nagai/fune
3
0
Fork 0
forked from mirrors/gecko-dev
Code Pull requests Activity
610906 commits 1 branch 98 tags 6.4 GiB
Commit graph

53 commits

Author SHA1 Message Date
Ehsan Akhgari
17741f0004 Bug 1485005 - Part 2: Get the cookie behavior from the top-level principal on the channel code path for IsFirstPartyStorageAccessGrantedFor(); r=baku 
This isn't related to this bug report, but while reading this code,
I noticed that we are using the wrong principal object here too.
 2018-08-24 13:15:46 -04:00
Ehsan Akhgari
f672f202ae Bug 1485005 - Part 1: Fall back to the top-level principal when computing the parent principal on the channel code path for IsFirstPartyStorageAccessGrantedFor(); r=baku 
This is the fix for the bug.  In this case, the top-level principal is
picked from the loading principal of the load info object, and it is
different from the triggering principal.

Since we already fall back to the triggering principal while computing
the top-level principal, there is no need to do that explicitly here.
In fact we need all of the same rules as previously implemented above
in the same function, so we may as well use the toplevelPrincipal
variable.

I couldn't think of a good way to write a test case for this, sadly.
 2018-08-24 13:15:46 -04:00
Ehsan Akhgari
3f63726aa1 Bug 1485532 follow-up: Update the comments in the test, DONTBUILD 2018-08-24 11:55:45 -04:00
Ehsan Akhgari
82cd96cb5f Bug 1485673 follow-up: Fix lint failures on a CLOSED TREE 2018-08-24 11:53:08 -04:00
Ehsan Akhgari
65a3db675b Bug 1485532 follow-up: Fix lint failures on a CLOSED TREE 2018-08-24 11:53:07 -04:00
Ehsan Akhgari
50793958bf Bug 1485532 - Part 2: Make sure that tracking requests that webRequest.onBeforeRequest handlers do not handle will still get blocked by tracking protection; r=mayhemer 2018-08-24 11:23:10 -04:00
Ehsan Akhgari
cdbb2e0586 Bug 1485532 - Part 1: Add a test case for the interaction of tracking protection and the webRequest onBeforeRequest API; r=mayhemer 2018-08-24 11:23:10 -04:00
Ehsan Akhgari
5306437473 Bug 1485673 - Allow tracking channels being redirected from http-on-modify-request observer notifications when tracking protection is turned on; r=mayhemer 2018-08-24 11:23:09 -04:00
Ehsan Akhgari
6c091271ab Bug 1485182 - Part 2: Add a test case to ensure that http-on-modify-request will be dispatched by requests blocked by tracking protection; r=mayhemer 2018-08-22 17:03:07 -04:00
shindli
a67fd14d8f Backed out changeset 4bf7cca192e7 (bug 1485182) for ES linting failure on a CLOSED TREE 2018-08-22 22:49:43 +03:00
Ehsan Akhgari
80b21bd224 Bug 1485182 - Part 2: Add a test case to ensure that http-on-modify-request will be dispatched by requests blocked by tracking protection; r=mayhemer 2018-08-22 15:29:30 -04:00
Ehsan Akhgari
e0e604fbc5 Bug 1484876 - Part 6: Truncate the tracking URIs in the anti-tracking logs to 128 characters since they may be really long; r=francois 2018-08-22 12:02:45 -04:00
Ehsan Akhgari
b1a6405b4c Bug 1484876 - Part 3: Refactor the code responsible for checking whether the top window URI is on the content blocking allow list into AntiTrackingCommon; r=francois 2018-08-22 12:02:43 -04:00
Cosmin Sabou
ed624fa8d0 Backed out 6 changesets (bug 1484876) for eslint failure on PrivateBrowsingUtils. CLOSED TREE 
Backed out changeset e80737d6af55 (bug 1484876)
Backed out changeset b1cb63d8c8bb (bug 1484876)
Backed out changeset cd2ced689895 (bug 1484876)
Backed out changeset d31e39a47704 (bug 1484876)
Backed out changeset babf6abc7f4c (bug 1484876)
Backed out changeset 1c9895ab06c6 (bug 1484876)
 2018-08-22 16:26:33 +03:00
Ehsan Akhgari
a048df08c4 Bug 1484876 - Part 6: Truncate the tracking URIs in the anti-tracking logs to 128 characters since they may be really long; r=francois 2018-08-22 09:08:22 -04:00
Ehsan Akhgari
c4e0a11824 Bug 1484876 - Part 3: Refactor the code responsible for checking whether the top window URI is on the content blocking allow list into AntiTrackingCommon; r=francois 2018-08-22 09:08:10 -04:00
Ehsan Akhgari
8cf7b6c21e Bug 1485099 - Add some logging to the AntiTracking component for the saving and reading of storage access permissions; r=smaug 2018-08-21 16:23:37 -04:00
Ehsan Akhgari
4ab27b1e45 Bug 1483765 - Fix the image cache key computation logic to only consider first-party storage access for third-party windows; r=smaug 2018-08-17 15:26:43 -04:00
Ehsan Akhgari
58b9524ad0 Backout changeset 2c7d388314b8 (bug 1483765) for crashes on a CLOSED TREE 2018-08-17 14:09:35 -04:00
Ehsan Akhgari
5096c794f2 Bug 1483765 - Fix the image cache key computation logic to only consider first-party storage access for third-party windows; r=smaug 2018-08-17 13:34:28 -04:00
Ehsan Akhgari
6f0db984fe Bug 1478539 - Part 4: Update the test to use the new pref after the landing of bug 1480780 2018-08-13 18:25:58 -04:00
Ehsan Akhgari
87edbe15d3 Bug 1480899 follow-up - address the review comments properly, DONTBUILD 2018-08-13 17:34:58 -04:00
Ehsan Akhgari
4f8fa911eb Bug 1480899 - Do not activate the window.open() heuristic for allowing storage access if opener access hasn't been granted; r=englehardt 2018-08-13 17:14:54 -04:00
Ehsan Akhgari
5d2113d30d Bug 1478539 - Part 2: Add a test case to ensure that we don't send existing cookies in restricted third-party storage contexts; r=baku 2018-08-13 17:05:23 -04:00
Andrea Marchesini
d1e5833a37 Bug 1480780 - Merge the privacy.3rdpartystorage.enabled pref with the network.cookie.cookieBehavior pref; r=ehsan 
This patch introduces a new cookie behavior policy called
BEHAVIOR_REJECT_TRACKER.  It also makes it possible to override that
behavior with cookie permissions similar to other cookie behaviors.
 2018-08-13 16:01:16 -04:00
Andrea Marchesini
04fcbb6556 Bug 1480131 - AntiTrackingCommon::IsFirstPartyStorageAccessGrantFor() should not grant permission to sub-sub-iframe channels; r=ehsan 2018-08-10 14:59:33 -04:00
Francois Marier
e98e918836 Bug 1461515 - Fix and expand tracking annotation test. r=dimi 
Here's a summary of things that were wrong about this test:

1. It was setting urlclassifier.trackingTable only to be overwritten
   later by addTestTrackers().
2. It was using an http event which fires before the classification has
   been done.
3. It didn't disable tailing, which interferes with lowering the priority of
   XHRs.
4. It was not testing that non-annotated or whitelisted resources would not
   have their priority lowered.

I added more test cases both to ensure that the correct list
(urlclassifier.trackingAnnotationTable) is used but also to ensure that
whitelisted or non-blacklisted URLs preserve the normal priority (point #4 above).

I found that XHRs do not get their priority lowered because of this flag:

  https://searchfox.org/mozilla-central/rev/d47c829065767b6f36d29303d650bffb7c4f94a3/netwerk/base/nsChannelClassifier.cpp#221

which gets set here:

  https://searchfox.org/mozilla-central/rev/d47c829065767b6f36d29303d650bffb7c4f94a3/dom/xhr/XMLHttpRequestMainThread.cpp#2548

and so I had to disable tailing in the test (point #3 above).

There was also a problem where the test was resetting the prefs too early
because we were not actually waiting for the classification to finish.

We would wait for the following event: http-on-opening-request

  https://searchfox.org/mozilla-central/rev/d47c829065767b6f36d29303d650bffb7c4f94a3/netwerk/protocol/http/nsIHttpProtocolHandler.idl#85

whereas maybe a more appropriate one would be http-on-before-connect:

  https://searchfox.org/mozilla-central/rev/d47c829065767b6f36d29303d650bffb7c4f94a3/netwerk/protocol/http/nsIHttpProtocolHandler.idl#103

since that is triggerred after annotations (point #2 above):

  https://searchfox.org/mozilla-central/rev/d47c829065767b6f36d29303d650bffb7c4f94a3/netwerk/protocol/http/nsHttpChannel.cpp#6614

