Bug 1541423 Fennec is remembering site permissions in private mode r=johannh
authorAndrei Lazar <andrei.a.lazar@softvision.ro>
Tue, 14 May 2019 10:43:01 +0000
changeset 532582 6b61e5d68fc6495cf84517b4c10d21595634ab25
parent 532581 66cff9aa39bcbf1b39aaf21c6759d1c97ad2fe1b
child 532583 f5d5fc68b739aa886368e844eb461a9947503890
push id11270
push userrgurzau@mozilla.com
push dateWed, 15 May 2019 15:07:19 +0000
treeherdermozilla-beta@571bc76da583 [default view] [failures only]
perfherder[talos] [build metrics] [platform microbench] (compared to previous push)
reviewersjohannh
bugs1541423
milestone68.0a1
first release with
nightly linux32
nightly linux64
nightly mac
nightly win32
nightly win64
last release without
nightly linux32
nightly linux64
nightly mac
nightly win32
nightly win64
Bug 1541423 Fennec is remembering site permissions in private mode r=johannh Now checking for private mode in order to ignore any permissions that had been set in previous sessions. Differential Revision: https://phabricator.services.mozilla.com/D26702
mobile/android/components/ContentPermissionPrompt.js
--- a/mobile/android/components/ContentPermissionPrompt.js
+++ b/mobile/android/components/ContentPermissionPrompt.js
@@ -6,16 +6,19 @@ const {Services} = ChromeUtils.import("r
 const {XPCOMUtils} = ChromeUtils.import("resource://gre/modules/XPCOMUtils.jsm");
 
 ChromeUtils.defineModuleGetter(this, "RuntimePermissions",
                                "resource://gre/modules/RuntimePermissions.jsm");
 
 ChromeUtils.defineModuleGetter(this, "DoorHanger",
                                "resource://gre/modules/Prompt.jsm");
 
+ChromeUtils.defineModuleGetter(this, "PrivateBrowsingUtils",
+                               "resource://gre/modules/PrivateBrowsingUtils.jsm");
+
 const kEntities = {
   "contacts": "contacts",
   "desktop-notification": "desktopNotification2",
   "geolocation": "geolocation",
 };
 
 function ContentPermissionPrompt() {}
 
@@ -49,16 +52,18 @@ ContentPermissionPrompt.prototype = {
     if (request.window) {
       let requestingWindow = request.window.top;
       return this.getChromeWindow(requestingWindow).wrappedJSObject;
     }
     return request.element.ownerGlobal;
   },
 
   prompt: function(request) {
+    let isApp = request.principal.appId !== Ci.nsIScriptSecurityManager.NO_APP_ID && request.principal.appId !== Ci.nsIScriptSecurityManager.UNKNOWN_APP_ID;
+
     // Only allow exactly one permission rquest here.
     let types = request.types.QueryInterface(Ci.nsIArray);
     if (types.length != 1) {
       request.cancel();
       return;
     }
 
     let perm = types.queryElementAt(0, Ci.nsIContentPermissionType);
@@ -73,16 +78,19 @@ ContentPermissionPrompt.prototype = {
           RuntimePermissions.ACCESS_FINE_LOCATION).then((granted) => {
             (granted ? request.allow : request.cancel)();
           });
         return;
       }
       request.allow();
     };
 
+    // We don't want to remember permissions in private mode
+    let isPrivate = PrivateBrowsingUtils.isWindowPrivate(request.window.ownerGlobal);
+
     // Returns true if the request was handled
     if (this.handleExistingPermission(request, perm.type, callback)) {
        return;
     }
 
     if (perm.type === "desktop-notification" &&
         Services.prefs.getBoolPref("dom.webnotifications.requireuserinteraction", false) &&
         !request.isHandlingUserInput) {
@@ -101,19 +109,27 @@ ContentPermissionPrompt.prototype = {
           Services.perms.addFromPrincipal(request.principal, perm.type, Ci.nsIPermissionManager.DENY_ACTION);
 
         callback(/* allow */ false);
       },
     },
     {
       label: browserBundle.GetStringFromName(entityName + ".allow"),
       callback: function(aChecked) {
+        let isPermanent = (aChecked || entityName == "desktopNotification2");
         // If the user checked "Don't ask again" or this is a desktopNotification, make a permanent exception
-        if (aChecked || entityName == "desktopNotification2") {
+        // Also, we don't want to permanently store this exception if the user is in private mode
+        if (!isPrivate && isPermanent) {
           Services.perms.addFromPrincipal(request.principal, perm.type, Ci.nsIPermissionManager.ALLOW_ACTION);
+        // If we are in private mode, then it doesn't matter if the notification is desktop and also
+        // it shouldn't matter if the Don't show checkbox was checked because it shouldn't be show in the first place
+        } else if (isApp || (isPrivate && isPermanent)) {
+          // Otherwise allow the permission for the current session if the request comes from an app
+          // or if the request was made in private mode
+          Services.perms.addFromPrincipal(request.principal, perm.type, Ci.nsIPermissionManager.ALLOW_ACTION, Ci.nsIPermissionManager.EXPIRE_SESSION);
         }
 
         callback(/* allow */ true);
       },
       positive: true,
     }];
 
     let chromeWin = this.getChromeForRequest(request);
@@ -124,18 +140,22 @@ ContentPermissionPrompt.prototype = {
     let options;
     if (entityName == "desktopNotification2") {
       options = {
         link: {
           label: browserBundle.GetStringFromName("doorhanger.learnMore"),
           url: "https://www.mozilla.org/firefox/push/",
         },
       };
+    // it doesn't make sense to display the checkbox since we won't be remembering
+    // this specific permission if the user is in Private mode
+    } else if (!isPrivate) {
+      options = { checkbox: browserBundle.GetStringFromName(entityName + ".dontAskAgain") };
     } else {
-      options = { checkbox: browserBundle.GetStringFromName(entityName + ".dontAskAgain") };
+      options = { };
     }
 
     options.defaultCallback = () => {
       callback(/* allow */ false);
     };
 
     DoorHanger.show(request.window || request.element.ownerGlobal,
                     message, entityName + request.principal.URI.host,