forked from mirrors/gecko-dev
Bug 1706121 - part5 : prevent using MFCDM under the private browsing mode. r=media-playback-reviewers,padenot
For GMP CDM, we will use in-memory storage for it under the private browsing mode, but we can't do that for MFCDM. Therefore, we should disable it under the private browsing mode to prevent any user data leak. Differential Revision: https://phabricator.services.mozilla.com/D210070
This commit is contained in:
alwu
parent
b8619b6348
commit
1f5d7f95bc
10 changed files with 46 additions and 21 deletions
|
|
@ -295,8 +295,8 @@ void KeySystemConfig::GetGMPKeySystemConfigs(dom::Promise* aPromise) {
|
|||
continue;
|
||||
}
|
||||
#endif
|
||||
requests.AppendElement(
|
||||
KeySystemConfigRequest{keySystem, DecryptionInfo::Software});
|
||||
requests.AppendElement(KeySystemConfigRequest{
|
||||
keySystem, DecryptionInfo::Software, false /* IsPrivateBrowsing */});
|
||||
}
|
||||
|
||||
// Get supported configs
|
||||
|
|
|
|||
|
|
@ -202,10 +202,14 @@ struct KeySystemConfig {
|
|||
|
||||
struct KeySystemConfigRequest final {
|
||||
KeySystemConfigRequest(const nsAString& aKeySystem,
|
||||
KeySystemConfig::DecryptionInfo aDecryption)
|
||||
: mKeySystem(aKeySystem), mDecryption(aDecryption) {}
|
||||
KeySystemConfig::DecryptionInfo aDecryption,
|
||||
bool aIsPrivateBrowsing)
|
||||
: mKeySystem(aKeySystem),
|
||||
mDecryption(aDecryption),
|
||||
mIsPrivateBrowsing(aIsPrivateBrowsing) {}
|
||||
const nsString mKeySystem;
|
||||
const KeySystemConfig::DecryptionInfo mDecryption;
|
||||
const bool mIsPrivateBrowsing;
|
||||
};
|
||||
|
||||
KeySystemConfig::SessionType ConvertToKeySystemConfigSessionType(
|
||||
|
|
|
|||
|
|
@ -62,7 +62,11 @@ MediaKeySession::MediaKeySession(nsPIDOMWindowInner* aParent, MediaKeys* aKeys,
|
|||
mUninitialized(true),
|
||||
mKeyStatusMap(new MediaKeyStatusMap(aParent)),
|
||||
mExpiration(JS::GenericNaN()),
|
||||
mHardwareDecryption(aHardwareDecryption) {
|
||||
mHardwareDecryption(aHardwareDecryption),
|
||||
mIsPrivateBrowsing(
|
||||
aParent->GetExtantDoc() &&
|
||||
aParent->GetExtantDoc()->NodePrincipal()->GetPrivateBrowsingId() >
|
||||
0) {
|
||||
EME_LOG("MediaKeySession[%p,''] ctor", this);
|
||||
|
||||
MOZ_ASSERT(aParent);
|
||||
|
|
@ -250,8 +254,8 @@ already_AddRefed<Promise> MediaKeySession::GenerateRequest(
|
|||
// cdm implementation value does not support initDataType as an
|
||||
// Initialization Data Type, return a promise rejected with a
|
||||
// NotSupportedError. String comparison is case-sensitive.
|
||||
MediaKeySystemAccess::KeySystemSupportsInitDataType(mKeySystem, aInitDataType,
|
||||
mHardwareDecryption)
|
||||
MediaKeySystemAccess::KeySystemSupportsInitDataType(
|
||||
mKeySystem, aInitDataType, mHardwareDecryption, mIsPrivateBrowsing)
|
||||
->Then(GetMainThreadSerialEventTarget(), __func__,
|
||||
[self = RefPtr<MediaKeySession>{this}, this,
|
||||
initDataType = nsString{aInitDataType},
|
||||
|
|
|
|||
|
|
@ -141,6 +141,9 @@ class MediaKeySession final : public DOMEventTargetHelper,
|
|||
|
||||
// True if this key session is related with hardware decryption.
|
||||
bool mHardwareDecryption;
|
||||
|
||||
// True if this media key session is created under a private browsing mode.
