[tor-commits] [torbutton/master] Bug #8167: Update cache isolation to use getFirstPartyURIFromChannel()

[mikeperry at torproject.org]

commit 46dda37f29379b74cb43460befd90792065df8e9
Author: Kathy Brade <brade at pearlcrescent.com>
Date:   Sun Dec 8 21:08:37 2013 -0800

    Bug #8167: Update cache isolation to use getFirstPartyURIFromChannel()
    
    Required for cache isolation under FF24.
---
 src/chrome/content/stanford-safecache.js |   22 ++++++++++++++++++----
 1 file changed, 18 insertions(+), 4 deletions(-)

diff --git a/src/chrome/content/stanford-safecache.js b/src/chrome/content/stanford-safecache.js
index 48f6d88..0ef52ad 100644
--- a/src/chrome/content/stanford-safecache.js
+++ b/src/chrome/content/stanford-safecache.js
@@ -61,7 +61,10 @@ function SSC_dump(msg) {
 
 function SSC_RequestListener(controller) {
   this.controller = controller;
-  this.cookie_permissions = Cc["@mozilla.org/cookie/permission;1"].getService(Ci.nsICookiePermission);
+  this.thirdPartyUtil = Cc["@mozilla.org/thirdpartyutil;1"].
+                            getService(Ci.mozIThirdPartyUtil);
+  this.cookie_permissions = Cc["@mozilla.org/cookie/permission;1"].
+                                getService(Ci.nsICookiePermission);
 }
 
 SSC_RequestListener.prototype =
@@ -77,11 +80,13 @@ SSC_RequestListener.prototype =
         subject.QueryInterface(Components.interfaces.nsIHttpChannel);
         subject.QueryInterface(Components.interfaces.nsIHttpChannelInternal);
         subject.QueryInterface(Components.interfaces.nsICachingChannel);
+        subject.QueryInterface(Components.interfaces.nsIChannel);
         this.onModifyRequest(subject);
       } else if (topic == 'http-on-examine-response') {
         subject.QueryInterface(Components.interfaces.nsIHttpChannel);
         subject.QueryInterface(Components.interfaces.nsIHttpChannelInternal);
         subject.QueryInterface(Components.interfaces.nsICachingChannel);
+        subject.QueryInterface(Components.interfaces.nsIChannel);
         this.onExamineResponse(subject);
       }
     } catch(e) {try {torbutton_log(4, "SSC: "+e);} catch(ex) {}} 
@@ -135,13 +140,22 @@ SSC_RequestListener.prototype =
     } else if(!parent_host) {
       // Questionable first party interaction..
       try {
-        var anuri = this.cookie_permissions.getOriginatingURI(channel);
+        var anuri = null;
+        try {
+          anuri = this.thirdPartyUtil.getFirstPartyURIFromChannel(channel, false);
+        } catch (e) {
+          torbutton_safelog(2, "FirstParty API failed to get parent: "+e+" ", channel.URI.spec);
+          // We are not using the TBB based on ESR 24. Falling back to the old
+          // method.
+          anuri = this.cookie_permissions.getOriginatingURI(channel);
+        }
         parent_host = anuri.host;
         parent_spec = anuri.spec;
       } catch(e) {
-        torbutton_safelog(2, "Cookie API failed to get parent: "+e,channel.URI.spec);
+        // XXX: This can still fail for OCSP and other windowless requests..
+        torbutton_safelog(3, "Cookie API failed to get parent: "+e+" ",channel.URI.spec);
         if (!channel.referrer) {
-          torbutton_safelog(3, "SSC: No parent for ", channel.URI.spec);
+          torbutton_safelog(3, "SSC: No cache isolation parent for ", channel.URI.spec);
         } else {
           parent_host = channel.referrer.host;
           parent_spec = channel.referrer.spec;