commit d8b12ca703cd530b5c7684be00d5979fb1543705 Author: Arthur Edelstein arthuredelstein@gmail.com Date: Wed Apr 19 15:54:41 2017 -0700

Bug 21569: Add first-party domain to Permissions key --- .../originattributes/test/browser/browser.ini | 1 + .../test/browser/browser_permissions_isolation.js | 46 ++++++++++++++++++++++ caps/BasePrincipal.cpp | 24 ----------- caps/BasePrincipal.h | 4 -- dom/permission/PermissionStatus.cpp | 2 +- extensions/cookie/nsPermission.cpp | 4 +- extensions/cookie/nsPermissionManager.cpp | 9 ----- 7 files changed, 50 insertions(+), 40 deletions(-)

diff --git a/browser/components/originattributes/test/browser/browser.ini b/browser/components/originattributes/test/browser/browser.ini index d503e9e..6de2ce9 100644 --- a/browser/components/originattributes/test/browser/browser.ini +++ b/browser/components/originattributes/test/browser/browser.ini @@ -70,3 +70,4 @@ support-files = [browser_clientAuth.js] [browser_cacheAPI.js] [browser_permissions.js] +[browser_permissions_isolation.js] diff --git a/browser/components/originattributes/test/browser/browser_permissions_isolation.js b/browser/components/originattributes/test/browser/browser_permissions_isolation.js new file mode 100644 index 0000000..0fd5355 --- /dev/null +++ b/browser/components/originattributes/test/browser/browser_permissions_isolation.js @@ -0,0 +1,46 @@ +/** + * Tor Bug 21569 - A test case for permissions isolation. + */ + +const TEST_PAGE = "http://mochi.test:8888/browser/browser/components/" + + "originattributes/test/browser/file_firstPartyBasic.html"; + +function* init() { + let permPromise = TestUtils.topicObserved("perm-changed"); + Services.perms.removeAll(); + info("called removeAll"); + yield permPromise; + info("cleared permissions for new test"); +} + +// Define the testing function +function* doTest(aBrowser) { + // Promise will result when permissions popup appears: + let popupShowPromise = BrowserTestUtils.waitForEvent(PopupNotifications.panel, "popupshown"); + let originalStatus = yield ContentTask.spawn(aBrowser, null, function* (key) { + let status = (yield content.navigator.permissions.query({name: "notifications"})).state; + content.Notification.requestPermission(); + return status; + }); + info(`originalStatus: '${originalStatus}'`); + if (originalStatus === "prompt") { + // Wait for the popup requesting permission to show notifications: + yield popupShowPromise; + let popupHidePromise = BrowserTestUtils.waitForEvent(PopupNotifications.panel, "popuphidden"); + let popupNotification = PopupNotifications.panel.childNodes[0]; + // Click to grant permission: + popupNotification.button.click(); + // Wait for popup to hide again. + yield popupHidePromise; + } + return originalStatus; +} + +add_task(function* () { + yield SpecialPowers.pushPrefEnv({ + set: [["dom.webnotifications.enabled", true]] + }); + IsolationTestTools.runTests(TEST_PAGE, doTest, + (isolated, val1, val2) => (isolated === ( val2 === "prompt")), + init, true); +}); diff --git a/caps/BasePrincipal.cpp b/caps/BasePrincipal.cpp index 836adcb..584cb41 100644 --- a/caps/BasePrincipal.cpp +++ b/caps/BasePrincipal.cpp @@ -61,13 +61,6 @@ PrincipalOriginAttributes::InheritFromNecko(const NeckoOriginAttributes& aAttrs) }

void -PrincipalOriginAttributes::StripUserContextIdAndFirstPartyDomain() -{ - mUserContextId = nsIScriptSecurityManager::DEFAULT_USER_CONTEXT_ID; - mFirstPartyDomain.Truncate(); -} - -void DocShellOriginAttributes::InheritFromDocToChildDocShell(const PrincipalOriginAttributes& aAttrs) { mAppId = aAttrs.mAppId; @@ -727,23 +720,6 @@ BasePrincipal::CreateCodebasePrincipal(const nsACString& aOrigin) return BasePrincipal::CreateCodebasePrincipal(uri, attrs); }

