commit d0062623b1cb82844bd83af308515d86ccc610a3 Author: Arthur Edelstein <arthuredelstein@gmail.com> Date: Thu Apr 17 16:39:37 2014 -0700 Add a pref, "privacy.thirdparty.isolate", to allow the activation or deactivation of isolating DOM storage and image caching by first party URI. --- browser/app/profile/firefox.js | 8 ++ content/base/src/ThirdPartyUtil.cpp | 34 ++++++++ content/base/src/ThirdPartyUtil.h | 1 + content/base/src/nsContentUtils.cpp | 28 +++---- docshell/base/nsDocShell.cpp | 10 +-- dom/base/nsGlobalWindow.cpp | 28 +++---- dom/base/nsGlobalWindow.h | 2 +- dom/interfaces/storage/nsIDOMStorageManager.idl | 14 ++-- dom/src/storage/DOMStorageCache.cpp | 4 +- dom/src/storage/DOMStorageCache.h | 6 +- dom/src/storage/DOMStorageManager.cpp | 44 +++++----- dom/src/storage/DOMStorageManager.h | 4 +- embedding/browser/webBrowser/nsContextMenuInfo.cpp | 8 +- image/public/imgILoader.idl | 4 +- image/src/imgLoader.cpp | 84 ++++++++------------ image/src/imgLoader.h | 6 +- image/src/imgRequest.cpp | 8 +- image/src/imgRequest.h | 4 +- layout/generic/nsImageFrame.cpp | 22 ++--- netwerk/base/public/mozIThirdPartyUtil.idl | 23 ++++++ widget/cocoa/nsMenuItemIconX.mm | 8 +- 21 files changed, 200 insertions(+), 150 deletions(-) diff --git a/browser/app/profile/firefox.js b/browser/app/profile/firefox.js index 56ae000..ae78798 100644 --- a/browser/app/profile/firefox.js +++ b/browser/app/profile/firefox.js @@ -517,6 +517,14 @@ pref("privacy.sanitize.migrateFx3Prefs", false); pref("network.proxy.share_proxy_settings", false); // use the same proxy settings for all protocols +// The privacy.thirdparty.isolate pref determines whether +// an isolated DOM Storage map and image cache are +// maintained for each URL bar domain. +// 0 - No isolation +// 1 - Enable isolation in private windows +// 2 - Enable isolation everywhere +pref("privacy.thirdparty.isolate", 1); + // simple gestures support pref("browser.gesture.swipe.left", "Browser:BackOrBackDuplicate"); pref("browser.gesture.swipe.right", "Browser:ForwardOrForwardDuplicate"); diff --git a/content/base/src/ThirdPartyUtil.cpp b/content/base/src/ThirdPartyUtil.cpp index 55eb316..06b2a14 100644 --- a/content/base/src/ThirdPartyUtil.cpp +++ b/content/base/src/ThirdPartyUtil.cpp @@ -3,6 +3,7 @@ * file, You can obtain one at http://mozilla.org/MPL/2.0/. */ #include "ThirdPartyUtil.h" +#include "mozilla/Preferences.h" #include "nsNetUtil.h" #include "nsIServiceManager.h" #include "nsIHttpChannelInternal.h" @@ -411,6 +412,39 @@ ThirdPartyUtil::GetBaseDomain(nsIURI* aHostURI, return NS_OK; } +// Returns true if First Party Isolation is currently active for the given nsIChannel. +// Depends on Preference setting and possibly the state of Private Browsing mode. +bool ThirdPartyUtil::IsFirstPartyIsolationActive(nsIChannel *aChannel, nsIDocument *aDoc) +{ + int32_t isolationState = mozilla::Preferences::GetInt("privacy.thirdparty.isolate"); + if (isolationState == 1) { + if (!aChannel && aDoc) { + // No channel passed directly. Can we get a channel from aDoc? + aChannel = aDoc->GetChannel(); + } + return aChannel && NS_UsePrivateBrowsing(aChannel); + } else { // (isolationState == 0) || (isolationState == 2) + return (isolationState == 2); + } +} + +// Produces a URI that uniquely identifies the first party to which +// image cache and dom storage objects should be isolated. If isolation +// is deactivated, then aOutput will return null. +// Not scriptable due to the use of an nsIDocument parameter. +NS_IMETHODIMP +ThirdPartyUtil::GetFirstPartyIsolationURI(nsIChannel *aChannel, nsIDocument *aDoc, nsIURI **aOutput) +{ + bool isolationActive = IsFirstPartyIsolationActive(aChannel, aDoc); + if (isolationActive) { + return GetFirstPartyURI(aChannel, aDoc, aOutput); + } else { + // We return a null pointer when isolation is off. + *aOutput = nullptr; + return NS_OK; + } +} + // Not scriptable due to the use of an nsIDocument parameter. NS_IMETHODIMP ThirdPartyUtil::GetFirstPartyURI(nsIChannel *aChannel, diff --git a/content/base/src/ThirdPartyUtil.h b/content/base/src/ThirdPartyUtil.h index 8777f44..c90dbad 100644 --- a/content/base/src/ThirdPartyUtil.h +++ b/content/base/src/ThirdPartyUtil.h @@ -27,6 +27,7 @@ public: private: nsresult IsThirdPartyInternal(const nsCString& aFirstDomain, nsIURI* aSecondURI, bool* aResult); + bool IsFirstPartyIsolationActive(nsIChannel* aChannel, nsIDocument* aDoc); bool SchemeIsWhiteListed(nsIURI *aURI); static already_AddRefed<nsIURI> GetURIFromWindow(nsIDOMWindow* aWin); static nsresult GetOriginatingURI(nsIChannel *aChannel, nsIURI **aURI); diff --git a/content/base/src/nsContentUtils.cpp b/content/base/src/nsContentUtils.cpp index db038bf..308cea8 100644 --- a/content/base/src/nsContentUtils.cpp +++ b/content/base/src/nsContentUtils.cpp @@ -2693,22 +2693,22 @@ nsContentUtils::LoadImage(nsIURI* aURI, nsIDocument* aLoadingDocument, // Make the URI immutable so people won't change it under us NS_TryToSetImmutable(aURI); - nsCOMPtr<nsIURI> firstPartyURI; + nsCOMPtr<nsIURI> firstPartyIsolationURI; nsCOMPtr<mozIThirdPartyUtil> thirdPartySvc = do_GetService(THIRDPARTYUTIL_CONTRACTID); - thirdPartySvc->GetFirstPartyURI(nullptr, aLoadingDocument, - getter_AddRefs(firstPartyURI)); - - return imgLoader->LoadImage(aURI, /* uri to load */ - firstPartyURI, /* firstPartyURI */ - aReferrer, /* referrer */ - aLoadingPrincipal, /* loading principal */ - loadGroup, /* loadgroup */ - aObserver, /* imgINotificationObserver */ - aLoadingDocument, /* uniquification key */ - aLoadFlags, /* load flags */ - nullptr, /* cache key */ - channelPolicy, /* CSP info */ + thirdPartySvc->GetFirstPartyIsolationURI(nullptr, aLoadingDocument, + getter_AddRefs(firstPartyIsolationURI)); + + return imgLoader->LoadImage(aURI, /* uri to load */ + firstPartyIsolationURI, /* firstPartyIsolationURI, NULL if isolation is not active */ + aReferrer, /* referrer */ + aLoadingPrincipal, /* loading principal */ + loadGroup, /* loadgroup */ + aObserver, /* imgINotificationObserver */ + aLoadingDocument, /* uniquification key */ + aLoadFlags, /* load flags */ + nullptr, /* cache key */ + channelPolicy, /* CSP info */ aRequest); } diff --git a/docshell/base/nsDocShell.cpp b/docshell/base/nsDocShell.cpp index 8963ea0..205b197 100644 --- a/docshell/base/nsDocShell.cpp +++ b/docshell/base/nsDocShell.cpp @@ -2698,18 +2698,18 @@ nsDocShell::GetSessionStorageForPrincipal(nsIPrincipal* aPrincipal, return NS_ERROR_FAILURE; nsCOMPtr<nsIDocument> doc(do_GetInterface(GetAsSupports(this))); - nsCOMPtr<nsIURI> firstPartyURI; - nsresult rv = thirdPartyUtil->GetFirstPartyURI(nullptr, doc, - getter_AddRefs(firstPartyURI)); + nsCOMPtr<nsIURI> firstPartyIsolationURI; + nsresult rv = thirdPartyUtil->GetFirstPartyIsolationURI(nullptr, doc, + getter_AddRefs(firstPartyIsolationURI)); NS_ENSURE_SUCCESS(rv, rv); if (aCreate) { - return manager->CreateStorageForFirstParty(firstPartyURI, + return manager->CreateStorageForFirstParty(firstPartyIsolationURI, aPrincipal, aDocumentURI, mInPrivateBrowsing, aStorage); } - return manager->GetStorageForFirstParty(firstPartyURI, aPrincipal, + return manager->GetStorageForFirstParty(firstPartyIsolationURI, aPrincipal, mInPrivateBrowsing, aStorage); } diff --git a/dom/base/nsGlobalWindow.cpp b/dom/base/nsGlobalWindow.cpp index 5a0998a..7c742b0 100644 --- a/dom/base/nsGlobalWindow.cpp +++ b/dom/base/nsGlobalWindow.cpp @@ -2604,8 +2604,8 @@ nsGlobalWindow::PreloadLocalStorage() } nsresult rv; - nsCOMPtr<nsIURI> firstPartyURI; - rv = GetFirstPartyURI(getter_AddRefs(firstPartyURI)); + nsCOMPtr<nsIURI> firstPartyIsolationURI; + rv = GetFirstPartyIsolationURI(getter_AddRefs(firstPartyIsolationURI)); if (NS_FAILED(rv)) { return; } @@ -2616,7 +2616,7 @@ nsGlobalWindow::PreloadLocalStorage() return; } - storageManager->PrecacheStorageForFirstParty(firstPartyURI, principal); + storageManager->PrecacheStorageForFirstParty(firstPartyIsolationURI, principal); } void @@ -6665,7 +6665,7 @@ nsGlobalWindow::CallerInnerWindow() } nsresult -nsGlobalWindow::GetFirstPartyURI(nsIURI** aFirstPartyURI) +nsGlobalWindow::GetFirstPartyIsolationURI(nsIURI** aFirstPartyIsolationURI) { nsCOMPtr<mozIThirdPartyUtil> thirdPartyUtil = do_GetService(THIRDPARTYUTIL_CONTRACTID); @@ -6673,7 +6673,7 @@ nsGlobalWindow::GetFirstPartyURI(nsIURI** aFirstPartyURI) return NS_ERROR_FAILURE; nsCOMPtr<nsIDocument> doc = do_QueryInterface(mDoc); - return thirdPartyUtil->GetFirstPartyURI(NULL, doc, aFirstPartyURI); + return thirdPartyUtil->GetFirstPartyIsolationURI(NULL, doc, aFirstPartyIsolationURI); } @@ -8984,11 +8984,11 @@ nsGlobalWindow::GetSessionStorage(nsIDOMStorage ** aSessionStorage) nsCOMPtr<nsILoadContext> loadContext = do_QueryInterface(docShell); - nsCOMPtr<nsIURI> firstPartyURI; - rv = GetFirstPartyURI(getter_AddRefs(firstPartyURI)); + nsCOMPtr<nsIURI> firstPartyIsolationURI; + rv = GetFirstPartyIsolationURI(getter_AddRefs(firstPartyIsolationURI)); NS_ENSURE_SUCCESS(rv, rv); - rv = storageManager->CreateStorageForFirstParty(firstPartyURI, principal, + rv = storageManager->CreateStorageForFirstParty(firstPartyIsolationURI, principal, documentURI, loadContext && loadContext->UsePrivateBrowsing(), getter_AddRefs(mSessionStorage)); @@ -9056,14 +9056,14 @@ nsGlobalWindow::GetLocalStorage(nsIDOMStorage ** aLocalStorage) mDoc->GetDocumentURI(documentURI); } - nsCOMPtr<nsIURI> firstPartyURI; - rv = GetFirstPartyURI(getter_AddRefs(firstPartyURI)); + nsCOMPtr<nsIURI> firstPartyIsolationURI; + rv = GetFirstPartyIsolationURI(getter_AddRefs(firstPartyIsolationURI)); NS_ENSURE_SUCCESS(rv, rv); nsIDocShell* docShell = GetDocShell(); nsCOMPtr<nsILoadContext> loadContext = do_QueryInterface(docShell); - rv = storageManager->CreateStorageForFirstParty(firstPartyURI, principal, + rv = storageManager->CreateStorageForFirstParty(firstPartyIsolationURI, principal, documentURI, loadContext && loadContext->UsePrivateBrowsing(), getter_AddRefs(mLocalStorage)); @@ -9681,11 +9681,11 @@ nsGlobalWindow::Observe(nsISupports* aSubject, const char* aTopic, nsCOMPtr<nsIDOMStorageManager> storageManager = do_QueryInterface(GetDocShell()); if (storageManager) { nsresult rv; - nsCOMPtr<nsIURI> firstPartyURI; - rv = GetFirstPartyURI(getter_AddRefs(firstPartyURI)); + nsCOMPtr<nsIURI> firstPartyIsolationURI; + rv = GetFirstPartyIsolationURI(getter_AddRefs(firstPartyIsolationURI)); NS_ENSURE_SUCCESS(rv, rv); - rv = storageManager->CheckStorageForFirstParty(firstPartyURI, + rv = storageManager->CheckStorageForFirstParty(firstPartyIsolationURI, principal, changingStorage, &check); NS_ENSURE_SUCCESS(rv, rv); } diff --git a/dom/base/nsGlobalWindow.h