Bug 1501006 - Reject cookieStoreId in perma-private browsing mode. r=mixedpuppy, a=RyanVM
authorRob Wu <rob@robwu.nl>
Mon, 29 Oct 2018 13:23:00 +0000
changeset 500945 a78fa2f251c0f213f7b06f45e7488e4f22a9a429
parent 500944 bc7548ec328bb2ece1a2a0d519fd466cf2353ad1
child 500946 5d62582ba7ae1aed3ddfddf355abd84274ac9de1
push id1864
push userffxbld-merge
push dateMon, 03 Dec 2018 15:51:40 +0000
treeherdermozilla-release@f040763d99ad [default view] [failures only]
perfherder[talos] [build metrics] [platform microbench] (compared to previous push)
reviewersmixedpuppy, RyanVM
bugs1501006, 1320757
milestone64.0
Bug 1501006 - Reject cookieStoreId in perma-private browsing mode. r=mixedpuppy, a=RyanVM Until container tabs are supported in private browsing mode (bug 1320757), extensions should not be able to open container tabs when perma-private browsing mode is off. Differential Revision: https://phabricator.services.mozilla.com/D9517
browser/components/extensions/test/browser/browser_ext_tabs_cookieStoreId.js
browser/components/extensions/test/browser/browser_ext_windows_create_cookieStoreId.js
toolkit/components/extensions/parent/ext-tabs-base.js
--- a/browser/components/extensions/test/browser/browser_ext_tabs_cookieStoreId.js
+++ b/browser/components/extensions/test/browser/browser_ext_tabs_cookieStoreId.js
@@ -150,8 +150,38 @@ add_task(async function() {
   }
 
   info("Waiting for shutting down...");
   extension.sendMessage("finish");
   await extension.awaitMessage("gone");
 
   await extension.unload();
 });
+
+add_task(async function perma_private_browsing_mode() {
+  await SpecialPowers.pushPrefEnv({set: [["browser.privatebrowsing.autostart", true]]});
+
+  let extension = ExtensionTestUtils.loadExtension({
+    manifest: {
+      "permissions": ["tabs", "cookies"],
+    },
+    async background() {
+      await browser.test.assertRejects(
+        browser.tabs.create({cookieStoreId: "firefox-container-1"}),
+        /Contextual identities are unavailable in permanent private browsing mode/,
+        "should refuse to open container tab in existing non-private window");
+
+      let win = await browser.windows.create({});
+      browser.test.assertTrue(win.incognito, "New window should be private when perma-PBM is enabled.");
+      await browser.test.assertRejects(
+        browser.tabs.create({cookieStoreId: "firefox-container-1", windowId: win.id}),
+        /Illegal to set non-private cookieStoreId in a private window/,
+        "should refuse to open container tab in private browsing window");
+      await browser.windows.remove(win.id);
+
+      browser.test.sendMessage("done");
+    },
+  });
+  await extension.startup();
+  await extension.awaitMessage("done");
+  await extension.unload();
+  await SpecialPowers.popPrefEnv();
+});
--- a/browser/components/extensions/test/browser/browser_ext_windows_create_cookieStoreId.js
+++ b/browser/components/extensions/test/browser/browser_ext_windows_create_cookieStoreId.js
@@ -55,16 +55,38 @@ add_task(async function invalid_cookieSt
     },
   });
 
   await extension.startup();
   await extension.awaitMessage("done");
   await extension.unload();
 });
 
+add_task(async function perma_private_browsing_mode() {
+  await SpecialPowers.pushPrefEnv({set: [["browser.privatebrowsing.autostart", true]]});
+
+  let extension = ExtensionTestUtils.loadExtension({
+    manifest: {
+      "permissions": ["tabs", "cookies"],
+    },
+    async background() {
+      await browser.test.assertRejects(
+        browser.windows.create({cookieStoreId: "firefox-container-1"}),
+        /Contextual identities are unavailable in permanent private browsing mode/,
+        "cookieStoreId cannot be a container tab ID in perma-private browsing mode");
+
+      browser.test.sendMessage("done");
+    },
+  });
+  await extension.startup();
+  await extension.awaitMessage("done");
+  await extension.unload();
+  await SpecialPowers.popPrefEnv();
+});
+
 add_task(async function valid_cookieStoreId() {
   await SpecialPowers.pushPrefEnv({"set": [
     ["privacy.userContext.enabled", true],
   ]});
 
   const testCases = [{
     description: "no explicit URL",
     createParams: {
--- a/toolkit/components/extensions/parent/ext-tabs-base.js
+++ b/toolkit/components/extensions/parent/ext-tabs-base.js
@@ -2067,16 +2067,20 @@ function getUserContextIdForCookieStoreI
     throw new ExtensionError(`Illegal to set non-private cookieStoreId in a private window`);
   }
 
   if (!isPrivateBrowsing && isPrivateCookieStoreId(cookieStoreId)) {
     throw new ExtensionError(`Illegal to set private cookieStoreId in a non-private window`);
   }
 
   if (isContainerCookieStoreId(cookieStoreId)) {
+    if (PrivateBrowsingUtils.permanentPrivateBrowsing) {
+      // Container tabs are not supported in perma-private browsing mode - bug 1320757
+      throw new ExtensionError(`Contextual identities are unavailable in permanent private browsing mode`);
+    }
     let userContextId = getContainerForCookieStoreId(cookieStoreId);
     if (!userContextId) {
       throw new ExtensionError(`No cookie store exists with ID ${cookieStoreId}`);
     }
     return userContextId;
   }
 
   return Services.scriptSecurityManager.DEFAULT_USER_CONTEXT_ID;