diff --git a/caps/OriginAttributes.cpp b/caps/OriginAttributes.cpp index ba63a7761b35..46e458f0d9bd 100644 --- a/caps/OriginAttributes.cpp +++ b/caps/OriginAttributes.cpp @@ -61,7 +61,7 @@ static void PopulateTopLevelInfoFromURI(const bool aIsTopLevelDocument, bool aForeignByAncestorContext, bool aIsFirstPartyEnabled, bool aForced, bool aUseSite, - nsString OriginAttributes::* aTarget, + nsString OriginAttributes::*aTarget, OriginAttributes& aOriginAttributes) { nsresult rv; @@ -514,23 +514,4 @@ bool OriginAttributes::ParsePartitionKey(const nsAString& aPartitionKey, return fieldIndex > 1; } -/* static */ -bool OriginAttributes::ExtractSiteFromPartitionKey( - const nsAString& aPartitionKey, nsAString& aOutSite) { - nsAutoString scheme, host; - int32_t port; - bool unused; - if (!ParsePartitionKey(aPartitionKey, scheme, host, port, unused)) { - return false; - } - - if (port == -1) { - aOutSite.Assign(scheme + u"://"_ns + host); - } else { - aOutSite.Assign(scheme + u"://"_ns + host + u":"_ns); - aOutSite.AppendInt(port); - } - return true; -} - } // namespace mozilla diff --git a/caps/OriginAttributes.h b/caps/OriginAttributes.h index 1794c6e0bea0..21b641771f7e 100644 --- a/caps/OriginAttributes.h +++ b/caps/OriginAttributes.h @@ -141,11 +141,6 @@ class OriginAttributes : public dom::OriginAttributesDictionary { nsAString& outScheme, nsAString& outBaseDomain, int32_t& outPort, bool& outForeignByAncestorContext); - - // Parse a partitionKey and extract the site from it. Returns false if the - // partitionKey cannot be parsed because the format is invalid. - static bool ExtractSiteFromPartitionKey(const nsAString& aPartitionKey, - nsAString& aOutSite); }; class OriginAttributesPattern : public dom::OriginAttributesPatternDictionary { diff --git a/dom/base/Document.cpp b/dom/base/Document.cpp index 217fc5f20c61..96d64cdef440 100644 --- a/dom/base/Document.cpp +++ b/dom/base/Document.cpp @@ -6661,10 +6661,6 @@ void Document::GetCookie(nsAString& aCookie, ErrorResult& aRv) { return; } - nsCOMPtr loadInfo = - GetChannel() ? GetChannel()->LoadInfo() : nullptr; - bool on3pcbException = loadInfo && loadInfo->GetIsOn3PCBExceptionList(); - for (auto& principal : principals) { nsAutoCString baseDomain; nsresult rv = CookieCommons::GetBaseDomain(principal, baseDomain); @@ -6709,10 +6705,9 @@ void Document::GetCookie(nsAString& aCookie, ErrorResult& aRv) { continue; } - if (thirdParty && - !CookieCommons::ShouldIncludeCrossSiteCookie( - cookie, CookieJarSettings()->GetPartitionForeign(), - IsInPrivateBrowsing(), UsingStorageAccess(), on3pcbException)) { + if (thirdParty && !CookieCommons::ShouldIncludeCrossSiteCookie( + cookie, CookieJarSettings()->GetPartitionForeign(), + IsInPrivateBrowsing(), UsingStorageAccess())) { continue; } @@ -6847,14 +6842,9 @@ void Document::SetCookie(const nsAString& aCookieString, ErrorResult& aRv) { nullptr, &thirdParty); } - nsCOMPtr loadInfo = - GetChannel() ? GetChannel()->LoadInfo() : nullptr; - bool on3pcbException = loadInfo && loadInfo->GetIsOn3PCBExceptionList(); - - if (thirdParty && - !CookieCommons::ShouldIncludeCrossSiteCookie( - cookie, CookieJarSettings()->GetPartitionForeign(), - IsInPrivateBrowsing(), UsingStorageAccess(), on3pcbException)) { + if (thirdParty && !CookieCommons::ShouldIncludeCrossSiteCookie( + cookie, CookieJarSettings()->GetPartitionForeign(), + IsInPrivateBrowsing(), UsingStorageAccess())) { return; } @@ -19398,15 +19388,6 @@ bool Document::UsingStorageAccess() { return loadInfo->GetStoragePermission() != nsILoadInfo::NoStoragePermission; } -bool Document::IsOn3PCBExceptionList() const { - if (!mChannel) { - return false; - } - nsCOMPtr loadInfo = mChannel->LoadInfo(); - - return loadInfo->GetIsOn3PCBExceptionList(); -} - bool Document::HasStorageAccessPermissionGrantedByAllowList() { // We only care about if the document gets the storage permission via the // allow list here. So we don't check the storage access cache in the inner diff --git a/dom/base/Document.h b/dom/base/Document.h index 58b9d4b90a84..7eb244d65eb5 100644 --- a/dom/base/Document.h +++ b/dom/base/Document.h @@ -337,8 +337,12 @@ class EarlyHintConnectArgs; } // namespace mozilla::net // Must be kept in sync with xpcom/rust/xpcom/src/interfaces/nonidl.rs -#define NS_IDOCUMENT_IID \ - {0xce1f7627, 0x7109, 0x4977, {0xba, 0x77, 0x49, 0x0f, 0xfd, 0xe0, 0x7a, 0xaa}} +#define NS_IDOCUMENT_IID \ + { \ + 0xce1f7627, 0x7109, 0x4977, { \ + 0xba, 0x77, 0x49, 0x0f, 0xfd, 0xe0, 0x7a, 0xaa \ + } \ + } namespace mozilla::dom { @@ -496,8 +500,8 @@ class ExternalResourceMap { } \ NS_DECL_ISUPPORTS \ NS_FORWARD_NSIINTERFACEREQUESTOR(mIfReq->) \ - NS_FORWARD_##_allcaps(mRealPtr->) private \ - : nsCOMPtr mIfReq; \ + NS_FORWARD_##_allcaps(mRealPtr->) private \ + : nsCOMPtr mIfReq; \ nsCOMPtr<_i> mRealPtr; \ }; @@ -1405,9 +1409,6 @@ class Document : public nsINode, // Returns whether this document is using unpartitioned cookies bool UsingStorageAccess(); - // Returns whether the document is on the 3PCB exception list. - bool IsOn3PCBExceptionList() const; - // Returns whether the storage access permission of the document is granted by // the allow list. bool HasStorageAccessPermissionGrantedByAllowList(); diff --git a/dom/cookiestore/CookieStore.cpp b/dom/cookiestore/CookieStore.cpp index b4a2aa422da3..2951e5f77a95 100644 --- a/dom/cookiestore/CookieStore.cpp +++ b/dom/cookiestore/CookieStore.cpp @@ -196,12 +196,11 @@ void ResolvePromiseAsync(Promise* aPromise) { bool GetContextAttributes(CookieStore* aCookieStore, bool* aThirdPartyContext, bool* aPartitionForeign, bool* aUsingStorageAccess, - bool* aIsOn3PCBExceptionList, Promise* aPromise) { + Promise* aPromise) { MOZ_ASSERT(aCookieStore); MOZ_ASSERT(aThirdPartyContext); MOZ_ASSERT(aPartitionForeign); MOZ_ASSERT(aUsingStorageAccess); - MOZ_ASSERT(aIsOn3PCBExceptionList); MOZ_ASSERT(aPromise); if (NS_IsMainThread()) { @@ -225,7 +224,6 @@ bool GetContextAttributes(CookieStore* aCookieStore, bool* aThirdPartyContext, *aPartitionForeign = document->CookieJarSettings()->GetPartitionForeign(); *aUsingStorageAccess = document->UsingStorageAccess(); - *aIsOn3PCBExceptionList = document->IsOn3PCBExceptionList(); return true; } @@ -236,7 +234,6 @@ bool GetContextAttributes(CookieStore* aCookieStore, bool* aThirdPartyContext, *aPartitionForeign = workerPrivate->CookieJarSettings()->GetPartitionForeign(); *aUsingStorageAccess = workerPrivate->UsingStorageAccess(); - *aIsOn3PCBExceptionList = workerPrivate->IsOn3PCBExceptionList(); return true; } @@ -379,11 +376,9 @@ already_AddRefed CookieStore::Set(const CookieInit& aOptions, bool thirdPartyContext = true; bool partitionForeign = true; bool usingStorageAccess = false; - bool isOn3PCBExceptionList = false; if (!GetContextAttributes(self, &thirdPartyContext, &partitionForeign, - &usingStorageAccess, &isOn3PCBExceptionList, - promise)) { + &usingStorageAccess, promise)) { return; } @@ -412,8 +407,8 @@ already_AddRefed CookieStore::Set(const CookieInit& aOptions, aOptions.mDomain.IsEmpty() ? nsString(baseDomain) : nsString(aOptions.mDomain), cookiePrincipal->OriginAttributesRef(), thirdPartyContext, - partitionForeign, usingStorageAccess, isOn3PCBExceptionList, - nsString(aOptions.mName), nsString(aOptions.mValue), + partitionForeign, usingStorageAccess, nsString(aOptions.mName), + nsString(aOptions.mValue), // If expires is not set, it's a session cookie. aOptions.mExpires.IsNull(), aOptions.mExpires.IsNull() @@ -504,11 +499,9 @@ already_AddRefed CookieStore::Delete( bool thirdPartyContext = true; bool partitionForeign = true; bool usingStorageAccess = false; - bool isOn3PCBExceptionList = false; if (!GetContextAttributes(self, &thirdPartyContext, &partitionForeign, - &usingStorageAccess, &isOn3PCBExceptionList, - promise)) { + &usingStorageAccess, promise)) { return; } @@ -537,9 +530,8 @@ already_AddRefed CookieStore::Delete( aOptions.mDomain.IsEmpty() ? nsString(baseDomain) : nsString(aOptions.mDomain), cookiePrincipal->OriginAttributesRef(), thirdPartyContext, - partitionForeign, usingStorageAccess, isOn3PCBExceptionList, - nsString(aOptions.mName), path, aOptions.mPartitioned, - operationID); + partitionForeign, usingStorageAccess, nsString(aOptions.mName), + path, aOptions.mPartitioned, operationID); if (NS_WARN_IF(!ipcPromise)) { promise->MaybeResolveWithUndefined(); return; @@ -713,11 +705,9 @@ already_AddRefed CookieStore::GetInternal( bool thirdPartyContext = true; bool partitionForeign = true; bool usingStorageAccess = false; - bool isOn3PCBExceptionList = false; if (!GetContextAttributes(self, &thirdPartyContext, &partitionForeign, - &usingStorageAccess, &isOn3PCBExceptionList, - promise)) { + &usingStorageAccess, promise)) { return; } @@ -741,8 +731,8 @@ already_AddRefed CookieStore::GetInternal( ? Some(partitionedCookiePrincipal->OriginAttributesRef()) : Nothing(), thirdPartyContext, partitionForeign, usingStorageAccess, - isOn3PCBExceptionList, aOptions.mName.WasPassed(), - nsString(name), path, aOnlyTheFirstMatch); + aOptions.mName.WasPassed(), nsString(name), path, + aOnlyTheFirstMatch); if (NS_WARN_IF(!ipcPromise)) { promise->MaybeResolveWithUndefined(); return; diff --git a/dom/cookiestore/CookieStoreParent.cpp b/dom/cookiestore/CookieStoreParent.cpp index b1c3b1217197..7a9dce450676 100644 --- a/dom/cookiestore/CookieStoreParent.cpp +++ b/dom/cookiestore/CookieStoreParent.cpp @@ -71,25 +71,24 @@ mozilla::ipc::IPCResult CookieStoreParent::RecvGetRequest( const nsString& aDomain, const OriginAttributes& aOriginAttributes, const Maybe& aPartitionedOriginAttributes, const bool& aThirdPartyContext, const bool& aPartitionForeign, - const bool& aUsingStorageAccess, const bool& aIsOn3PCBExceptionList, - const bool& aMatchName, const nsString& aName, const nsCString& aPath, - const bool& aOnlyFirstMatch, GetRequestResolver&& aResolver) { + const bool& aUsingStorageAccess, const bool& aMatchName, + const nsString& aName, const nsCString& aPath, const bool& aOnlyFirstMatch, + GetRequestResolver&& aResolver) { AssertIsOnBackgroundThread(); - InvokeAsync(GetMainThreadSerialEventTarget(), __func__, - [self = RefPtr(this), aDomain, aOriginAttributes, - aPartitionedOriginAttributes, aThirdPartyContext, - aPartitionForeign, aUsingStorageAccess, aIsOn3PCBExceptionList, - aMatchName, aName, aPath, aOnlyFirstMatch]() { - CopyableTArray results; - self->GetRequestOnMainThread( - aDomain, aOriginAttributes, aPartitionedOriginAttributes, - aThirdPartyContext, aPartitionForeign, aUsingStorageAccess, - aIsOn3PCBExceptionList, aMatchName, aName, aPath, - aOnlyFirstMatch, results); - return GetRequestPromise::CreateAndResolve(std::move(results), - __func__); - }) + InvokeAsync( + GetMainThreadSerialEventTarget(), __func__, + [self = RefPtr(this), aDomain, aOriginAttributes, + aPartitionedOriginAttributes, aThirdPartyContext, aPartitionForeign, + aUsingStorageAccess, aMatchName, aName, aPath, aOnlyFirstMatch]() { + CopyableTArray results; + self->GetRequestOnMainThread( + aDomain, aOriginAttributes, aPartitionedOriginAttributes, + aThirdPartyContext, aPartitionForeign, aUsingStorageAccess, + aMatchName, aName, aPath, aOnlyFirstMatch, results); + return GetRequestPromise::CreateAndResolve(std::move(results), + __func__); + }) ->Then(GetCurrentSerialEventTarget(), __func__, [aResolver = std::move(aResolver)]( const GetRequestPromise::ResolveOrRejectValue& aResult) { @@ -103,30 +102,28 @@ mozilla::ipc::IPCResult CookieStoreParent::RecvGetRequest( mozilla::ipc::IPCResult CookieStoreParent::RecvSetRequest( const nsString& aDomain, const OriginAttributes& aOriginAttributes, const bool& aThirdPartyContext, const bool& aPartitionForeign, - const bool& aUsingStorageAccess, const bool& aIsOn3PCBExceptionList, - const nsString& aName, const nsString& aValue, const bool& aSession, - const int64_t& aExpires, const nsString& aPath, const int32_t& aSameSite, - const bool& aPartitioned, const nsID& aOperationID, - SetRequestResolver&& aResolver) { + const bool& aUsingStorageAccess, const nsString& aName, + const nsString& aValue, const bool& aSession, const int64_t& aExpires, + const nsString& aPath, const int32_t& aSameSite, const bool& aPartitioned, + const nsID& aOperationID, SetRequestResolver&& aResolver) { AssertIsOnBackgroundThread(); RefPtr parent = BackgroundParent::GetContentParentHandle(Manager()); - InvokeAsync( - GetMainThreadSerialEventTarget(), __func__, - [self = RefPtr(this), parent = RefPtr(parent), aDomain, aOriginAttributes, - aThirdPartyContext, aPartitionForeign, aUsingStorageAccess, - aIsOn3PCBExceptionList, aName, aValue, aSession, aExpires, aPath, - aSameSite, aPartitioned, aOperationID]() { - bool waitForNotification = self->SetRequestOnMainThread( - parent, aDomain, aOriginAttributes, aThirdPartyContext, - aPartitionForeign, aUsingStorageAccess, aIsOn3PCBExceptionList, - aName, aValue, aSession, aExpires, aPath, aSameSite, aPartitioned, - aOperationID); - return SetDeleteRequestPromise::CreateAndResolve(waitForNotification, - __func__); - }) + InvokeAsync(GetMainThreadSerialEventTarget(), __func__, + [self = RefPtr(this), parent = RefPtr(parent), aDomain, + aOriginAttributes, aThirdPartyContext, aPartitionForeign, + aUsingStorageAccess, aName, aValue, aSession, aExpires, aPath, + aSameSite, aPartitioned, aOperationID]() { + bool waitForNotification = self->SetRequestOnMainThread( + parent, aDomain, aOriginAttributes, aThirdPartyContext, + aPartitionForeign, aUsingStorageAccess, aName, aValue, + aSession, aExpires, aPath, aSameSite, aPartitioned, + aOperationID); + return SetDeleteRequestPromise::CreateAndResolve( + waitForNotification, __func__); + }) ->Then(GetCurrentSerialEventTarget(), __func__, [aResolver = std::move(aResolver)]( const SetDeleteRequestPromise::ResolveOrRejectValue& aResult) { @@ -140,9 +137,9 @@ mozilla::ipc::IPCResult CookieStoreParent::RecvSetRequest( mozilla::ipc::IPCResult CookieStoreParent::RecvDeleteRequest( const nsString& aDomain, const OriginAttributes& aOriginAttributes, const bool& aThirdPartyContext, const bool& aPartitionForeign, - const bool& aUsingStorageAccess, const bool& aIsOn3PCBExceptionList, - const nsString& aName, const nsString& aPath, const bool& aPartitioned, - const nsID& aOperationID, DeleteRequestResolver&& aResolver) { + const bool& aUsingStorageAccess, const nsString& aName, + const nsString& aPath, const bool& aPartitioned, const nsID& aOperationID, + DeleteRequestResolver&& aResolver) { AssertIsOnBackgroundThread(); RefPtr parent = @@ -151,12 +148,12 @@ mozilla::ipc::IPCResult CookieStoreParent::RecvDeleteRequest( InvokeAsync( GetMainThreadSerialEventTarget(), __func__, [self = RefPtr(this), parent = RefPtr(parent), aDomain, aOriginAttributes, - aThirdPartyContext, aPartitionForeign, aUsingStorageAccess, - aIsOn3PCBExceptionList, aName, aPath, aPartitioned, aOperationID]() { + aThirdPartyContext, aPartitionForeign, aUsingStorageAccess, aName, aPath, + aPartitioned, aOperationID]() { bool waitForNotification = self->DeleteRequestOnMainThread( parent, aDomain, aOriginAttributes, aThirdPartyContext, - aPartitionForeign, aUsingStorageAccess, aIsOn3PCBExceptionList, - aName, aPath, aPartitioned, aOperationID); + aPartitionForeign, aUsingStorageAccess, aName, aPath, aPartitioned, + aOperationID); return SetDeleteRequestPromise::CreateAndResolve(waitForNotification, __func__); }) @@ -180,9 +177,8 @@ void CookieStoreParent::GetRequestOnMainThread( const nsAString& aDomain, const OriginAttributes& aOriginAttributes, const Maybe& aPartitionedOriginAttributes, bool aThirdPartyContext, bool aPartitionForeign, bool aUsingStorageAccess, - bool aIsOn3PCBExceptionList, bool aMatchName, const nsAString& aName, - const nsACString& aPath, bool aOnlyFirstMatch, - nsTArray& aResults) { + bool aMatchName, const nsAString& aName, const nsACString& aPath, + bool aOnlyFirstMatch, nsTArray& aResults) { MOZ_ASSERT(NS_IsMainThread()); nsCOMPtr service = @@ -214,7 +210,7 @@ void CookieStoreParent::GetRequestOnMainThread( if (aThirdPartyContext && !CookieCommons::ShouldIncludeCrossSiteCookie( cookie, aPartitionForeign, attrs.IsPrivateBrowsing(), - aUsingStorageAccess, aIsOn3PCBExceptionList)) { + aUsingStorageAccess)) { continue; } @@ -246,8 +242,7 @@ void CookieStoreParent::GetRequestOnMainThread( bool CookieStoreParent::SetRequestOnMainThread( ThreadsafeContentParentHandle* aParent, const nsAString& aDomain, const OriginAttributes& aOriginAttributes, bool aThirdPartyContext, - bool aPartitionForeign, bool aUsingStorageAccess, - bool aIsOn3PCBExceptionList, const nsAString& aName, + bool aPartitionForeign, bool aUsingStorageAccess, const nsAString& aName, const nsAString& aValue, bool aSession, int64_t aExpires, const nsAString& aPath, int32_t aSameSite, bool aPartitioned, const nsID& aOperationID) { @@ -263,7 +258,7 @@ bool CookieStoreParent::SetRequestOnMainThread( !CookieCommons::ShouldIncludeCrossSiteCookie( aSameSite, aPartitioned && !aOriginAttributes.mPartitionKey.IsEmpty(), aPartitionForeign, aOriginAttributes.IsPrivateBrowsing(), - aUsingStorageAccess, aIsOn3PCBExceptionList)) { + aUsingStorageAccess)) { return false; } @@ -304,9 +299,8 @@ bool CookieStoreParent::SetRequestOnMainThread( bool CookieStoreParent::DeleteRequestOnMainThread( ThreadsafeContentParentHandle* aParent, const nsAString& aDomain, const OriginAttributes& aOriginAttributes, bool aThirdPartyContext, - bool aPartitionForeign, bool aUsingStorageAccess, - bool aIsOn3PCBExceptionList, const nsAString& aName, const nsAString& aPath, - bool aPartitioned, const nsID& aOperationID) { + bool aPartitionForeign, bool aUsingStorageAccess, const nsAString& aName, + const nsAString& aPath, bool aPartitioned, const nsID& aOperationID) { MOZ_ASSERT(NS_IsMainThread()); NS_ConvertUTF16toUTF8 domain(aDomain); @@ -373,8 +367,8 @@ bool CookieStoreParent::DeleteRequestOnMainThread( if (!CookieCommons::ShouldIncludeCrossSiteCookie( sameSiteAttr, isPartitioned && !aOriginAttributes.mPartitionKey.IsEmpty(), - aPartitionForeign, attrs.IsPrivateBrowsing(), aUsingStorageAccess, - aIsOn3PCBExceptionList)) { + aPartitionForeign, attrs.IsPrivateBrowsing(), + aUsingStorageAccess)) { return false; } } diff --git a/dom/cookiestore/CookieStoreParent.h b/dom/cookiestore/CookieStoreParent.h index 691ae88f033d..2bbd779c4382 100644 --- a/dom/cookiestore/CookieStoreParent.h +++ b/dom/cookiestore/CookieStoreParent.h @@ -34,25 +34,24 @@ class CookieStoreParent final : public PCookieStoreParent { const nsString& aDomain, const OriginAttributes& aOriginAttributes, const Maybe& aPartitionedOriginAttributes, const bool& aThirdPartyContext, const bool& aPartitionForeign, - const bool& aUsingStorageAccess, const bool& aIsOn3PCBExceptionList, - const bool& aMatchName, const nsString& aName, const nsCString& aPath, + const bool& aUsingStorageAccess, const bool& aMatchName, + const nsString& aName, const nsCString& aPath, const bool& aOnlyFirstMatch, GetRequestResolver&& aResolver); mozilla::ipc::IPCResult RecvSetRequest( const nsString& aDomain, const OriginAttributes& aOriginAttributes, const bool& aThirdPartyContext, const bool& aPartitionForeign, - const bool& aUsingStorageAccess, const bool& aIsOn3PCBExceptionList, - const nsString& aName, const nsString& aValue, const bool& aSession, - const int64_t& aExpires, const nsString& aPath, const int32_t& aSameSite, - const bool& aPartitioned, const nsID& aOperationID, - SetRequestResolver&& aResolver); + const bool& aUsingStorageAccess, const nsString& aName, + const nsString& aValue, const bool& aSession, const int64_t& aExpires, + const nsString& aPath, const int32_t& aSameSite, const bool& aPartitioned, + const nsID& aOperationID, SetRequestResolver&& aResolver); mozilla::ipc::IPCResult RecvDeleteRequest( const nsString& aDomain, const OriginAttributes& aOriginAttributes, const bool& aThirdPartyContext, const bool& aPartitionForeign, - const bool& aUsingStorageAccess, const bool& aIsOn3PCBExceptionList, - const nsString& aName, const nsString& aPath, const bool& aPartitioned, - const nsID& aOperationID, DeleteRequestResolver&& aResolver); + const bool& aUsingStorageAccess, const nsString& aName, + const nsString& aPath, const bool& aPartitioned, const nsID& aOperationID, + DeleteRequestResolver&& aResolver); mozilla::ipc::IPCResult RecvClose(); @@ -60,9 +59,8 @@ class CookieStoreParent final : public PCookieStoreParent { const nsAString& aDomain, const OriginAttributes& aOriginAttributes, const Maybe& aPartitionedOriginAttributes, bool aThirdPartyContext, bool aPartitionForeign, bool aUsingStorageAccess, - bool aIsOn3PCBExceptionList, bool aMatchName, const nsAString& aName, - const nsACString& aPath, bool aOnlyFirstMatch, - nsTArray& aResults); + bool aMatchName, const nsAString& aName, const nsACString& aPath, + bool aOnlyFirstMatch, nsTArray& aResults); // Returns true if a cookie notification has been generated while completing // the operation. @@ -70,20 +68,18 @@ class CookieStoreParent final : public PCookieStoreParent { const nsAString& aDomain, const OriginAttributes& aOriginAttributes, bool aThirdPartyContext, bool aPartitionForeign, - bool aUsingStorageAccess, - bool aIsOn3PCBExceptionList, - const nsAString& aName, const nsAString& aValue, - bool aSession, int64_t aExpires, - const nsAString& aPath, int32_t aSameSite, - bool aPartitioned, const nsID& aOperationID); + bool aUsingStorageAccess, const nsAString& aName, + const