Bug 1257861 - Default to sending all cookies if we can't compute 3rdpartyness. r=sicking a=lizzard
authorBlake Kaplan <mrbkap@gmail.com>
Wed, 06 Apr 2016 16:31:19 -0700
changeset 325725 8b4d6477fd3e18d3995878f0d9dff41efa264cd4
parent 325724 9e99383b97c614ba0927ee7d76e9e837b7ffba1f
child 325726 8e4ae231d7970818abbee30bab01d44fd8c2fae4
push id1128
push userjlund@mozilla.com
push dateWed, 01 Jun 2016 01:31:59 +0000
treeherdermozilla-release@fe0d30de989d [default view] [failures only]
perfherder[talos] [build metrics] [platform microbench] (compared to previous push)
reviewerssicking, lizzard
bugs1257861
milestone47.0a2
Bug 1257861 - Default to sending all cookies if we can't compute 3rdpartyness. r=sicking a=lizzard MozReview-Commit-ID: HHVHh7u7bQz
dom/base/test/unit/test_thirdpartyutil.js
dom/workers/test/test_xhr_3rdparty.html
netwerk/base/LoadInfo.cpp
--- a/dom/base/test/unit/test_thirdpartyutil.js
+++ b/dom/base/test/unit/test_thirdpartyutil.js
@@ -36,18 +36,19 @@ function run_test() {
   let util = Cc["@mozilla.org/thirdpartyutil;1"].getService(Ci.mozIThirdPartyUtil);
 
   // Create URIs and channels pointing to foo.com and bar.com.
   // We will use these to put foo.com into first and third party contexts.
   let spec1 = "http://foo.com/foo.html";
   let spec2 = "http://bar.com/bar.html";
   let uri1 = NetUtil.newURI(spec1);
   let uri2 = NetUtil.newURI(spec2);
-  let channel1 = NetUtil.newChannel({uri: uri1, loadUsingSystemPrincipal: true});
-  let channel2 = NetUtil.newChannel({uri: uri2, loadUsingSystemPrincipal: true});
+  const contentPolicyType = Ci.nsIContentPolicy.TYPE_DOCUMENT;
+  let channel1 = NetUtil.newChannel({uri: uri1, loadUsingSystemPrincipal: true, contentPolicyType});
+  let channel2 = NetUtil.newChannel({uri: uri2, loadUsingSystemPrincipal: true, contentPolicyType});
 
   // Create some file:// URIs.
   let filespec1 = "file://foo.txt";
   let filespec2 = "file://bar.txt";
   let fileuri1 = NetUtil.newURI(filespec1);
   let fileuri2 = NetUtil.newURI(filespec2);
   let filechannel1 = NetUtil.newChannel({uri: fileuri1, loadUsingSystemPrincipal: true});
   let filechannel2 = NetUtil.newChannel({uri: fileuri2, loadUsingSystemPrincipal: true});
@@ -65,22 +66,22 @@ function run_test() {
     NS_ERROR_INVALID_ARG);
   do_check_throws(function() { util.isThirdPartyURI(null, null); },
     NS_ERROR_INVALID_ARG);
 
   // We can't test isThirdPartyWindow since we can't really set up a window
   // hierarchy. We leave that to mochitests.
 
   // Test isThirdPartyChannel. As above, we can't test the bits that require
-  // a load context or window heirarchy. Because of that, the code assumes
-  // that these are all third-party loads.
+  // a load context or window heirarchy. Because of bug 1259873, we assume
+  // that these are not third-party.
   do_check_throws(function() { util.isThirdPartyChannel(null); },
     NS_ERROR_INVALID_ARG);
-  do_check_true(util.isThirdPartyChannel(channel1));
-  do_check_true(util.isThirdPartyChannel(channel1, uri1));
+  do_check_false(util.isThirdPartyChannel(channel1));
+  do_check_false(util.isThirdPartyChannel(channel1, uri1));
   do_check_true(util.isThirdPartyChannel(channel1, uri2));
 
   let httpchannel1 = channel1.QueryInterface(Ci.nsIHttpChannelInternal);
   httpchannel1.forceAllowThirdPartyCookie = true;
   do_check_false(util.isThirdPartyChannel(channel1));
   do_check_false(util.isThirdPartyChannel(channel1, uri1));
   do_check_true(util.isThirdPartyChannel(channel1, uri2));
 }
--- a/dom/workers/test/test_xhr_3rdparty.html
+++ b/dom/workers/test/test_xhr_3rdparty.html
@@ -36,17 +36,17 @@ Tests of DOM Worker Threads XHR(Bug 4504
         ok(false, "XHR error: " + args.error);
       } break;
       case "upload.load": {
         gotUploadLoad = true;
       } break;
       case "load": {
         ok(gotUploadLoad, "Should have gotten upload load event");
         gotLoadend = true;
-        todo_is(args.data, "a=cookie_is_set", "correct data");
+        is(args.data, "a=cookie_is_set", "correct data");
         document.getElementById("content").textContent = args.data;
       } break;
       case "loadend": {
         ok(gotLoadend, "Should have gotten load.");
         SimpleTest.finish();
         break;
       }
       default: {
--- a/netwerk/base/LoadInfo.cpp
+++ b/netwerk/base/LoadInfo.cpp
@@ -46,23 +46,29 @@ LoadInfo::LoadInfo(nsIPrincipal* aLoadin
   , mInternalContentPolicyType(aContentPolicyType)
   , mTainting(LoadTainting::Basic)
   , mUpgradeInsecureRequests(false)
   , mInnerWindowID(0)
   , mOuterWindowID(0)
   , mParentOuterWindowID(0)
   , mEnforceSecurity(false)
   , mInitialSecurityCheckDone(false)
-  , mIsThirdPartyContext(true)
+  , mIsThirdPartyContext(false)
   , mForcePreflight(false)
   , mIsPreflight(false)
 {
   MOZ_ASSERT(mLoadingPrincipal);
   MOZ_ASSERT(mTriggeringPrincipal);
 
+  // TODO(bug 1259873): Above, we initialize mIsThirdPartyContext to false meaning
+  // that consumers of LoadInfo that don't pass a context or pass a context from
+  // which we can't find a window will default to assuming that they're 1st
+  // party. It would be nice if we could default "safe" and assume that we are
+  // 3rd party until proven otherwise.
+
   // if consumers pass both, aLoadingContext and aLoadingPrincipal
   // then the loadingPrincipal must be the same as the node's principal
   MOZ_ASSERT(!aLoadingContext || !aLoadingPrincipal ||
              aLoadingContext->NodePrincipal() == aLoadingPrincipal);
 
   // if the load is sandboxed, we can not also inherit the principal
   if (mSecurityFlags & nsILoadInfo::SEC_SANDBOXED) {
     mSecurityFlags ^= nsILoadInfo::SEC_FORCE_INHERIT_PRINCIPAL;