b/dom/base/nsGlobalWindow.h index af012bc..da6b54d 100644 --- a/dom/base/nsGlobalWindow.h +++ b/dom/base/nsGlobalWindow.h @@ -1092,7 +1092,7 @@ protected: nsresult RequestAnimationFrame(const nsIDocument::FrameRequestCallbackHolder& aCallback, int32_t* aHandle); - nsresult GetFirstPartyURI(nsIURI** aFirstPartyURI); + nsresult GetFirstPartyIsolationURI(nsIURI** aFirstPartyIsolationURI); // When adding new member variables, be careful not to create cycles // through JavaScript. If there is any chance that a member variable diff --git a/dom/interfaces/storage/nsIDOMStorageManager.idl b/dom/interfaces/storage/nsIDOMStorageManager.idl index 6d1c5fc..ea7246e 100644 --- a/dom/interfaces/storage/nsIDOMStorageManager.idl +++ b/dom/interfaces/storage/nsIDOMStorageManager.idl @@ -21,13 +21,13 @@ interface nsIDOMStorageManager : nsISupports * This starts async preloading of a storage cache for scope * defined by the principal. * - * @param aFirstPartyURI + * @param aFirstPartyIsolationURI * First party URI to bound storage to. * @param aPrincipal * Principal to bound storage to. */ void precacheStorage(in nsIPrincipal aPrincipal); - void precacheStorageForFirstParty(in nsIURI aFirstPartyURI, + void precacheStorageForFirstParty(in nsIURI aFirstPartyIsolationURI, in nsIPrincipal aPrincipal); /** @@ -35,7 +35,7 @@ interface nsIDOMStorageManager : nsISupports * A new object is always returned and it is ensured there is * a storage for the scope created. * - * @param aFirstPartyURI + * @param aFirstPartyIsolationURI * First party URI to bound storage to. * @param aPrincipal * Principal to bound storage to. @@ -47,7 +47,7 @@ interface nsIDOMStorageManager : nsISupports nsIDOMStorage createStorage(in nsIPrincipal aPrincipal, in DOMString aDocumentURI, [optional] in bool aPrivate); - nsIDOMStorage createStorageForFirstParty(in nsIURI aFirstPartyURI, + nsIDOMStorage createStorageForFirstParty(in nsIURI aFirstPartyIsolationURI, in nsIPrincipal aPrincipal, in DOMString aDocumentURI, [optional] in bool aPrivate); @@ -64,7 +64,7 @@ interface nsIDOMStorageManager : nsISupports */ nsIDOMStorage getStorage(in nsIPrincipal aPrincipal, [optional] in bool aPrivate); - nsIDOMStorage getStorageForFirstParty(in nsIURI aFirstPartyURI, + nsIDOMStorage getStorageForFirstParty(in nsIURI aFirstPartyIsolationURI, in nsIPrincipal aPrincipal, [optional] in bool aPrivate); @@ -83,7 +83,7 @@ interface nsIDOMStorageManager : nsISupports * Returns true if the storage belongs to the given principal and is managed * (i.e. has been created and is cached) by this storage manager. * - * @param aFirstPartyURI + * @param aFirstPartyIsolationURI * First party URI to check the storage against. * @param aPrincipal * Principal to check the storage against. @@ -97,7 +97,7 @@ interface nsIDOMStorageManager : nsISupports */ bool checkStorage(in nsIPrincipal aPrincipal, in nsIDOMStorage aStorage); - bool checkStorageForFirstParty(in nsIURI aFirstPartyURI, + bool checkStorageForFirstParty(in nsIURI aFirstPartyIsolationURI, in nsIPrincipal aPrincipal, in nsIDOMStorage aStorage); diff --git a/dom/src/storage/DOMStorageCache.cpp b/dom/src/storage/DOMStorageCache.cpp index 84ef729..b67a559 100644 --- a/dom/src/storage/DOMStorageCache.cpp +++ b/dom/src/storage/DOMStorageCache.cpp @@ -120,7 +120,7 @@ DOMStorageCache::Release(void) void DOMStorageCache::Init(DOMStorageManager* aManager, bool aPersistent, - nsIURI* aFirstPartyURI, + nsIURI* aFirstPartyIsolationURI, nsIPrincipal* aPrincipal, const nsACString& aQuotaScope) { @@ -130,7 +130,7 @@ DOMStorageCache::Init(DOMStorageManager* aManager, mManager = aManager; mInitialized = true; - mFirstPartyURI = aFirstPartyURI; + mFirstPartyIsolationURI = aFirstPartyIsolationURI; mPrincipal = aPrincipal; mPersistent = aPersistent; mQuotaScope = aQuotaScope.IsEmpty() ? mScope : aQuotaScope; diff --git a/dom/src/storage/DOMStorageCache.h b/dom/src/storage/DOMStorageCache.h index 42836ac..2b892fc 100644 --- a/dom/src/storage/DOMStorageCache.h +++ b/dom/src/storage/DOMStorageCache.h @@ -72,7 +72,7 @@ public: virtual ~DOMStorageCache(); void Init(DOMStorageManager* aManager, bool aPersistent, - nsIURI* aFirstPartyURI, nsIPrincipal* aPrincipal, + nsIURI* aFirstPartyIsolationURI, nsIPrincipal* aPrincipal, const nsACString& aQuotaScope); // Copies all data from the other storage. @@ -97,7 +97,7 @@ public: nsTArray<nsString>* GetKeys(const DOMStorage* aStorage); - nsIURI* FirstPartyURI() const { return mFirstPartyURI; } + nsIURI* FirstPartyIsolationURI() const { return mFirstPartyIsolationURI; } // Whether the principal equals principal the cache was created for bool CheckPrincipal(nsIPrincipal* aPrincipal) const; @@ -177,7 +177,7 @@ private: nsCOMPtr<nsITimer> mKeepAliveTimer; // The first party URI associated with this cache. - nsCOMPtr<nsIURI> mFirstPartyURI; + nsCOMPtr<nsIURI> mFirstPartyIsolationURI; // Principal the cache has been initially created for, this is used only // for sessionStorage access checks since sessionStorage objects are strictly diff --git a/dom/src/storage/DOMStorageManager.cpp b/dom/src/storage/DOMStorageManager.cpp index 9cc5042..4dbe66c 100644 --- a/dom/src/storage/DOMStorageManager.cpp +++ b/dom/src/storage/DOMStorageManager.cpp @@ -132,16 +132,16 @@ DOMStorageManager::~DOMStorageManager() namespace { // anon nsresult -AppendFirstPartyToKey(nsIURI* aFirstPartyURI, nsACString& aKey) +AppendFirstPartyToKey(nsIURI* aFirstPartyIsolationURI, nsACString& aKey) { - if (aFirstPartyURI) { + if (aFirstPartyIsolationURI) { nsCOMPtr<mozIThirdPartyUtil> thirdPartyUtil = do_GetService(THIRDPARTYUTIL_CONTRACTID); if (!thirdPartyUtil) return NS_ERROR_FAILURE; nsAutoCString firstPartyHost; - nsresult rv = thirdPartyUtil->GetFirstPartyHostForIsolation(aFirstPartyURI, + nsresult rv = thirdPartyUtil->GetFirstPartyHostForIsolation(aFirstPartyIsolationURI, firstPartyHost); NS_ENSURE_SUCCESS(rv, rv); @@ -153,7 +153,7 @@ AppendFirstPartyToKey(nsIURI* aFirstPartyURI, nsACString& aKey) } nsresult -CreateScopeKey(nsIURI* aFirstPartyURI, nsIPrincipal* aPrincipal, +CreateScopeKey(nsIURI* aFirstPartyIsolationURI, nsIPrincipal* aPrincipal, nsACString& aKey) { nsCOMPtr<nsIURI> uri; @@ -231,11 +231,11 @@ CreateScopeKey(nsIURI* aFirstPartyURI, nsIPrincipal* aPrincipal, // Isolate scope keys to the URL bar domain by appending &firstPartyHost // if available. - return AppendFirstPartyToKey(aFirstPartyURI, aKey); + return AppendFirstPartyToKey(aFirstPartyIsolationURI, aKey); } nsresult -CreateQuotaDBKey(nsIURI* aFirstPartyURI, nsIPrincipal* aPrincipal, +CreateQuotaDBKey(nsIURI* aFirstPartyIsolationURI, nsIPrincipal* aPrincipal, nsACString& aKey) { nsresult rv; @@ -286,7 +286,7 @@ CreateQuotaDBKey(nsIURI* aFirstPartyURI, nsIPrincipal* aPrincipal, // Isolate scope keys to the URL bar domain by appending &firstPartyHost // if available. - return AppendFirstPartyToKey(aFirstPartyURI, aKey); + return AppendFirstPartyToKey(aFirstPartyIsolationURI, aKey); } } // anon @@ -304,14 +304,14 @@ DOMStorageManager::GetCache(const nsACString& aScope) const already_AddRefed<DOMStorageCache> DOMStorageManager::PutCache(const nsACString& aScope, - nsIURI* aFirstPartyURI, + nsIURI* aFirstPartyIsolationURI, nsIPrincipal* aPrincipal) { DOMStorageCacheHashKey* entry = mCaches.PutEntry(aScope); nsRefPtr<DOMStorageCache> cache = entry->cache(); nsAutoCString quotaScope; - CreateQuotaDBKey(aFirstPartyURI, aPrincipal, quotaScope); + CreateQuotaDBKey(aFirstPartyIsolationURI, aPrincipal, quotaScope); // To avoid ever persisting session storage to disk, initialize LocalStorage // like SessionStorage. @@ -320,7 +320,7 @@ DOMStorageManager::PutCache(const nsACString& aScope, case LocalStorage: // Lifetime handled by the manager, don't persist entry->HardRef(); - cache->Init(nullptr, false, aFirstPartyURI, aPrincipal, quotaScope); + cache->Init(nullptr, false, aFirstPartyIsolationURI, aPrincipal, quotaScope); break; default: @@ -342,7 +342,7 @@ DOMStorageManager::DropCache(DOMStorageCache* aCache) nsresult DOMStorageManager::GetStorageInternal(bool aCreate, - nsIURI* aFirstPartyURI, + nsIURI* aFirstPartyIsolationURI, nsIPrincipal* aPrincipal, const nsAString& aDocumentURI, bool aPrivate, @@ -351,7 +351,7 @@ DOMStorageManager::GetStorageInternal(bool aCreate, nsresult rv; nsAutoCString scope; - rv = CreateScopeKey(aFirstPartyURI, aPrincipal, scope); + rv = CreateScopeKey(aFirstPartyIsolationURI, aPrincipal, scope); if (NS_FAILED(rv)) { return NS_ERROR_NOT_AVAILABLE; } @@ -382,7 +382,7 @@ DOMStorageManager::GetStorageInternal(bool aCreate, // There is always a single instance of a cache per scope // in a single instance of a DOM storage manager. - cache = PutCache(scope, aFirstPartyURI, aPrincipal); + cache = PutCache(scope, aFirstPartyIsolationURI, aPrincipal); } else if (mType == SessionStorage) { if (!cache->CheckPrincipal(aPrincipal)) { return NS_ERROR_DOM_SECURITY_ERR; @@ -405,10 +405,10 @@ DOMStorageManager::PrecacheStorage(nsIPrincipal* aPrincipal) } NS_IMETHODIMP -DOMStorageManager::PrecacheStorageForFirstParty(nsIURI* aFirstPartyURI, +DOMStorageManager::PrecacheStorageForFirstParty(nsIURI* aFirstPartyIsolationURI, nsIPrincipal* aPrincipal) { - return GetStorageInternal(true, aFirstPartyURI, aPrincipal, EmptyString(), + return GetStorageInternal(true, aFirstPartyIsolationURI, aPrincipal, EmptyString(), false, nullptr); } @@ -423,13 +423,13 @@ DOMStorageManager::CreateStorage(nsIPrincipal* aPrincipal, } NS_IMETHODIMP -DOMStorageManager::CreateStorageForFirstParty(nsIURI* aFirstPartyURI, +DOMStorageManager::CreateStorageForFirstParty(nsIURI* aFirstPartyIsolationURI, nsIPrincipal* aPrincipal, const nsAString& aDocumentURI, bool aPrivate, nsIDOMStorage** aRetval) { - return GetStorageInternal(true, aFirstPartyURI, aPrincipal, aDocumentURI, + return GetStorageInternal(true, aFirstPartyIsolationURI, aPrincipal, aDocumentURI, aPrivate, aRetval); } @@ -443,12 +443,12 @@ DOMStorageManager::GetStorage(nsIPrincipal* aPrincipal, } NS_IMETHODIMP -DOMStorageManager::GetStorageForFirstParty(nsIURI* aFirstPartyURI, +DOMStorageManager::GetStorageForFirstParty(nsIURI* aFirstPartyIsolationURI, nsIPrincipal* aPrincipal, bool aPrivate, nsIDOMStorage** aRetval) { - return GetStorageInternal(false, aFirstPartyURI, aPrincipal, + return GetStorageInternal(false, aFirstPartyIsolationURI, aPrincipal, EmptyString(), aPrivate, aRetval); } @@ -476,7 +476,7 @@ DOMStorageManager::CloneStorage(nsIDOMStorage* aStorage) // Since this manager is sessionStorage manager, PutCache hard references // the cache in our hashtable. nsRefPtr<DOMStorageCache> newCache = PutCache(origCache->Scope(), - origCache->FirstPartyURI(), + origCache->FirstPartyIsolationURI(), origCache->Principal()); newCache->CloneFrom(origCache); @@ -492,7 +492,7 @@ DOMStorageManager::CheckStorage(nsIPrincipal* aPrincipal, } NS_IMETHODIMP -DOMStorageManager::CheckStorageForFirstParty(nsIURI* aFirstPartyURI, +DOMStorageManager::CheckStorageForFirstParty(nsIURI* aFirstPartyIsolationURI, nsIPrincipal* aPrincipal, nsIDOMStorage* aStorage, bool* aRetval) @@ -509,7 +509,7 @@ DOMStorageManager::CheckStorageForFirstParty(nsIURI* aFirstPartyURI, } nsAutoCString scope; - nsresult rv = CreateScopeKey(aFirstPartyURI, aPrincipal, scope); + nsresult rv = CreateScopeKey(aFirstPartyIsolationURI, aPrincipal, scope); NS_ENSURE_SUCCESS(rv, rv); DOMStorageCache* cache = GetCache(scope); diff --git a/dom/src/storage/DOMStorageManager.h b/dom/src/storage/DOMStorageManager.h index 5e044b5..6ed9a70 100644 --- a/dom/src/storage/DOMStorageManager.h +++ b/dom/src/storage/DOMStorageManager.h @@ -74,12 +74,12 @@ private: // Ensures cache for a scope, when it doesn't exist it is created and initalized, // this also starts preload of persistent data. already_AddRefed<DOMStorageCache> PutCache(const nsACString& aScope, - nsIURI* aFirstPartyURI, + nsIURI* aFirstPartyIsolationURI, nsIPrincipal* aPrincipal); // Helper for creation of DOM storage objects nsresult GetStorageInternal(bool aCreate, - nsIURI* aFirstPartyURI, + nsIURI* aFirstPartyIsolationURI, nsIPrincipal* aPrincipal, const nsAString& aDocumentURI, bool aPrivate, diff --git a/embedding/browser/webBrowser/nsContextMenuInfo.cpp b/embedding/browser/webBrowser/nsContextMenuInfo.cpp index 8cca3e3..092e619 100644 --- a/embedding/browser/webBrowser/nsContextMenuInfo.cpp +++ b/embedding/browser/webBrowser/nsContextMenuInfo.cpp @@ -306,13 +306,13 @@ nsContextMenuInfo::GetBackgroundImageRequestInternal(nsIDOMNode *aDOMNode, imgRe nsRefPtr<imgLoader> il = imgLoader::GetInstance(); NS_ENSURE_TRUE(il, NS_ERROR_FAILURE); - nsCOMPtr<nsIURI> firstPartyURI; + nsCOMPtr<nsIURI> firstPartyIsolationURI; nsCOMPtr<mozIThirdPartyUtil> thirdPartySvc = do_GetService(THIRDPARTYUTIL_CONTRACTID); - thirdPartySvc->GetFirstPartyURI(nullptr, doc, - getter_AddRefs(firstPartyURI)); + thirdPartySvc->GetFirstPartyIsolationURI(nullptr, doc, + getter_AddRefs(firstPartyIsolationURI)); - return il->LoadImage(bgUri, firstPartyURI, nullptr, principal, nullptr, + return il->LoadImage(bgUri, firstPartyIsolationURI, nullptr, principal, nullptr, nullptr, nullptr, nsIRequest::LOAD_NORMAL, nullptr, channelPolicy, aRequest); } diff --git a/image/public/imgILoader.idl b/image/public/imgILoader.idl index c16a30a..e6e7727 100644 --- a/image/public/imgILoader.idl +++ b/image/public/imgILoader.idl @@ -38,7 +38,7 @@ interface imgILoader : nsISupports /** * Start the load and decode of an image. * @param aURI the URI to load - * @param aFirstPartyURI the urlbar URI that 'initiated' the load -- used for 3rd party blocking + * @param aFirstPartyIsolationURI the urlbar URI that 'initiated' the load -- used for 3rd party blocking * @param aReferrerURI the 'referring' URI * @param aLoadingPrincipal the principal of the loading document * @param aLoadGroup Loadgroup to put the image load into @@ -55,7 +55,7 @@ interface imgILoader : nsISupports * goes away. */ imgIRequest loadImageXPCOM(in nsIURI aURI, - in nsIURI aFirstPartyURI, + in nsIURI aFirstPartyIsolationURI, in nsIURI aReferrerURI, in nsIPrincipal aLoadingPrincipal, in nsILoadGroup aLoadGroup, diff --git a/image/src/imgLoader.cpp b/image/src/imgLoader.cpp index 7e20aba..60a6b6d 100644 --- a/image/src/imgLoader.cpp +++ b/image/src/imgLoader.cpp @@ -427,7 +427,7 @@ static nsresult NewImageChannel(nsIChannel **aResult, // aLoadingPrincipal and false otherwise. bool *aForcePrincipalCheckForCacheEntry, nsIURI *aURI, - nsIURI *aFirstPartyURI, + nsIURI *aFirstPartyIsolationURI, nsIURI *aReferringURI, nsILoadGroup *aLoadGroup, const nsCString& aAcceptHeader, @@ -479,7 +479,7 @@ static nsresult NewImageChannel(nsIChannel **aResult, nsCOMPtr<nsIHttpChannelInternal> httpChannelInternal = do_QueryInterface(newHttpChannel); NS_ENSURE_TRUE(httpChannelInternal, NS_ERROR_UNEXPECTED); - httpChannelInternal->SetDocumentURI(aFirstPartyURI); + httpChannelInternal->SetDocumentURI(aFirstPartyIsolationURI); newHttpChannel->SetReferrer(aReferringURI); } @@ -1107,7 +1107,7 @@ bool imgLoader::SetHasNoProxies(nsIURI *imgURI, imgCacheEntry *entry) return true; } -bool imgLoader::SetHasProxies(nsIURI *firstPartyURI, nsIURI *imgURI) +bool imgLoader::SetHasProxies(nsIURI *firstPartyIsolationURI, nsIURI *imgURI) { VerifyCacheSizes(); @@ -1118,7 +1118,7 @@ bool imgLoader::SetHasProxies(nsIURI *firstPartyURI, nsIURI *imgURI) LOG_STATIC_FUNC_WITH_PARAM(GetImgLog(), "imgLoader::SetHasProxies", "uri", spec.get()); - nsAutoCString key = GetCacheKey(firstPartyURI, imgURI, nullptr); + nsAutoCString key = GetCacheKey(firstPartyIsolationURI, imgURI, nullptr); nsRefPtr<imgCacheEntry> entry; if (cache.Get(key, getter_AddRefs(entry)) && entry && entry->HasNoProxies()) { imgCacheQueue &queue = GetCacheQueue(imgURI); @@ -1173,7 +1173,7 @@ void imgLoader::CheckCacheLimits(imgCacheTable &cache, imgCacheQueue &queue) bool imgLoader::ValidateRequestWithNewChannel(imgRequest *request, nsIURI *aURI, - nsIURI *aFirstPartyURI, + nsIURI *aFirstPartyIsolationURI, nsIURI *aReferrerURI, nsILoadGroup *aLoadGroup, imgINotificationObserver *aObserver, @@ -1223,7 +1223,7 @@ bool imgLoader::ValidateRequestWithNewChannel(imgRequest *request, rv = NewImageChannel(getter_AddRefs(newChannel), &forcePrincipalCheck, aURI, - aFirstPartyURI, + aFirstPartyIsolationURI, aReferrerURI, aLoadGroup, mAcceptHeader, @@ -1293,7 +1293,7 @@ bool imgLoader::ValidateRequestWithNewChannel(imgRequest *request, bool imgLoader::ValidateEntry(imgCacheEntry *aEntry, nsIURI *aURI, - nsIURI *aFirstPartyURI, + nsIURI *aFirstPartyIsolationURI, nsIURI *aReferrerURI, nsILoadGroup *aLoadGroup, imgINotificationObserver *aObserver, @@ -1404,7 +1404,7 @@ bool imgLoader::ValidateEntry(imgCacheEntry *aEntry, if (validateRequest && aCanMakeNewChannel) { LOG_SCOPE(GetImgLog(), "imgLoader::ValidateRequest |cache hit| must validate"); - return ValidateRequestWithNewChannel(request, aURI, aFirstPartyURI, + return ValidateRequestWithNewChannel(request, aURI, aFirstPartyIsolationURI, aReferrerURI, aLoadGroup, aObserver, aCX, aLoadFlags, aProxyRequest, aPolicy, aLoadingPrincipal, aCORSMode); @@ -1475,12 +1475,12 @@ bool imgLoader::RemoveFromCache(imgCacheEntry *entry) nsRefPtr<imgRequest> request(getter_AddRefs(entry->GetRequest())); if (request) { nsCOMPtr<nsIURI> imgURI = request->mURI; - nsCOMPtr<nsIURI> firstPartyURI = request->mFirstPartyURI; + nsCOMPtr<nsIURI> firstPartyIsolationURI = request->mFirstPartyIsolationURI; if (imgURI) { imgCacheTable &cache = GetCache(imgURI); imgCacheQueue &queue = GetCacheQueue(imgURI); - nsAutoCString spec = GetCacheKey(firstPartyURI, imgURI, nullptr); + nsAutoCString spec = GetCacheKey(firstPartyIsolationURI, imgURI, nullptr); LOG_STATIC_FUNC_WITH_PARAM(GetImgLog(), "imgLoader::RemoveFromCache", "entry's uri", spec.get()); @@ -1576,7 +1576,7 @@ NS_IMETHODIMP imgLoader::LoadImageXPCOM(nsIURI *aURI, /* imgIRequest loadImage (in nsIURI aURI, in nsIURI aUrlBarURI, in nsIPrincipal loadingPrincipal, in nsILoadGroup aLoadGroup, in imgIDecoderObserver aObserver, in nsISupports aCX, in nsLoadFlags aLoadFlags, in nsISupports cacheKey, in imgIRequest aRequest); */ nsresult imgLoader::LoadImage(nsIURI *aURI, - nsIURI *aFirstPartyURI, + nsIURI *aFirstPartyIsolationURI, nsIURI *aReferrerURI, nsIPrincipal* aLoadingPrincipal, nsILoadGroup *aLoadGroup, @@ -1595,7 +1595,7 @@ nsresult imgLoader::LoadImage(nsIURI *aURI, return NS_ERROR_NULL_POINTER; bool isIsolated = false; - nsAutoCString spec = GetCacheKey(aFirstPartyURI, aURI, &isIsolated); + nsAutoCString spec = GetCacheKey(aFirstPartyIsolationURI, aURI, &isIsolated); LOG_SCOPE_WITH_PARAM(GetImgLog(), "imgLoader::LoadImage", "aURI", spec.get()); @@ -1662,7 +1662,7 @@ nsresult imgLoader::LoadImage(nsIURI *aURI, imgCacheTable &cache = GetCache(aURI); if (cache.Get(spec, getter_AddRefs(entry)) && entry) { - if (ValidateEntry(entry, aURI, aFirstPartyURI, aReferrerURI, + if (ValidateEntry(entry, aURI, aFirstPartyIsolationURI, aReferrerURI, aLoadGroup, aObserver, aCX, requestFlags, true, _retval, aPolicy, aLoadingPrincipal, corsmode)) { request = getter_AddRefs(entry->GetRequest()); @@ -1701,7 +1701,7 @@ nsresult imgLoader::LoadImage(nsIURI *aURI, rv = NewImageChannel(getter_AddRefs(newChannel), &forcePrincipalCheck, aURI, - aFirstPartyURI, + aFirstPartyIsolationURI, aReferrerURI, aLoadGroup, mAcceptHeader, @@ -1729,7 +1729,7 @@ nsresult imgLoader::LoadImage(nsIURI *aURI, childLoadGroup->SetParentLoadGroup(aLoadGroup); newChannel->SetLoadGroup(loadGroup); - request->Init(aURI, aURI, aFirstPartyURI, loadGroup, newChannel, entry, + request->Init(aURI, aURI, aFirstPartyIsolationURI, loadGroup, newChannel, entry, aCX, aLoadingPrincipal, corsmode); // Pass the inner window ID of the loading document, if possible. @@ -1838,7 +1838,7 @@ nsresult imgLoader::LoadImage(nsIURI *aURI, return NS_OK; } -nsAutoCString imgLoader::GetCacheKey(nsIURI *firstPartyURI, nsIURI *imgURI, +nsAutoCString imgLoader::GetCacheKey(nsIURI *firstPartyIsolationURI, nsIURI *imgURI, bool *isIsolated) { NS_ASSERTION(imgURI, "imgLoader::GetCacheKey -- NULL imgURI"); @@ -1850,37 +1850,21 @@ nsAutoCString imgLoader::GetCacheKey(nsIURI *firstPartyURI, nsIURI *imgURI, imgURI->GetSpec(spec); nsAutoCString hostKey; - if (firstPartyURI && sThirdPartyUtilSvc) - sThirdPartyUtilSvc->GetFirstPartyHostForIsolation(firstPartyURI, hostKey); + if (firstPartyIsolationURI && sThirdPartyUtilSvc) + sThirdPartyUtilSvc->GetFirstPartyHostForIsolation(firstPartyIsolationURI, hostKey); if (hostKey.Length() > 0) { if (isIsolated) *isIsolated = true; + // Make a new key using host + // FIXME: This might involve a couple more copies than necessary.. + // But man, 18 string types? Who knows which one I need to use to do + // this cheaply.. + return hostKey + nsAutoCString("&") + spec; } else { - hostKey = "--NoFirstParty--"; - nsCOMPtr<nsIConsoleService> consoleSvc = - do_GetService(NS_CONSOLESERVICE_CONTRACTID); - if (consoleSvc) { - nsAutoString msg(NS_LITERAL_STRING( - "imgLoader::GetCacheKey: NULL firstPartyURI for ") - .get()); - if (!spec.IsEmpty()) - msg.AppendASCII(spec.get()); - else - msg.Append(NS_LITERAL_STRING("Unknown URI!").get()); - consoleSvc->LogStringMessage(msg.get()); - } - -#ifdef DEBUG - printf("imgLoader::GetCacheKey: NULL firstPartyURI