nsAString& aValue, bool aSession, + int64_t aExpires, const nsAString& aPath, + int32_t aSameSite, bool aPartitioned, + const nsID& aOperationID); // Returns true if a cookie notification has been generated while completing // the operation. bool DeleteRequestOnMainThread( ThreadsafeContentParentHandle* aParent, const nsAString& aDomain, const OriginAttributes& aOriginAttributes, bool aThirdPartyContext, - bool aPartitionForeign, bool aUsingStorageAccess, - bool aIsOn3PCBExceptionList, const nsAString& aName, + bool aPartitionForeign, bool aUsingStorageAccess, const nsAString& aName, const nsAString& aPath, bool aPartitioned, const nsID& aOperationID); CookieStoreNotificationWatcher* GetOrCreateNotificationWatcherOnMainThread( diff --git a/dom/cookiestore/PCookieStore.ipdl b/dom/cookiestore/PCookieStore.ipdl index 2bbde1a2190e..825ac7cf9d2f 100644 --- a/dom/cookiestore/PCookieStore.ipdl +++ b/dom/cookiestore/PCookieStore.ipdl @@ -36,7 +36,6 @@ parent: bool thirdPartyContext, bool partitionForeign, bool usingStorageAccess, - bool isOn3PCBExceptionList, bool matchName, nsString name, nsCString path, @@ -47,7 +46,6 @@ parent: bool thirdPartyContext, bool partitionForeign, bool usingStorageAccess, - bool isOn3PCBExceptionList, nsString name, nsString value, bool session, @@ -62,7 +60,6 @@ parent: bool thirdPartyContext, bool partitionForeign, bool usingStorageAccess, - bool isOn3PCBExceptionList, nsString name, nsString path, bool partitioned, diff --git a/dom/fetch/Fetch.cpp b/dom/fetch/Fetch.cpp index a85e4c425f8a..a030f3f07b9f 100644 --- a/dom/fetch/Fetch.cpp +++ b/dom/fetch/Fetch.cpp @@ -775,8 +775,6 @@ already_AddRefed FetchRequest(nsIGlobalObject* aGlobal, ipcArgs.isThirdPartyContext() = worker->IsThirdPartyContext(); - ipcArgs.isOn3PCBExceptionList() = worker->IsOn3PCBExceptionList(); - ipcArgs.isWorkerRequest() = true; actor->DoFetchOp(ipcArgs); diff --git a/dom/fetch/FetchDriver.cpp b/dom/fetch/FetchDriver.cpp index 56c4d653d563..f7808b9c8d08 100644 --- a/dom/fetch/FetchDriver.cpp +++ b/dom/fetch/FetchDriver.cpp @@ -350,7 +350,6 @@ FetchDriver::FetchDriver(SafeRefPtr aRequest, mPerformanceStorage(aPerformanceStorage), mNeedToObserveOnDataAvailable(false), mIsTrackingFetch(aIsTrackingFetch), - mIsOn3PCBExceptionList(false), mOnStopRequestCalled(false) #ifdef DEBUG , @@ -684,12 +683,6 @@ nsresult FetchDriver::HttpFetch( NS_ENSURE_SUCCESS(rv, rv); } - if (mIsOn3PCBExceptionList) { - nsCOMPtr loadInfo = chan->LoadInfo(); - rv = loadInfo->SetIsOn3PCBExceptionList(mIsOn3PCBExceptionList); - NS_ENSURE_SUCCESS(rv, rv); - } - // If the fetch is created by FetchEvent.request or NavigationPreload request, // corresponding InterceptedHttpChannel information need to propagate to the // channel of the fetch. diff --git a/dom/fetch/FetchDriver.h b/dom/fetch/FetchDriver.h index f6fe66275224..62fc251a2ecd 100644 --- a/dom/fetch/FetchDriver.h +++ b/dom/fetch/FetchDriver.h @@ -149,10 +149,6 @@ class FetchDriver final : public nsIChannelEventSink, mIsThirdPartyWorker = aIsThirdPartyWorker; } - void SetIsOn3PCBExceptionList(bool aIsOn3PCBExceptionList) { - mIsOn3PCBExceptionList = aIsOn3PCBExceptionList; - } - private: nsCOMPtr mPrincipal; nsCOMPtr mLoadGroup; @@ -191,9 +187,6 @@ class FetchDriver final : public nsIChannelEventSink, // if the fetch request is not from a worker. Maybe mIsThirdPartyWorker; - // Indicates whether the fetch request is on the 3PCB exception list. - bool mIsOn3PCBExceptionList; - RefPtr mAltDataListener; bool mOnStopRequestCalled; diff --git a/dom/fetch/FetchParent.cpp b/dom/fetch/FetchParent.cpp index 89c6243ebeeb..ac5e53da2279 100644 --- a/dom/fetch/FetchParent.cpp +++ b/dom/fetch/FetchParent.cpp @@ -106,7 +106,6 @@ IPCResult FetchParent::RecvFetchOp(FetchOpArgs&& aArgs) { mNeedOnDataAvailable = aArgs.needOnDataAvailable(); mHasCSPEventListener = aArgs.hasCSPEventListener(); mIsThirdPartyContext = aArgs.isThirdPartyContext(); - mIsOn3PCBExceptionList = aArgs.isOn3PCBExceptionList(); if (mHasCSPEventListener) { mCSPEventListener = @@ -182,7 +181,7 @@ IPCResult FetchParent::RecvFetchOp(FetchOpArgs&& aArgs) { self->mBackgroundEventTarget, self->mID, self->mIsThirdPartyContext, MozPromiseRequestHolder(), - self->mPromise, self->mIsOn3PCBExceptionList}))); + self->mPromise}))); } else { MOZ_ASSERT(self->mRequest->GetKeepalive()); self->mResponsePromises = diff --git a/dom/fetch/FetchParent.h b/dom/fetch/FetchParent.h index 0d41589e2894..d5ac07db1194 100644 --- a/dom/fetch/FetchParent.h +++ b/dom/fetch/FetchParent.h @@ -99,7 +99,6 @@ class FetchParent final : public PFetchParent { uint64_t mAssociatedBrowsingContextID{0}; bool mIsThirdPartyContext{true}; bool mIsWorkerFetch{false}; - bool mIsOn3PCBExceptionList{false}; Atomic mIsDone{false}; Atomic mActorDestroyed{false}; diff --git a/dom/fetch/FetchService.cpp b/dom/fetch/FetchService.cpp index d3412d1cb7c2..6fc05bf6cc83 100644 --- a/dom/fetch/FetchService.cpp +++ b/dom/fetch/FetchService.cpp @@ -277,7 +277,6 @@ RefPtr FetchService::FetchInstance::Fetch() { mFetchDriver->SetAssociatedBrowsingContextID( args.mAssociatedBrowsingContextID); mFetchDriver->SetIsThirdPartyWorker(Some(args.mIsThirdPartyContext)); - mFetchDriver->SetIsOn3PCBExceptionList(args.mIsOn3PCBExceptionList); } mFetchDriver->EnableNetworkInterceptControl(); diff --git a/dom/fetch/FetchService.h b/dom/fetch/FetchService.h index 0d1240978a2b..4083637e41cb 100644 --- a/dom/fetch/FetchService.h +++ b/dom/fetch/FetchService.h @@ -107,7 +107,6 @@ class FetchService final : public nsIObserver { MozPromiseRequestHolder mResponseEndPromiseHolder; RefPtr mFetchParentPromise; - bool mIsOn3PCBExceptionList; }; // Used for content process main thread fetch() diff --git a/dom/fetch/PFetch.ipdl b/dom/fetch/PFetch.ipdl index a2e3b14d29bf..032ffd2a5966 100644 --- a/dom/fetch/PFetch.ipdl +++ b/dom/fetch/PFetch.ipdl @@ -26,7 +26,6 @@ struct FetchOpArgs{ uint64_t associatedBrowsingContextID; bool isThirdPartyContext; bool isWorkerRequest; - bool isOn3PCBExceptionList; }; protocol PFetch { diff --git a/dom/serviceworkers/ServiceWorkerPrivate.cpp b/dom/serviceworkers/ServiceWorkerPrivate.cpp index 77141b45040b..be1801537c19 100644 --- a/dom/serviceworkers/ServiceWorkerPrivate.cpp +++ b/dom/serviceworkers/ServiceWorkerPrivate.cpp @@ -49,7 +49,6 @@ #include "mozilla/ipc/PBackgroundChild.h" #include "mozilla/ipc/URIUtils.h" #include "mozilla/net/CookieJarSettings.h" -#include "mozilla/net/CookieService.h" #include "nsContentUtils.h" #include "nsDebug.h" #include "nsError.h" @@ -557,7 +556,6 @@ nsresult ServiceWorkerPrivate::Initialize() { Maybe overriddenFingerprintingSettings; nsCOMPtr firstPartyURI; bool foreignByAncestorContext = false; - bool isOn3PCBExceptionList = false; if (!principal->OriginAttributesRef().mPartitionKey.IsEmpty()) { net::CookieJarSettings::Cast(cookieJarSettings) ->SetPartitionKey(principal->OriginAttributesRef().mPartitionKey); @@ -585,12 +583,6 @@ nsresult ServiceWorkerPrivate::Initialize() { overriddenFingerprintingSettingsArg.emplace( uint64_t(overriddenFingerprintingSettings.ref())); } - - RefPtr csSingleton = - net::CookieService::GetSingleton(); - isOn3PCBExceptionList = - csSingleton->ThirdPartyCookieBlockingExceptionsRef() - .CheckExceptionForURIs(firstPartyURI, uri); } } } else if (!principal->OriginAttributesRef().mFirstPartyDomain.IsEmpty()) { @@ -617,13 +609,6 @@ nsresult ServiceWorkerPrivate::Initialize() { : nsRFPService::GetOverriddenFingerprintingSettingsForURI( uri, nullptr); - RefPtr csSingleton = - net::CookieService::GetSingleton(); - isOn3PCBExceptionList = - isThirdParty ? csSingleton->ThirdPartyCookieBlockingExceptionsRef() - .CheckExceptionForURIs(firstPartyURI, uri) - : false; - if (overriddenFingerprintingSettings.isSome()) { overriddenFingerprintingSettingsArg.emplace( uint64_t(overriddenFingerprintingSettings.ref())); @@ -741,7 +726,7 @@ nsresult ServiceWorkerPrivate::Initialize() { /* referrerInfo */ nullptr, storageAccess, isThirdPartyContextToTopWindow, shouldResistFingerprinting, - overriddenFingerprintingSettingsArg, isOn3PCBExceptionList, + overriddenFingerprintingSettingsArg, // Origin trials are associated to a window, so it doesn't make sense on // service workers. OriginTrials(), std::move(serviceWorkerData), regInfo->AgentClusterId(), diff --git a/dom/workers/WorkerLoadInfo.h b/dom/workers/WorkerLoadInfo.h index 43fd5e798536..d4dbf53b9c46 100644 --- a/dom/workers/WorkerLoadInfo.h +++ b/dom/workers/WorkerLoadInfo.h @@ -149,7 +149,6 @@ struct WorkerLoadInfoData { Maybe mOverriddenFingerprintingSettings; OriginAttributes mOriginAttributes; bool mIsThirdPartyContext; - bool mIsOn3PCBExceptionList; enum { eNotSet, diff --git a/dom/workers/WorkerPrivate.cpp b/dom/workers/WorkerPrivate.cpp index 303c445986e5..0076a8463fa9 100644 --- a/dom/workers/WorkerPrivate.cpp +++ b/dom/workers/WorkerPrivate.cpp @@ -3006,7 +3006,6 @@ nsresult WorkerPrivate::GetLoadInfo( aParent->GetOverriddenFingerprintingSettings(); loadInfo.mParentController = aParent->GlobalScope()->GetController(); loadInfo.mWatchedByDevTools = aParent->IsWatchedByDevTools(); - loadInfo.mIsOn3PCBExceptionList = aParent->IsOn3PCBExceptionList(); } else { AssertIsOnMainThread(); @@ -3154,7 +3153,6 @@ nsresult WorkerPrivate::GetLoadInfo( RFPTarget::IsAlwaysEnabledForPrecompute); loadInfo.mOverriddenFingerprintingSettings = document->GetOverriddenFingerprintingSettings(); - loadInfo.mIsOn3PCBExceptionList = document->IsOn3PCBExceptionList(); // This is an hack to deny the storage-access-permission for workers of // sub-iframes. @@ -3227,7 +3225,6 @@ nsresult WorkerPrivate::GetLoadInfo( loadInfo.mOriginAttributes = OriginAttributes(); loadInfo.mIsThirdPartyContext = false; - loadInfo.mIsOn3PCBExceptionList = false; } MOZ_ASSERT(loadInfo.mLoadingPrincipal); diff --git a/dom/workers/WorkerPrivate.h b/dom/workers/WorkerPrivate.h index cbca67b06977..c2ade467934d 100644 --- a/dom/workers/WorkerPrivate.h +++ b/dom/workers/WorkerPrivate.h @@ -1032,10 +1032,6 @@ class WorkerPrivate final return mLoadInfo.mOverriddenFingerprintingSettings; } - bool IsOn3PCBExceptionList() const { - return mLoadInfo.mIsOn3PCBExceptionList; - } - RemoteWorkerChild* GetRemoteWorkerController(); void SetRemoteWorkerController(RemoteWorkerChild* aController); diff --git a/dom/workers/remoteworkers/RemoteWorkerChild.cpp b/dom/workers/remoteworkers/RemoteWorkerChild.cpp index f1c02a9a4bc1..239745aac2d5 100644 --- a/dom/workers/remoteworkers/RemoteWorkerChild.cpp +++ b/dom/workers/remoteworkers/RemoteWorkerChild.cpp @@ -289,7 +289,6 @@ nsresult RemoteWorkerChild::ExecWorkerOnMainThread( net::CookieJarSettings::Deserialize(aData.cookieJarSettings(), getter_AddRefs(info.mCookieJarSettings)); info.mCookieJarSettingsArgs = aData.cookieJarSettings(); - info.mIsOn3PCBExceptionList = aData.isOn3PCBExceptionList(); // Default CSP permissions for now. These will be overrided if necessary // based on the script CSP headers during load in ScriptLoader. diff --git a/dom/workers/remoteworkers/RemoteWorkerTypes.ipdlh b/dom/workers/remoteworkers/RemoteWorkerTypes.ipdlh index fe5d13ef1dba..1ef35d6a17e8 100644 --- a/dom/workers/remoteworkers/RemoteWorkerTypes.ipdlh +++ b/dom/workers/remoteworkers/RemoteWorkerTypes.ipdlh @@ -87,8 +87,6 @@ struct RemoteWorkerData uint64_t? overriddenFingerprintingSettings; - bool isOn3PCBExceptionList; - OriginTrials originTrials; OptionalServiceWorkerData serviceWorkerData; diff --git a/dom/workers/sharedworkers/SharedWorker.cpp b/dom/workers/sharedworkers/SharedWorker.cpp index 775cb6e0c903..4dfd500fb570 100644 --- a/dom/workers/sharedworkers/SharedWorker.cpp +++ b/dom/workers/sharedworkers/SharedWorker.cpp @@ -266,7 +266,6 @@ already_AddRefed SharedWorker::Constructor( loadInfo.mDomain, isSecureContext, ipcClientInfo, loadInfo.mReferrerInfo, storageAllowed, AntiTrackingUtils::IsThirdPartyWindow(window, nullptr), loadInfo.mShouldResistFingerprinting, overriddenFingerprintingSettingsArg, - loadInfo.mIsOn3PCBExceptionList, OriginTrials::FromWindow(nsGlobalWindowInner::Cast(window)), void_t() /* OptionalServiceWorkerData */, agentClusterId, remoteType.unwrap()); diff --git a/ipc/glue/BackgroundUtils.cpp b/ipc/glue/BackgroundUtils.cpp index a8b1ce2b1fa7..fcc46ac1cdf9 100644 --- a/ipc/glue/BackgroundUtils.cpp +++ b/ipc/glue/BackgroundUtils.cpp @@ -573,10 +573,10 @@ nsresult LoadInfoToLoadInfoArgs(nsILoadInfo* aLoadInfo, aLoadInfo->GetFrameBrowsingContextID(), aLoadInfo->GetInitialSecurityCheckDone(), aLoadInfo->GetIsInThirdPartyContext(), isThirdPartyContextToTopWindow, - aLoadInfo->GetIsOn3PCBExceptionList(), aLoadInfo->GetIsFormSubmission(), - aLoadInfo->GetIsGETRequest(), aLoadInfo->GetSendCSPViolationEvents(), - aLoadInfo->GetOriginAttributes(), redirectChainIncludingInternalRedirects, - redirectChain, aLoadInfo->GetHasInjectedCookieForCookieBannerHandling(), + aLoadInfo->GetIsFormSubmission(), aLoadInfo->GetIsGETRequest(), + aLoadInfo->GetSendCSPViolationEvents(), aLoadInfo->GetOriginAttributes(), + redirectChainIncludingInternalRedirects, redirectChain, + aLoadInfo->GetHasInjectedCookieForCookieBannerHandling(), aLoadInfo->GetSchemelessInput(), aLoadInfo->GetHttpsUpgradeTelemetry(), ipcClientInfo, ipcReservedClientInfo, ipcInitialClientInfo, ipcController, aLoadInfo->CorsUnsafeHeaders(), aLoadInfo->GetForcePreflight(), @@ -865,9 +865,8 @@ nsresult LoadInfoArgsToLoadInfo(const LoadInfoArgs& loadInfoArgs, loadInfoArgs.browsingContextID(), loadInfoArgs.frameBrowsingContextID(), loadInfoArgs.initialSecurityCheckDone(), loadInfoArgs.isInThirdPartyContext(), isThirdPartyContextToTopWindow, - loadInfoArgs.isOn3PCBExceptionList(), loadInfoArgs.isFormSubmission(), - loadInfoArgs.isGETRequest(), loadInfoArgs.sendCSPViolationEvents(), - loadInfoArgs.originAttributes(), + loadInfoArgs.isFormSubmission(), loadInfoArgs.isGETRequest(), + loadInfoArgs.sendCSPViolationEvents(), loadInfoArgs.originAttributes(), std::move(redirectChainIncludingInternalRedirects), std::move(redirectChain), std::move(ancestorPrincipals), ancestorBrowsingContextIDs, loadInfoArgs.corsUnsafeHeaders(), @@ -976,7 +975,7 @@ void LoadInfoToParentLoadInfoForwarder( aLoadInfo->GetRequestBlockingReason(), aLoadInfo->GetStoragePermission(), overriddenFingerprintingSettingsArg, aLoadInfo->GetIsMetaRefresh(), isThirdPartyContextToTopWindow, aLoadInfo->GetIsInThirdPartyContext(), - aLoadInfo->GetIsOn3PCBExceptionList(), unstrippedURI); + unstrippedURI); } nsresult MergeParentLoadInfoForwarder( @@ -1089,10 +1088,6 @@ nsresult MergeParentLoadInfoForwarder( aForwarderArgs.isInThirdPartyContext()); NS_ENSURE_SUCCESS(rv, rv); - rv = aLoadInfo->SetIsOn3PCBExceptionList( - aForwarderArgs.isOn3PCBExceptionList()); - NS_ENSURE_SUCCESS(rv, rv); - rv = aLoadInfo->SetUnstrippedURI(aForwarderArgs.unstrippedURI()); NS_ENSURE_SUCCESS(rv, rv); diff --git a/netwerk/base/LoadInfo.cpp b/netwerk/base/LoadInfo.cpp index 69a23e79d50f..06acdc629c2b 100644 --- a/netwerk/base/LoadInfo.cpp +++ b/netwerk/base/LoadInfo.cpp @@ -647,7 +647,6 @@ LoadInfo::LoadInfo(const LoadInfo& rhs) mInitialSecurityCheckDone(rhs.mInitialSecurityCheckDone), mIsThirdPartyContext(rhs.mIsThirdPartyContext), mIsThirdPartyContextToTopWindow(rhs.mIsThirdPartyContextToTopWindow), - mIsOn3PCBExceptionList(rhs.mIsOn3PCBExceptionList), mIsFormSubmission(rhs.mIsFormSubmission), mIsGETRequest(rhs.mIsGETRequest), mSendCSPViolationEvents(rhs.mSendCSPViolationEvents), @@ -722,9 +721,9 @@ LoadInfo::LoadInfo( bool aForceInheritPrincipalDropped, uint64_t aInnerWindowID, uint64_t aBrowsingContextID, uint64_t aFrameBrowsingContextID, bool aInitialSecurityCheckDone, bool aIsThirdPartyContext, - const Maybe& aIsThirdPartyContextToTopWindow, - bool aIsOn3PCBExceptionList, bool aIsFormSubmission, bool aIsGETRequest, - bool aSendCSPViolationEvents, const OriginAttributes& aOriginAttributes, + const Maybe& aIsThirdPartyContextToTopWindow, bool aIsFormSubmission, + bool aIsGETRequest, bool aSendCSPViolationEvents, + const OriginAttributes& aOriginAttributes, RedirectHistoryArray&& aRedirectChainIncludingInternalRedirects, RedirectHistoryArray&& aRedirectChain, nsTArray>&& aAncestorPrincipals, @@ -789,7 +788,6 @@ LoadInfo::LoadInfo( mInitialSecurityCheckDone(aInitialSecurityCheckDone), mIsThirdPartyContext(aIsThirdPartyContext), mIsThirdPartyContextToTopWindow(aIsThirdPartyContextToTopWindow), - mIsOn3PCBExceptionList(aIsOn3PCBExceptionList), mIsFormSubmission(aIsFormSubmission), mIsGETRequest(aIsGETRequest), mSendCSPViolationEvents(aSendCSPViolationEvents), @@ -1115,18 +1113,6 @@ LoadInfo::SetIsThirdPartyContextToTopWindow( return NS_OK; } -NS_IMETHODIMP -LoadInfo::GetIsOn3PCBExceptionList(bool* aIsOn3PCBExceptionList) { - *aIsOn3PCBExceptionList = mIsOn3PCBExceptionList; - return NS_OK; -} - -NS_IMETHODIMP -LoadInfo::SetIsOn3PCBExceptionList(bool aIsOn3PCBExceptionList) { - mIsOn3PCBExceptionList = aIsOn3PCBExceptionList; - return NS_OK; -} - static const uint32_t sCookiePolicyMask = nsILoadInfo::SEC_COOKIES_DEFAULT | nsILoadInfo::SEC_COOKIES_INCLUDE | nsILoadInfo::SEC_COOKIES_SAME_ORIGIN | nsILoadInfo::SEC_COOKIES_OMIT; diff --git a/netwerk/base/LoadInfo.h b/netwerk/base/LoadInfo.h index 5a7b6ec7e641..c78602f6b46c 100644 --- a/netwerk/base/LoadInfo.h +++ b/netwerk/base/LoadInfo.h @@ -236,8 +236,8 @@ class LoadInfo final : public nsILoadInfo { uint64_t aBrowsingContextID, uint64_t aFrameBrowsingContextID, bool aInitialSecurityCheckDone, bool aIsThirdPartyContext, const Maybe& aIsThirdPartyContextToTopWindow, - bool aIsOn3PCBExceptionList, bool aIsFormSubmission, bool aIsGETRequest, - bool aSendCSPViolationEvents, const OriginAttributes& aOriginAttributes, + bool aIsFormSubmission, bool aIsGETRequest, bool aSendCSPViolationEvents, + const OriginAttributes& aOriginAttributes, RedirectHistoryArray&& aRedirectChainIncludingInternalRedirects, RedirectHistoryArray&& aRedirectChain, nsTArray>&& aAncestorPrincipals, @@ -348,7 +348,6 @@ class LoadInfo final : public nsILoadInfo { // NB: TYPE_DOCUMENT implies !third-party. bool mIsThirdPartyContext = false; Maybe mIsThirdPartyContextToTopWindow; - bool mIsOn3PCBExceptionList = false; bool mIsFormSubmission = false; bool mIsGETRequest = true; bool mSendCSPViolationEvents = true; diff --git a/netwerk/base/TRRLoadInfo.cpp b/netwerk/base/TRRLoadInfo.cpp index bcc8637e5b25..5984a0a19661 100644 --- a/netwerk/base/TRRLoadInfo.cpp +++ b/netwerk/base/TRRLoadInfo.cpp @@ -161,16 +161,6 @@ TRRLoadInfo::SetIsThirdPartyContextToTopWindow( return NS_ERROR_NOT_IMPLEMENTED; } -NS_IMETHODIMP -TRRLoadInfo::GetIsOn3PCBExceptionList(bool* aIsOn3PCBExceptionList) { - return NS_ERROR_NOT_IMPLEMENTED; -} - -NS_IMETHODIMP -TRRLoadInfo::SetIsOn3PCBExceptionList(bool aIsOn3PCBExceptionList) { - return NS_ERROR_NOT_IMPLEMENTED; -} - NS_IMETHODIMP TRRLoadInfo::GetCookiePolicy(uint32_t* aResult) { return NS_ERROR_NOT_IMPLEMENTED; diff --git a/netwerk/base/nsILoadInfo.idl b/netwerk/base/nsILoadInfo.idl index 2bfe708953e7..2d77b8aa8799 100644 --- a/netwerk/base/nsILoadInfo.idl +++ b/netwerk/base/nsILoadInfo.idl @@ -605,14 +605,6 @@ interface nsILoadInfo : nsISupports */ [infallible] attribute boolean isThirdPartyContextToTopWindow; - /** - * True if this request is on the third-party cookie blocking exception list. - * - * This value would be set during opening the channel in parent and propagate - * to the channel in the content. - */ - [infallible] attribute boolean isOn3PCBExceptionList; - /** * See the SEC_COOKIES_* flags above. This attribute will never return * SEC_COOKIES_DEFAULT, but will instead return what the policy resolves to. diff --git a/netwerk/cookie/CookieCommons.cpp b/netwerk/cookie/CookieCommons.cpp index 8278032a9e28..c6f7965e4923 100644 --- a/netwerk/cookie/CookieCommons.cpp +++ b/netwerk/cookie/CookieCommons.cpp @@ -424,14 +424,9 @@ already_AddRefed CookieCommons::CreateCookieFromDocument( nsCString cookieString(aCookieString); - nsCOMPtr loadInfo = - aDocument->GetChannel() ? aDocument->GetChannel()->LoadInfo() : nullptr; - const bool on3pcbException = loadInfo && loadInfo->GetIsOn3PCBExceptionList(); - aCookieParser.Parse(baseDomain, requireHostMatch, cookieStatus, cookieString, EmptyCString(), false, isForeignAndNotAddon, - mustBePartitioned, aDocument->IsInPrivateBrowsing(), - on3pcbException); + mustBePartitioned, aDocument->IsInPrivateBrowsing()); if (!aCookieParser.ContainsCookie()) { return nullptr; @@ -516,8 +511,7 @@ already_AddRefed CookieCommons::GetCookieJarSettings( bool CookieCommons::ShouldIncludeCrossSiteCookie(Cookie* aCookie, bool aPartitionForeign, bool aInPrivateBrowsing, - bool aUsingStorageAccess, - bool aOn3pcbException) { + bool aUsingStorageAccess) { MOZ_ASSERT(aCookie); int32_t sameSiteAttr = 0; @@ -525,14 +519,15 @@ bool CookieCommons::ShouldIncludeCrossSiteCookie(Cookie* aCookie, return ShouldIncludeCrossSiteCookie( sameSiteAttr, aCookie->IsPartitioned() && aCookie->RawIsPartitioned(), - aPartitionForeign, aInPrivateBrowsing, aUsingStorageAccess, - aOn3pcbException); + aPartitionForeign, aInPrivateBrowsing, aUsingStorageAccess); } // static -bool CookieCommons::ShouldIncludeCrossSiteCookie( - int32_t aSameSiteAttr, bool aCookiePartitioned, bool aPartitionForeign, - bool aInPrivateBrowsing, bool aUsingStorageAccess, bool aOn3pcbException) { +bool CookieCommons::ShouldIncludeCrossSiteCookie(int32_t aSameSiteAttr, + bool aCookiePartitioned, + bool aPartitionForeign, + bool aInPrivateBrowsing, + bool