Bug 1524674 - Cleanup site data with custom permissions per subdomains - debug messages. r=johannh a=lizzard
authorAndrea Marchesini <amarchesini@mozilla.com>
Mon, 04 Feb 2019 14:24:33 +0000
changeset 515763 bf4fec8933af388b2e37a56780dc6895727a8b2d
parent 515762 38126f72db7fe9f3d7098cdf73d33db800022a4d
child 515764 ea1d5311b285dcdb93b1b1748dc5d9905fda7993
push id1953
push userffxbld-merge
push dateMon, 11 Mar 2019 12:10:20 +0000
treeherdermozilla-release@9c35dcbaa899 [default view] [failures only]
perfherder[talos] [build metrics] [platform microbench] (compared to previous push)
reviewersjohannh, lizzard
bugs1524674
milestone66.0
Bug 1524674 - Cleanup site data with custom permissions per subdomains - debug messages. r=johannh a=lizzard Differential Revision: https://phabricator.services.mozilla.com/D18496
browser/modules/Sanitizer.jsm
modules/libpref/init/all.js
--- a/browser/modules/Sanitizer.jsm
+++ b/browser/modules/Sanitizer.jsm
@@ -17,16 +17,27 @@ XPCOMUtils.defineLazyModuleGetters(this,
 
 XPCOMUtils.defineLazyServiceGetter(this, "quotaManagerService",
                                    "@mozilla.org/dom/quota-manager-service;1",
                                    "nsIQuotaManagerService");
 XPCOMUtils.defineLazyServiceGetter(this, "serviceWorkerManager",
                                    "@mozilla.org/serviceworkers/manager;1",
                                    "nsIServiceWorkerManager");
 
+var logConsole;
+function log(msg) {
+  if (!logConsole) {
+    logConsole = console.createInstance({
+      prefix: "** Sanitizer.jsm",
+      maxLogLevelPref: "browser.sanitizer.loglevel",
+    });
+  }
+
+  logConsole.log(msg);
+}
 
 // Used as unique id for pending sanitizations.
 var gPendingSanitizationSerial = 0;
 
 /**
  * Cookie lifetime policy is currently used to cleanup on shutdown other
  * components such as QuotaManager, localStorage, ServiceWorkers.
  */
@@ -649,16 +660,18 @@ async function sanitizeInternal(items, a
     removePendingSanitization(uid);
   progress = {};
   if (seenError) {
     throw new Error("Error sanitizing");
   }
 }
 
 async function sanitizeOnShutdown(progress) {
+  log("Sanitizing on shutdown");
+
   if (Sanitizer.shouldSanitizeOnShutdown) {
     // Need to sanitize upon shutdown
     let itemsToClear = getItemsToClearFromPrefBranch(Sanitizer.PREF_SHUTDOWN_BRANCH);
     await Sanitizer.sanitize(itemsToClear, { progress });
   }
 
   // Clear out QuotaManager storage for principals that have been marked as
   // session only.  The cookie service has special logic that avoids writing
@@ -679,32 +692,35 @@ async function sanitizeOnShutdown(progre
   // First, when the default is set to ACCEPT_SESSION, then all origins that
   // use QuotaManager storage but don't have a specific permission set to
   // ACCEPT_NORMALLY need to be wiped.  Second, the set of origins that have
   // the permission explicitly set to ACCEPT_SESSION need to be wiped.  There
   // are also other ways to think about and accomplish this, but this is what
   // the logic below currently does!
   if (Services.prefs.getIntPref(PREF_COOKIE_LIFETIME,
                                 Ci.nsICookieService.ACCEPT_NORMALLY) == Ci.nsICookieService.ACCEPT_SESSION) {
+    log("Session-only configuration detected");
     let principals = await getAllPrincipals();
     await maybeSanitizeSessionPrincipals(principals);
   }
 
   // Let's see if we have to forget some particular site.
   for (let permission of Services.perms.enumerator) {
     if (permission.type != "cookie" ||
         permission.capability != Ci.nsICookiePermission.ACCESS_SESSION) {
       continue;
     }
 