|
||||
const bool mIsPrivateBrowsing;
|
||||
};
|
||||
|
||||
} // namespace dom
|
||||
|
|
|
|||
|
|
@ -233,14 +233,15 @@ static KeySystemConfig::EMECodecString ToEMEAPICodecString(
|
|||
|
||||
static RefPtr<KeySystemConfig::SupportedConfigsPromise>
|
||||
GetSupportedKeySystemConfigs(const nsAString& aKeySystem,
|
||||
bool aIsHardwareDecryption) {
|
||||
bool aIsHardwareDecryption,
|
||||
bool aIsPrivateBrowsing) {
|
||||
using DecryptionInfo = KeySystemConfig::DecryptionInfo;
|
||||
nsTArray<KeySystemConfigRequest> requests;
|
||||
|
||||
// Software Widevine and Clearkey
|
||||
if (IsWidevineKeySystem(aKeySystem) || IsClearkeyKeySystem(aKeySystem)) {
|
||||
requests.AppendElement(
|
||||
KeySystemConfigRequest{aKeySystem, DecryptionInfo::Software});
|
||||
requests.AppendElement(KeySystemConfigRequest{
|
||||
aKeySystem, DecryptionInfo::Software, aIsPrivateBrowsing});
|
||||
}
|
||||
#ifdef MOZ_WMF_CDM
|
||||
if (IsPlayReadyEnabled()) {
|
||||
|
|
@ -249,21 +250,21 @@ GetSupportedKeySystemConfigs(const nsAString& aKeySystem,
|
|||
aKeySystem.EqualsLiteral(kPlayReadyKeySystemHardware)) {
|
||||
requests.AppendElement(
|
||||
KeySystemConfigRequest{NS_ConvertUTF8toUTF16(kPlayReadyKeySystemName),
|
||||
DecryptionInfo::Software});
|
||||
DecryptionInfo::Software, aIsPrivateBrowsing});
|
||||
if (aIsHardwareDecryption) {
|
||||
requests.AppendElement(KeySystemConfigRequest{
|
||||
NS_ConvertUTF8toUTF16(kPlayReadyKeySystemName),
|
||||
DecryptionInfo::Hardware});
|
||||
DecryptionInfo::Hardware, aIsPrivateBrowsing});
|
||||
requests.AppendElement(KeySystemConfigRequest{
|
||||
NS_ConvertUTF8toUTF16(kPlayReadyKeySystemHardware),
|
||||
DecryptionInfo::Hardware});
|
||||
DecryptionInfo::Hardware, aIsPrivateBrowsing});
|
||||
}
|
||||
}
|
||||
// PlayReady clearlead
|
||||
if (aKeySystem.EqualsLiteral(kPlayReadyHardwareClearLeadKeySystemName)) {
|
||||
requests.AppendElement(KeySystemConfigRequest{
|
||||
NS_ConvertUTF8toUTF16(kPlayReadyHardwareClearLeadKeySystemName),
|
||||
DecryptionInfo::Hardware});
|
||||
DecryptionInfo::Hardware, aIsPrivateBrowsing});
|
||||
}
|
||||
}
|
||||
|
||||
|
|
@ -273,13 +274,13 @@ GetSupportedKeySystemConfigs(const nsAString& aKeySystem,
|
|||
(IsWidevineKeySystem(aKeySystem) && aIsHardwareDecryption)) {
|
||||
requests.AppendElement(KeySystemConfigRequest{
|
||||
NS_ConvertUTF8toUTF16(kWidevineExperimentKeySystemName),
|
||||
DecryptionInfo::Hardware});
|
||||
DecryptionInfo::Hardware, aIsPrivateBrowsing});
|
||||
}
|
||||
// Widevine clearlead
|
||||
if (aKeySystem.EqualsLiteral(kWidevineExperiment2KeySystemName)) {
|
||||
requests.AppendElement(KeySystemConfigRequest{
|
||||
NS_ConvertUTF8toUTF16(kWidevineExperiment2KeySystemName),
|
||||
DecryptionInfo::Hardware});
|
||||
DecryptionInfo::Hardware, aIsPrivateBrowsing});
|
||||
}
|
||||
}
|
||||
#endif
|
||||
|
|
@ -289,10 +290,11 @@ GetSupportedKeySystemConfigs(const nsAString& aKeySystem,
|
|||
/* static */
|
||||
RefPtr<GenericPromise> MediaKeySystemAccess::KeySystemSupportsInitDataType(
|
||||
const nsAString& aKeySystem, const nsAString& aInitDataType,
|
||||
bool aIsHardwareDecryption) {
|
||||
bool aIsHardwareDecryption, bool aIsPrivateBrowsing) {
|
||||
RefPtr<GenericPromise::Private> promise =
|
||||
new GenericPromise::Private(__func__);
|
||||
GetSupportedKeySystemConfigs(aKeySystem, aIsHardwareDecryption)
|
||||