aUsingStorageAccess) { // CHIPS - If a third-party has storage access it can access both it's // partitioned and unpartitioned cookie jars, else its cookies are blocked. // @@ -543,7 +538,7 @@ bool CookieCommons::ShouldIncludeCrossSiteCookie( (aInPrivateBrowsing && StaticPrefs:: network_cookie_cookieBehavior_optInPartitioning_pbmode())) && - !aCookiePartitioned && !aUsingStorageAccess && !aOn3pcbException) { + !aCookiePartitioned && !aUsingStorageAccess) { return false; } diff --git a/netwerk/cookie/CookieCommons.h b/netwerk/cookie/CookieCommons.h index 86a253a0a9e1..8d52730872b7 100644 --- a/netwerk/cookie/CookieCommons.h +++ b/netwerk/cookie/CookieCommons.h @@ -118,12 +118,13 @@ class CookieCommons final { static bool ShouldIncludeCrossSiteCookie(Cookie* aCookie, bool aPartitionForeign, bool aInPrivateBrowsing, - bool aUsingStorageAccess, - bool aOn3pcbException); + bool aUsingStorageAccess); - static bool ShouldIncludeCrossSiteCookie( - int32_t aSameSiteAttr, bool aCookiePartitioned, bool aPartitionForeign, - bool aInPrivateBrowsing, bool aUsingStorageAccess, bool aOn3pcbException); + static bool ShouldIncludeCrossSiteCookie(int32_t aSameSiteAttr, + bool aCookiePartitioned, + bool aPartitionForeign, + bool aInPrivateBrowsing, + bool aUsingStorageAccess); static bool IsFirstPartyPartitionedCookieWithoutCHIPS( Cookie* aCookie, const nsACString& aBaseDomain, diff --git a/netwerk/cookie/CookieParser.cpp b/netwerk/cookie/CookieParser.cpp index 9c1530aa7ee1..9797e57b296b 100644 --- a/netwerk/cookie/CookieParser.cpp +++ b/netwerk/cookie/CookieParser.cpp @@ -873,7 +873,7 @@ bool CookieParser::Parse(const nsACString& aBaseDomain, bool aRequireHostMatch, CookieStatus aStatus, nsCString& aCookieHeader, const nsACString& aDateHeader, bool aFromHttp, bool aIsForeignAndNotAddon, bool aPartitionedOnly, - bool aIsInPrivateBrowsing, bool aOn3pcbException) { + bool aIsInPrivateBrowsing) { MOZ_ASSERT(!mContainsCookie); // init expiryTime such that session cookies won't prematurely expire @@ -1021,19 +1021,6 @@ bool CookieParser::Parse(const nsACString& aBaseDomain, bool aRequireHostMatch, return newCookie; } - // If the cookie is on the 3pcd exception list, we apply partitioned - // attribute to the cookie. - if (aOn3pcbException) { - // We send a warning if the cookie doesn't have the partitioned attribute - // in the foreign context. - if (aPartitionedOnly && !mCookieData.isPartitioned() && - aIsForeignAndNotAddon) { - mWarnings.mForeignNoPartitionedWarning = true; - } - - mCookieData.isPartitioned() = true; - } - // If the cookie does not have the partitioned attribute, // but is foreign we should give the developer a message. // If CHIPS isn't required yet, we will warn the console @@ -1049,7 +1036,6 @@ bool CookieParser::Parse(const nsACString& aBaseDomain, bool aRequireHostMatch, RejectCookie(RejectedForeignNoPartitionedError); return newCookie; } - mWarnings.mForeignNoPartitionedWarning = true; } diff --git a/netwerk/cookie/CookieParser.h b/netwerk/cookie/CookieParser.h index 20feebbfd336..8ea6131893eb 100644 --- a/netwerk/cookie/CookieParser.h +++ b/netwerk/cookie/CookieParser.h @@ -50,7 +50,7 @@ class CookieParser final { CookieStatus aStatus, nsCString& aCookieHeader, const nsACString& aDateHeader, bool aFromHttp, bool aIsForeignAndNotAddon, bool aPartitionedOnly, - bool aIsInPrivateBrowsing, bool aOn3pcbException); + bool aIsInPrivateBrowsing); bool ContainsCookie() const { MOZ_ASSERT_IF(mContainsCookie, mRejection == NoRejection); diff --git a/netwerk/cookie/CookieService.cpp b/netwerk/cookie/CookieService.cpp index f159011a862b..e750c6391c5d 100644 --- a/netwerk/cookie/CookieService.cpp +++ b/netwerk/cookie/CookieService.cpp @@ -7,7 +7,6 @@ #include "CookieCommons.h" #include "CookieLogging.h" #include "CookieParser.h" -#include "CookieService.h" #include "mozilla/AppShutdown.h" #include "mozilla/ClearOnShutdown.h" #include "mozilla/Components.h" @@ -17,7 +16,6 @@ #include "mozilla/dom/Document.h" #include "mozilla/dom/nsMixedContentBlocker.h" #include "mozilla/dom/Promise.h" -#include "mozilla/dom/Promise-inl.h" #include "mozilla/net/CookieJarSettings.h" #include "mozilla/net/CookiePersistentStorage.h" #include "mozilla/net/CookiePrivateStorage.h" @@ -261,10 +259,6 @@ nsresult CookieService::Init() { os->AddObserver(this, "profile-do-change", true); os->AddObserver(this, "last-pb-context-exited", true); - RunOnShutdown([self = RefPtr{this}] { - self->mThirdPartyCookieBlockingExceptions.Shutdown(); - }); - return NS_OK; } @@ -586,8 +580,7 @@ CookieService::SetCookieStringFromHttp(nsIURI* aHostURI, moreCookieToRead = cookieParser.Parse( baseDomain, requireHostMatch, cookieStatus, cookieHeader, dateHeader, true, isForeignAndNotAddon, mustBePartitioned, - storagePrincipalOriginAttributes.IsPrivateBrowsing(), - loadInfo->GetIsOn3PCBExceptionList()); + storagePrincipalOriginAttributes.IsPrivateBrowsing()); if (!cookieParser.ContainsCookie()) { continue; @@ -854,9 +847,6 @@ void CookieService::GetCookiesForURI( nsCOMPtr crc = do_QueryInterface(aChannel); - nsCOMPtr loadInfo = aChannel ? aChannel->LoadInfo() : nullptr; - const bool on3pcdException = loadInfo && loadInfo->GetIsOn3PCBExceptionList(); - for (const auto& attrs : aOriginAttrsList) { CookieStorage* storage = PickStorage(attrs); @@ -984,16 +974,13 @@ void CookieService::GetCookiesForURI( // Check if we need to block the cookie because of opt-in partitioning. // We will only allow partitioned cookies with "partitioned" attribution // if opt-in partitioning is enabled. - // - // Note: If the cookie is on the 3pcd exception list, we will include - // the cookie. if (aIsForeign && cookieJarSettings->GetPartitionForeign() && (StaticPrefs::network_cookie_cookieBehavior_optInPartitioning() || (attrs.IsPrivateBrowsing() && StaticPrefs:: network_cookie_cookieBehavior_optInPartitioning_pbmode())) && !(cookie->IsPartitioned() && cookie->RawIsPartitioned()) && - !aStorageAccessPermissionGranted && !on3pcdException) { + !aStorageAccessPermissionGranted) { continue; } @@ -1742,86 +1729,5 @@ void CookieService::AddCookieFromDocument( aThirdParty, aDocument->GetBrowsingContext()); } -/* static */ -void CookieService::Update3PCBExceptionInfo(nsIChannel* aChannel) { - MOZ_ASSERT(aChannel); - MOZ_ASSERT(XRE_IsParentProcess()); - - nsCOMPtr loadInfo = aChannel->LoadInfo(); - RefPtr csSingleton = CookieService::GetSingleton(); - - // If the channel is a top-level loading, we start initiating the exception - // list service. - if (loadInfo->GetExternalContentPolicyType() == - ExtContentPolicy::TYPE_DOCUMENT) { - Unused - << csSingleton->mThirdPartyCookieBlockingExceptions.EnsureInitialized(); - return; - } - - // If the channel is triggered by a system principal, we don't need to do - // anything because the channel is for loading system resources. - if (loadInfo->TriggeringPrincipal()->IsSystemPrincipal()) { - return; - } - - // Suspend the channel here. We will resume it after we check the exception - // list. - aChannel->Suspend(); - - // It would be better to do this check with other checks that also suspend - // the channel, such as the URLClassifier. - csSingleton->mThirdPartyCookieBlockingExceptions.EnsureInitialized()->Then( - GetMainThreadSerialEventTarget(), __func__, - [channel = nsCOMPtr{aChannel}, csSingleton, loadInfo]( - const GenericNonExclusivePromise::ResolveOrRejectValue& aValue) { - // We check the 3PCB exception list here. We will check both the - // wildcard exception and the specific exception. If any of them is in - // the exception list, we will set the channel's isOn3PCBExceptionList - // to true. - bool isInExceptionList = - csSingleton->mThirdPartyCookieBlockingExceptions - .CheckExceptionForChannel(channel); - - Unused << loadInfo->SetIsOn3PCBExceptionList(isInExceptionList); - - channel->Resume(); - return NS_OK; - }); -} - -NS_IMETHODIMP -CookieService::AddThirdPartyCookieBlockingExceptions( - const nsTArray>& aExceptions) { - for (const auto& ex : aExceptions) { - nsAutoCString exception; - MOZ_ALWAYS_SUCCEEDS(ex->Serialize(exception)); - mThirdPartyCookieBlockingExceptions.Insert(exception); - } - - return NS_OK; -} - -NS_IMETHODIMP -CookieService::RemoveThirdPartyCookieBlockingExceptions( - const nsTArray>& aExceptions) { - for (const auto& ex : aExceptions) { - nsAutoCString exception; - MOZ_ALWAYS_SUCCEEDS(ex->Serialize(exception)); - mThirdPartyCookieBlockingExceptions.Remove(exception); - } - - return NS_OK; -} - -NS_IMETHODIMP -CookieService::TestGet3PCBExceptions(nsTArray& aExceptions) { - aExceptions.Clear(); - - mThirdPartyCookieBlockingExceptions.GetExceptions(aExceptions); - - return NS_OK; -} - } // namespace net } // namespace mozilla diff --git a/netwerk/cookie/CookieService.h b/netwerk/cookie/CookieService.h index e787809d1a15..49eeb3d2a847 100644 --- a/netwerk/cookie/CookieService.h +++ b/netwerk/cookie/CookieService.h @@ -13,12 +13,10 @@ #include "Cookie.h" #include "CookieCommons.h" -#include "ThirdPartyCookieBlockingExceptions.h" #include "nsString.h" #include "nsIMemoryReporter.h" #include "mozilla/MemoryReporting.h" -#include "mozilla/MozPromise.h" class nsIConsoleReportCollector; class nsICookieJarSettings; @@ -60,12 +58,6 @@ class CookieService final : public nsICookieService, static already_AddRefed GetXPCOMSingleton(); nsresult Init(); - static void Update3PCBExceptionInfo(nsIChannel* aChannel); - - ThirdPartyCookieBlockingExceptions& ThirdPartyCookieBlockingExceptionsRef() { - return mThirdPartyCookieBlockingExceptions; - } - /** * Start watching the observer service for messages indicating that an app has * been uninstalled. When an app is uninstalled, we get the cookie service @@ -134,8 +126,6 @@ class CookieService final : public nsICookieService, nsCOMPtr mThirdPartyUtil; nsCOMPtr mTLDService; - ThirdPartyCookieBlockingExceptions mThirdPartyCookieBlockingExceptions; - // we have two separate Cookie Storages: one for normal browsing and one for // private browsing. RefPtr mPersistentStorage; diff --git a/netwerk/cookie/CookieServiceChild.cpp b/netwerk/cookie/CookieServiceChild.cpp index 7b26bd33904a..d1962a79dab2 100644 --- a/netwerk/cookie/CookieServiceChild.cpp +++ b/netwerk/cookie/CookieServiceChild.cpp @@ -484,8 +484,7 @@ CookieServiceChild::SetCookieStringFromHttp(nsIURI* aHostURI, moreCookies = parser.Parse(baseDomain, requireHostMatch, cookieStatus, cookieString, dateHeader, true, isForeignAndNotAddon, mustBePartitioned, - storagePrincipalOriginAttributes.IsPrivateBrowsing(), - loadInfo->GetIsOn3PCBExceptionList()); + storagePrincipalOriginAttributes.IsPrivateBrowsing()); if (!parser.ContainsCookie()) { continue; } diff --git a/netwerk/cookie/ThirdPartyCookieBlockingExceptionListService.sys.mjs b/netwerk/cookie/ThirdPartyCookieBlockingExceptionListService.sys.mjs deleted file mode 100644 index eb78179f4218..000000000000 --- a/netwerk/cookie/ThirdPartyCookieBlockingExceptionListService.sys.mjs +++ /dev/null @@ -1,249 +0,0 @@ -/* This Source Code Form is subject to the terms of the Mozilla Public - * License, v. 2.0. If a copy of the MPL was not distributed with this - * file, You can obtain one at http://mozilla.org/MPL/2.0/. */ - -const lazy = {}; - -ChromeUtils.defineESModuleGetters(lazy, { - RemoteSettings: "resource://services-settings/remote-settings.sys.mjs", -}); - -// Name of the RemoteSettings collection containing the records. -const COLLECTION_NAME = "third-party-cookie-blocking-exempt-urls"; -const PREF_NAME = "network.cookie.cookieBehavior.optInPartitioning.skip_list"; - -export class ThirdPartyCookieBlockingExceptionListService { - classId = Components.ID("{1ee0cc18-c968-4105-a895-bdea08e187eb}"); - QueryInterface = ChromeUtils.generateQI([ - "nsIThirdPartyCookieBlockingExceptionListService", - ]); - - #rs = null; - #onSyncCallback = null; - - // Sets to keep track of the exceptions in the pref. It uses the string in the - // format "firstPartySite,thirdPartySite" as the key. - #prefValueSet = null; - // Set to keep track of exceptions from RemoteSettings. It uses the same - // keying as above. - #rsValueSet = null; - - constructor() { - this.