for %s\n", spec.get()); -#endif + // No hostKey found, so don't isolate image to a first party. + return spec; } - - // Make a new key using host - // FIXME: This might involve a couple more copies than necessary.. - // But man, 18 string types? Who knows which one I need to use to do - // this cheaply.. - return hostKey + nsAutoCString("&") + spec; } /* imgIRequest loadImageWithChannelXPCOM(in nsIChannel channel, in imgINotificationObserver aObserver, in nsISupports cx, out nsIStreamListener); */ @@ -1911,16 +1895,16 @@ nsresult imgLoader::LoadImageWithChannel(nsIChannel *channel, imgINotificationOb nsCOMPtr<nsIURI> uri; channel->GetURI(getter_AddRefs(uri)); - nsCOMPtr<nsIURI> firstPartyURI; - sThirdPartyUtilSvc->GetFirstPartyURI(channel, nullptr, - getter_AddRefs(firstPartyURI)); + nsCOMPtr<nsIURI> firstPartyIsolationURI; + sThirdPartyUtilSvc->GetFirstPartyIsolationURI(channel, nullptr, + getter_AddRefs(firstPartyIsolationURI)); nsLoadFlags requestFlags = nsIRequest::LOAD_NORMAL; channel->GetLoadFlags(&requestFlags); nsRefPtr<imgCacheEntry> entry; imgCacheTable &cache = GetCache(uri); - nsAutoCString spec = GetCacheKey(firstPartyURI, uri, nullptr); + nsAutoCString spec = GetCacheKey(firstPartyIsolationURI, uri, nullptr); if (requestFlags & nsIRequest::LOAD_BYPASS_CACHE) { imgCacheQueue &queue = GetCacheQueue(uri); @@ -2001,7 +1985,7 @@ nsresult imgLoader::LoadImageWithChannel(nsIChannel *channel, imgINotificationOb channel->GetOriginalURI(getter_AddRefs(originalURI)); // No principal specified here, because we're not passed one. - request->Init(originalURI, uri, firstPartyURI, channel, channel, entry, + request->Init(originalURI, uri, firstPartyIsolationURI, channel, channel, entry, aCX, nullptr, imgIRequest::CORS_NONE); ProxyListener *pl = new ProxyListener(static_cast<nsIStreamListener *>(request.get())); @@ -2013,7 +1997,7 @@ nsresult imgLoader::LoadImageWithChannel(nsIChannel *channel, imgINotificationOb NS_RELEASE(pl); bool isIsolated = false; - nsAutoCString key = GetCacheKey(firstPartyURI, originalURI, &isIsolated); + nsAutoCString key = GetCacheKey(firstPartyIsolationURI, originalURI, &isIsolated); if (isIsolated) // Try to add the new request into the cache. PutIntoCache(key, entry); @@ -2301,7 +2285,7 @@ NS_IMETHODIMP imgCacheValidator::OnStartRequest(nsIRequest *aRequest, nsISupport int32_t corsmode = mRequest->GetCORSMode(); nsCOMPtr<nsIPrincipal> loadingPrincipal = mRequest->GetLoadingPrincipal(); - nsCOMPtr<nsIURI> firstPartyURI = mRequest->mFirstPartyURI; + nsCOMPtr<nsIURI> firstPartyIsolationURI = mRequest->mFirstPartyIsolationURI; // Doom the old request's cache entry mRequest->RemoveFromCache(); @@ -2312,7 +2296,7 @@ NS_IMETHODIMP imgCacheValidator::OnStartRequest(nsIRequest *aRequest, nsISupport // We use originalURI here to fulfil the imgIRequest contract on GetURI. nsCOMPtr<nsIURI> originalURI; channel->GetOriginalURI(getter_AddRefs(originalURI)); - mNewRequest->Init(originalURI, uri, firstPartyURI, aRequest, channel, + mNewRequest->Init(originalURI, uri, firstPartyIsolationURI, aRequest, channel, mNewEntry, mContext, loadingPrincipal, corsmode); mDestListener = new ProxyListener(mNewRequest); @@ -2321,7 +2305,7 @@ NS_IMETHODIMP imgCacheValidator::OnStartRequest(nsIRequest *aRequest, nsISupport // the cache before the proxies' ownership changes, because adding a proxy // changes the caching behaviour for imgRequests. bool isIsolated = false; - nsAutoCString key = mImgLoader->GetCacheKey(firstPartyURI, originalURI, + nsAutoCString key = mImgLoader->GetCacheKey(firstPartyIsolationURI, originalURI, &isIsolated); if (isIsolated) mImgLoader->PutIntoCache(key, mNewEntry); diff --git a/image/src/imgLoader.h b/image/src/imgLoader.h index 0ab4a5e..3a31ecd 100644 --- a/image/src/imgLoader.h +++ b/image/src/imgLoader.h @@ -267,7 +267,7 @@ public: nsresult InitCache(); - nsAutoCString GetCacheKey(nsIURI *firstPartyURI, + nsAutoCString GetCacheKey(nsIURI *firstPartyIsolationURI, nsIURI *imgURI, bool *isIsolated); bool RemoveFromCache(imgCacheEntry *entry); @@ -312,12 +312,12 @@ public: // happens, by calling imgRequest::SetCacheEntry() when an entry with no // observers is re-requested. bool SetHasNoProxies(nsIURI *imgURI, imgCacheEntry *entry); - bool SetHasProxies(nsIURI *firstPartyURI, nsIURI *imgURI); + bool SetHasProxies(nsIURI *firstPartyIsolationURI, nsIURI *imgURI); private: // methods bool ValidateEntry(imgCacheEntry *aEntry, nsIURI *aURI, - nsIURI *aFirstPartyURI, nsIURI *aReferrerURI, + nsIURI *aFirstPartyIsolationURI, nsIURI *aReferrerURI, nsILoadGroup *aLoadGroup, imgINotificationObserver *aObserver, nsISupports *aCX, nsLoadFlags aLoadFlags, bool aCanMakeNewChannel, diff --git a/image/src/imgRequest.cpp b/image/src/imgRequest.cpp index 9040679..5758d62 100644 --- a/image/src/imgRequest.cpp +++ b/image/src/imgRequest.cpp @@ -89,7 +89,7 @@ imgRequest::~imgRequest() nsresult imgRequest::Init(nsIURI *aURI, nsIURI *aCurrentURI, - nsIURI *aFirstPartyURI, + nsIURI *aFirstPartyIsolationURI, nsIRequest *aRequest, nsIChannel *aChannel, imgCacheEntry *aCacheEntry, @@ -109,7 +109,7 @@ nsresult imgRequest::Init(nsIURI *aURI, mURI = aURI; mCurrentURI = aCurrentURI; - mFirstPartyURI = aFirstPartyURI; + mFirstPartyIsolationURI = aFirstPartyIsolationURI; mRequest = aRequest; mChannel = aChannel; mTimedChannel = do_QueryInterface(mChannel); @@ -171,7 +171,7 @@ void imgRequest::AddProxy(imgRequestProxy *proxy) // proxies. if (GetStatusTracker().ConsumerCount() == 0) { NS_ABORT_IF_FALSE(mURI, "Trying to SetHasProxies without key uri."); - mLoader->SetHasProxies(mFirstPartyURI, mURI); + mLoader->SetHasProxies(mFirstPartyIsolationURI, mURI); } GetStatusTracker().AddConsumer(proxy); @@ -301,7 +301,7 @@ void imgRequest::RemoveFromCache() else { mLoader->RemoveKeyFromCache(mLoader->GetCache(mURI), mLoader->GetCacheQueue(mURI), - mLoader->GetCacheKey(mFirstPartyURI, mURI, nullptr)); + mLoader->GetCacheKey(mFirstPartyIsolationURI, mURI, nullptr)); } } diff --git a/image/src/imgRequest.h b/image/src/imgRequest.h index 240a33b..f80af17 100644 --- a/image/src/imgRequest.h +++ b/image/src/imgRequest.h @@ -51,7 +51,7 @@ public: nsresult Init(nsIURI *aURI, nsIURI *aCurrentURI, - nsIURI *aFirstPartyURI, + nsIURI *aFirstPartyIsolationURI, nsIRequest *aRequest, nsIChannel *aChannel, imgCacheEntry *aCacheEntry, @@ -195,7 +195,7 @@ private: // The URI of the resource we ended up loading after all redirects, etc. nsCOMPtr<nsIURI> mCurrentURI; // The first party that triggered the load -- for cookie + cache isolation - nsCOMPtr<nsIURI> mFirstPartyURI; + nsCOMPtr<nsIURI> mFirstPartyIsolationURI; // The principal of the document which loaded this image. Used when validating for CORS. nsCOMPtr<nsIPrincipal> mLoadingPrincipal; // The principal of this image. diff --git a/layout/generic/nsImageFrame.cpp b/layout/generic/nsImageFrame.cpp index 8f4bf25..6daa959 100644 --- a/layout/generic/nsImageFrame.cpp +++ b/layout/generic/nsImageFrame.cpp @@ -1810,26 +1810,26 @@ nsImageFrame::LoadIcon(const nsAString& aSpec, // For icon loads, we don't need to merge with the loadgroup flags nsLoadFlags loadFlags = nsIRequest::LOAD_NORMAL; - nsCOMPtr<nsIURI> firstPartyURI; + nsCOMPtr<nsIURI> firstPartyIsolationURI; nsCOMPtr<mozIThirdPartyUtil> thirdPartySvc = do_GetService(THIRDPARTYUTIL_CONTRACTID); // XXX: Should we pass the loadgroup, too? Is document ever likely // to be unset? - thirdPartySvc->GetFirstPartyURI(nullptr, aPresContext->Document(), - getter_AddRefs(firstPartyURI)); + thirdPartySvc->GetFirstPartyIsolationURI(nullptr, aPresContext->Document(), + getter_AddRefs(firstPartyIsolationURI)); - return il->LoadImage(realURI, /* icon URI */ - firstPartyURI, /* initial document URI; this is only - relevant for cookies, so does not - apply to icons. */ - nullptr, /* referrer (not relevant for icons) */ - nullptr, /* principal (not relevant for icons) */ + return il->LoadImage(realURI, /* icon URI */ + firstPartyIsolationURI, /* initial document URI; this is only + relevant for cookies, so does not + apply to icons. */ + nullptr, /* referrer (not relevant for icons) */ + nullptr, /* principal (not relevant for icons) */ loadGroup, gIconLoad, - nullptr, /* Not associated with any particular document */ + nullptr, /* Not associated with any particular document */ loadFlags, nullptr, - nullptr, /* channel policy not needed */ + nullptr, /* channel policy not needed */ aRequest); } diff --git a/netwerk/base/public/mozIThirdPartyUtil.idl b/netwerk/base/public/mozIThirdPartyUtil.idl index 6137274..87fb630 100644 --- a/netwerk/base/public/mozIThirdPartyUtil.idl +++ b/netwerk/base/public/mozIThirdPartyUtil.idl @@ -165,6 +165,29 @@ interface mozIThirdPartyUtil : nsISupports in nsIDocument aDoc); /** + * getFirstPartyIsolationURI + * + * If first-party isolation is active, then + * obtains the top-level url bar URI for either a channel or a document. + * Otherwise returns null. + * Either parameter may be null (but not both). + * + * @param aChannel + * An arbitrary channel for some content element of a first party + * load. Can be null. + * + * @param aDoc + * An arbitrary third party document. Can be null. + * + * @return the first party url bar URI for the load. + * + * @throws if the URI cannot be obtained or the URI lacks a hostname and the + * URI's scheme is not white listed. + */ + [noscript] nsIURI getFirstPartyIsolationURI(in nsIChannel aChannel, + in nsIDocument aDoc); + + /** * getFirstPartyURIFromChannel * * Obtain the top-level url bar URI for a channel. diff --git a/widget/cocoa/nsMenuItemIconX.mm b/widget/cocoa/nsMenuItemIconX.mm index bd1f2f3..397239e 100644 --- a/widget/cocoa/nsMenuItemIconX.mm +++ b/widget/cocoa/nsMenuItemIconX.mm @@ -314,15 +314,15 @@ nsMenuItemIconX::LoadIcon(nsIURI* aIconURI) [mNativeMenuItem setImage:sPlaceholderIconImage]; } - nsCOMPtr<nsIURI> firstPartyURI; + nsCOMPtr<nsIURI> firstPartyIsolationURI; nsCOMPtr<mozIThirdPartyUtil> thirdPartySvc = do_GetService(THIRDPARTYUTIL_CONTRACTID); - thirdPartySvc->GetFirstPartyURI(nullptr, document, - getter_AddRefs(firstPartyURI)); + thirdPartySvc->GetFirstPartyIsolationURI(nullptr, document, + getter_AddRefs(firstPartyIsolationURI)); // Passing in null for channelPolicy here since nsMenuItemIconX::LoadIcon is // not exposed to web content - nsresult rv = loader->LoadImage(aIconURI, firstPartyURI, nullptr, nullptr, loadGroup, this, + nsresult rv = loader->LoadImage(aIconURI, firstPartyIsolationURI, nullptr, nullptr, loadGroup, this, nullptr, nsIRequest::LOAD_NORMAL, nullptr, nullptr, getter_AddRefs(mIconRequest)); if (NS_FAILED(rv)) return rv;