diff --git a/caps/nsIScriptSecurityManager.idl b/caps/nsIScriptSecurityManager.idl index ad482859df80..2cfb7b327165 100644 --- a/caps/nsIScriptSecurityManager.idl +++ b/caps/nsIScriptSecurityManager.idl @@ -231,14 +231,15 @@ interface nsIScriptSecurityManager : nsISupports nsIPrincipal getChannelResultStoragePrincipal(in nsIChannel aChannel); /** - * This method does getChannelResultPrincipal() + - * getChannelResultStoragePrincipal(). - * This method is mainly done for Document::Reset(). There are no other - * reasons to use this method. + * This method returns 2 principals from a nsIChannel: + * - aPrincipal is the regular principal. + * - aPartitionedPrincipal is aPrincipal plus an isolation key in its + * originAttributes. + * See more in StoragePrincipalHelper.h */ void getChannelResultPrincipals(in nsIChannel aChannel, out nsIPrincipal aPrincipal, - out nsIPrincipal aStoragePrincipal); + out nsIPrincipal aPartitionedPrincipal); /** * Temporary API until bug 1220687 is fixed. diff --git a/caps/nsScriptSecurityManager.cpp b/caps/nsScriptSecurityManager.cpp index b179e572ed67..124a92c08806 100644 --- a/caps/nsScriptSecurityManager.cpp +++ b/caps/nsScriptSecurityManager.cpp @@ -251,13 +251,14 @@ nsScriptSecurityManager::GetChannelResultStoragePrincipal( return rv; } - return StoragePrincipalHelper::Create(aChannel, principal, aPrincipal); + return StoragePrincipalHelper::Create( + aChannel, principal, /* aForceIsolation */ false, aPrincipal); } NS_IMETHODIMP nsScriptSecurityManager::GetChannelResultPrincipals( nsIChannel* aChannel, nsIPrincipal** aPrincipal, - nsIPrincipal** aStoragePrincipal) { + nsIPrincipal** aPartitionedPrincipal) { nsresult rv = GetChannelResultPrincipal(aChannel, aPrincipal, /*aIgnoreSandboxing*/ false); if (NS_WARN_IF(NS_FAILED(rv))) { @@ -269,12 +270,12 @@ nsScriptSecurityManager::GetChannelResultPrincipals( // principal for the storage principal too, since attempting to create a // storage principal would fail anyway. nsCOMPtr copy = *aPrincipal; - copy.forget(aStoragePrincipal); + copy.forget(aPartitionedPrincipal); return NS_OK; } - return StoragePrincipalHelper::Create(aChannel, *aPrincipal, - aStoragePrincipal); + return StoragePrincipalHelper::Create( + aChannel, *aPrincipal, /* aForceIsolation */ true, aPartitionedPrincipal); } nsresult nsScriptSecurityManager::GetChannelResultPrincipal( diff --git a/docshell/base/nsDocShell.cpp b/docshell/base/nsDocShell.cpp index 86e2a43d54f0..700fe70ad521 100644 --- a/docshell/base/nsDocShell.cpp +++ b/docshell/base/nsDocShell.cpp @@ -6254,7 +6254,7 @@ nsresult nsDocShell::EnsureContentViewer() { nsCOMPtr cspToInheritForAboutBlank; nsCOMPtr baseURI; nsIPrincipal* principal = GetInheritedPrincipal(false); - nsIPrincipal* storagePrincipal = GetInheritedPrincipal(false, true); + nsIPrincipal* partitionedPrincipal = GetInheritedPrincipal(false, true); nsCOMPtr parentItem; GetInProcessSameTypeParent(getter_AddRefs(parentItem)); @@ -6269,7 +6269,7 @@ nsresult nsDocShell::EnsureContentViewer() { } nsresult rv = CreateAboutBlankContentViewer( - principal, storagePrincipal, cspToInheritForAboutBlank, baseURI); + principal, partitionedPrincipal, cspToInheritForAboutBlank, baseURI); NS_ENSURE_STATE(mContentViewer); @@ -6295,7 +6295,7 @@ nsresult nsDocShell::EnsureContentViewer() { } nsresult nsDocShell::CreateAboutBlankContentViewer( - nsIPrincipal* aPrincipal, nsIPrincipal* aStoragePrincipal, + nsIPrincipal* aPrincipal, nsIPrincipal* aPartitionedPrincipal, nsIContentSecurityPolicy* aCSP, nsIURI* aBaseURI, bool aTryToSaveOldPresentation, bool aCheckPermitUnload, WindowGlobalChild* aActor) { @@ -6389,7 +6389,7 @@ nsresult nsDocShell::CreateAboutBlankContentViewer( NS_LITERAL_CSTRING("text/html")); if (docFactory) { - nsCOMPtr principal, storagePrincipal; + nsCOMPtr principal, partitionedPrincipal; uint32_t sandboxFlags = mBrowsingContext->GetSandboxFlags(); // If we're sandboxed, then create a new null principal. We skip // this if we're being created from WindowGlobalChild, since in @@ -6403,17 +6403,17 @@ nsresult nsDocShell::CreateAboutBlankContentViewer( } else { principal = NullPrincipal::CreateWithInheritedAttributes(this); } - storagePrincipal = principal; + partitionedPrincipal = principal; } else { principal = aPrincipal; - storagePrincipal = aStoragePrincipal; + partitionedPrincipal = aPartitionedPrincipal; } MaybeCreateInitialClientSource(principal); // generate (about:blank) document to load blankDoc = nsContentDLF::CreateBlankDocument(mLoadGroup, principal, - storagePrincipal, this); + partitionedPrincipal, this); if (blankDoc) { // Hack: manually set the CSP for the new document // Please create an actual copy of the CSP (do not share the same @@ -6465,9 +6465,9 @@ nsresult nsDocShell::CreateAboutBlankContentViewer( NS_IMETHODIMP nsDocShell::CreateAboutBlankContentViewer(nsIPrincipal* aPrincipal, - nsIPrincipal* aStoragePrincipal, + nsIPrincipal* aPartitionedPrincipal, nsIContentSecurityPolicy* aCSP) { - return CreateAboutBlankContentViewer(aPrincipal, aStoragePrincipal, aCSP, + return CreateAboutBlankContentViewer(aPrincipal, aPartitionedPrincipal, aCSP, nullptr); } @@ -6475,7 +6475,7 @@ nsresult nsDocShell::CreateContentViewerForActor( WindowGlobalChild* aWindowActor) { MOZ_ASSERT(aWindowActor); - // FIXME: WindowGlobalChild should provide the StoragePrincipal. + // FIXME: WindowGlobalChild should provide the PartitionedPrincipal. nsresult rv = CreateAboutBlankContentViewer( aWindowActor->DocumentPrincipal(), aWindowActor->DocumentPrincipal(), /* aCsp */ nullptr, @@ -8365,17 +8365,18 @@ nsresult nsDocShell::HandleSameDocumentNavigation( * recorded in session and global history. */ nsCOMPtr newURITriggeringPrincipal, newURIPrincipalToInherit, - newURIStoragePrincipalToInherit; + newURIPartitionedPrincipalToInherit; nsCOMPtr newCsp; if (mOSHE) { newURITriggeringPrincipal = mOSHE->GetTriggeringPrincipal(); newURIPrincipalToInherit = mOSHE->GetPrincipalToInherit(); - newURIStoragePrincipalToInherit = mOSHE->GetStoragePrincipalToInherit(); + newURIPartitionedPrincipalToInherit = + mOSHE->GetPartitionedPrincipalToInherit(); newCsp = mOSHE->GetCsp(); } else { newURITriggeringPrincipal = aLoadState->TriggeringPrincipal(); newURIPrincipalToInherit = doc->NodePrincipal(); - newURIStoragePrincipalToInherit = doc->IntrinsicStoragePrincipal(); + newURIPartitionedPrincipalToInherit = doc->PartitionedPrincipal(); newCsp = doc->GetCsp(); } // Pass true for aCloneSHChildren, since we're not @@ -8387,8 +8388,8 @@ nsresult nsDocShell::HandleSameDocumentNavigation( // Anyway, aCloneSHChildren param is simply reflecting // doSameDocumentNavigation in this scope. OnNewURI(aLoadState->URI(), nullptr, newURITriggeringPrincipal, - newURIPrincipalToInherit, newURIStoragePrincipalToInherit, mLoadType, - newCsp, true, true, true); + newURIPrincipalToInherit, newURIPartitionedPrincipalToInherit, + mLoadType, newCsp, true, true, true); nsCOMPtr postData; uint32_t cacheKey = 0; @@ -8967,7 +8968,7 @@ bool nsDocShell::CanLoadInParentProcess(nsIURI* aURI) { } nsIPrincipal* nsDocShell::GetInheritedPrincipal( - bool aConsiderCurrentDocument, bool aConsiderStoragePrincipal) { + bool aConsiderCurrentDocument, bool aConsiderPartitionedPrincipal) { RefPtr document; bool inheritedFromCurrent = false; @@ -9000,8 +9001,8 @@ nsIPrincipal* nsDocShell::GetInheritedPrincipal( //-- Get the document's principal if (document) { - nsIPrincipal* docPrincipal = aConsiderStoragePrincipal - ? document->IntrinsicStoragePrincipal() + nsIPrincipal* docPrincipal = aConsiderPartitionedPrincipal + ? document->PartitionedPrincipal() : document->NodePrincipal(); // Don't allow loads in typeContent docShells to inherit the system @@ -10024,7 +10025,7 @@ void nsDocShell::SetupReferrerInfoFromChannel(nsIChannel* aChannel) { bool nsDocShell::OnNewURI(nsIURI* aURI, nsIChannel* aChannel, nsIPrincipal* aTriggeringPrincipal, nsIPrincipal* aPrincipalToInherit, - nsIPrincipal* aStoragePrincipalToInherit, + nsIPrincipal* aPartitionedPrincipalToInherit, uint32_t aLoadType, nsIContentSecurityPolicy* aCsp, bool aFireOnLocationChange, bool aAddToGlobalHistory, bool aCloneSHChildren) { @@ -10189,8 +10190,9 @@ bool nsDocShell::OnNewURI(nsIURI* aURI, nsIChannel* aChannel, * rootDocShell */ (void)AddToSessionHistory(aURI, aChannel, aTriggeringPrincipal, - aPrincipalToInherit, aStoragePrincipalToInherit, - aCsp, aCloneSHChildren, getter_AddRefs(mLSHE)); + aPrincipalToInherit, + aPartitionedPrincipalToInherit, aCsp, + aCloneSHChildren, getter_AddRefs(mLSHE)); } } else if (GetSessionHistory() && mLSHE && mURIResultedInDocument) { // Even if we don't add anything to SHistory, ensure the current index @@ -10659,7 +10661,8 @@ bool nsDocShell::ShouldAddToSessionHistory(nsIURI* aURI, nsIChannel* aChannel) { nsresult nsDocShell::AddToSessionHistory( nsIURI* aURI, nsIChannel* aChannel, nsIPrincipal* aTriggeringPrincipal, - nsIPrincipal* aPrincipalToInherit, nsIPrincipal* aStoragePrincipalToInherit, + nsIPrincipal* aPrincipalToInherit, + nsIPrincipal* aPartitionedPrincipalToInherit, nsIContentSecurityPolicy* aCsp, bool aCloneChildren, nsISHEntry** aNewEntry) { MOZ_ASSERT(aURI, "uri is null"); @@ -10718,7 +10721,8 @@ nsresult nsDocShell::AddToSessionHistory( uint32_t cacheKey = 0; nsCOMPtr triggeringPrincipal = aTriggeringPrincipal; nsCOMPtr principalToInherit = aPrincipalToInherit; - nsCOMPtr storagePrincipalToInherit = aStoragePrincipalToInherit; + nsCOMPtr partitionedPrincipalToInherit = + aPartitionedPrincipalToInherit; nsCOMPtr csp = aCsp; bool expired = false; // by default the page is not expired bool discardLayoutState = false; @@ -10780,12 +10784,12 @@ nsresult nsDocShell::AddToSessionHistory( } } - if (!storagePrincipalToInherit) { + if (!partitionedPrincipalToInherit) { // XXXehsan is it correct to fall back to the principal to inherit in all // cases? For example, what about the cases where we are using the load // info's principal to inherit? Do we need to add a similar concept to - // load info for storage principal? - storagePrincipalToInherit = principalToInherit; + // load info for partitioned principal? + partitionedPrincipalToInherit = principalToInherit; } } @@ -10828,10 +10832,10 @@ nsresult nsDocShell::AddToSessionHistory( cacheKey, // CacheKey mContentTypeHint, // Content-type triggeringPrincipal, // Channel or provided principal - principalToInherit, storagePrincipalToInherit, csp, HistoryID(), - mDynamicallyCreated, originalURI, resultPrincipalURI, - loadReplace, referrerInfo, srcdoc, srcdocEntry, baseURI, - saveLayoutState, expired); + principalToInherit, partitionedPrincipalToInherit, csp, + HistoryID(), mDynamicallyCreated, originalURI, + resultPrincipalURI, loadReplace, referrerInfo, srcdoc, + srcdocEntry, baseURI, saveLayoutState, expired); if (root == static_cast(this) && GetSessionHistory()) { bool shouldPersist = ShouldAddToSessionHistory(aURI, aChannel); @@ -10894,9 +10898,10 @@ nsresult nsDocShell::LoadHistoryEntry(nsISHEntry* aEntry, uint32_t aLoadType) { // Don't cache the presentation if we're going to just reload the // current entry. Caching would lead to trying to save the different // content viewers in the same nsISHEntry object. - rv = CreateAboutBlankContentViewer(loadState->PrincipalToInherit(), - loadState->StoragePrincipalToInherit(), - nullptr, nullptr, aEntry != mOSHE); + rv = CreateAboutBlankContentViewer( + loadState->PrincipalToInherit(), + loadState->PartitionedPrincipalToInherit(), nullptr, nullptr, + aEntry != mOSHE); if (NS_FAILED(rv)) { // The creation of the intermittent about:blank content @@ -12101,7 +12106,7 @@ nsDocShell::InitOrReusePrintPreviewViewer(nsIWebBrowserPrint** aPrintPreview) { NullPrincipal::CreateWithInheritedAttributes(this); nsCOMPtr uri; NS_NewURI(getter_AddRefs(uri), NS_LITERAL_CSTRING("about:printpreview")); - // Reuse the null principal for the storage principal. + // Reuse the null principal for the partitioned principal. // XXXehsan is that the right principal to use here? nsresult rv = CreateAboutBlankContentViewer(principal, principal, /* aCsp = */ nullptr, uri); diff --git a/docshell/base/nsDocShell.h b/docshell/base/nsDocShell.h index dcffed8e5537..c2740aebe779 100644 --- a/docshell/base/nsDocShell.h +++ b/docshell/base/nsDocShell.h @@ -602,7 +602,7 @@ class nsDocShell final : public nsDocLoader, // passed in, the about:blank principal will end up being used. // aCSP, if any, will be used for the new about:blank load. nsresult CreateAboutBlankContentViewer( - nsIPrincipal* aPrincipal, nsIPrincipal* aStoragePrincipal, + nsIPrincipal* aPrincipal, nsIPrincipal* aPartitionedPrincipal, nsIContentSecurityPolicy* aCSP, nsIURI* aBaseURI, bool aTryToSaveOldPresentation = true, bool aCheckPermitUnload = true, mozilla::dom::WindowGlobalChild* aActor = nullptr); @@ -642,7 +642,7 @@ class nsDocShell final : public nsDocLoader, nsresult AddToSessionHistory(nsIURI* aURI, nsIChannel* aChannel, nsIPrincipal* aTriggeringPrincipal, nsIPrincipal* aPrincipalToInherit, - nsIPrincipal* aStoragePrincipalToInherit, + nsIPrincipal* aPartitionedPrincipalToInherit, nsIContentSecurityPolicy* aCsp, bool aCloneChildren, nsISHEntry** aNewEntry); @@ -717,9 +717,10 @@ class nsDocShell final : public nsDocLoader, bool OnNewURI(nsIURI* aURI, nsIChannel* aChannel, nsIPrincipal* aTriggeringPrincipal, nsIPrincipal* aPrincipalToInherit, - nsIPrincipal* aStoragePrincipalToInehrit, uint32_t aLoadType, - nsIContentSecurityPolicy* aCsp, bool aFireOnLocationChange, - bool aAddToGlobalHistory, bool aCloneSHChildren); + nsIPrincipal* aPartitionedPrincipalToInehrit, + uint32_t aLoadType, nsIContentSecurityPolicy* aCsp, + bool aFireOnLocationChange, bool aAddToGlobalHistory, + bool aCloneSHChildren); // Helper method that is called when a new document (including any // sub-documents - ie. frames) has been completely loaded. @@ -757,10 +758,11 @@ class nsDocShell final : public nsDocLoader, // If that fails too, we force creation of a content viewer and use the // resulting principal. If aConsiderCurrentDocument is false, we just look // at the parent. - // If aConsiderStoragePrincipal is true, we consider the storage principal - // instead of the node principal. - nsIPrincipal* GetInheritedPrincipal(bool aConsiderCurrentDocument, - bool aConsiderStoragePrincipal = false); + // If aConsiderPartitionedPrincipal is true, we consider the partitioned + // principal instead of the node principal. + nsIPrincipal* GetInheritedPrincipal( + bool aConsiderCurrentDocument, + bool aConsiderPartitionedPrincipal = false); /** * Helper function that caches a URI and a transition for saving later. diff --git a/docshell/base/nsDocShellLoadState.cpp b/docshell/base/nsDocShellLoadState.cpp index 9f9b8f406fd4..d8a0bb461f18 100644 --- a/docshell/base/nsDocShellLoadState.cpp +++ b/docshell/base/nsDocShellLoadState.cpp @@ -127,7 +127,7 @@ nsDocShellLoadState::nsDocShellLoadState( mBaseURI = aLoadState.BaseURI(); mTriggeringPrincipal = aLoadState.TriggeringPrincipal(); mPrincipalToInherit = aLoadState.PrincipalToInherit(); - mStoragePrincipalToInherit = aLoadState.StoragePrincipalToInherit(); + mPartitionedPrincipalToInherit = aLoadState.PartitionedPrincipalToInherit(); mCsp = aLoadState.Csp(); mOriginalURIString = aLoadState.OriginalURIString(); mCancelContentJSEpoch = aLoadState.CancelContentJSEpoch(); @@ -150,7 +150,7 @@ nsDocShellLoadState::nsDocShellLoadState(const nsDocShellLoadState& aOther) mInheritPrincipal(aOther.mInheritPrincipal), mPrincipalIsExplicit(aOther.mPrincipalIsExplicit), mPrincipalToInherit(aOther.mPrincipalToInherit), - mStoragePrincipalToInherit(aOther.mStoragePrincipalToInherit), + mPartitionedPrincipalToInherit(aOther.mPartitionedPrincipalToInherit), mForceAllowDataURI(aOther.mForceAllowDataURI), mOriginalFrameSrc(aOther.mOriginalFrameSrc), mIsFormSubmission(aOther.mIsFormSubmission), @@ -432,13 +432,13 @@ void nsDocShellLoadState::SetPrincipalToInherit( mPrincipalToInherit = aPrincipalToInherit; } -nsIPrincipal* nsDocShellLoadState::StoragePrincipalToInherit() const { - return mStoragePrincipalToInherit; +nsIPrincipal* nsDocShellLoadState::PartitionedPrincipalToInherit() const { + return mPartitionedPrincipalToInherit; } -void nsDocShellLoadState::SetStoragePrincipalToInherit( - nsIPrincipal* aStoragePrincipalToInherit) { - mStoragePrincipalToInherit = aStoragePrincipalToInherit; +void nsDocShellLoadState::SetPartitionedPrincipalToInherit( + nsIPrincipal* aPartitionedPrincipalToInherit) { + mPartitionedPrincipalToInherit = aPartitionedPrincipalToInherit; } void nsDocShellLoadState::SetCsp(nsIContentSecurityPolicy* aCsp) { @@ -885,7 +885,7 @@ DocShellLoadStateInit nsDocShellLoadState::Serialize() { loadState.BaseURI() = mBaseURI; loadState.TriggeringPrincipal() = mTriggeringPrincipal; loadState.PrincipalToInherit() = mPrincipalToInherit; - loadState.StoragePrincipalToInherit() = mStoragePrincipalToInherit; + loadState.PartitionedPrincipalToInherit() = mPartitionedPrincipalToInherit; loadState.Csp() = mCsp; loadState.OriginalURIString() = mOriginalURIString; loadState.CancelContentJSEpoch() = mCancelContentJSEpoch; diff --git a/docshell/base/nsDocShellLoadState.h b/docshell/base/nsDocShellLoadState.h index 91f0ab02edf5..68a5c3b06184 100644 --- a/docshell/base/nsDocShellLoadState.h +++ b/docshell/base/nsDocShellLoadState.h @@ -85,9 +85,10 @@ class nsDocShellLoadState final { void SetPrincipalToInherit(nsIPrincipal* aPrincipalToInherit); - nsIPrincipal* StoragePrincipalToInherit() const; + nsIPrincipal* PartitionedPrincipalToInherit() const; - void SetStoragePrincipalToInherit(nsIPrincipal* aStoragePrincipalToInherit); + void SetPartitionedPrincipalToInherit( + nsIPrincipal* aPartitionedPrincipalToInherit); bool LoadReplace() const; @@ -332,7 +333,7 @@ class nsDocShellLoadState final { nsCOMPtr mPrincipalToInherit; - nsCOMPtr mStoragePrincipalToInherit; + nsCOMPtr mPartitionedPrincipalToInherit; // If this attribute is true, then a top-level navigation // to a data URI will be allowed. diff --git a/docshell/base/nsIDocShell.idl b/docshell/base/nsIDocShell.idl index 01dc4734eb19..c9af7d7692c9 100644 --- a/docshell/base/nsIDocShell.idl +++ b/docshell/base/nsIDocShell.idl @@ -545,11 +545,12 @@ interface nsIDocShell : nsIDocShellTreeItem /** * Create a new about:blank document and content viewer. * @param aPrincipal the principal to use for the new document. - * @param aStoragePrincipal the storage principal to use for the new document. + * @param aPartitionedPrincipal the partitioned principal to use for the new + * document. * @param aCsp the CSP to use for the new document. */ void createAboutBlankContentViewer(in nsIPrincipal aPrincipal, - in nsIPrincipal aStoragePrincipal, + in nsIPrincipal aPartitionedPrincipal, [optional] in nsIContentSecurityPolicy aCSP); /** diff --git a/docshell/shistory/SessionHistoryEntry.cpp b/docshell/shistory/SessionHistoryEntry.cpp index 07a28d1291c9..fc82f0c9a596 100644 --- a/docshell/shistory/SessionHistoryEntry.cpp +++ b/docshell/shistory/SessionHistoryEntry.cpp @@ -47,8 +47,8 @@ SessionHistoryEntry::SessionHistoryEntry(nsISHistory* aSessionHistory, mID(++gEntryID) { mSharedInfo->mTriggeringPrincipal = aLoadState->TriggeringPrincipal(); mSharedInfo->mPrincipalToInherit = aLoadState->PrincipalToInherit(); - mSharedInfo->mStoragePrincipalToInherit = - aLoadState->StoragePrincipalToInherit(); + mSharedInfo->mPartitionedPrincipalToInherit = + aLoadState->PartitionedPrincipalToInherit(); mSharedInfo->mCsp = aLoadState->Csp(); // FIXME Set remaining shared fields! } @@ -348,18 +348,18 @@ SessionHistoryEntry::SetPrincipalToInherit(nsIPrincipal* aPrincipalToInherit) { } NS_IMETHODIMP -SessionHistoryEntry::GetStoragePrincipalToInherit( - nsIPrincipal** aStoragePrincipalToInherit) { - nsCOMPtr storagePrincipalToInherit = - mSharedInfo->mStoragePrincipalToInherit; - storagePrincipalToInherit.forget(aStoragePrincipalToInherit); +SessionHistoryEntry::GetPartitionedPrincipalToInherit( + nsIPrincipal** aPartitionedPrincipalToInherit) { + nsCOMPtr partitionedPrincipalToInherit = + mSharedInfo->mPartitionedPrincipalToInherit; + partitionedPrincipalToInherit.forget(aPartitionedPrincipalToInherit); return NS_OK; } NS_IMETHODIMP -SessionHistoryEntry::SetStoragePrincipalToInherit( - nsIPrincipal* aStoragePrincipalToInherit) { - mSharedInfo->mStoragePrincipalToInherit = aStoragePrincipalToInherit; +SessionHistoryEntry::SetPartitionedPrincipalToInherit( + nsIPrincipal* aPartitionedPrincipalToInherit) { + mSharedInfo->mPartitionedPrincipalToInherit = aPartitionedPrincipalToInherit; return NS_OK; } @@ -553,11 +553,11 @@ SessionHistoryEntry::Create( nsIURI* aURI, const nsAString& aTitle, nsIInputStream* aInputStream, uint32_t aCacheKey, const nsACString& aContentType, nsIPrincipal* aTriggeringPrincipal, nsIPrincipal* aPrincipalToInherit, - nsIPrincipal* aStoragePrincipalToInherit, nsIContentSecurityPolicy* aCsp, - const nsID& aDocshellID, bool aDynamicCreation, nsIURI* aOriginalURI, - nsIURI* aResultPrincipalURI, bool aLoadReplace, - nsIReferrerInfo* aReferrerInfo, const nsAString& aSrcdoc, bool aSrcdocEntry, - nsIURI* aBaseURI, bool aSaveLayoutState, bool aExpired) { + nsIPrincipal* aPartitionedPrincipalToInherit, + nsIContentSecurityPolicy* aCsp, const nsID& aDocshellID, + bool aDynamicCreation, nsIURI* aOriginalURI, nsIURI* aResultPrincipalURI, + bool aLoadReplace, nsIReferrerInfo* aReferrerInfo, const nsAString& aSrcdoc, + bool aSrcdocEntry, nsIURI* aBaseURI, bool aSaveLayoutState, bool aExpired) { MOZ_CRASH("Might need to implement this"); return NS_ERROR_NOT_IMPLEMENTED; } @@ -690,8 +690,8 @@ SessionHistoryEntry::CreateLoadInfo(nsDocShellLoadState** aLoadState) { loadState->SetTypeHint(mSharedInfo->mContentType); loadState->SetTriggeringPrincipal(mSharedInfo->mTriggeringPrincipal); loadState->SetPrincipalToInherit(mSharedInfo->mPrincipalToInherit); - loadState->SetStoragePrincipalToInherit( - mSharedInfo->mStoragePrincipalToInherit); + loadState->SetPartitionedPrincipalToInherit( + mSharedInfo->mPartitionedPrincipalToInherit); loadState->SetCsp(mSharedInfo->mCsp); // Do not inherit principal from document (security-critical!); diff --git a/docshell/shistory/nsISHEntry.idl b/docshell/shistory/nsISHEntry.idl index 8bbf2a68687c..cae34bc82125 100644 --- a/docshell/shistory/nsISHEntry.idl +++ b/docshell/shistory/nsISHEntry.idl @@ -164,7 +164,7 @@ interface nsISHEntry : nsISupports * Get the storage principal, if any, that is used when the inherit flag is * set. */ - [infallible] attribute nsIPrincipal storagePrincipalToInherit; + [infallible] attribute nsIPrincipal partitionedPrincipalToInherit; /** * Get the csp, if any, that was used for this document load. That @@ -298,7 +298,7 @@ interface nsISHEntry : nsISupports in ACString contentType, in nsIPrincipal triggeringPrincipal, in nsIPrincipal principalToInherit, - in nsIPrincipal storagePrincipalToInherit, + in nsIPrincipal partitionedPrincipalToInherit, in nsIContentSecurityPolicy aCsp, in nsIDRef docshellID, in boolean dynamicCreation, diff --git a/docshell/shistory/nsSHEntry.cpp b/docshell/shistory/nsSHEntry.cpp index 229b15eff25d..1ffb9406d123 100644 --- a/docshell/shistory/nsSHEntry.cpp +++ b/docshell/shistory/nsSHEntry.cpp @@ -323,15 +323,18 @@ nsSHEntry::SetContentType(const