#rs = lazy.RemoteSettings(COLLECTION_NAME); - } - - async init() { - await this.importAllExceptions(); - - Services.prefs.addObserver(PREF_NAME, this); - - if (!this.#onSyncCallback) { - this.#onSyncCallback = this.onSync.bind(this); - this.#rs.on("sync", this.#onSyncCallback); - } - - // Import for initial pref state. - this.onPrefChange(); - } - - shutdown() { - Services.prefs.removeObserver(PREF_NAME, this); - - if (this.#onSyncCallback) { - this.#rs.off("sync", this.#onSyncCallback); - this.#onSyncCallback = null; - } - } - - #handleExceptionChange(created = [], deleted = []) { - if (created.length) { - Services.cookies.addThirdPartyCookieBlockingExceptions(created); - } - if (deleted.length) { - Services.cookies.removeThirdPartyCookieBlockingExceptions(deleted); - } - } - - onSync({ data: { created = [], updated = [], deleted = [] } }) { - // Convert the RemoteSettings records to exception entries. - created = created.map(ex => - ThirdPartyCookieExceptionEntry.fromRemoteSettingsRecord(ex) - ); - deleted = deleted.map(ex => - ThirdPartyCookieExceptionEntry.fromRemoteSettingsRecord(ex) - ); - - updated.forEach(ex => { - let newEntry = ThirdPartyCookieExceptionEntry.fromRemoteSettingsRecord( - ex.new - ); - let oldEntry = ThirdPartyCookieExceptionEntry.fromRemoteSettingsRecord( - ex.old - ); - - // We only care about changes in the sites. - if (newEntry.equals(oldEntry)) { - return; - } - created.push(newEntry); - deleted.push(oldEntry); - }); - - this.#rsValueSet ??= new Set(); - - // Remove items in sitesToRemove - for (const site of deleted) { - this.#rsValueSet.delete(site.serialize()); - } - - // Add items from sitesToAdd - for (const site of created) { - this.#rsValueSet.add(site.serialize()); - } - - this.#handleExceptionChange(created, deleted); - } - - onPrefChange() { - let newExceptions = Services.prefs.getStringPref(PREF_NAME, "").split(";"); - - // Convert the exception strings to exception entries. - newExceptions = newExceptions - .map(ex => ThirdPartyCookieExceptionEntry.fromString(ex)) - .filter(Boolean); - - // If this is the first time we're initializing from pref, we can directly - // call handleExceptionChange to create the exceptions. - if (!this.#prefValueSet) { - this.#handleExceptionChange({ - data: { created: newExceptions }, - prefUpdate: true, - }); - // Serialize the exception entries to the string format and store in the - // pref set. - this.#prefValueSet = new Set(newExceptions.map(ex => ex.serialize())); - return; - } - - // Otherwise, we need to check for changes in the pref. - - // Find added items - let created = [...newExceptions].filter( - ex => !this.#prefValueSet.has(ex.serialize()) - ); - - // Convert the new exceptions to the string format to check against the pref - // set. - let newExceptionStringSet = new Set( - newExceptions.map(ex => ex.serialize()) - ); - - // Find removed items - let deleted = Array.from(this.#prefValueSet) - .filter(item => !newExceptionStringSet.has(item)) - .map(ex => ThirdPartyCookieExceptionEntry.fromString(ex)); - - // We shouldn't remove the exceptions in the remote settings list. - if (this.#rsValueSet) { - deleted = deleted.filter(ex => !this.#rsValueSet.has(ex.serialize())); - } - - this.#prefValueSet = newExceptionStringSet; - - // Calling handleExceptionChange to handle the changes. - this.#handleExceptionChange(created, deleted); - } - - observe(subject, topic, data) { - if (topic != "nsPref:changed" || data != PREF_NAME) { - throw new Error(`Unexpected event ${topic} with ${data}`); - } - - this.onPrefChange(); - } - - async importAllExceptions() { - try { - let exceptions = await this.#rs.get(); - if (!exceptions.length) { - return; - } - this.onSync({ data: { created: exceptions } }); - } catch (error) { - console.error( - "Error while importing 3pcb exceptions from RemoteSettings", - error - ); - } - } -} - -export class ThirdPartyCookieExceptionEntry { - classId = Components.ID("{8200e12c-416c-42eb-8af5-db9745d2e527}"); - QueryInterface = ChromeUtils.generateQI([ - "nsIThirdPartyCookieExceptionEntry", - ]); - - constructor(fpSite, tpSite) { - this.firstPartySite = fpSite; - this.thirdPartySite = tpSite; - } - - // Serialize the exception entry into a string. This is used for keying the - // exception in the pref and RemoteSettings set. - serialize() { - return `${this.firstPartySite},${this.thirdPartySite}`; - } - - equals(other) { - return ( - this.firstPartySite === other.firstPartySite && - this.thirdPartySite === other.thirdPartySite - ); - } - - static fromString(exStr) { - if (!exStr) { - return null; - } - - let [fpSite, tpSite] = exStr.split(","); - try { - fpSite = this.#sanitizeSite(fpSite, true); - tpSite = this.#sanitizeSite(tpSite); - - return new ThirdPartyCookieExceptionEntry(fpSite, tpSite); - } catch (e) { - console.error( - `Error while constructing 3pcd exception entry from string`, - exStr - ); - return null; - } - } - - static fromRemoteSettingsRecord(record) { - try { - let fpSite = this.#sanitizeSite(record.fpSite, true); - let tpSite = this.#sanitizeSite(record.tpSite); - - return new ThirdPartyCookieExceptionEntry(fpSite, tpSite); - } catch (e) { - console.error( - `Error while constructing 3pcd exception entry from RemoteSettings record`, - record - ); - return null; - } - } - - // A helper function to sanitize the site using the eTLD service. - static #sanitizeSite(site, acceptWildcard = false) { - if (acceptWildcard && site === "*") { - return "*"; - } - - let uri = Services.io.newURI(site); - return Services.eTLD.getSite(uri); - } -} diff --git a/netwerk/cookie/ThirdPartyCookieBlockingExceptions.cpp b/netwerk/cookie/ThirdPartyCookieBlockingExceptions.cpp deleted file mode 100644 index 795c9372750a..000000000000 --- a/netwerk/cookie/ThirdPartyCookieBlockingExceptions.cpp +++ /dev/null @@ -1,208 +0,0 @@ -/* This Source Code Form is subject to the terms of the Mozilla Public - * License, v. 2.0. If a copy of the MPL was not distributed with this - * file, You can obtain one at http://mozilla.org/MPL/2.0/. */ - -#include "ThirdPartyCookieBlockingExceptions.h" - -#include "mozilla/Components.h" -#include "mozilla/dom/BrowsingContext.h" -#include "mozilla/dom/CanonicalBrowsingContext.h" -#include "mozilla/dom/Promise.h" -#include "mozilla/dom/Promise-inl.h" -#include "mozilla/dom/WindowGlobalParent.h" - -#include "nsIChannel.h" - -namespace mozilla { -namespace net { - -RefPtr -ThirdPartyCookieBlockingExceptions::EnsureInitialized() { - if (mInitPromise) { - return mInitPromise; - } - - // Get the remote third-party cookie blocking exception list service instance. - nsresult rv; - m3PCBExceptionService = do_GetService( - NS_NSITHIRDPARTYCOOKIEBLOCKINGEXCEPTIONLISTSERVICE_CONTRACTID, &rv); - NS_ENSURE_SUCCESS(rv, - GenericNonExclusivePromise::CreateAndReject(rv, __func__)); - - RefPtr initPromise; - rv = m3PCBExceptionService->Init(getter_AddRefs(initPromise)); - NS_ENSURE_SUCCESS(rv, - GenericNonExclusivePromise::CreateAndReject(rv, __func__)); - - // Bail out earlier if we don't have a init promise. - if (!initPromise) { - return GenericNonExclusivePromise::CreateAndReject(rv, __func__); - } - - mInitPromise = new GenericNonExclusivePromise::Private(__func__); - - initPromise->AddCallbacksWithCycleCollectedArgs( - [&self = *this](JSContext*, JS::Handle, - mozilla::ErrorResult&) { - self.mInitPromise->Resolve(true, __func__); - }, - [&self = *this](JSContext*, JS::Handle, - mozilla::ErrorResult& error) { - nsresult rv = error.StealNSResult(); - self.mInitPromise->Reject(rv, __func__); - return; - }); - - return mInitPromise; -} - -void ThirdPartyCookieBlockingExceptions::Shutdown() { - if (m3PCBExceptionService) { - Unused << m3PCBExceptionService->Shutdown(); - m3PCBExceptionService = nullptr; - } - - // Reject the init promise during the shutdown. - if (mInitPromise) { - mInitPromise->Reject(NS_ERROR_ABORT, __func__); - mInitPromise = nullptr; - } -} - -void ThirdPartyCookieBlockingExceptions::Insert(const nsACString& aException) { - m3PCBExceptionsSet.Insert(aException); -} - -void ThirdPartyCookieBlockingExceptions::Remove(const nsACString& aException) { - m3PCBExceptionsSet.Remove(aException); -} - -bool ThirdPartyCookieBlockingExceptions::CheckWildcardException( - const nsACString& aThirdPartySite) { - nsAutoCString key; - Create3PCBExceptionKey("*"_ns, aThirdPartySite, key); - - return m3PCBExceptionsSet.Contains(key); -} - -bool ThirdPartyCookieBlockingExceptions::CheckException( - const nsACString& aFirstPartySite, const nsACString& aThirdPartySite) { - nsAutoCString key; - Create3PCBExceptionKey(aFirstPartySite, aThirdPartySite, key); - - return m3PCBExceptionsSet.Contains(key); -} - -bool ThirdPartyCookieBlockingExceptions::CheckExceptionForURIs( - nsIURI* aFirstPartyURI, nsIURI* aThirdPartyURI) { - MOZ_ASSERT(XRE_IsParentProcess()); - NS_ENSURE_TRUE(aFirstPartyURI, false); - NS_ENSURE_TRUE(aThirdPartyURI, false); - - RefPtr eTLDService = - nsEffectiveTLDService::GetInstance(); - NS_ENSURE_TRUE(eTLDService, false); - - nsAutoCString thirdPartySite; - nsresult rv = eTLDService->GetSite(aThirdPartyURI, thirdPartySite); - NS_ENSURE_SUCCESS(rv, false); - - bool isInExceptionList = CheckWildcardException(thirdPartySite); - - if (isInExceptionList) { - return