commit 46dda37f29379b74cb43460befd90792065df8e9 Author: Kathy Brade brade@pearlcrescent.com Date: Sun Dec 8 21:08:37 2013 -0800
Bug #8167: Update cache isolation to use getFirstPartyURIFromChannel()
Required for cache isolation under FF24. --- src/chrome/content/stanford-safecache.js | 22 ++++++++++++++++++---- 1 file changed, 18 insertions(+), 4 deletions(-)
diff --git a/src/chrome/content/stanford-safecache.js b/src/chrome/content/stanford-safecache.js index 48f6d88..0ef52ad 100644 --- a/src/chrome/content/stanford-safecache.js +++ b/src/chrome/content/stanford-safecache.js @@ -61,7 +61,10 @@ function SSC_dump(msg) {
function SSC_RequestListener(controller) { this.controller = controller; - this.cookie_permissions = Cc["@mozilla.org/cookie/permission;1"].getService(Ci.nsICookiePermission); + this.thirdPartyUtil = Cc["@mozilla.org/thirdpartyutil;1"]. + getService(Ci.mozIThirdPartyUtil); + this.cookie_permissions = Cc["@mozilla.org/cookie/permission;1"]. + getService(Ci.nsICookiePermission); }
SSC_RequestListener.prototype = @@ -77,11 +80,13 @@ SSC_RequestListener.prototype = subject.QueryInterface(Components.interfaces.nsIHttpChannel); subject.QueryInterface(Components.interfaces.nsIHttpChannelInternal); subject.QueryInterface(Components.interfaces.nsICachingChannel); + subject.QueryInterface(Components.interfaces.nsIChannel); this.onModifyRequest(subject); } else if (topic == 'http-on-examine-response') { subject.QueryInterface(Components.interfaces.nsIHttpChannel); subject.QueryInterface(Components.interfaces.nsIHttpChannelInternal); subject.QueryInterface(Components.interfaces.nsICachingChannel); + subject.QueryInterface(Components.interfaces.nsIChannel); this.onExamineResponse(subject); } } catch(e) {try {torbutton_log(4, "SSC: "+e);} catch(ex) {}} @@ -135,13 +140,22 @@ SSC_RequestListener.prototype = } else if(!parent_host) { // Questionable first party interaction.. try { - var anuri = this.cookie_permissions.getOriginatingURI(channel); + var anuri = null; + try { + anuri = this.thirdPartyUtil.getFirstPartyURIFromChannel(channel, false); + } catch (e) { + torbutton_safelog(2, "FirstParty API failed to get parent: "+e+" ", channel.URI.spec); + // We are not using the TBB based on ESR 24. Falling back to the old + // method. + anuri = this.cookie_permissions.getOriginatingURI(channel); + } parent_host = anuri.host; parent_spec = anuri.spec; } catch(e) { - torbutton_safelog(2, "Cookie API failed to get parent: "+e,channel.URI.spec); + // XXX: This can still fail for OCSP and other windowless requests.. + torbutton_safelog(3, "Cookie API failed to get parent: "+e+" ",channel.URI.spec); if (!channel.referrer) { - torbutton_safelog(3, "SSC: No parent for ", channel.URI.spec); + torbutton_safelog(3, "SSC: No cache isolation parent for ", channel.URI.spec); } else { parent_host = channel.referrer.host; parent_spec = channel.referrer.spec;