsINode* aLoadingContext,
            nsILoadInfo::CrossOriginEmbedderPolicy aLoadingEmbedderPolicy);
   LoadInfo(const LoadInfo& rhs);
 
   NS_IMETHOD GetRedirects(JSContext* aCx,
                           JS::MutableHandle<JS::Value> aRedirects,
                           const RedirectHistoryArray& aArra);
 
   friend nsresult mozilla::ipc::LoadInfoArgsToLoadInfo(
@@ -283,16 +283,17 @@ class LoadInfo final : public nsILoadInf
   bool mDocumentHasUserInteracted;
   bool mDocumentHasLoaded;
   bool mAllowListFutureDocumentsCreatedFromThisRedirectChain;
   nsString mCspNonce;
   bool mSkipContentSniffing;
   uint32_t mHttpsOnlyStatus;
   bool mHasValidUserGestureActivation;
   bool mAllowDeprecatedSystemRequests;
+  bool mIsInDevToolsContext;
   bool mParserCreatedScript;
   bool mHasStoragePermission;
 
   // Is true if this load was triggered by processing the attributes of the
   // browsing context container.
   // See nsILoadInfo.isFromProcessingFrameAttributes
   bool mIsFromProcessingFrameAttributes;
 
--- a/netwerk/base/TRRLoadInfo.cpp
+++ b/netwerk/base/TRRLoadInfo.cpp
@@ -644,16 +644,26 @@ TRRLoadInfo::GetAllowDeprecatedSystemReq
 
 NS_IMETHODIMP
 TRRLoadInfo::SetAllowDeprecatedSystemRequests(
     bool aAllowDeprecatedSystemRequests) {
   return NS_ERROR_NOT_IMPLEMENTED;
 }
 
 NS_IMETHODIMP
+TRRLoadInfo::GetIsInDevToolsContext(bool* aIsInDevToolsContext) {
+  return NS_ERROR_NOT_IMPLEMENTED;
+}
+
+NS_IMETHODIMP
+TRRLoadInfo::SetIsInDevToolsContext(bool aIsInDevToolsContext) {
+  return NS_ERROR_NOT_IMPLEMENTED;
+}
+
+NS_IMETHODIMP
 TRRLoadInfo::GetParserCreatedScript(bool* aParserCreatedScript) {
   return NS_ERROR_NOT_IMPLEMENTED;
 }
 
 NS_IMETHODIMP
 TRRLoadInfo::SetParserCreatedScript(bool aParserCreatedScript) {
   return NS_ERROR_NOT_IMPLEMENTED;
 }
--- a/netwerk/base/nsILoadInfo.idl
+++ b/netwerk/base/nsILoadInfo.idl
@@ -473,16 +473,21 @@ interface nsILoadInfo : nsISupports
 
   /**
    * Only ever returns true if the loadinfo is of TYPE_SCRIPT and
    * the script was created by the HTML parser.
    */
   [infallible] attribute boolean parserCreatedScript;
 
   /**
+   * True if this request is from DevTools.
+   */
+  [infallible] attribute boolean isInDevToolsContext;
+
+  /**
    * True if this request is embedded in a context that can't be third-party
    * (i.e. an iframe embedded in a cross-origin parent window). If this is
    * false, then this request may be third-party if it's a third-party to
    * loadingPrincipal.
    */
   [infallible] readonly attribute boolean isInThirdPartyContext;
 
   /**
@@ -1327,13 +1332,13 @@ interface nsILoadInfo : nsISupports
     EMBEDDER_POLICY_REQUIRE_CORP = 1,
   };
 
   /**
    * This attribute is the loading context's cross origin embedder policy.
    * The value is initialized with corresponding WindowContext which get by
    * innerWindowIID in the nsILoadInfo.
    * It also could be set by workers when fetch is called under
-   * the workers' scope. 
+   * the workers' scope.
    */
   [infallible] attribute nsILoadInfo_CrossOriginEmbedderPolicy
         loadingEmbedderPolicy;
 };
--- a/netwerk/ipc/NeckoChannelParams.ipdlh
+++ b/netwerk/ipc/NeckoChannelParams.ipdlh
@@ -141,16 +141,17 @@ struct LoadInfoArgs
   bool                        documentHasUserInteracted;
   bool                        documentHasLoaded;
   bool allowListFutureDocumentsCreatedFromThisRedirectChain;
   nsString                    cspNonce;
   bool                        skipContentSniffing;
   uint32_t                    httpsOnlyStatus;
   bool                        hasValidUserGestureActivation;
   bool                        allowDeprecatedSystemRequests;
+  bool                        isInDevToolsContext;
   bool                        parserCreatedScript;
   bool                        isFromProcessingFrameAttributes;
   CookieJarSettingsArgs       cookieJarSettings;
   uint32_t                    requestBlockingReason;
   CSPInfo?                    cspToInheritInfo;
   bool                        hasStoragePermission;
   CrossOriginEmbedderPolicy   loadingEmbedderPolicy;
 };
@@ -195,16 +196,18 @@ struct ParentLoadInfoForwarderArgs
   // in the context of Sec-Fetch-User.)
   bool hasValidUserGestureActivation;
 
   // The SystemPrincipal is disallowed to make requests to the public web
   // and all requests will be cancelled. Setting this flag to true prevents
   // the request from being cancelled.
   bool allowDeprecatedSystemRequests;
 
+  bool isInDevToolsContext;
+
   // Only ever returns true if the loadinfo is of TYPE_SCRIPT and
   // the script was created by the HTML parser.
   bool parserCreatedScript;
 
   // We must also note that the tainting value was explicitly set
   // by the service worker.
   bool serviceWorkerTaintingSynthesized;