-already_AddRefed<BasePrincipal> -BasePrincipal::CloneStrippingUserContextIdAndFirstPartyDomain() -{ - PrincipalOriginAttributes attrs = OriginAttributesRef(); - attrs.StripUserContextIdAndFirstPartyDomain(); - - nsAutoCString originNoSuffix; - nsresult rv = GetOriginNoSuffix(originNoSuffix); - NS_ENSURE_SUCCESS(rv, nullptr); - - nsCOMPtr<nsIURI> uri; - rv = NS_NewURI(getter_AddRefs(uri), originNoSuffix); - NS_ENSURE_SUCCESS(rv, nullptr); - - return BasePrincipal::CreateCodebasePrincipal(uri, attrs); -} - bool BasePrincipal::AddonAllowsLoad(nsIURI* aURI) { diff --git a/caps/BasePrincipal.h b/caps/BasePrincipal.h index 4c9ad9c..963b6ab 100644 --- a/caps/BasePrincipal.h +++ b/caps/BasePrincipal.h @@ -107,8 +107,6 @@ public:

// Inherit OriginAttributes from Necko. void InheritFromNecko(const NeckoOriginAttributes& aAttrs); - - void StripUserContextIdAndFirstPartyDomain(); };

// For OriginAttributes stored on docshells / loadcontexts / browsing contexts. @@ -311,8 +309,6 @@ public:

virtual PrincipalKind Kind() = 0;

- already_AddRefed<BasePrincipal> CloneStrippingUserContextIdAndFirstPartyDomain(); - protected: virtual ~BasePrincipal();

diff --git a/dom/permission/PermissionStatus.cpp b/dom/permission/PermissionStatus.cpp index 680ece1..850dcee 100644 --- a/dom/permission/PermissionStatus.cpp +++ b/dom/permission/PermissionStatus.cpp @@ -107,7 +107,7 @@ PermissionStatus::GetPrincipal() const }

nsCOMPtr<nsIPrincipal> principal = - mozilla::BasePrincipal::Cast(doc->NodePrincipal())->CloneStrippingUserContextIdAndFirstPartyDomain(); + mozilla::BasePrincipal::Cast(doc->NodePrincipal()); NS_ENSURE_TRUE(principal, nullptr);

return principal.forget(); diff --git a/extensions/cookie/nsPermission.cpp b/extensions/cookie/nsPermission.cpp index 3d1eb14..3dac32e 100644 --- a/extensions/cookie/nsPermission.cpp +++ b/extensions/cookie/nsPermission.cpp @@ -36,7 +36,7 @@ nsPermission::Create(nsIPrincipal* aPrincipal, { NS_ENSURE_TRUE(aPrincipal, nullptr); nsCOMPtr<nsIPrincipal> principal = - mozilla::BasePrincipal::Cast(aPrincipal)->CloneStrippingUserContextIdAndFirstPartyDomain(); + mozilla::BasePrincipal::Cast(aPrincipal);

NS_ENSURE_TRUE(principal, nullptr);

@@ -90,7 +90,7 @@ nsPermission::Matches(nsIPrincipal* aPrincipal, bool aExactHost, bool* aMatches) *aMatches = false;

nsCOMPtr<nsIPrincipal> principal = - mozilla::BasePrincipal::Cast(aPrincipal)->CloneStrippingUserContextIdAndFirstPartyDomain(); + mozilla::BasePrincipal::Cast(aPrincipal);

if (!principal) { *aMatches = false; diff --git a/extensions/cookie/nsPermissionManager.cpp b/extensions/cookie/nsPermissionManager.cpp index d3696dd..860531b 100644 --- a/extensions/cookie/nsPermissionManager.cpp +++ b/extensions/cookie/nsPermissionManager.cpp @@ -122,9 +122,6 @@ GetOriginFromPrincipal(nsIPrincipal* aPrincipal, nsACString& aOrigin) // any knowledge of private browsing. Allowing it to be true changes the suffix being hashed. attrs.mPrivateBrowsingId = 0;

- // Disable userContext and firstParty isolation for permissions. - attrs.StripUserContextIdAndFirstPartyDomain(); - attrs.CreateSuffix(suffix); aOrigin.Append(suffix); return NS_OK; @@ -139,9 +136,6 @@ GetPrincipalFromOrigin(const nsACString& aOrigin, nsIPrincipal** aPrincipal) return NS_ERROR_FAILURE; }

- // Disable userContext and firstParty isolation for permissions. - attrs.StripUserContextIdAndFirstPartyDomain(); - nsCOMPtr<nsIURI> uri; nsresult rv = NS_NewURI(getter_AddRefs(uri), originNoSuffix); NS_ENSURE_SUCCESS(rv, rv); @@ -2201,9 +2195,6 @@ nsPermissionManager::GetPermissionHashKey(nsIPrincipal* aPrincipal, mozilla::PrincipalOriginAttributes attrs = mozilla::BasePrincipal::Cast(aPrincipal)->OriginAttributesRef();

- // Disable userContext and firstParty isolation for permissions. - attrs.StripUserContextIdAndFirstPartyDomain(); - nsCOMPtr<nsIPrincipal> principal = mozilla::BasePrincipal::CreateCodebasePrincipal(newURI, attrs);