GetSupportedKeySystemConfigs(aKeySystem, aIsHardwareDecryption,
|
||||
aIsPrivateBrowsing)
|
||||
->Then(GetMainThreadSerialEventTarget(), __func__,
|
||||
[promise, initDataType = nsString{std::move(aInitDataType)}](
|
||||
const KeySystemConfig::SupportedConfigsPromise::
|
||||
|
|
@ -1068,7 +1070,7 @@ MediaKeySystemAccess::GetSupportedConfig(MediaKeySystemAccessRequest* aRequest,
|
|||
RefPtr<KeySystemConfig::KeySystemConfigPromise::Private> promise =
|
||||
new KeySystemConfig::KeySystemConfigPromise::Private(__func__);
|
||||
GetSupportedKeySystemConfigs(aRequest->mKeySystem,
|
||||
isHardwareDecryptionRequest)
|
||||
isHardwareDecryptionRequest, aIsPrivateBrowsing)
|
||||
->Then(GetMainThreadSerialEventTarget(), __func__,
|
||||
[promise, aRequest, document = RefPtr<const Document>{aDocument}](
|
||||
const KeySystemConfig::SupportedConfigsPromise::
|
||||
|
|
|
|||
|
|
@ -66,7 +66,7 @@ class MediaKeySystemAccess final : public nsISupports, public nsWrapperCache {
|
|||
|
||||
static RefPtr<GenericPromise> KeySystemSupportsInitDataType(
|
||||
const nsAString& aKeySystem, const nsAString& aInitDataType,
|
||||
bool aIsHardwareDecryption);
|
||||
bool aIsHardwareDecryption, bool aIsPrivateBrowsing);
|
||||
|
||||
static nsCString ToCString(
|
||||
const Sequence<MediaKeySystemConfiguration>& aConfig);
|
||||
|
|
|
|||
|
|
@ -60,7 +60,8 @@ WMFCDMCapabilites::GetCapabilities(
|
|||
RefPtr<MFCDMChild> cdm = new MFCDMChild(request.mKeySystem);
|
||||
promises.AppendElement(cdm->GetCapabilities(MFCDMCapabilitiesRequest{
|
||||
nsString{request.mKeySystem},
|
||||
request.mDecryption == KeySystemConfig::DecryptionInfo::Hardware}));
|
||||
request.mDecryption == KeySystemConfig::DecryptionInfo::Hardware,
|
||||
request.mIsPrivateBrowsing}));
|
||||
mCDMs.AppendElement(std::move(cdm));
|
||||
}
|
||||
|
||||
|
|
|
|||
|
|
@ -774,6 +774,12 @@ void MFCDMParent::GetCapabilities(const nsString& aKeySystem,
|
|||
return;
|
||||
}
|
||||
|
||||
// MFCDM requires persistent storage, and can't use in-memory storage, it
|
||||
// can't be used in private browsing.
|
||||
if (aFlags.contains(CapabilitesFlag::IsPrivateBrowsing)) {
|
||||
return;
|
||||
}
|
||||
|
||||
ComPtr<IMFContentDecryptionModuleFactory> factory = aFactory;
|
||||
if (!factory) {
|
||||
RETURN_VOID_IF_FAILED(GetOrCreateFactory(aKeySystem, factory));
|
||||
|
|
@ -1005,6 +1011,9 @@ mozilla::ipc::IPCResult MFCDMParent::RecvGetCapabilities(
|
|||
if (RequireClearLead(aRequest.keySystem())) {
|
||||
flags += CapabilitesFlag::NeedClearLeadCheck;
|
||||
}
|
||||
if (aRequest.isPrivateBrowsing()) {
|
||||
flags += CapabilitesFlag::IsPrivateBrowsing;
|
||||
}
|
||||
GetCapabilities(aRequest.keySystem(), flags, mFactory.Get(), capabilities);
|
||||
aResolver(std::move(capabilities));
|
||||
return IPC_OK();
|
||||
|
|
|
|||
|
|
@ -102,6 +102,7 @@ class MFCDMParent final : public PMFCDMParent {
|
|||
HarewareDecryption,
|
||||
NeedHDCPCheck,
|
||||
NeedClearLeadCheck,
|
||||
IsPrivateBrowsing,
|
||||
};
|
||||
using CapabilitesFlagSet = EnumSet<CapabilitesFlag, uint8_t>;
|
||||
|
||||
|
|
|
|||
|
|
@ -100,6 +100,7 @@ union MFCDMSessionResult {
|
|||
struct MFCDMCapabilitiesRequest {
|
||||
nsString keySystem;
|
||||
bool isHardwareDecryption;
|
||||
bool isPrivateBrowsing;
|
||||
};
|
||||
|
||||
[ManualDealloc]
|
||||
|
|
|
|||
Loading…
Reference in a new issue