     // We consider just permissions set for http, https and file URLs.
     if (!isSupportedURI(permission.principal.URI)) {
       continue;
     }
 
+    log("Custom session cookie permission detected for: " + permission.principal.URI.spec);
+
     // We use just the URI here, because permissions ignore OriginAttributes.
     let principals = await getAllPrincipals(permission.principal.URI);
     let promises = [];
     principals.forEach(principal => {
       promises.push(sanitizeSessionPrincipal(principal));
     });
     await Promise.all(promises);
   }
@@ -778,66 +794,77 @@ async function getAllPrincipals(matchUri
   });
 
   return principals;
 }
 
 // This method receives a list of principals and it checks if some of them or
 // some of their sub-domain need to be sanitize.
 async function maybeSanitizeSessionPrincipals(principals) {
+  log("Sanitizing " + principals.length + " principals");
+
   let promises = [];
 
   principals.forEach(principal => {
     if (!cookiesAllowedForDomainOrSubDomain(principal)) {
       promises.push(sanitizeSessionPrincipal(principal));
     }
   });
 
   return Promise.all(promises);
 }
 
 function cookiesAllowedForDomainOrSubDomain(principal) {
+  log("Checking principal: " + principal.URI.spec);
+
   // If we have the 'cookie' permission for this principal, let's return
   // immediately.
   let p = Services.perms.testPermissionFromPrincipal(principal, "cookie");
   if (p == Ci.nsICookiePermission.ACCESS_ALLOW) {
+    log("Cookie allowed!");
     return true;
   }
 
   if (p == Ci.nsICookiePermission.ACCESS_DENY ||
       p == Ci.nsICookiePermission.ACCESS_SESSION) {
+    log("Cookie denied or session!");
     return false;
   }
 
   // This is an old profile with unsupported permission values
   if (p != Ci.nsICookiePermission.ACCESS_DEFAULT) {
+    log("Not supported cookie permission: " + p);
     return false;
   }
 
   for (let perm of Services.perms.enumerator) {
     if (perm.type != "cookie") {
       continue;
     }
 
     // We consider just permissions set for http, https and file URLs.
     if (!isSupportedURI(perm.principal.URI)) {
       continue;
     }
 
     // We don't care about scheme, port, and anything else.
     if (Services.eTLD.hasRootDomain(perm.principal.URI.host,
                                     principal.URI.host)) {
+      log("Recursive cookie check on principal: " + perm.principal.URI.spec);
       return cookiesAllowedForDomainOrSubDomain(perm.principal);
     }
   }
 
+  log("Cookie not allowed.");
   return false;
 }
 
 async function sanitizeSessionPrincipal(principal) {
+  log("Sanitizing principal: " + principal.URI.spec);
+
   await new Promise(resolve => {
     Services.clearData.deleteDataFromPrincipal(principal, true /* user request */,
                                                Ci.nsIClearDataService.CLEAR_DOM_STORAGES |
                                                Ci.nsIClearDataService.CLEAR_COOKIES,
                                                resolve);
   });
 }
 
--- a/modules/libpref/init/all.js
+++ b/modules/libpref/init/all.js
@@ -5885,16 +5885,18 @@ pref("security.block_ftp_subresources", 
 
 pref("dom.storageManager.prompt.testing", false);
 pref("dom.storageManager.prompt.testing.allow", false);
 
 
 pref("browser.storageManager.pressureNotification.minIntervalMS", 1200000);
 pref("browser.storageManager.pressureNotification.usageThresholdGB", 5);
 
+pref("browser.sanitizer.loglevel", "Warn");
+
 // When a user cancels this number of authentication dialogs coming from
 // a single web page in a row, all following authentication dialogs will
 // be blocked (automatically canceled) for that page. The counter resets
 // when the page is reloaded. To turn this feature off, just set the limit to 0.
 pref("prompts.authentication_dialog_abuse_limit", 3);
 
 pref("dom.IntersectionObserver.enabled", true);