nsACString& aContentType) { } NS_IMETHODIMP -nsSHEntry::Create( - nsIURI* aURI, const nsAString& aTitle, nsIInputStream* aInputStream, - uint32_t aCacheKey, const nsACString& aContentType, - nsIPrincipal* aTriggeringPrincipal, nsIPrincipal* aPrincipalToInherit, - nsIPrincipal* aStoragePrincipalToInherit, nsIContentSecurityPolicy* aCsp, - const nsID& aDocShellID, bool aDynamicCreation, nsIURI* aOriginalURI, - nsIURI* aResultPrincipalURI, bool aLoadReplace, - nsIReferrerInfo* aReferrerInfo, const nsAString& aSrcdocData, - bool aSrcdocEntry, nsIURI* aBaseURI, bool aSaveLayoutState, bool aExpired) { +nsSHEntry::Create(nsIURI* aURI, const nsAString& aTitle, + nsIInputStream* aInputStream, uint32_t aCacheKey, + const nsACString& aContentType, + nsIPrincipal* aTriggeringPrincipal, + nsIPrincipal* aPrincipalToInherit, + nsIPrincipal* aPartitionedPrincipalToInherit, + nsIContentSecurityPolicy* aCsp, const nsID& aDocShellID, + bool aDynamicCreation, nsIURI* aOriginalURI, + nsIURI* aResultPrincipalURI, bool aLoadReplace, + nsIReferrerInfo* aReferrerInfo, const nsAString& aSrcdocData, + bool aSrcdocEntry, nsIURI* aBaseURI, bool aSaveLayoutState, + bool aExpired) { MOZ_ASSERT( aTriggeringPrincipal, "need a valid triggeringPrincipal to create a session history entry"); @@ -347,7 +350,7 @@ nsSHEntry::Create( mShared->mContentType = aContentType; mShared->mTriggeringPrincipal = aTriggeringPrincipal; mShared->mPrincipalToInherit = aPrincipalToInherit; - mShared->mStoragePrincipalToInherit = aStoragePrincipalToInherit; + mShared->mPartitionedPrincipalToInherit = aPartitionedPrincipalToInherit; mShared->mCsp = aCsp; mShared->mDocShellID = aDocShellID; mShared->mDynamicallyCreated = aDynamicCreation; @@ -431,17 +434,17 @@ nsSHEntry::SetPrincipalToInherit(nsIPrincipal* aPrincipalToInherit) { } NS_IMETHODIMP -nsSHEntry::GetStoragePrincipalToInherit( - nsIPrincipal** aStoragePrincipalToInherit) { - NS_IF_ADDREF(*aStoragePrincipalToInherit = - mShared->mStoragePrincipalToInherit); +nsSHEntry::GetPartitionedPrincipalToInherit( + nsIPrincipal** aPartitionedPrincipalToInherit) { + NS_IF_ADDREF(*aPartitionedPrincipalToInherit = + mShared->mPartitionedPrincipalToInherit); return NS_OK; } NS_IMETHODIMP -nsSHEntry::SetStoragePrincipalToInherit( - nsIPrincipal* aStoragePrincipalToInherit) { - mShared->mStoragePrincipalToInherit = aStoragePrincipalToInherit; +nsSHEntry::SetPartitionedPrincipalToInherit( + nsIPrincipal* aPartitionedPrincipalToInherit) { + mShared->mPartitionedPrincipalToInherit = aPartitionedPrincipalToInherit; return NS_OK; } @@ -849,9 +852,9 @@ nsSHEntry::CreateLoadInfo(nsDocShellLoadState** aLoadState) { loadState->SetTriggeringPrincipal(triggeringPrincipal); nsCOMPtr principalToInherit = GetPrincipalToInherit(); loadState->SetPrincipalToInherit(principalToInherit); - nsCOMPtr storagePrincipalToInherit = - GetStoragePrincipalToInherit(); - loadState->SetStoragePrincipalToInherit(storagePrincipalToInherit); + nsCOMPtr partitionedPrincipalToInherit = + GetPartitionedPrincipalToInherit(); + loadState->SetPartitionedPrincipalToInherit(partitionedPrincipalToInherit); nsCOMPtr csp = GetCsp(); loadState->SetCsp(csp); nsCOMPtr referrerInfo = GetReferrerInfo(); diff --git a/docshell/shistory/nsSHEntryShared.cpp b/docshell/shistory/nsSHEntryShared.cpp index ba8df89a135d..e16488e6712b 100644 --- a/docshell/shistory/nsSHEntryShared.cpp +++ b/docshell/shistory/nsSHEntryShared.cpp @@ -51,7 +51,7 @@ void SHEntrySharedParentState::CopyFrom(SHEntrySharedParentState* aEntry) { mDocShellID = aEntry->mDocShellID; mTriggeringPrincipal = aEntry->mTriggeringPrincipal; mPrincipalToInherit = aEntry->mPrincipalToInherit; - mStoragePrincipalToInherit = aEntry->mStoragePrincipalToInherit; + mPartitionedPrincipalToInherit = aEntry->mPartitionedPrincipalToInherit; mCsp = aEntry->mCsp; mSaveLayoutState = aEntry->mSaveLayoutState; mContentType.Assign(aEntry->mContentType); diff --git a/docshell/shistory/nsSHEntryShared.h b/docshell/shistory/nsSHEntryShared.h index 3d128eec5a95..4212d2816e9d 100644 --- a/docshell/shistory/nsSHEntryShared.h +++ b/docshell/shistory/nsSHEntryShared.h @@ -72,7 +72,7 @@ class SHEntrySharedParentState { nsID mDocShellID; nsCOMPtr mTriggeringPrincipal; nsCOMPtr mPrincipalToInherit; - nsCOMPtr mStoragePrincipalToInherit; + nsCOMPtr mPartitionedPrincipalToInherit; nsCOMPtr mCsp; // Child side updates layout history state when page is being unloaded or // moved to bfcache. diff --git a/dom/base/Document.cpp b/dom/base/Document.cpp index bc9db0bc26b2..96a04bfe9e61 100644 --- a/dom/base/Document.cpp +++ b/dom/base/Document.cpp @@ -2412,7 +2412,7 @@ bool Document::IsVisibleConsideringAncestors() const { void Document::Reset(nsIChannel* aChannel, nsILoadGroup* aLoadGroup) { nsCOMPtr uri; nsCOMPtr principal; - nsCOMPtr storagePrincipal; + nsCOMPtr partitionedPrincipal; if (aChannel) { // Note: this code is duplicated in PrototypeDocumentContentSink::Init and // nsScriptSecurityManager::GetChannelResultPrincipals. @@ -2425,20 +2425,20 @@ void Document::Reset(nsIChannel* aChannel, nsILoadGroup* aLoadGroup) { if (securityManager) { securityManager->GetChannelResultPrincipals( aChannel, getter_AddRefs(principal), - getter_AddRefs(storagePrincipal)); + getter_AddRefs(partitionedPrincipal)); } } - bool equal = principal->Equals(storagePrincipal); + bool equal = principal->Equals(partitionedPrincipal); principal = MaybeDowngradePrincipal(principal); if (equal) { - storagePrincipal = principal; + partitionedPrincipal = principal; } else { - storagePrincipal = MaybeDowngradePrincipal(storagePrincipal); + partitionedPrincipal = MaybeDowngradePrincipal(partitionedPrincipal); } - ResetToURI(uri, aLoadGroup, principal, storagePrincipal); + ResetToURI(uri, aLoadGroup, principal, partitionedPrincipal); // Note that, since mTiming does not change during a reset, the // navigationStart time remains unchanged and therefore any future new @@ -2500,9 +2500,9 @@ void Document::DisconnectNodeTree() { void Document::ResetToURI(nsIURI* aURI, nsILoadGroup* aLoadGroup, nsIPrincipal* aPrincipal, - nsIPrincipal* aStoragePrincipal) { + nsIPrincipal* aPartitionedPrincipal) { MOZ_ASSERT(aURI, "Null URI passed to ResetToURI"); - MOZ_ASSERT(!!aPrincipal == !!aStoragePrincipal); + MOZ_ASSERT(!!aPrincipal == !!aPartitionedPrincipal); MOZ_LOG(gDocumentLeakPRLog, LogLevel::Debug, ("DOCUMENT %p ResetToURI %s", this, aURI->GetSpecOrDefault().get())); @@ -2587,7 +2587,7 @@ void Document::ResetToURI(nsIURI* aURI, nsILoadGroup* aLoadGroup, // Now get our new principal if (aPrincipal) { - SetPrincipals(aPrincipal, aStoragePrincipal); + SetPrincipals(aPrincipal, aPartitionedPrincipal); } else { nsIScriptSecurityManager* securityManager = nsContentUtils::GetSecurityManager(); @@ -3717,8 +3717,8 @@ void Document::RemoveFromIdTable(Element* aElement, nsAtom* aId) { } void Document::SetPrincipals(nsIPrincipal* aNewPrincipal, - nsIPrincipal* aNewStoragePrincipal) { - MOZ_ASSERT(!!aNewPrincipal == !!aNewStoragePrincipal); + nsIPrincipal* aNewPartitionedPrincipal) { + MOZ_ASSERT(!!aNewPrincipal == !!aNewPartitionedPrincipal); if (aNewPrincipal && mAllowDNSPrefetch && StaticPrefs::network_dns_disablePrefetchFromHTTPS()) { if (aNewPrincipal->SchemeIs("https")) { @@ -3726,7 +3726,7 @@ void Document::SetPrincipals(nsIPrincipal* aNewPrincipal, } } mNodeInfoManager->SetDocumentPrincipal(aNewPrincipal); - mIntrinsicStoragePrincipal = aNewStoragePrincipal; + mPartitionedPrincipal = aNewPartitionedPrincipal; ContentBlockingAllowList::ComputePrincipal( aNewPrincipal, getter_AddRefs(mContentBlockingAllowListPrincipal)); @@ -11057,8 +11057,7 @@ nsresult Document::CloneDocHelper(Document* clone) const { } clone->mChannel = channel; if (uri) { - clone->ResetToURI(uri, loadGroup, NodePrincipal(), - EffectiveStoragePrincipal()); + clone->ResetToURI(uri, loadGroup, NodePrincipal(), mPartitionedPrincipal); } clone->SetContainer(mDocumentContainer); @@ -11082,7 +11081,7 @@ nsresult Document::CloneDocHelper(Document* clone) const { // them. clone->SetDocumentURI(Document::GetDocumentURI()); clone->SetChromeXHRDocURI(mChromeXHRDocURI); - clone->SetPrincipals(NodePrincipal(), mIntrinsicStoragePrincipal); + clone->SetPrincipals(NodePrincipal(), mPartitionedPrincipal); clone->mActiveStoragePrincipal = mActiveStoragePrincipal; clone->mDocumentBaseURI = mDocumentBaseURI; clone->SetChromeXHRDocBaseURI(mChromeXHRDocBaseURI); @@ -16302,7 +16301,7 @@ nsIPrincipal* Document::EffectiveStoragePrincipal() const { return mActiveStoragePrincipal = NodePrincipal(); } - return mActiveStoragePrincipal = mIntrinsicStoragePrincipal; + return mActiveStoragePrincipal = mPartitionedPrincipal; } void Document::SetIsInitialDocument(bool aIsInitialDocument) { diff --git a/dom/base/Document.h b/dom/base/Document.h index 0c0319f9b19c..fe53de787edf 100644 --- a/dom/base/Document.h +++ b/dom/base/Document.h @@ -578,13 +578,11 @@ class Document : public nsINode, return EffectiveStoragePrincipal(); } - // You should probably not be using this function, since it performs no - // checks to ensure that the intrinsic storage principal should really be - // used here. It is only designed to be used in very specific circumstances, - // such as when inheriting the document/storage principal. - nsIPrincipal* IntrinsicStoragePrincipal() final { - return mIntrinsicStoragePrincipal; - } + // You should probably not be using this function, since it performs no checks + // to ensure that the partitioned principal should really be used here. It is + // only designed to be used in very specific circumstances, such as when + // inheriting the document/storage principal. + nsIPrincipal* PartitionedPrincipal() final { return mPartitionedPrincipal; } void ClearActiveStoragePrincipal() { mActiveStoragePrincipal = nullptr; } @@ -855,7 +853,8 @@ class Document : public nsINode, * Set the principals responsible for this document. Chances are, you do not * want to be using this. */ - void SetPrincipals(nsIPrincipal* aPrincipal, nsIPrincipal* aStoragePrincipal); + void SetPrincipals(nsIPrincipal* aPrincipal, + nsIPrincipal* aPartitionedPrincipal); /** * Get the list of ancestor principals for a document. This is the same as @@ -2089,13 +2088,13 @@ class Document : public nsINode, virtual void Reset(nsIChannel* aChannel, nsILoadGroup* aLoadGroup); /** - * Reset this document to aURI, aLoadGroup, aPrincipal and aStoragePrincipal. - * aURI must not be null. If aPrincipal is null, a content principal based - * on aURI will be used. + * Reset this document to aURI, aLoadGroup, aPrincipal and + * aPartitionedPrincipal. aURI must not be null. If aPrincipal is null, a + * content principal based on aURI will be used. */ virtual void ResetToURI(nsIURI* aURI, nsILoadGroup* aLoadGroup, nsIPrincipal* aPrincipal, - nsIPrincipal* aStoragePrincipal); + nsIPrincipal* aPartitionedPrincipal); /** * Set the container (docshell) for this document. Virtual so that @@ -5046,8 +5045,9 @@ class Document : public nsINode, int32_t mCachedTabSizeGeneration; nsTabSizes mCachedTabSizes; - // The principal to use for the storage area of this document. - nsCOMPtr mIntrinsicStoragePrincipal; + // This is equal to document's principal but with an isolation key. See + // StoragePrincipalHelper.h to know more. + nsCOMPtr mPartitionedPrincipal; // The cached storage principal for this document. // This is mutable so that we can keep EffectiveStoragePrincipal() const diff --git a/dom/base/nsGlobalWindowInner.cpp b/dom/base/nsGlobalWindowInner.cpp index ef5929e19787..cfd84c7ce55d 100644 --- a/dom/base/nsGlobalWindowInner.cpp +++ b/dom/base/nsGlobalWindowInner.cpp @@ -1099,7 +1099,7 @@ void nsGlobalWindowInner::FreeInnerObjects() { // Remember the document's principal, URI, and CSP. mDocumentPrincipal = mDoc->NodePrincipal(); mDocumentStoragePrincipal = mDoc->EffectiveStoragePrincipal(); - mDocumentIntrinsicStoragePrincipal = mDoc->IntrinsicStoragePrincipal(); + mDocumentPartitionedPrincipal = mDoc->PartitionedPrincipal(); mDocumentURI = mDoc->GetDocumentURI(); mDocBaseURI = mDoc->GetDocBaseURI(); mDocContentBlockingAllowListPrincipal = @@ -1327,7 +1327,7 @@ NS_IMPL_CYCLE_COLLECTION_TRAVERSE_BEGIN_INTERNAL(nsGlobalWindowInner) NS_IMPL_CYCLE_COLLECTION_TRAVERSE(mIndexedDB) NS_IMPL_CYCLE_COLLECTION_TRAVERSE(mDocumentPrincipal) NS_IMPL_CYCLE_COLLECTION_TRAVERSE(mDocumentStoragePrincipal) - NS_IMPL_CYCLE_COLLECTION_TRAVERSE(mDocumentIntrinsicStoragePrincipal) + NS_IMPL_CYCLE_COLLECTION_TRAVERSE(mDocumentPartitionedPrincipal) NS_IMPL_CYCLE_COLLECTION_TRAVERSE(mDocumentCsp) NS_IMPL_CYCLE_COLLECTION_TRAVERSE(mBrowserChild) NS_IMPL_CYCLE_COLLECTION_TRAVERSE(mDoc) @@ -1434,7 +1434,7 @@ NS_IMPL_CYCLE_COLLECTION_UNLINK_BEGIN(nsGlobalWindowInner) } NS_IMPL_CYCLE_COLLECTION_UNLINK(mDocumentPrincipal) NS_IMPL_CYCLE_COLLECTION_UNLINK(mDocumentStoragePrincipal) - NS_IMPL_CYCLE_COLLECTION_UNLINK(mDocumentIntrinsicStoragePrincipal) + NS_IMPL_CYCLE_COLLECTION_UNLINK(mDocumentPartitionedPrincipal) NS_IMPL_CYCLE_COLLECTION_UNLINK(mDocumentCsp) NS_IMPL_CYCLE_COLLECTION_UNLINK(mBrowserChild) NS_IMPL_CYCLE_COLLECTION_UNLINK(mDoc) @@ -2102,24 +2102,24 @@ nsIPrincipal* nsGlobalWindowInner::GetEffectiveStoragePrincipal() { return nullptr; } -nsIPrincipal* nsGlobalWindowInner::IntrinsicStoragePrincipal() { +nsIPrincipal* nsGlobalWindowInner::PartitionedPrincipal() { if (mDoc) { // If we have a document, get the principal from the document - return mDoc->EffectiveStoragePrincipal(); + return mDoc->PartitionedPrincipal(); } - if (mDocumentIntrinsicStoragePrincipal) { - return mDocumentIntrinsicStoragePrincipal; + if (mDocumentPartitionedPrincipal) { + return mDocumentPartitionedPrincipal; } - // If we don't have a storage principal and we don't have a document we ask - // the parent window for the storage principal. + // If we don't have a partitioned principal and we don't have a document we + // ask the parent window for the partitioned principal. nsCOMPtr objPrincipal = do_QueryInterface(GetInProcessParentInternal()); if (objPrincipal) { - return objPrincipal->IntrinsicStoragePrincipal(); + return objPrincipal->PartitionedPrincipal(); } return nullptr; @@ -4346,10 +4346,10 @@ already_AddRefed nsGlobalWindowInner::GetComputedStyleHelper( Storage* nsGlobalWindowInner::GetSessionStorage(ErrorResult& aError) { nsIPrincipal* principal = GetPrincipal(); - nsIPrincipal* storagePrincipal = IntrinsicStoragePrincipal(); + nsIPrincipal* partitionedPrincipal = PartitionedPrincipal(); BrowsingContext* browsingContext = GetBrowsingContext(); - if (!principal || !storagePrincipal || !browsingContext || + if (!principal || !partitionedPrincipal || !browsingContext || !Storage::StoragePrefIsEnabled()) { return nullptr; } @@ -4360,7 +4360,7 @@ Storage* nsGlobalWindowInner::GetSessionStorage(ErrorResult& aError) { mSessionStorage.get())); bool canAccess = principal->Subsumes(mSessionStorage->Principal()) && - storagePrincipal->Subsumes(mSessionStorage->StoragePrincipal()); + partitionedPrincipal->Subsumes(mSessionStorage->StoragePrincipal()); if (!canAccess) { mSessionStorage = nullptr; } @@ -4438,9 +4438,9 @@ Storage* nsGlobalWindowInner::GetSessionStorage(ErrorResult& aError) { } RefPtr storage; - aError = storageManager->CreateStorage(this, principal, storagePrincipal, - documentURI, IsPrivateBrowsing(), - getter_AddRefs(storage)); + aError = storageManager->CreateStorage( + this, principal, partitionedPrincipal, documentURI, IsPrivateBrowsing(), + getter_AddRefs(storage)); if (aError.Failed()) { return nullptr; } @@ -5023,11 +5023,6 @@ void nsGlobalWindowInner::ObserveStorageNotification( return; } - nsIPrincipal* storagePrincipal = GetEffectiveStoragePrincipal(); - if (!storagePrincipal) { - return; - } - bool fireMozStorageChanged = false; nsAutoString eventType; eventType.AssignLiteral("storage"); @@ -5040,7 +5035,7 @@ void nsGlobalWindowInner::ObserveStorageNotification( if (const RefPtr storageManager = GetBrowsingContext()->GetSessionStorageManager()) { - nsresult rv = storageManager->CheckStorage(storagePrincipal, + nsresult rv = storageManager->CheckStorage(PartitionedPrincipal(), changingStorage, &check); if (NS_FAILED(rv)) { return; @@ -5067,6 +5062,11 @@ void nsGlobalWindowInner::ObserveStorageNotification( else { MOZ_ASSERT(!NS_strcmp(aStorageType, u"localStorage")); + nsIPrincipal* storagePrincipal = GetEffectiveStoragePrincipal(); + if (!storagePrincipal) { + return; + } + MOZ_DIAGNOSTIC_ASSERT(StorageUtils::PrincipalsEqual(aEvent->GetPrincipal(), storagePrincipal)); diff --git a/dom/base/nsGlobalWindowInner.h b/dom/base/nsGlobalWindowInner.h index fbed52ff197b..f4fd5af0f3d1 100644 --- a/dom/base/nsGlobalWindowInner.h +++ b/dom/base/nsGlobalWindowInner.h @@ -266,7 +266,7 @@ class nsGlobalWindowInner final : public mozilla::dom::EventTarget, virtual nsIPrincipal* GetEffectiveStoragePrincipal() override; - virtual nsIPrincipal* IntrinsicStoragePrincipal() override; + virtual nsIPrincipal* PartitionedPrincipal() override; // nsIDOMWindow NS_DECL_NSIDOMWINDOW @@ -1339,7 +1339,7 @@ class nsGlobalWindowInner final : public mozilla::dom::EventTarget, // FreeInnerObjects has been called. nsCOMPtr mDocumentPrincipal; nsCOMPtr mDocumentStoragePrincipal; - nsCOMPtr mDocumentIntrinsicStoragePrincipal; + nsCOMPtr mDocumentPartitionedPrincipal; nsCOMPtr mDocumentCsp; RefPtr diff --git a/dom/base/nsGlobalWindowOuter.cpp b/dom/base/nsGlobalWindowOuter.cpp index de833141ad19..d65921890ece 100644 --- a/dom/base/nsGlobalWindowOuter.cpp +++ b/dom/base/nsGlobalWindowOuter.cpp @@ -1588,7 +1588,7 @@ NS_IMPL_CYCLE_COLLECTION_TRAVERSE_BEGIN_INTERNAL(nsGlobalWindowOuter) NS_IMPL_CYCLE_COLLECTION_TRAVERSE(mSuspendedDoc) NS_IMPL_CYCLE_COLLECTION_TRAVERSE(mDocumentPrincipal) NS_IMPL_CYCLE_COLLECTION_TRAVERSE(mDocumentStoragePrincipal) - NS_IMPL_CYCLE_COLLECTION_TRAVERSE(mDocumentIntrinsicStoragePrincipal) + NS_IMPL_CYCLE_COLLECTION_TRAVERSE(mDocumentPartitionedPrincipal) NS_IMPL_CYCLE_COLLECTION_TRAVERSE(mDoc) // Traverse stuff from nsPIDOMWindow @@ -1620,7 +1620,7 @@ NS_IMPL_CYCLE_COLLECTION_UNLINK_BEGIN(nsGlobalWindowOuter) NS_IMPL_CYCLE_COLLECTION_UNLINK(mSuspendedDoc) NS_IMPL_CYCLE_COLLECTION_UNLINK(mDocumentPrincipal) NS_IMPL_CYCLE_COLLECTION_UNLINK(mDocumentStoragePrincipal) - NS_IMPL_CYCLE_COLLECTION_UNLINK(mDocumentIntrinsicStoragePrincipal) + NS_IMPL_CYCLE_COLLECTION_UNLINK(mDocumentPartitionedPrincipal) NS_IMPL_CYCLE_COLLECTION_UNLINK(mDoc) // Unlink stuff from nsPIDOMWindow @@ -2044,8 +2044,8 @@ nsresult nsGlobalWindowOuter::SetNewDocument(Document* aDocument, "mDocumentPrincipal prematurely set!"); MOZ_ASSERT(mDocumentStoragePrincipal == nullptr, "mDocumentStoragePrincipal prematurely set!"); - MOZ_ASSERT(mDocumentIntrinsicStoragePrincipal == nullptr, - "mDocumentIntrinsicStoragePrincipal prematurely set!"); + MOZ_ASSERT(mDocumentPartitionedPrincipal == nullptr, + "mDocumentPartitionedPrincipal prematurely set!"); MOZ_ASSERT(aDocument); // Bail out early if we're in process of closing down the window. @@ -2697,7 +2697,7 @@ void nsGlobalWindowOuter::DetachFromDocShell(bool aIsBeingDiscarded) { // Remember the document's principal and URI. mDocumentPrincipal = mDoc->NodePrincipal(); mDocumentStoragePrincipal = mDoc->EffectiveStoragePrincipal(); - mDocumentIntrinsicStoragePrincipal = mDoc->IntrinsicStoragePrincipal(); + mDocumentPartitionedPrincipal = mDoc->PartitionedPrincipal(); mDocumentURI = mDoc->GetDocumentURI(); // Release our document reference @@ -2970,24 +2970,24 @@ nsIPrincipal* nsGlobalWindowOuter::GetEffectiveStoragePrincipal() { return nullptr; } -nsIPrincipal* nsGlobalWindowOuter::IntrinsicStoragePrincipal() { +nsIPrincipal* nsGlobalWindowOuter::PartitionedPrincipal() { if (mDoc) { // If we have a document, get the principal from the document - return mDoc->IntrinsicStoragePrincipal(); + return mDoc->PartitionedPrincipal(); } - if (mDocumentIntrinsicStoragePrincipal) { - return mDocumentIntrinsicStoragePrincipal; + if (mDocumentPartitionedPrincipal) { + return mDocumentPartitionedPrincipal; } - // If we don't have a storage principal and we don't have a document we ask - // the parent window for the storage principal. + // If we don't have a partitioned principal and we don't have a document we + // ask the parent window for the partitioned principal. nsCOMPtr objPrincipal = do_QueryInterface(GetInProcessParentInternal()); if (objPrincipal) { - return objPrincipal->IntrinsicStoragePrincipal(); + return objPrincipal->PartitionedPrincipal(); } return nullptr; diff --git a/dom/base/nsGlobalWindowOuter.h b/dom/base/nsGlobalWindowOuter.h index 8f7f489ca9a3..a74656a56024 100644 --- a/dom/base/nsGlobalWindowOuter.h +++ b/dom/base/nsGlobalWindowOuter.h @@ -244,7 +244,7 @@ class nsGlobalWindowOuter final : public mozilla::dom::EventTarget, virtual nsIPrincipal* GetEffectiveStoragePrincipal() override; - virtual nsIPrincipal* IntrinsicStoragePrincipal() override; + virtual nsIPrincipal* PartitionedPrincipal() override; // nsIDOMWindow NS_DECL_NSIDOMWINDOW @@ -1098,7 +1098,7 @@ class nsGlobalWindowOuter final : public mozilla::dom::EventTarget, nsCOMPtr mDocumentPrincipal; nsCOMPtr mDocumentStoragePrincipal; - nsCOMPtr mDocumentIntrinsicStoragePrincipal; + nsCOMPtr mDocumentPartitionedPrincipal; #ifdef DEBUG uint32_t mSerial; diff --git a/dom/base/nsIScriptObjectPrincipal.h b/dom/base/nsIScriptObjectPrincipal.h index 3752888f877b..3089e8fe4b2e 100644 --- a/dom/base/nsIScriptObjectPrincipal.h +++ b/dom/base/nsIScriptObjectPrincipal.h @@ -29,7 +29,7 @@ class nsIScriptObjectPrincipal : public nsISupports { virtual nsIPrincipal* GetEffectiveStoragePrincipal() = 0; - virtual nsIPrincipal* IntrinsicStoragePrincipal() = 0; + virtual nsIPrincipal* PartitionedPrincipal() = 0; }; NS_DEFINE_STATIC_IID_ACCESSOR(nsIScriptObjectPrincipal, diff --git a/dom/broadcastchannel/BroadcastChannel.cpp b/dom/broadcastchannel/BroadcastChannel.cpp index af8af46206dc..0b647b5e0aa3 100644 --- a/dom/broadcastchannel/BroadcastChannel.cpp +++ b/dom/broadcastchannel/BroadcastChannel.cpp @@ -234,9 +234,7 @@ already_AddRefed BroadcastChannel::Constructor( storageAccess = workerPrivate->StorageAccess(); storagePrincipalInfo = workerPrivate->GetEffectiveStoragePrincipalInfo(); - - // TODO This is broken, it will be fixed in the following patches. - origin = workerPrivate->PartitionedOrigin(); + origin = workerPrivate->StoragePrincipalOrigin(); originNoSuffix = workerPrivate->GetLocationInfo().mOrigin; diff --git a/dom/html/nsHTMLDocument.cpp b/dom/html/nsHTMLDocument.cpp index 0b7d509560c1..56ac241e5549 100644 --- a/dom/html/nsHTMLDocument.cpp +++ b/dom/html/nsHTMLDocument.cpp @@ -162,10 +162,10 @@ void nsHTMLDocument::Reset(nsIChannel* aChannel, nsILoadGroup* aLoadGroup) { void nsHTMLDocument::ResetToURI(nsIURI* aURI, nsILoadGroup* aLoadGroup, nsIPrincipal* aPrincipal, - nsIPrincipal* aStoragePrincipal) { + nsIPrincipal* aPartitionedPrincipal) { mLoadFlags = nsIRequest::LOAD_NORMAL; - Document::ResetToURI(aURI, aLoadGroup, aPrincipal, aStoragePrincipal); + Document::ResetToURI(aURI, aLoadGroup, aPrincipal, aPartitionedPrincipal); mImages = nullptr; mApplets = nullptr; diff --git a/dom/html/nsHTMLDocument.h b/dom/html/nsHTMLDocument.h index 7ae59bcff19b..91d783531bf9 100644 --- a/dom/html/nsHTMLDocument.h +++ b/dom/html/nsHTMLDocument.h @@ -51,7 +51,7 @@ class nsHTMLDocument : public mozilla::dom::Document { virtual void Reset(nsIChannel* aChannel, nsILoadGroup* aLoadGroup) override; virtual void ResetToURI(nsIURI* aURI, nsILoadGroup* aLoadGroup, nsIPrincipal* aPrincipal, - nsIPrincipal* aStoragePrincipal) override; + nsIPrincipal* aPartitionedPrincipal) override; virtual nsresult StartDocumentLoad(const char* aCommand, nsIChannel* aChannel, nsILoadGroup* aLoadGroup, diff --git a/dom/interfaces/base/nsIBrowser.idl b/dom/interfaces/base/nsIBrowser.idl index 300b09e13824..6d8aff9aaccb 100644 --- a/dom/interfaces/base/nsIBrowser.idl +++ b/dom/interfaces/base/nsIBrowser.idl @@ -77,7 +77,7 @@ interface nsIBrowser : nsISupports readonly attribute nsIWebProgress remoteWebProgressManager; readonly attribute nsIPrincipal contentPrincipal; - readonly attribute nsIPrincipal contentStoragePrincipal; + readonly attribute nsIPrincipal contentPartitionedPrincipal; readonly attribute nsIPrincipal contentBlockingAllowListPrincipal; readonly attribute nsIContentSecurityPolicy csp; readonly attribute nsIReferrerInfo referrerInfo; @@ -133,8 +133,8 @@ interface nsIBrowser : nsISupports * @param aDocumentURI the URI of the new document * @param aTitle the title of the new doucment * @param aContentPrincipal the security principal of the new document - * @param aContentStoragePrincipal the security principal for the new - * document's storage + * @param aContentPartitionedPrincipal the security principal for the new + * document's storage * @param aCSP the content security policy of the new document * @param aReferrerInfo the referrer info of the new document * @param aIsSynthetic whether or not the document is synthetic @@ -151,7 +151,7 @@ interface nsIBrowser : nsISupports in nsIURI aDocumentURI, in AString aTitle, in nsIPrincipal aContentPrincipal, - in nsIPrincipal aContentStoragePrincipal, + in nsIPrincipal aContentPartitionedPrincipal, in nsIContentSecurityPolicy aCSP, in nsIReferrerInfo aReferrerInfo, in boolean aIsSynthetic, diff --git a/dom/ipc/BrowserChild.cpp b/dom/ipc/BrowserChild.cpp index 2b17323d8a93..4c900b099396 100644 --- a/dom/ipc/BrowserChild.cpp +++ b/dom/ipc/BrowserChild.cpp @@ -3647,8 +3647,8 @@ NS_IMETHODIMP BrowserChild::OnLocationChange(nsIWebProgress* aWebProgress, docShell->GetCharsetAutodetected(); locationChangeData->contentPrincipal() = document->NodePrincipal(); - locationChangeData->contentStoragePrincipal() = - document->EffectiveStoragePrincipal(); + locationChangeData->contentPartitionedPrincipal() = + document->PartitionedPrincipal(); locationChangeData->csp() = document->GetCsp(); locationChangeData->referrerInfo() = document->ReferrerInfo(); locationChangeData->isSyntheticDocument() = document->IsSyntheticDocument(); diff --git a/dom/ipc/BrowserParent.cpp b/dom/ipc/BrowserParent.cpp index f30a1394fe89..9ff5b77702aa 100644 --- a/dom/ipc/BrowserParent.cpp +++ b/dom/ipc/BrowserParent.cpp @@ -2692,7 +2692,7 @@ mozilla::ipc::IPCResult BrowserParent::RecvOnLocationChange( aLocationChangeData->charsetAutodetected(), aLocationChangeData->documentURI(), aLocationChangeData->title(), aLocationChangeData->contentPrincipal(), - aLocationChangeData->contentStoragePrincipal(), + aLocationChangeData->contentPartitionedPrincipal(), aLocationChangeData->csp(), aLocationChangeData->referrerInfo(), aLocationChangeData->isSyntheticDocument(), aWebProgressData->innerDOMWindowID(), diff --git a/dom/ipc/DOMTypes.ipdlh b/dom/ipc/DOMTypes.ipdlh index 188ae46a7a7d..5735e83e221f 100644 --- a/dom/ipc/DOMTypes.ipdlh +++ b/dom/ipc/DOMTypes.ipdlh @@ -241,7 +241,7 @@ struct DocShellLoadStateInit bool InheritPrincipal; bool PrincipalIsExplicit; nsIPrincipal PrincipalToInherit; - nsIPrincipal StoragePrincipalToInherit; + nsIPrincipal PartitionedPrincipalToInherit; bool ForceAllowDataURI; bool OriginalFrameSrc; bool IsFormSubmission; diff --git a/dom/ipc/PBrowser.ipdl b/dom/ipc/PBrowser.ipdl index 64e40dfa65e1..bd9dcbd20805 100644 --- a/dom/ipc/PBrowser.ipdl +++ b/dom/ipc/PBrowser.ipdl @@ -147,7 +147,7 @@ struct WebProgressLocationChangeData nsString charset; nsIURI documentURI; nsIPrincipal contentPrincipal; - nsIPrincipal contentStoragePrincipal; + nsIPrincipal contentPartitionedPrincipal; nsIContentSecurityPolicy csp; nsIReferrerInfo referrerInfo; uint64_t? requestContextID; diff --git a/dom/serviceworkers/ServiceWorkerPrivate.cpp b/dom/serviceworkers/ServiceWorkerPrivate.cpp index a240d0c28397..3bada6c3a9ea 100644 --- a/dom/serviceworkers/ServiceWorkerPrivate.cpp +++ b/dom/serviceworkers/ServiceWorkerPrivate.cpp @@ -1705,9 +1705,9 @@ nsresult ServiceWorkerPrivate::SpawnWorkerIfNeeded(WakeUpReason aWhy, info.mPrincipal = mInfo->Principal(); info.mLoadingPrincipal = info.mPrincipal; - // StoragePrincipal for ServiceWorkers is equal to mPrincipal because, at the - // moment, ServiceWorkers are not exposed in partitioned contexts. - info.mStoragePrincipal = info.mPrincipal; + // PartitionedPrincipal for ServiceWorkers is equal to mPrincipal because, at + // the moment, ServiceWorkers are not exposed in partitioned contexts. + info.mPartitionedPrincipal = info.mPrincipal; info.mCookieJarSettings = mozilla::net::CookieJarSettings::Create(); MOZ_ASSERT(info.mCookieJarSettings); @@ -1735,7 +1735,7 @@ nsresult ServiceWorkerPrivate::SpawnWorkerIfNeeded(WakeUpReason aWhy, WorkerPrivate::OverrideLoadInfoLoadGroup(info, info.mPrincipal); rv = info.SetPrincipalsAndCSPOnMainThread( - info.mPrincipal, info.mStoragePrincipal, info.mLoadGroup, nullptr); + info.mPrincipal, info.mPartitionedPrincipal, info.mLoadGroup, nullptr); if (NS_WARN_IF(NS_FAILED(rv))) { return rv; } diff --git a/dom/serviceworkers/ServiceWorkerPrivateImpl.cpp b/dom/serviceworkers/ServiceWorkerPrivateImpl.cpp index 69f140aea7fc..b56450359196 100644 --- a/dom/serviceworkers/ServiceWorkerPrivateImpl.cpp +++ b/dom/serviceworkers/ServiceWorkerPrivateImpl.cpp @@ -69,7 +69,7 @@ ServiceWorkerPrivateImpl::RAIIActorPtrHolder::~RAIIActorPtrHolder() { } RemoteWorkerControllerChild* - ServiceWorkerPrivateImpl::RAIIActorPtrHolder::operator->() const { +ServiceWorkerPrivateImpl::RAIIActorPtrHolder::operator->() const { AssertIsOnMainThread(); return get(); @@ -168,9 +168,10 @@ nsresult ServiceWorkerPrivateImpl::Initialize() { mRemoteWorkerData.loadingPrincipalInfo() = principalInfo; mRemoteWorkerData.principalInfo() = principalInfo; - // storagePrincipalInfo for ServiceWorkers is equal to principalInfo because, - // at the moment, ServiceWorkers are not exposed in partitioned contexts. - mRemoteWorkerData.storagePrincipalInfo() = principalInfo; + // partitionedPrincipalInfo for ServiceWorkers is equal to principalInfo + // because, at the moment, ServiceWorkers are not exposed in partitioned + // contexts. + mRemoteWorkerData.partitionedPrincipalInfo() = principalInfo; rv = uri->GetHost(mRemoteWorkerData.domain()); NS_ENSURE_SUCCESS(rv, rv); diff --git a/dom/webidl/Document.webidl b/dom/webidl/Document.webidl index 8130db018f47..7063e36d899e 100644 --- a/dom/webidl/Document.webidl +++ b/dom/webidl/Document.webidl @@ -390,6 +390,13 @@ partial interface Document { [ChromeOnly] readonly attribute Principal effectiveStoragePrincipal; + // You should probably not be using this principal getter since it performs + // no checks to ensure that the partitioned principal should really be used + // here. It is only designed to be used in very specific circumstances, such + // as when inheriting the document/storage principal. + [ChromeOnly] + readonly attribute Principal partitionedPrincipal; + // The principal to use for the content blocking allow list [ChromeOnly] readonly attribute Principal? contentBlockingAllowListPrincipal; diff --git a/dom/workers/ScriptLoader.cpp b/dom/workers/ScriptLoader.cpp index 9143b0330491..43bb7be2d544 100644 --- a/dom/workers/ScriptLoader.cpp +++ b/dom/workers/ScriptLoader.cpp @@ -1430,8 +1430,8 @@ class ScriptLoaderRunnable final : public nsIRunnable, public nsINamed { // referrer logic depends on the WorkerPrivate principal having a URL // that matches the worker script URL. If bug 1340694 is ever fixed // this can be removed. - // XXX: force the storagePrincipal to be equal to the response one. This - // is OK for now because we don't want to expose storagePrincipal + // XXX: force the partitionedPrincipal to be equal to the response one. + // This is OK for now because we don't want to expose partitionedPrincipal // functionality in ServiceWorkers yet. rv = mWorkerPrivate->SetPrincipalsAndCSPOnMainThread( responsePrincipal, responsePrincipal, loadGroup, nullptr); diff --git a/dom/workers/WorkerLoadInfo.cpp b/dom/workers/WorkerLoadInfo.cpp index 3cc6439d8f1d..eca09e3b3505 100644 --- a/dom/workers/WorkerLoadInfo.cpp +++ b/dom/workers/WorkerLoadInfo.cpp @@ -98,13 +98,13 @@ WorkerLoadInfoData::WorkerLoadInfoData() mSecureContext(eNotSet) {} nsresult WorkerLoadInfo::SetPrincipalsAndCSPOnMainThread( - nsIPrincipal* aPrincipal, nsIPrincipal* aStoragePrincipal, + nsIPrincipal* aPrincipal, nsIPrincipal* aPartitionedPrincipal, nsILoadGroup* aLoadGroup, nsIContentSecurityPolicy* aCsp) { AssertIsOnMainThread(); MOZ_ASSERT(NS_LoadGroupMatchesPrincipal(aLoadGroup, aPrincipal)); mPrincipal = aPrincipal; - mStoragePrincipal = aStoragePrincipal; + mPartitionedPrincipal = aPartitionedPrincipal; mPrincipalIsSystem = aPrincipal->IsSystemPrincipal(); mPrincipalIsAddonOrExpandedAddon = aPrincipal->GetIsAddonOrExpandedAddonPrincipal(); @@ -126,7 +126,7 @@ nsresult WorkerLoadInfo::SetPrincipalsAndCSPOnMainThread( mLoadGroup = aLoadGroup; mPrincipalInfo = MakeUnique(); - mStoragePrincipalInfo = MakeUnique(); + mPartitionedPrincipalInfo = MakeUnique(); StoragePrincipalHelper::GetRegularPrincipalOriginAttributes( aLoadGroup, mOriginAttributes); @@ -139,16 +139,16 @@ nsresult WorkerLoadInfo::SetPrincipalsAndCSPOnMainThread( rv = aPrincipal->GetOrigin(mOrigin); NS_ENSURE_SUCCESS(rv, rv); - if (aPrincipal->Equals(aStoragePrincipal)) { - *mStoragePrincipalInfo = *mPrincipalInfo; + if (aPrincipal->Equals(aPartitionedPrincipal)) { + *mPartitionedPrincipalInfo = *mPrincipalInfo; mPartitionedOrigin = mOrigin; } else { - mStoragePrincipalInfo = MakeUnique(); - rv = PrincipalToPrincipalInfo(aStoragePrincipal, - mStoragePrincipalInfo.get()); + mPartitionedPrincipalInfo = MakeUnique(); + rv = PrincipalToPrincipalInfo(aPartitionedPrincipal, + mPartitionedPrincipalInfo.get()); NS_ENSURE_SUCCESS(rv, rv); - rv = aStoragePrincipal->GetOrigin(mPartitionedOrigin); + rv = aPartitionedPrincipal->GetOrigin(mPartitionedOrigin); NS_ENSURE_SUCCESS(rv, rv); } @@ -157,11 +157,11 @@ nsresult WorkerLoadInfo::SetPrincipalsAndCSPOnMainThread( nsresult WorkerLoadInfo::GetPrincipalsAndLoadGroupFromChannel( nsIChannel* aChannel, nsIPrincipal** aPrincipalOut, - nsIPrincipal** aStoragePrincipalOut, nsILoadGroup** aLoadGroupOut) { + nsIPrincipal** aPartitionedPrincipalOut, nsILoadGroup** aLoadGroupOut) { AssertIsOnMainThread(); MOZ_DIAGNOSTIC_ASSERT(aChannel); MOZ_DIAGNOSTIC_ASSERT(aPrincipalOut); - MOZ_DIAGNOSTIC_ASSERT(aStoragePrincipalOut); + MOZ_DIAGNOSTIC_ASSERT(aPartitionedPrincipalOut); MOZ_DIAGNOSTIC_ASSERT(aLoadGroupOut); // Initial triggering principal should be set @@ -171,10 +171,10 @@ nsresult WorkerLoadInfo::GetPrincipalsAndLoadGroupFromChannel( MOZ_DIAGNOSTIC_ASSERT(ssm); nsCOMPtr channelPrincipal; - nsCOMPtr channelStoragePrincipal; + nsCOMPtr channelPartitionedPrincipal; nsresult rv = ssm->GetChannelResultPrincipals( aChannel, getter_AddRefs(channelPrincipal), - getter_AddRefs(channelStoragePrincipal)); + getter_AddRefs(channelPartitionedPrincipal)); NS_ENSURE_SUCCESS(rv, rv); // Every