Differential Revision: https://phabricator.services.mozilla.com/D2485

--HG--
extra : moz-landing-system : lando
 2018-08-01 11:52:03 +00:00
Ehsan Akhgari
3441526820 Bug 1476796 - Enable AntiTrackingCommon::AddFirstPartyStorageAccessGrantedFor() to notify consumers about completion of asynchronous results; r=baku 
Right now consumers can't know when the parent process has finished talking
to the permission manager.  It would be nice to enable consumers to depend
on the status of the asynchronous task using a promise.
 2018-07-19 17:04:56 -04:00
Coroiu Cristina
edada2f46b Backed out changeset bc6d7dc3f10f (bug 1476796) for build bustage on a CLOSED TREE 2018-07-19 23:51:35 +03:00
Ehsan Akhgari
7c156959da Bug 1476796 - Enable AntiTrackingCommon::AddFirstPartyStorageAccessGrantedFor() to notify consumers about completion of asynchronous results; r=baku 
Right now consumers can't know when the parent process has finished talking
to the permission manager.  It would be nice to enable consumers to depend
on the status of the asynchronous task using a promise.
 2018-07-19 16:20:20 -04:00
Andrea Marchesini
7e0d9ec5c0 Bug 1476324 - Storage activation via window.open(URL) applies across top-level domains - part 2 - tests, r=ehsan 2018-07-18 15:44:55 +02:00
Andrea Marchesini
e9d8f213e0 Bug 1476324 - Storage activation via window.open(URL) applies across top-level domains - part 1 - window.open() from top-level, r=ehsan 2018-07-18 15:44:55 +02:00
Ehsan Akhgari
ae3569fae1 Bug 1476126 - Switch privacy.restrict3rdpartystorage.expiration to be stored in seconds; r=baku 
--HG--
extra : rebase_source : a4d822a863b72c25342d1369dfc947399e1bdf51
 2018-07-17 22:31:10 +03:00
Ehsan Akhgari
29e57a2096 Bug 1475708 - Block setting cookies using document.cookie when restricting 3rd party storage; r=baku 2018-07-13 15:37:00 +03:00
Andrea Marchesini
eb58d7637b Bug 1475236 - Expiration time for the anti-tracking permission should be controllable via pref, r=ehsan 2018-07-13 19:19:26 +02:00
Andrea Marchesini
9fc78a12aa Bug 1475189 - Block storage access in tracking sub-resources when not in iframes - part 3 - image cache, r=ehsan 
--HG--
rename : toolkit/components/antitracking/test/browser/script.sjs => toolkit/components/antitracking/test/browser/subResources.sjs
 2018-07-13 12:02:19 +02:00
Andrea Marchesini
1892fdf469 Bug 1475189 - Block storage access in tracking sub-resources when not in iframes - part 2 - subresources, r=ehsan 2018-07-13 12:02:19 +02:00
Andrea Marchesini
2df3284f16 Bug 1475189 - Block storage access in tracking sub-resources when not in iframes - part 1 - tests, r=ehsan 2018-07-13 12:02:19 +02:00
Andrea Marchesini
1498612e1b Bug 1474812 - No needs to store granted storage access in nsILoadInfo and in the inner window, r=ehsan 2018-07-13 12:02:19 +02:00
Andrea Marchesini
da6548b05e Bug 1474651 - Grant storage access to 3rd party, tracking resource on window.open() - tests, r=me 2018-07-11 12:38:47 +02:00
Andrea Marchesini
648c87fe95 Bug 1474651 - Grant storage access to 3rd party, tracking resource on window.open(), r=ehsan 2018-07-11 12:38:47 +02:00
shindli
c1bbe21ac6 Backed out 2 changesets (bug 1474651) for lint failure in /builds/worker/checkouts/gecko/toolkit/components/antitracking/test/browser/popup.html:8:126 on a CLOSED TREE 
Backed out changeset f05247b25d5e (bug 1474651)
Backed out changeset acee48580902 (bug 1474651)
 2018-07-11 13:57:22 +03:00
Andrea Marchesini
c5c00ad639 Bug 1474651 - Grant storage access to 3rd party, tracking resource on window.open() - tests, r=me 2018-07-11 12:38:47 +02:00
Andrea Marchesini
06d77e5419 Bug 1474651 - Grant storage access to 3rd party, tracking resource on window.open(), r=ehsan 2018-07-11 12:38:47 +02:00
Andrea Marchesini
b57c0f116e Bug 1469993 - Grant storage access to a 3rd party, tracking resource if a opened document has user-interaction - part 8 - tests, r=ehsan 2018-07-10 10:09:59 +02:00
Margareta Eliza Balazs
c37b51f523 Backed out 9 changesets (bug 1469993) for causing bustage in build/srcdom/base/nsGlobalWindowInner.cpp on a CLOSED TREE 
Backed out changeset e89192032fe2 (bug 1469993)
Backed out changeset 4b261595099d (bug 1469993)
Backed out changeset 37182cfe869c (bug 1469993)
Backed out changeset 5b9870995c73 (bug 1469993)
Backed out changeset 55499fcd9738 (bug 1469993)
Backed out changeset 8c1c838d54ba (bug 1469993)
Backed out changeset 12b9c8bfa41f (bug 1469993)
Backed out changeset 04ab7d6c169a (bug 1469993)
Backed out changeset 53885d61244e (bug 1469993)
 2018-07-10 11:32:34 +03:00
Andrea Marchesini
47ab3f6055 Bug 1469993 - Grant storage access to a 3rd party, tracking resource if a opened document has user-interaction - part 8 - tests, r=ehsan 2018-07-10 10:09:59 +02:00
Andrea Marchesini
d0d6e91dfa Bug 1470108 - Write a test to see how the anti-tracking blocking works with cached images, r=aosmond 2018-07-04 15:52:01 +02:00
Andrea Marchesini
99fa4c908a Bug 1470578 - Rename the anti-tracking pref, r=francois 2018-06-25 22:46:13 +02:00
Andrea Marchesini
5b9437cad2 Bug 1461921 - Block storage access for third-parties on the tracking protection list - part 5 - Cookies, r=ehsan 2018-06-20 13:38:22 -04:00