time we call GetChannelResultPrincipal() it will return a different @@ -188,7 +188,7 @@ nsresult WorkerLoadInfo::GetPrincipalsAndLoadGroupFromChannel( if (mPrincipal && mPrincipal->GetIsNullPrincipal() && channelPrincipal->GetIsNullPrincipal()) { channelPrincipal = mPrincipal; - channelStoragePrincipal = mPrincipal; + channelPartitionedPrincipal = mPrincipal; } nsCOMPtr channelLoadGroup; @@ -221,7 +221,7 @@ nsresult WorkerLoadInfo::GetPrincipalsAndLoadGroupFromChannel( // Assign the system principal to the resource:// worker only if it // was loaded from code using the system principal. channelPrincipal = mLoadingPrincipal; - channelStoragePrincipal = mLoadingPrincipal; + channelPartitionedPrincipal = mLoadingPrincipal; } else { return NS_ERROR_DOM_BAD_URI; } @@ -233,7 +233,7 @@ nsresult WorkerLoadInfo::GetPrincipalsAndLoadGroupFromChannel( MOZ_ASSERT(NS_LoadGroupMatchesPrincipal(channelLoadGroup, channelPrincipal)); channelPrincipal.forget(aPrincipalOut); - channelStoragePrincipal.forget(aStoragePrincipalOut); + channelPartitionedPrincipal.forget(aPartitionedPrincipalOut); channelLoadGroup.forget(aLoadGroupOut); return NS_OK; @@ -243,10 +243,10 @@ nsresult WorkerLoadInfo::SetPrincipalsAndCSPFromChannel(nsIChannel* aChannel) { AssertIsOnMainThread(); nsCOMPtr principal; - nsCOMPtr storagePrincipal; + nsCOMPtr partitionedPrincipal; nsCOMPtr loadGroup; nsresult rv = GetPrincipalsAndLoadGroupFromChannel( - aChannel, getter_AddRefs(principal), getter_AddRefs(storagePrincipal), + aChannel, getter_AddRefs(principal), getter_AddRefs(partitionedPrincipal), getter_AddRefs(loadGroup)); NS_ENSURE_SUCCESS(rv, rv); @@ -257,18 +257,18 @@ nsresult WorkerLoadInfo::SetPrincipalsAndCSPFromChannel(nsIChannel* aChannel) { nsCOMPtr loadinfo = aChannel->LoadInfo(); csp = loadinfo->GetCsp(); } - return SetPrincipalsAndCSPOnMainThread(principal, storagePrincipal, loadGroup, - csp); + return SetPrincipalsAndCSPOnMainThread(principal, partitionedPrincipal, + loadGroup, csp); } bool WorkerLoadInfo::FinalChannelPrincipalIsValid(nsIChannel* aChannel) { AssertIsOnMainThread(); nsCOMPtr principal; - nsCOMPtr storagePrincipal; + nsCOMPtr partitionedPrincipal; nsCOMPtr loadGroup; nsresult rv = GetPrincipalsAndLoadGroupFromChannel( - aChannel, getter_AddRefs(principal), getter_AddRefs(storagePrincipal), + aChannel, getter_AddRefs(principal), getter_AddRefs(partitionedPrincipal), getter_AddRefs(loadGroup)); NS_ENSURE_SUCCESS(rv, false); @@ -293,9 +293,9 @@ bool WorkerLoadInfo::PrincipalIsValid() const { return mPrincipal && mPrincipalInfo && mPrincipalInfo->type() != PrincipalInfo::T__None && mPrincipalInfo->type() <= PrincipalInfo::T__Last && - mStoragePrincipal && mStoragePrincipalInfo && - mStoragePrincipalInfo->type() != PrincipalInfo::T__None && - mStoragePrincipalInfo->type() <= PrincipalInfo::T__Last; + mPartitionedPrincipal && mPartitionedPrincipalInfo && + mPartitionedPrincipalInfo->type() != PrincipalInfo::T__None && + mPartitionedPrincipalInfo->type() <= PrincipalInfo::T__Last; } bool WorkerLoadInfo::PrincipalURIMatchesScriptURL() { @@ -375,7 +375,7 @@ bool WorkerLoadInfo::ProxyReleaseMainThreadObjects( SwapToISupportsArray(mBaseURI, doomed); SwapToISupportsArray(mResolvedScriptURI, doomed); SwapToISupportsArray(mPrincipal, doomed); - SwapToISupportsArray(mStoragePrincipal, doomed); + SwapToISupportsArray(mPartitionedPrincipal, doomed); SwapToISupportsArray(mLoadingPrincipal, doomed); SwapToISupportsArray(mChannel, doomed); SwapToISupportsArray(mCSP, doomed); diff --git a/dom/workers/WorkerLoadInfo.h b/dom/workers/WorkerLoadInfo.h index 3b3c46e04e41..168e08b5262f 100644 --- a/dom/workers/WorkerLoadInfo.h +++ b/dom/workers/WorkerLoadInfo.h @@ -52,7 +52,7 @@ struct WorkerLoadInfoData { // If we load a data: URL, mPrincipal will be a null principal. nsCOMPtr mLoadingPrincipal; nsCOMPtr mPrincipal; - nsCOMPtr mStoragePrincipal; + nsCOMPtr mPartitionedPrincipal; // Taken from the parent context. nsCOMPtr mCookieJarSettings; @@ -102,7 +102,7 @@ struct WorkerLoadInfoData { RefPtr mInterfaceRequestor; UniquePtr mPrincipalInfo; - UniquePtr mStoragePrincipalInfo; + UniquePtr mPartitionedPrincipalInfo; nsCString mDomain; nsString mOriginNoSuffix; // Derived from mPrincipal; can be used on worker // thread. @@ -157,13 +157,13 @@ struct WorkerLoadInfo : WorkerLoadInfoData { WorkerLoadInfo& operator=(WorkerLoadInfo&& aOther) = default; nsresult SetPrincipalsAndCSPOnMainThread(nsIPrincipal* aPrincipal, - nsIPrincipal* aStoragePrincipal, + nsIPrincipal* aPartitionedPrincipal, nsILoadGroup* aLoadGroup, nsIContentSecurityPolicy* aCSP); nsresult GetPrincipalsAndLoadGroupFromChannel( nsIChannel* aChannel, nsIPrincipal** aPrincipalOut, - nsIPrincipal** aStoragePrincipalOut, nsILoadGroup** aLoadGroupOut); + nsIPrincipal** aPartitionedPrincipalOut, nsILoadGroup** aLoadGroupOut); nsresult SetPrincipalsAndCSPFromChannel(nsIChannel* aChannel); diff --git a/dom/workers/WorkerPrivate.cpp b/dom/workers/WorkerPrivate.cpp index a6f586683a7a..eabfd8c239de 100644 --- a/dom/workers/WorkerPrivate.cpp +++ b/dom/workers/WorkerPrivate.cpp @@ -2028,10 +2028,10 @@ void WorkerPrivate::SetBaseURI(nsIURI* aBaseURI) { } nsresult WorkerPrivate::SetPrincipalsAndCSPOnMainThread( - nsIPrincipal* aPrincipal, nsIPrincipal* aStoragePrincipal, + nsIPrincipal* aPrincipal, nsIPrincipal* aPartitionedPrincipal, nsILoadGroup* aLoadGroup, nsIContentSecurityPolicy* aCsp) { return mLoadInfo.SetPrincipalsAndCSPOnMainThread( - aPrincipal, aStoragePrincipal, aLoadGroup, aCsp); + aPrincipal, aPartitionedPrincipal, aLoadGroup, aCsp); } nsresult WorkerPrivate::SetPrincipalsAndCSPFromChannel(nsIChannel* aChannel) { @@ -5333,6 +5333,23 @@ void WorkerPrivate::EnsureOwnerEmbedderPolicy() { } } +const mozilla::ipc::PrincipalInfo& +WorkerPrivate::GetEffectiveStoragePrincipalInfo() const { + AssertIsOnWorkerThread(); + + if (mLoadInfo.mFirstPartyStorageAccessGranted) { + return *mLoadInfo.mPrincipalInfo; + } + + // TODO: this is wrong and it will be fixed by the next patch. + return *mLoadInfo.mPartitionedPrincipalInfo; +} + +const nsACString& WorkerPrivate::StoragePrincipalOrigin() const { + // TODO: this is wrong and it will be fixed by the next patch. + return mLoadInfo.mPartitionedOrigin; +} + NS_IMPL_ADDREF(WorkerPrivate::EventTarget) NS_IMPL_RELEASE(WorkerPrivate::EventTarget) diff --git a/dom/workers/WorkerPrivate.h b/dom/workers/WorkerPrivate.h index ca82b97d3499..7538f7a5d1af 100644 --- a/dom/workers/WorkerPrivate.h +++ b/dom/workers/WorkerPrivate.h @@ -694,11 +694,6 @@ class WorkerPrivate : public RelativeTimeline { return mLoadInfo.mPrincipal; } - nsIPrincipal* GetEffectiveStoragePrincipal() const { - AssertIsOnMainThread(); - return mLoadInfo.mStoragePrincipal; - } - nsIPrincipal* GetLoadingPrincipal() const { AssertIsOnMainThread(); return mLoadInfo.mLoadingPrincipal; @@ -708,6 +703,8 @@ class WorkerPrivate : public RelativeTimeline { const nsACString& Origin() const { return mLoadInfo.mOrigin; } + const nsACString& StoragePrincipalOrigin() const; + const nsACString& PartitionedOrigin() const { return mLoadInfo.mPartitionedOrigin; } @@ -726,9 +723,7 @@ class WorkerPrivate : public RelativeTimeline { return *mLoadInfo.mPrincipalInfo; } - const mozilla::ipc::PrincipalInfo& GetEffectiveStoragePrincipalInfo() const { - return *mLoadInfo.mStoragePrincipalInfo; - } + const mozilla::ipc::PrincipalInfo& GetEffectiveStoragePrincipalInfo() const; already_AddRefed ForgetWorkerChannel() { AssertIsOnMainThread(); @@ -863,7 +858,7 @@ class WorkerPrivate : public RelativeTimeline { void CycleCollect(bool aDummy); nsresult SetPrincipalsAndCSPOnMainThread(nsIPrincipal* aPrincipal, - nsIPrincipal* aStoragePrincipal, + nsIPrincipal* aPartitionedPrincipal, nsILoadGroup* aLoadGroup, nsIContentSecurityPolicy* aCsp); diff --git a/dom/workers/remoteworkers/RemoteWorkerChild.cpp b/dom/workers/remoteworkers/RemoteWorkerChild.cpp index ecf6e7ba28f0..1881bacb5710 100644 --- a/dom/workers/remoteworkers/RemoteWorkerChild.cpp +++ b/dom/workers/remoteworkers/RemoteWorkerChild.cpp @@ -325,10 +325,10 @@ nsresult RemoteWorkerChild::ExecWorkerOnMainThread(RemoteWorkerData&& aData) { return loadingPrincipalOrErr.unwrapErr(); } - auto storagePrincipalOrErr = - PrincipalInfoToPrincipal(aData.storagePrincipalInfo()); - if (NS_WARN_IF(storagePrincipalOrErr.isErr())) { - return storagePrincipalOrErr.unwrapErr(); + auto partitionedPrincipalOrErr = + PrincipalInfoToPrincipal(aData.partitionedPrincipalInfo()); + if (NS_WARN_IF(partitionedPrincipalOrErr.isErr())) { + return partitionedPrincipalOrErr.unwrapErr(); } WorkerLoadInfo info; @@ -336,13 +336,13 @@ nsresult RemoteWorkerChild::ExecWorkerOnMainThread(RemoteWorkerData&& aData) { info.mResolvedScriptURI = DeserializeURI(aData.resolvedScriptURL()); info.mPrincipalInfo = MakeUnique(aData.principalInfo()); - info.mStoragePrincipalInfo = - MakeUnique(aData.storagePrincipalInfo()); + info.mPartitionedPrincipalInfo = + MakeUnique(aData.partitionedPrincipalInfo()); info.mReferrerInfo = aData.referrerInfo(); info.mDomain = aData.domain(); info.mPrincipal = principal; - info.mStoragePrincipal = storagePrincipalOrErr.unwrap(); + info.mPartitionedPrincipal = partitionedPrincipalOrErr.unwrap(); info.mLoadingPrincipal = loadingPrincipalOrErr.unwrap(); info.mStorageAccess = aData.storageAccess(); info.mOriginAttributes = @@ -383,7 +383,7 @@ nsresult RemoteWorkerChild::ExecWorkerOnMainThread(RemoteWorkerData&& aData) { } rv = info.SetPrincipalsAndCSPOnMainThread( - info.mPrincipal, info.mStoragePrincipal, info.mLoadGroup, info.mCSP); + info.mPrincipal, info.mPartitionedPrincipal, info.mLoadGroup, info.mCSP); if (NS_WARN_IF(NS_FAILED(rv))) { return rv; } diff --git a/dom/workers/remoteworkers/RemoteWorkerTypes.ipdlh b/dom/workers/remoteworkers/RemoteWorkerTypes.ipdlh index 8c1030a935e7..ee68bbfd5e4a 100644 --- a/dom/workers/remoteworkers/RemoteWorkerTypes.ipdlh +++ b/dom/workers/remoteworkers/RemoteWorkerTypes.ipdlh @@ -49,7 +49,7 @@ struct RemoteWorkerData PrincipalInfo loadingPrincipalInfo; PrincipalInfo principalInfo; - PrincipalInfo storagePrincipalInfo; + PrincipalInfo partitionedPrincipalInfo; nsCString domain; diff --git a/dom/workers/sharedworkers/SharedWorker.cpp b/dom/workers/sharedworkers/SharedWorker.cpp index bb54daff2f96..4e3b91f2bee3 100644 --- a/dom/workers/sharedworkers/SharedWorker.cpp +++ b/dom/workers/sharedworkers/SharedWorker.cpp @@ -121,9 +121,9 @@ already_AddRefed SharedWorker::Constructor( return nullptr; } - // Here, the StoragePrincipal is always equal to the SharedWorker's principal - // because the channel is not opened yet, and, because of this, it's not - // classified. We need to force the correct originAttributes. + // Here, the PartitionedPrincipal is always equal to the SharedWorker's + // principal because the channel is not opened yet, and, because of this, it's + // not classified. We need to force the correct originAttributes. if (ShouldPartitionStorage(storageAllowed)) { nsCOMPtr sop = do_QueryInterface(window); if (!sop) { @@ -137,27 +137,27 @@ already_AddRefed SharedWorker::Constructor( return nullptr; } - nsIPrincipal* windowStoragePrincipal = sop->GetEffectiveStoragePrincipal(); - if (!windowStoragePrincipal) { + nsIPrincipal* windowPartitionedPrincipal = sop->PartitionedPrincipal(); + if (!windowPartitionedPrincipal) { aRv.Throw(NS_ERROR_UNEXPECTED); return nullptr; } - if (!windowPrincipal->Equals(windowStoragePrincipal)) { - loadInfo.mStoragePrincipal = + if (!windowPrincipal->Equals(windowPartitionedPrincipal)) { + loadInfo.mPartitionedPrincipal = BasePrincipal::Cast(loadInfo.mPrincipal) ->CloneForcingOriginAttributes( - BasePrincipal::Cast(windowStoragePrincipal) + BasePrincipal::Cast(windowPartitionedPrincipal) ->OriginAttributesRef()); } } - PrincipalInfo storagePrincipalInfo; - if (loadInfo.mPrincipal->Equals(loadInfo.mStoragePrincipal)) { - storagePrincipalInfo = principalInfo; + PrincipalInfo partitionedPrincipalInfo; + if (loadInfo.mPrincipal->Equals(loadInfo.mPartitionedPrincipal)) { + partitionedPrincipalInfo = principalInfo; } else { - aRv = PrincipalToPrincipalInfo(loadInfo.mStoragePrincipal, - &storagePrincipalInfo); + aRv = PrincipalToPrincipalInfo(loadInfo.mPartitionedPrincipal, + &partitionedPrincipalInfo); if (NS_WARN_IF(aRv.Failed())) { return nullptr; } @@ -195,7 +195,7 @@ already_AddRefed SharedWorker::Constructor( RemoteWorkerData remoteWorkerData( nsString(aScriptURL), baseURL, resolvedScriptURL, name, - loadingPrincipalInfo, principalInfo, storagePrincipalInfo, + loadingPrincipalInfo, principalInfo, partitionedPrincipalInfo, loadInfo.mDomain, isSecureContext, ipcClientInfo, loadInfo.mReferrerInfo, storageAllowed, void_t() /* OptionalServiceWorkerData */, agentClusterId); diff --git a/dom/workers/sharedworkers/SharedWorkerManager.cpp b/dom/workers/sharedworkers/SharedWorkerManager.cpp index 82e353fa8bf9..680d5aab456c 100644 --- a/dom/workers/sharedworkers/SharedWorkerManager.cpp +++ b/dom/workers/sharedworkers/SharedWorkerManager.cpp @@ -22,12 +22,12 @@ namespace dom { already_AddRefed SharedWorkerManager::Create( SharedWorkerService* aService, nsIEventTarget* aPBackgroundEventTarget, const RemoteWorkerData& aData, nsIPrincipal* aLoadingPrincipal, - const OriginAttributes& aStoragePrincipalAttrs) { + const OriginAttributes& aPartitionedPrincipalAttrs) { MOZ_ASSERT(NS_IsMainThread()); RefPtr manager = new SharedWorkerManager(aPBackgroundEventTarget, aData, aLoadingPrincipal, - aStoragePrincipalAttrs); + aPartitionedPrincipalAttrs); RefPtr holder = new SharedWorkerManagerHolder(manager, aService); @@ -37,11 +37,11 @@ already_AddRefed SharedWorkerManager::Create( SharedWorkerManager::SharedWorkerManager( nsIEventTarget* aPBackgroundEventTarget, const RemoteWorkerData& aData, nsIPrincipal* aLoadingPrincipal, - const OriginAttributes& aStoragePrincipalAttrs) + const OriginAttributes& aPartitionedPrincipalAttrs) : mPBackgroundEventTarget(aPBackgroundEventTarget), mLoadingPrincipal(aLoadingPrincipal), mDomain(aData.domain()), - mStoragePrincipalAttrs(aStoragePrincipalAttrs), + mPartitionedPrincipalAttrs(aPartitionedPrincipalAttrs), mResolvedScriptURL(DeserializeURI(aData.resolvedScriptURL())), mName(aData.name()), mIsSecureContext(aData.isSecureContext()), @@ -83,7 +83,7 @@ already_AddRefed SharedWorkerManager::MatchOnMainThread( SharedWorkerService* aService, const nsACString& aDomain, nsIURI* aScriptURL, const nsAString& aName, nsIPrincipal* aLoadingPrincipal, - const OriginAttributes& aStoragePrincipalAttrs) { + const OriginAttributes& aPartitionedPrincipalAttrs) { MOZ_ASSERT(NS_IsMainThread()); bool urlEquals; @@ -96,7 +96,7 @@ SharedWorkerManager::MatchOnMainThread( // SharedWorker's loading principal and vice versa. mLoadingPrincipal->Subsumes(aLoadingPrincipal) && aLoadingPrincipal->Subsumes(mLoadingPrincipal) && - mStoragePrincipalAttrs == aStoragePrincipalAttrs; + mPartitionedPrincipalAttrs == aPartitionedPrincipalAttrs; if (!match) { return nullptr; } diff --git a/dom/workers/sharedworkers/SharedWorkerManager.h b/dom/workers/sharedworkers/SharedWorkerManager.h index 45daddf794c5..556de14a5916 100644 --- a/dom/workers/sharedworkers/SharedWorkerManager.h +++ b/dom/workers/sharedworkers/SharedWorkerManager.h @@ -70,7 +70,7 @@ class SharedWorkerManager final : public RemoteWorkerObserver { static already_AddRefed Create( SharedWorkerService* aService, nsIEventTarget* aPBackgroundEventTarget, const RemoteWorkerData& aData, nsIPrincipal* aLoadingPrincipal, - const OriginAttributes& aStoragePrincipalAttrs); + const OriginAttributes& aPartitionedPrincipalAttrs); // Returns a holder if this manager matches. The holder blocks the shutdown of // the manager. @@ -78,7 +78,7 @@ class SharedWorkerManager final : public RemoteWorkerObserver { SharedWorkerService* aService, const nsACString& aDomain, nsIURI* aScriptURL, const nsAString& aName, nsIPrincipal* aLoadingPrincipal, - const OriginAttributes& aStoragePrincipalAttrs); + const OriginAttributes& aPartitionedPrincipalAttrs); // RemoteWorkerObserver @@ -119,7 +119,7 @@ class SharedWorkerManager final : public RemoteWorkerObserver { SharedWorkerManager(nsIEventTarget* aPBackgroundEventTarget, const RemoteWorkerData& aData, nsIPrincipal* aLoadingPrincipal, - const OriginAttributes& aStoragePrincipalAttrs); + const OriginAttributes& aPartitionedPrincipalAttrs); ~SharedWorkerManager(); @@ -127,7 +127,7 @@ class SharedWorkerManager final : public RemoteWorkerObserver { nsCOMPtr mLoadingPrincipal; const nsCString mDomain; - const OriginAttributes mStoragePrincipalAttrs; + const OriginAttributes mPartitionedPrincipalAttrs; const nsCOMPtr mResolvedScriptURL; const nsString mName; const bool mIsSecureContext; diff --git a/dom/workers/sharedworkers/SharedWorkerService.cpp b/dom/workers/sharedworkers/SharedWorkerService.cpp index a16d204f3e13..92b143258889 100644 --- a/dom/workers/sharedworkers/SharedWorkerService.cpp +++ b/dom/workers/sharedworkers/SharedWorkerService.cpp @@ -166,11 +166,11 @@ void SharedWorkerService::GetOrCreateWorkerManagerOnMainThread( MOZ_ASSERT(aBackgroundEventTarget); MOZ_ASSERT(aActor); - auto storagePrincipalOrErr = - PrincipalInfoToPrincipal(aData.storagePrincipalInfo()); - if (NS_WARN_IF(storagePrincipalOrErr.isErr())) { + auto partitionedPrincipalOrErr = + PrincipalInfoToPrincipal(aData.partitionedPrincipalInfo()); + if (NS_WARN_IF(partitionedPrincipalOrErr.isErr())) { ErrorPropagationOnMainThread(aBackgroundEventTarget, aActor, - storagePrincipalOrErr.unwrapErr()); + partitionedPrincipalOrErr.unwrapErr()); return; } @@ -185,7 +185,8 @@ void SharedWorkerService::GetOrCreateWorkerManagerOnMainThread( RefPtr managerHolder; nsCOMPtr loadingPrincipal = loadingPrincipalOrErr.unwrap(); - nsCOMPtr storagePrincipal = storagePrincipalOrErr.unwrap(); + nsCOMPtr partitionedPrincipal = + partitionedPrincipalOrErr.unwrap(); // Let's see if there is already a SharedWorker to share. nsCOMPtr resolvedScriptURL = @@ -193,7 +194,7 @@ void SharedWorkerService::GetOrCreateWorkerManagerOnMainThread( for (SharedWorkerManager* workerManager : mWorkerManagers) { managerHolder = workerManager->MatchOnMainThread( this, aData.domain(), resolvedScriptURL, aData.name(), loadingPrincipal, - BasePrincipal::Cast(storagePrincipal)->OriginAttributesRef()); + BasePrincipal::Cast(partitionedPrincipal)->OriginAttributesRef()); if (managerHolder) { break; } @@ -203,7 +204,7 @@ void SharedWorkerService::GetOrCreateWorkerManagerOnMainThread( if (!managerHolder) { managerHolder = SharedWorkerManager::Create( this, aBackgroundEventTarget, aData, loadingPrincipal, - BasePrincipal::Cast(storagePrincipal)->OriginAttributesRef()); + BasePrincipal::Cast(partitionedPrincipal)->OriginAttributesRef()); mWorkerManagers.AppendElement(managerHolder->Manager()); } else { diff --git a/dom/xml/XMLDocument.cpp b/dom/xml/XMLDocument.cpp index 3d97b5806863..e736bef4cc74 100644 --- a/dom/xml/XMLDocument.cpp +++ b/dom/xml/XMLDocument.cpp @@ -216,14 +216,14 @@ void XMLDocument::Reset(nsIChannel* aChannel, nsILoadGroup* aLoadGroup) { void XMLDocument::ResetToURI(nsIURI* aURI, nsILoadGroup* aLoadGroup, nsIPrincipal* aPrincipal, - nsIPrincipal* aStoragePrincipal) { + nsIPrincipal* aPartitionedPrincipal) { if (mChannelIsPending) { StopDocumentLoad(); mChannel->Cancel(NS_BINDING_ABORTED); mChannelIsPending = false; } - Document::ResetToURI(aURI, aLoadGroup, aPrincipal, aStoragePrincipal); + Document::ResetToURI(aURI, aLoadGroup, aPrincipal, aPartitionedPrincipal); } void XMLDocument::SetSuppressParserErrorElement(bool aSuppress) { diff --git a/dom/xml/XMLDocument.h b/dom/xml/XMLDocument.h index 1af28534b8df..1749a9ca7d77 100644 --- a/dom/xml/XMLDocument.h +++ b/dom/xml/XMLDocument.h @@ -27,7 +27,7 @@ class XMLDocument : public Document { virtual void Reset(nsIChannel* aChannel, nsILoadGroup* aLoadGroup) override; virtual void ResetToURI(nsIURI* aURI, nsILoadGroup* aLoadGroup, nsIPrincipal* aPrincipal, - nsIPrincipal* aStoragePrincipal) override; + nsIPrincipal* aPartitionedPrincipal) override; virtual void SetSuppressParserErrorElement(bool aSuppress) override; virtual bool SuppressParserErrorElement() override; diff --git a/dom/xslt/base/txURIUtils.cpp b/dom/xslt/base/txURIUtils.cpp index c4e72805fad8..78dc6b988ca4 100644 --- a/dom/xslt/base/txURIUtils.cpp +++ b/dom/xslt/base/txURIUtils.cpp @@ -46,7 +46,7 @@ void URIUtils::resolveHref(const nsAString& href, const nsAString& base, void URIUtils::ResetWithSource(Document* aNewDoc, nsINode* aSourceNode) { nsCOMPtr sourceDoc = aSourceNode->OwnerDoc(); nsIPrincipal* sourcePrincipal = sourceDoc->NodePrincipal(); - nsIPrincipal* sourceStoragePrincipal = sourceDoc->EffectiveStoragePrincipal(); + nsIPrincipal* sourcePartitionedPrincipal = sourceDoc->PartitionedPrincipal(); // Copy the channel and loadgroup from the source document. nsCOMPtr loadGroup = sourceDoc->GetDocumentLoadGroup(); @@ -67,7 +67,7 @@ void URIUtils::ResetWithSource(Document* aNewDoc, nsINode* aSourceNode) { } aNewDoc->Reset(channel, loadGroup); - aNewDoc->SetPrincipals(sourcePrincipal, sourceStoragePrincipal); + aNewDoc->SetPrincipals(sourcePrincipal, sourcePartitionedPrincipal); aNewDoc->SetBaseURI(sourceDoc->GetDocBaseURI()); // Inherit the csp if there is one diff --git a/image/ImageCacheKey.h b/image/ImageCacheKey.h index b7f311565363..2cc23b6039b8 100644 --- a/image/ImageCacheKey.h +++ b/image/ImageCacheKey.h @@ -64,8 +64,8 @@ class ImageCacheKey final { static void* GetSpecialCaseDocumentToken(dom::Document* aDocument); // For anti-tracking we need to use an isolation key. It can be the suffix of - // the IntrinsicStoragePrincipal (see StoragePrincipalHelper.h) or the - // top-level document's base domain. This is handled by this method. + // the PatitionedPrincipal (see StoragePrincipalHelper.h) or the top-level + // document's base domain. This is handled by this method. static nsCString GetIsolationKey(dom::Document* aDocument, nsIURI* aURI); void EnsureHash() const; diff --git a/js/xpconnect/src/BackstagePass.h b/js/xpconnect/src/BackstagePass.h index a58db3df91ff..7a828b73c8c3 100644 --- a/js/xpconnect/src/BackstagePass.h +++ b/js/xpconnect/src/BackstagePass.h @@ -35,9 +35,7 @@ class BackstagePass : public nsIGlobalObject, return mPrincipal; } - virtual nsIPrincipal* IntrinsicStoragePrincipal() override { - return mPrincipal; - } + virtual nsIPrincipal* PartitionedPrincipal() override { return mPrincipal; } JSObject* GetGlobalJSObject() override; JSObject* GetGlobalJSObjectPreserveColor() const override; diff --git a/js/xpconnect/src/SandboxPrivate.h b/js/xpconnect/src/SandboxPrivate.h index 8db3dc9adc54..a86b8d917072 100644 --- a/js/xpconnect/src/SandboxPrivate.h +++ b/js/xpconnect/src/SandboxPrivate.h @@ -46,7 +46,7 @@ class SandboxPrivate : public nsIGlobalObject, nsIPrincipal* GetEffectiveStoragePrincipal() override { return mPrincipal; } - nsIPrincipal* IntrinsicStoragePrincipal() override { return mPrincipal; } + nsIPrincipal* PartitionedPrincipal() override { return mPrincipal; } JSObject* GetGlobalJSObject() override { return GetWrapper(); } JSObject* GetGlobalJSObjectPreserveColor() const override { diff --git a/layout/build/nsContentDLF.cpp b/layout/build/nsContentDLF.cpp index ac8e447491b1..c83f878c207c 100644 --- a/layout/build/nsContentDLF.cpp +++ b/layout/build/nsContentDLF.cpp @@ -226,7 +226,7 @@ nsContentDLF::CreateInstanceForDocument(nsISupports* aContainer, /* static */ already_AddRefed nsContentDLF::CreateBlankDocument( nsILoadGroup* aLoadGroup, nsIPrincipal* aPrincipal, - nsIPrincipal* aStoragePrincipal, nsDocShell* aContainer) { + nsIPrincipal* aPartitionedPrincipal, nsDocShell* aContainer) { // create a new blank HTML document RefPtr blankDoc; mozilla::Unused << NS_NewHTMLDocument(getter_AddRefs(blankDoc)); @@ -241,7 +241,7 @@ already_AddRefed nsContentDLF::CreateBlankDocument( if (!uri) { return nullptr; } - blankDoc->ResetToURI(uri, aLoadGroup, aPrincipal, aStoragePrincipal); + blankDoc->ResetToURI(uri, aLoadGroup, aPrincipal, aPartitionedPrincipal); blankDoc->SetContainer(aContainer); // add some simple content structure diff --git a/layout/build/nsContentDLF.h b/layout/build/nsContentDLF.h index 9bc7bd247e95..edcb6b25da90 100644 --- a/layout/build/nsContentDLF.h +++ b/layout/build/nsContentDLF.h @@ -46,7 +46,7 @@ class nsContentDLF final : public nsIDocumentLoaderFactory { */ static already_AddRefed CreateBlankDocument( nsILoadGroup* aLoadGroup, nsIPrincipal* aPrincipal, - nsIPrincipal* aStoragePrincipal, nsDocShell* aContainer); + nsIPrincipal* aPartitionedPrincipal, nsDocShell* aContainer); private: static nsresult EnsureUAStyleSheet(); diff --git a/toolkit/components/antitracking/StoragePrincipalHelper.cpp b/toolkit/components/antitracking/StoragePrincipalHelper.cpp index b7cbd54400d9..b18434599943 100644 --- a/toolkit/components/antitracking/StoragePrincipalHelper.cpp +++ b/toolkit/components/antitracking/StoragePrincipalHelper.cpp @@ -17,7 +17,7 @@ namespace mozilla { namespace { bool ChooseOriginAttributes(nsIChannel* aChannel, OriginAttributes& aAttrs, - bool aForceInstrinsicStoragePrincipal) { + bool aForcePartitionedPrincipal) { MOZ_ASSERT(aChannel); nsCOMPtr loadInfo = aChannel->LoadInfo(); @@ -26,7 +26,7 @@ bool ChooseOriginAttributes(nsIChannel* aChannel, OriginAttributes& aAttrs, return false; } - if (!aForceInstrinsicStoragePrincipal) { + if (!aForcePartitionedPrincipal) { nsCOMPtr uri; nsresult rv = aChannel->GetURI(getter_AddRefs(uri)); if (NS_FAILED(rv)) { @@ -80,6 +80,7 @@ bool ChooseOriginAttributes(nsIChannel* aChannel, OriginAttributes& aAttrs, // static nsresult StoragePrincipalHelper::Create(nsIChannel* aChannel, nsIPrincipal* aPrincipal, + bool aForceIsolation, nsIPrincipal** aStoragePrincipal) { MOZ_ASSERT(aChannel); MOZ_ASSERT(aPrincipal); @@ -91,7 +92,7 @@ nsresult StoragePrincipalHelper::Create(nsIChannel* aChannel, }); OriginAttributes attrs = aPrincipal->OriginAttributesRef(); - if (!ChooseOriginAttributes(aChannel, attrs, false)) { + if (!ChooseOriginAttributes(aChannel, attrs, aForceIsolation)) { return NS_OK; } @@ -283,20 +284,7 @@ void StoragePrincipalHelper::GetOriginAttributesForNetworkState( return; } - // This part is required because the intrisicStoragePrincipal is not always - // partitioned. This should probably change. TODO - bug 1639833. - nsCOMPtr cjs = aDocument->CookieJarSettings(); - MOZ_ASSERT(cjs); - - nsAutoString domain; - Unused << cjs->GetFirstPartyDomain(domain); - - if (!domain.IsEmpty()) { - aAttributes.SetFirstPartyDomain(false, domain, true /* aForced */); - return; - } - - aAttributes = aDocument->IntrinsicStoragePrincipal()->OriginAttributesRef(); + aAttributes = aDocument->PartitionedPrincipal()->OriginAttributesRef(); } } // namespace mozilla diff --git a/toolkit/components/antitracking/StoragePrincipalHelper.h b/toolkit/components/antitracking/StoragePrincipalHelper.h index a92bd54a4a19..2c8b886ee72c 100644 --- a/toolkit/components/antitracking/StoragePrincipalHelper.h +++ b/toolkit/components/antitracking/StoragePrincipalHelper.h @@ -59,23 +59,27 @@ * From a Document: * - Regular Principal: nsINode::NodePrincipal * - Storage Access Principal: Document::EffectiveStoragePrincipal - * - Partitioned Principal: Document::IntrinsicStoragePrincipal + * - Partitioned Principal: Document::PartitionedPrincipal * * From a Global object: * - Regular Principal: nsIScriptObjectPrincipal::GetPrincipal * - Storage Access Principal: * nsIScriptObjectPrincipal::GetEffectiveStoragePrincipal - * - Partitioned Principal: nsIScriptObjectPrincipal::IntrinsicStoragePrincipal + * - Partitioned Principal: nsIScriptObjectPrincipal::PartitionedPrincipal * * From a Worker: - * - Regular Principal: WorkerPrivate::GetPrincipal - * - Storage Access Principal: WorkerPrivate::GetEffectiveStoragePrincipal + * - Regular Principal: WorkerPrivate::GetPrincipal (main-thread) + * - Regular Principal: WorkerPrivate::GetPrincipalInfo (worker thread) + * - Storage Access Principal: WorkerPrivate::GetEffectiveStoragePrincipalInfo + * (worker-thread) * * For a nsIChannel, the final principals must be calculated and they can be * obtained by calling: * - Regular Principal: nsIScriptSecurityManager::getChannelResultPrincipal * - Storage Access Principal: * nsIScriptSecurityManager::getChannelResultStoragePrincipal + * - Partitioned and regular Principal: + * nsIScriptSecurityManager::getChannelResultPrincipals * * Each use of nsIPrincipal is unique and it should be reviewed by anti-tracking * peers. But we can group the use of nsIPrincipal in these categories: @@ -214,6 +218,7 @@ class OriginAttributes; class StoragePrincipalHelper final { public: static nsresult Create(nsIChannel* aChannel, nsIPrincipal* aPrincipal, + bool aForceIsolation, nsIPrincipal** aStoragePrincipal); static nsresult PrepareEffectiveStoragePrincipalOriginAttributes( @@ -229,7 +234,7 @@ class StoragePrincipalHelper final { // This is a dynamic principal based on the current state of the origin. If // the origin has the storage permission granted, effective storagePrincipal - // will be the regular principal, otherwise, the intrinsic storagePrincipal + // will be the regular principal, otherwise, the partitioned Principal // will be used. eStorageAccessPrincipal, diff --git a/toolkit/components/sessionstore/SessionStoreUtils.cpp b/toolkit/components/sessionstore/SessionStoreUtils.cpp index fff955126bf5..7ef35ee80cb4 100644 --- a/toolkit/components/sessionstore/SessionStoreUtils.cpp +++ b/toolkit/components/sessionstore/SessionStoreUtils.cpp @@ -1097,7 +1097,7 @@ static void ReadAllEntriesFromStorage(nsPIDOMWindowOuter* aWindow, return; } - nsCOMPtr storagePrincipal = doc->IntrinsicStoragePrincipal(); + nsCOMPtr storagePrincipal = doc->EffectiveStoragePrincipal(); if (!storagePrincipal) { return; } diff --git a/toolkit/content/browser-child.js b/toolkit/content/browser-child.js index ea9a1746f3fa..da1cb33ffdce 100644 --- a/toolkit/content/browser-child.js +++ b/toolkit/content/browser-child.js @@ -35,16 +35,16 @@ addMessageListener("BrowserElement:CreateAboutBlank", message => { if (!content.document || content.document.documentURI != "about:blank") { throw new Error("Can't create a content viewer unless on about:blank"); } - let { principal, storagePrincipal } = message.data; + let { principal, partitionedPrincipal } = message.data; principal = BrowserUtils.principalWithMatchingOA( principal, content.document.nodePrincipal ); - storagePrincipal = BrowserUtils.principalWithMatchingOA( - storagePrincipal, - content.document.effectiveStoragePrincipal + partitionedPrincipal = BrowserUtils.principalWithMatchingOA( + partitionedPrincipal, + content.document.partitionedPrincipal ); - docShell.createAboutBlankContentViewer(principal, storagePrincipal); + docShell.createAboutBlankContentViewer(principal, partitionedPrincipal); }); // We may not get any responses to Browser:Init if the browser element diff --git a/toolkit/content/widgets/browser-custom-element.js b/toolkit/content/widgets/browser-custom-element.js index 9e4e2fe81dd9..7c843b1466cb 100644 --- a/toolkit/content/widgets/browser-custom-element.js +++ b/toolkit/content/widgets/browser-custom-element.js @@ -265,7 +265,7 @@ this._contentPrincipal = null; - this._contentStoragePrincipal = null; + this._contentPartitionedPrincipal = null; this._csp = null; @@ -704,10 +704,10 @@ : this.contentDocument.nodePrincipal; } - get contentStoragePrincipal() { + get contentPartitionedPrincipal() { return this.isRemoteBrowser - ? this._contentStoragePrincipal - : this.contentDocument.effectiveStoragePrincipal; + ? this._contentPartitionedPrincipal + : this.contentDocument.partitionedPrincipal; } get contentBlockingAllowListPrincipal() { @@ -1279,7 +1279,7 @@ aDocumentURI, aTitle, aContentPrincipal, - aContentStoragePrincipal, + aContentPartitionedPrincipal, aCSP, aReferrerInfo, aIsSynthetic, @@ -1302,7 +1302,7 @@ this._remoteWebNavigation._currentURI = aLocation; this._documentURI = aDocumentURI; this._contentPrincipal = aContentPrincipal; - this._contentStoragePrincipal = aContentStoragePrincipal; + this._contentPartitionedPrincipal = aContentPartitionedPrincipal; this._csp = aCSP; this._referrerInfo = aReferrerInfo; this._isSyntheticDocument = aIsSynthetic; @@ -1333,7 +1333,7 @@ } } - createAboutBlankContentViewer(aPrincipal, aStoragePrincipal) { + createAboutBlankContentViewer(aPrincipal, aPartitionedPrincipal) { if (this.isRemoteBrowser) { // Ensure that the content process has the permissions which are // needed to create a document with the given principal. @@ -1359,7 +1359,7 @@ // solution. this.messageManager.sendAsyncMessage( "BrowserElement:CreateAboutBlank", - { principal: aPrincipal, storagePrincipal: aStoragePrincipal } + { principal: aPrincipal, partitionedPrincipal: aPartitionedPrincipal } ); return; } @@ -1367,11 +1367,14 @@ aPrincipal, this.contentPrincipal ); - let storagePrincipal = BrowserUtils.principalWithMatchingOA( - aStoragePrincipal, - this.contentStoragePrincipal + let partitionedPrincipal = BrowserUtils.principalWithMatchingOA( + aPartitionedPrincipal, + this.contentPartitionedPrincipal + ); + this.docShell.createAboutBlankContentViewer( + principal, + partitionedPrincipal ); - this.docShell.createAboutBlankContentViewer(principal, storagePrincipal); } stopScroll() { @@ -1699,7 +1702,7 @@ "_mayEnableCharacterEncodingMenu", "_charsetAutodetected", "_contentPrincipal", - "_contentStoragePrincipal", + "_contentPartitionedPrincipal", "_isSyntheticDocument", "_innerWindowID", ] diff --git a/toolkit/modules/sessionstore/SessionHistory.jsm b/toolkit/modules/sessionstore/SessionHistory.jsm index 6c16ac331659..d06f7615fdef 100644 --- a/toolkit/modules/sessionstore/SessionHistory.jsm +++ b/toolkit/modules/sessionstore/SessionHistory.jsm @@ -270,9 +270,9 @@ var SessionHistoryInternal = { ); } - if (shEntry.storagePrincipalToInherit) { - entry.storagePrincipalToInherit_base64 = E10SUtils.serializePrincipal( - shEntry.storagePrincipalToInherit + if (shEntry.partitionedPrincipalToInherit) { + entry.partitionedPrincipalToInherit_base64 = E10SUtils.serializePrincipal( + shEntry.partitionedPrincipalToInherit ); } @@ -551,11 +551,11 @@ var SessionHistoryInternal = { return Services.scriptSecurityManager.createNullPrincipal({}); } ); - // As both storagePrincipal and principalToInherit are both not required to load + // As both partitionedPrincipal and principalToInherit are both not required to load // it's ok to keep these undefined when we don't have a previously defined principal. - if (entry.storagePrincipalToInherit_base64) { - shEntry.storagePrincipalToInherit = E10SUtils.deserializePrincipal( - entry.storagePrincipalToInherit_base64 + if (entry.partitionedPrincipalToInherit_base64) { + shEntry.partitionedPrincipalToInherit = E10SUtils.deserializePrincipal( + entry.partitionedPrincipalToInherit_base64 ); } if (entry.principalToInherit_base64) {