true; - } - - nsAutoCString firstPartySite; - rv = eTLDService->GetSite(aFirstPartyURI, firstPartySite); - NS_ENSURE_SUCCESS(rv, false); - - return CheckException(firstPartySite, thirdPartySite); -} - -bool ThirdPartyCookieBlockingExceptions::CheckExceptionForChannel( - nsIChannel* aChannel) { - MOZ_ASSERT(XRE_IsParentProcess()); - NS_ENSURE_TRUE(aChannel, false); - - RefPtr eTLDService = - nsEffectiveTLDService::GetInstance(); - NS_ENSURE_TRUE(eTLDService, false); - - nsCOMPtr uri; - nsresult rv = aChannel->GetURI(getter_AddRefs(uri)); - NS_ENSURE_SUCCESS(rv, false); - - nsAutoCString thirdPartySite; - rv = eTLDService->GetSite(uri, thirdPartySite); - NS_ENSURE_SUCCESS(rv, false); - - bool isInExceptionList = CheckWildcardException(thirdPartySite); - - if (isInExceptionList) { - return true; - } - - nsCOMPtr loadInfo = aChannel->LoadInfo(); - - RefPtr bc; - loadInfo->GetBrowsingContext(getter_AddRefs(bc)); - if (!bc) { - bc = loadInfo->GetWorkerAssociatedBrowsingContext(); - } - - nsAutoCString firstPartySite; - - // If the channel is not associated with a browsing context, we will try to - // get the first party site from the partition key. - if (!bc) { - nsCOMPtr cjs; - nsresult rv = loadInfo->GetCookieJarSettings(getter_AddRefs(cjs)); - NS_ENSURE_SUCCESS(rv, false); - - nsAutoString partitionKey; - rv = cjs->GetPartitionKey(partitionKey); - NS_ENSURE_SUCCESS(rv, false); - - nsAutoString site; - if (!OriginAttributes::ExtractSiteFromPartitionKey(partitionKey, site)) { - return false; - } - - firstPartySite.Assign(NS_ConvertUTF16toUTF8(site)); - } else { - RefPtr topWGP = - bc->Top()->Canonical()->GetCurrentWindowGlobal(); - if (!topWGP) { - return false; - } - - nsCOMPtr topPrincipal = topWGP->DocumentPrincipal(); - - // If the top window is an about page, we don't need to do anything. This - // could happen when fetching system resources, such as pocket's images - if (topPrincipal->SchemeIs("about")) { - return false; - } - - nsCOMPtr topURI = topPrincipal->GetURI(); - - nsAutoCString site; - nsresult rv = eTLDService->GetSite(topURI, firstPartySite); - NS_ENSURE_SUCCESS(rv, false); - } - - return CheckException(firstPartySite, thirdPartySite); -} - -void ThirdPartyCookieBlockingExceptions::GetExceptions( - nsTArray& aExceptions) { - aExceptions.Clear(); - - for (const auto& host : m3PCBExceptionsSet) { - aExceptions.AppendElement(host); - } -} - -} // namespace net -} // namespace mozilla diff --git a/netwerk/cookie/ThirdPartyCookieBlockingExceptions.h b/netwerk/cookie/ThirdPartyCookieBlockingExceptions.h deleted file mode 100644 index 2230dbbfdba5..000000000000 --- a/netwerk/cookie/ThirdPartyCookieBlockingExceptions.h +++ /dev/null @@ -1,74 +0,0 @@ -/* This Source Code Form is subject to the terms of the Mozilla Public - * License, v. 2.0. If a copy of the MPL was not distributed with this - * file, You can obtain one at http://mozilla.org/MPL/2.0/. */ - -#ifndef mozilla_net_ThirdPartyCookieBlockingExceptions_h -#define mozilla_net_ThirdPartyCookieBlockingExceptions_h - -#include "mozilla/MozPromise.h" -#include "nsEffectiveTLDService.h" -#include "nsString.h" -#include "nsTArray.h" -#include "nsTHashSet.h" -#include "nsIThirdPartyCookieBlockingExceptionListService.h" - -class nsIEffectiveTLDService; -class nsIURI; -class nsIChannel; - -namespace mozilla { -namespace net { - -class ThirdPartyCookieBlockingExceptions final { - public: - // Lazily initializes the foreign cookie blocking exception list. The function - // returns the promise that resolves when the list is initialized. - RefPtr EnsureInitialized(); - - // Check if the given top-level and third-party URIs are in the exception - // list. - bool CheckExceptionForURIs(nsIURI* aFirstPartyURI, nsIURI* aThirdPartyURI); - - // Check if the given channel is in the exception list. - bool CheckExceptionForChannel(nsIChannel* aChannel); - - // Check if the given third-party site is in the wildcard exception list. - // The wildcard exception list is used to allow third-party cookies under - // every top-level site. - bool CheckWildcardException(const nsACString& aThirdPartySite); - - // Check if the given first-party and third-party sites are in the exception - // list. - bool CheckException(const nsACString& aFirstPartySite, - const nsACString& aThirdPartySite); - - void Insert(const nsACString& aException); - void Remove(const nsACString& aException); - - void GetExceptions(nsTArray& aExceptions); - - void Shutdown(); - - private: - nsCOMPtr - m3PCBExceptionService; - - // A helper function to create a key for the exception list. - static void Create3PCBExceptionKey(const nsACString& aFirstPartySite, - const nsACString& aThirdPartySite, - nsACString& aKey) { - aKey.Truncate(); - aKey.Append(aFirstPartySite); - aKey.AppendLiteral(","); - aKey.Append(aThirdPartySite); - } - - // The promise that resolves when the 3PCB exception service is initialized. - RefPtr mInitPromise; - nsTHashSet m3PCBExceptionsSet; -}; - -} // namespace net -} // namespace mozilla - -#endif // mozilla_net_ThirdPartyCookieBlockingExceptions_h diff --git a/netwerk/cookie/components.conf b/netwerk/cookie/components.conf deleted file mode 100644 index 45beeb3852f3..000000000000 --- a/netwerk/cookie/components.conf +++ /dev/null @@ -1,22 +0,0 @@ -# -*- Mode: python; indent-tabs-mode: nil; tab-width: 40 -*- -# vim: set filetype=python: -# This Source Code Form is subject to the terms of the Mozilla Public -# License, v. 2.0. If a copy of the MPL was not distributed with this -# file, You can obtain one at http://mozilla.org/MPL/2.0/. - -Classes = [ - { - 'cid': '{1ee0cc18-c968-4105-a895-bdea08e187eb}', - 'contract_ids': ['@mozilla.org/third-party-cookie-blocking-exception-list-service;1'], - 'singleton': True, - 'esModule': 'resource://gre/modules/ThirdPartyCookieBlockingExceptionListService.sys.mjs', - 'constructor': 'ThirdPartyCookieBlockingExceptionListService', - 'processes': ProcessSelector.MAIN_PROCESS_ONLY, - }, - { - 'cid': '{8200e12c-416c-42eb-8af5-db9745d2e527}', - 'contract_ids': ['@mozilla.org/third-party-cookie-exception-entry;1'], - 'esModule': 'resource://gre/modules/ThirdPartyCookieBlockingExceptionListService.sys.mjs', - 'constructor': 'ThirdPartyCookieExceptionEntry', - } -] diff --git a/netwerk/cookie/moz.build b/netwerk/cookie/moz.build index 5c1a6acf2dab..42f75ff53621 100644 --- a/netwerk/cookie/moz.build +++ b/netwerk/cookie/moz.build @@ -15,7 +15,6 @@ XPIDL_SOURCES += [ "nsICookieNotification.idl", "nsICookiePermission.idl", "nsICookieService.idl", - "nsIThirdPartyCookieBlockingExceptionListService.idl", ] XPIDL_MODULE = "necko_cookie" @@ -34,7 +33,6 @@ EXPORTS.mozilla.net = [ "CookieServiceChild.h", "CookieServiceParent.h", "CookieStorage.h", - "ThirdPartyCookieBlockingExceptions.h", ] UNIFIED_SOURCES += [ "Cookie.cpp", @@ -49,7 +47,6 @@ UNIFIED_SOURCES += [ "CookieServiceChild.cpp", "CookieServiceParent.cpp", "CookieStorage.cpp", - "ThirdPartyCookieBlockingExceptions.cpp", ] XPCSHELL_TESTS_MANIFESTS += [ "test/unit/xpcshell.toml", @@ -74,18 +71,10 @@ LOCAL_INCLUDES += [ "/netwerk/protocol/http", ] -EXTRA_JS_MODULES += [ - "ThirdPartyCookieBlockingExceptionListService.sys.mjs", -] - TESTING_JS_MODULES += [ "CookieXPCShellUtils.sys.mjs", ] -XPCOM_MANIFESTS += [ - "components.conf", -] - include("/ipc/chromium/chromium-config.mozbuild") FINAL_LIBRARY = "xul" diff --git a/netwerk/cookie/nsICookieManager.idl b/netwerk/cookie/nsICookieManager.idl index 21ff46de687a..a747167be088 100644 --- a/netwerk/cookie/nsICookieManager.idl +++ b/netwerk/cookie/nsICookieManager.idl @@ -5,7 +5,6 @@ #include "nsISupports.idl" #include "nsICookie.idl" -#include "nsIThirdPartyCookieBlockingExceptionListService.idl" %{ C++ namespace mozilla { @@ -296,22 +295,4 @@ interface nsICookieManager : nsISupports * Retrieves all the cookies that were created on or after aSinceWhen, order * by creation time */ Array getCookiesSince(in int64_t aSinceWhen); - - - /** - * Adds a list of exceptions to the third party cookie blocking exception - * list. - */ - void addThirdPartyCookieBlockingExceptions( - in Array aExcpetions); - - /** - * Removes a list of exceptions from the third party cookie blocking - * exception list. - */ - void removeThirdPartyCookieBlockingExceptions( - in Array aExceptions); - - // Test getter to inspect remote exception list state. - Array testGet3PCBExceptions(); }; diff --git a/netwerk/cookie/nsIThirdPartyCookieBlockingExceptionListService.idl b/netwerk/cookie/nsIThirdPartyCookieBlockingExceptionListService.idl deleted file mode 100644 index 21c2d79bd2d5..000000000000 --- a/netwerk/cookie/nsIThirdPartyCookieBlockingExceptionListService.idl +++ /dev/null @@ -1,40 +0,0 @@ -/* This Source Code Form is subject to the terms of the Mozilla Public - * License, v. 2.0. If a copy of the MPL was not distributed with this - * file, You can obtain one at http://mozilla.org/MPL/2.0/. */ - -#include "nsISupports.idl" - -/** - * Helper for syncing remote exception lists for third-party cookie blocking. - */ -[scriptable, uuid(1ee0cc18-c968-4105-a895-bdea08e187eb)] -interface nsIThirdPartyCookieBlockingExceptionListService : nsISupports { - /** - * Initialize the service and import exceptions. - * Resolves once the initial set of exceptions has been imported. - */ - Promise init(); - - /** - * Shutdown the service. - */ - void shutdown(); -}; - -[scriptable, uuid(8200e12c-416c-42eb-8af5-db9745d2e527)] -interface nsIThirdPartyCookieExceptionEntry : nsISupports { - // The first-party site of the exception. This can be a wildcard to match all - // first-party sites. - readonly attribute ACString firstPartySite; - - // The third-party site of the exception. - readonly attribute ACString thirdPartySite; - - // Serialize the entry to a string in the format - // "firstPartySite,thirdPartySite". - ACString serialize(); -}; - -%{C++ -#define NS_NSITHIRDPARTYCOOKIEBLOCKINGEXCEPTIONLISTSERVICE_CONTRACTID "@mozilla.org/third-party-cookie-blocking-exception-list-service;1" -%} diff --git a/netwerk/cookie/test/browser/browser.toml b/netwerk/cookie/test/browser/browser.toml index 7e83c78bf60f..45c16270a6c8 100644 --- a/netwerk/cookie/test/browser/browser.toml +++ b/netwerk/cookie/test/browser/browser.toml @@ -6,9 +6,6 @@ support-files = [ "head.js" ] -["browser_3pcb_expection.js"] -support-files = ["setFetchCookie.sjs"] - ["browser_broadcastChannel.js"] ["browser_chips_partition_cap_child.js"] @@ -16,9 +13,6 @@ support-files = ["setFetchCookie.sjs"] ["browser_cookie_chips.js"] support-files = ["chips.sjs"] -["browser_cookie_empty_name_value.js"] -support-files = ["cookie_empty_name_value.sjs"] - ["browser_cookie_insecure_overwrites_secure.js"] ["browser_cookie_purge_sync.js"] @@ -40,6 +34,9 @@ support-files = ["cookies.sjs", "serviceWorker.js"] ["browser_oversize.js"] support-files = ["oversize.sjs"] +["browser_cookie_empty_name_value.js"] +support-files = ["cookie_empty_name_value.sjs"] + ["browser_partitionedConsole.js"] support-files = ["partitioned.sjs"] diff --git a/netwerk/cookie/test/browser/browser_3pcb_expection.js b/netwerk/cookie/test/browser/browser_3pcb_expection.js deleted file mode 100644 index d74edfd6a3d6..000000000000 --- a/netwerk/cookie/test/browser/browser_3pcb_expection.js +++ /dev/null @@ -1,610 +0,0 @@ -/* This Source Code Form is subject to the terms of the Mozilla Public - * License, v. 2.0. If a copy of the MPL was not distributed with this - * file, You can obtain one at http://mozilla.org/MPL/2.0/. */ - -"use strict"; - -const { RemoteSettings } = ChromeUtils.importESModule( - "resource://services-settings/remote-settings.sys.mjs" -); - -const COLLECTION_NAME = "third-party-cookie-blocking-exempt-urls"; -const PREF_NAME = "network.cookie.cookieBehavior.optInPartitioning.skip_list"; - -const FIRST_PARTY_DOMAIN = "example.com"; -const THIRD_PARTY_DOMAIN = "example.org"; -const ANOTHER_THIRD_PARTY_DOMAIN = "example.net"; - -const FIRST_PARTY_SITE = `https://${FIRST_PARTY_DOMAIN}`; -const THIRD_PARTY_SITE = `https://${THIRD_PARTY_DOMAIN}`; -const ANOTHER_THIRD_PARTY_SITE = `https://${ANOTHER_THIRD_PARTY_DOMAIN}`; - -const FIRST_PARTY_URL = `${FIRST_PARTY_SITE}/${TEST_PATH}/file_empty.html`; -const THIRD_PARTY_URL = `${THIRD_PARTY_SITE}/${TEST_PATH}/file_empty.html`; - -// RemoteSettings collection db. -let db; - -/** - * Dispatch a RemoteSettings "sync" event. - * @param {Object} data - The event's data payload. - * @param {Object} [data.created] - Records that were created. - * @param {Object} [data.updated] - Records that were updated. - * @param {Object} [data.deleted] - Records that were removed. - */ -async function remoteSettingsSync({ created, updated, deleted }) { - await RemoteSettings(COLLECTION_NAME).emit("sync", { - data: { - created, - updated, - deleted, - }, - }); -} - -/** - * Compare two string arrays ignoring order. - * @param {string[]} arr1 - The first array. - * @param {string[]} arr2 - The second array. - * @returns {boolean} - Whether the arrays match. - */ -const strArrayMatches = (arr1, arr2) => - arr1.length === arr2.length && - arr1.sort().every((value, index) => value === arr2.sort()[index]); - -/** - * Wait until the 3pcb allow-list matches the expected state. - * @param {string[]} allowedSiteHosts - (Unordered) host list to match. - */ -async function waitForAllowListState(expected) { - // Ensure the site host exception list has been imported correctly. - await BrowserTestUtils.waitForCondition(() => { - return strArrayMatches(Services.cookies.testGet3PCBExceptions(), expected); - }, "Waiting for exceptions to be imported."); - Assert.deepEqual( - Services.cookies.testGet3PCBExceptions().sort(), - expected.sort(), - "Imported the correct site host exceptions" - ); -} - -/** - * A helper function to create the iframe and the nested ABA iframe. - * @param {Browser} browser The browser where the testing is performed. - * @param {string} firstPartyURL The first party URL. - * @param {string} thirdPartyURL The third party URL. - * @returns {Promise} A promise that resolves to the iframe browsing context - * and the ABA iframe browsing context. - */ -async function createNestedIframes(browser, firstPartyURL, thirdPartyURL) { - return SpecialPowers.spawn( - browser, - [firstPartyURL, thirdPartyURL], - async (firstPartyURL, thirdPartyURL) => { - let iframe = content.document.createElement("iframe"); - iframe.src = thirdPartyURL; - - await new Promise(resolve => { - iframe.onload = resolve; - content.document.body.appendChild(iframe); - }); - - let ABABC = await SpecialPowers.spawn( - iframe, - [firstPartyURL], - async firstPartyURL => { - let iframe = content.document.createElement("iframe"); - iframe.src = firstPartyURL; - - await new Promise(resolve => { - iframe.onload = resolve; - content.document.body.appendChild(iframe); - }); - - return iframe.browsingContext; - } - ); - - return { iframeBC: iframe.browsingContext, ABABC }; - } - ); -} - -/** - * A helper function to set third-party cookies in the third-party iframe and - * the ABA iframe. - * - * @param {Browser} browser The browser where the testing is performed. - * @param {CanonicalBrowsingContext} iframeBC The iframe browsing context. - * @param {CanonicalBrowsingContext} ABAABC The ABA browsing context. - */ -async function setThirdPartyCookie(browser, iframeBC, ABABC) { - const THIRD_PARTY_FETCH_COOKIE_URL = `${THIRD_PARTY_SITE}/${TEST_PATH}/setFetchCookie.sjs`; - - // Try to set a third-party cookie by fetching from the third-party URL. - await SpecialPowers.spawn( - browser, - [THIRD_PARTY_FETCH_COOKIE_URL], - async url => { - await content.fetch(url, { credentials: "include" }); - } - ); - - // Set a third-party cookie in the third-party iframe. - await SpecialPowers.spawn(iframeBC, [], async _ => { - content.document.cookie = "thirdPartyIframe=value; SameSite=None; Secure;"; - }); - - // Set a ABA cookie in the nested iframe. An ABA cookie is also considered - // as a third-party cookie. - await SpecialPowers.spawn(ABABC, [], async _ => { - content.document.cookie = "ABAIframe=value; SameSite=None; Secure;"; - }); -} - -add_setup(async function () { - await SpecialPowers.pushPrefEnv({ - set: [["network.cookie.cookieBehavior.optInPartitioning", true]], - }); - - // Start with an empty RS collection. - db = RemoteSettings(COLLECTION_NAME).db; - await db.importChanges({}, Date.now(), [], { clear: true }); -}); - -add_task(async function test_3pcb_no_exception() { - // Clear cookies before running the test. - Services.cookies.removeAll(); - - info("Opening a new tab."); - let tab = await BrowserTestUtils.openNewForegroundTab( - gBrowser, - FIRST_PARTY_URL - ); - let browser = tab.linkedBrowser; - - info("Creating iframes and setting third-party cookies."); - let { iframeBC, ABABC } = await createNestedIframes( - browser, - FIRST_PARTY_URL, - THIRD_PARTY_URL - ); - await setThirdPartyCookie(browser, iframeBC, ABABC); - - info("Verifying cookies."); - // Verify in the iframeBC to ensure no cookie is set. - await SpecialPowers.spawn(iframeBC, [], async () => { - let cookies = content.document.cookie; - is(cookies, "", "No cookies should be set in the iframeBC"); - }); - - // Verify in the nested iframe to ensure no cookie is set. - await SpecialPowers.spawn(ABABC, [], async () => { - let cookies = content.document.cookie; - is(cookies, "", "No cookies should be set in the ABA iframe"); - }); - - info("Clean up"); - BrowserTestUtils.removeTab(tab); -}); - -add_task(async function test_3pcb_pref_exception() { - // Clear cookies before running the test. - Services.cookies.removeAll(); - - await SpecialPowers.pushPrefEnv({ - set: [ - [ - PREF_NAME, - `${FIRST_PARTY_SITE},${THIRD_PARTY_SITE};${FIRST_PARTY_SITE},${FIRST_PARTY_SITE}`, - ], - ], - }); - - info("Opening a new tab."); - let tab = await BrowserTestUtils.openNewForegroundTab( - gBrowser, - FIRST_PARTY_URL - ); - let browser = tab.linkedBrowser; - - info("Creating iframes and setting third-party cookies."); - let { iframeBC, ABABC } = await createNestedIframes( - browser, - FIRST_PARTY_URL, - THIRD_PARTY_URL - ); - await setThirdPartyCookie(browser, iframeBC, ABABC); - - info("Verifying cookies."); - // Verify in the iframeBC to ensure cookies are set. - await SpecialPowers.spawn(iframeBC, [], async () => { - let cookies = content.document.cookie; - is( - cookies, - "thirdPartyFetch=value; thirdPartyIframe=value", - "Cookies should be set in the iframeBC" - ); - }); - - // Verify in the nested ABA iframe to ensure no cookie is set. - await SpecialPowers.spawn(ABABC, [], async () => { - let cookies = content.document.cookie; - is( - cookies, - "ABAIframe=value", - "No cookies should be set in the ABA iframe" - ); - }); - BrowserTestUtils.removeTab(tab); - - info("Clear exceptions and verify cookies are still valid"); - await SpecialPowers.pushPrefEnv({ - set: [[PREF_NAME, ""]], - }); - - info("Opening the tab again."); - tab = await BrowserTestUtils.openNewForegroundTab(gBrowser, FIRST_PARTY_URL); - browser = tab.linkedBrowser; - - let { iframeBC: iframeBCNew, ABABC: ABABCNew } = await createNestedIframes( - browser, - FIRST_PARTY_URL, - THIRD_PARTY_URL - ); - - await SpecialPowers.spawn(iframeBCNew, [], async () => { - let cookies = content.document.cookie; - is( - cookies, - "thirdPartyFetch=value; thirdPartyIframe=value", - "Cookies should be set in the iframeBC" - ); - }); - await SpecialPowers.spawn(ABABCNew, [], async () => { - let cookies = content.document.cookie; - is( - cookies, - "ABAIframe=value", - "No cookies should be set in the ABA iframe" - ); - }); - - info("Clean up"); - BrowserTestUtils.removeTab(tab); -}); - -add_task(async function test_3pcb_pref_wildcard_exception() { - // Clear cookies before running the test. - Services.cookies.removeAll(); - - await SpecialPowers.pushPrefEnv({ - set: [[PREF_NAME, `*,${THIRD_PARTY_SITE};*,${FIRST_PARTY_SITE}`]], - }); - - info("Opening a new tab."); - let tab = await BrowserTestUtils.openNewForegroundTab( - gBrowser, - FIRST_PARTY_URL - ); - let browser = tab.linkedBrowser; - - info("Creating iframes and setting third-party cookies."); - let { iframeBC, ABABC } = await createNestedIframes( - browser, - FIRST_PARTY_URL, - THIRD_PARTY_URL - ); - await setThirdPartyCookie(browser, iframeBC, ABABC); - - info("Verifying cookies."); - // Verify in the iframeBC to ensure cookies are set. - await SpecialPowers.spawn(iframeBC, [], async () => { - let cookies = content.document.cookie; - is( - cookies, - "thirdPartyFetch=value; thirdPartyIframe=value", - "Cookies should be set in the iframeBC" - ); - }); - - // Verify in the nested ABA iframe to ensure no cookie is set. - await SpecialPowers.spawn(ABABC, [], async () => { - let cookies = content.document.cookie; - is(cookies, "ABAIframe=value", "Cookies should be set in the ABA iframe"); - }); - BrowserTestUtils.removeTab(tab); - - info("Clear exceptions and verify cookies are still valid"); - await SpecialPowers.pushPrefEnv({ - set: [[PREF_NAME, ""]], - }); - - info("Opening the tab again."); - tab = await BrowserTestUtils.openNewForegroundTab(gBrowser, FIRST_PARTY_URL); - browser = tab.linkedBrowser; - - let { iframeBC: iframeBCNew, ABABC: ABABCNew } = await createNestedIframes( - browser, - FIRST_PARTY_URL, - THIRD_PARTY_URL - ); - - await SpecialPowers.spawn(iframeBCNew, [], async () => { - let cookies = content.document.cookie; - is( - cookies, - "thirdPartyFetch=value; thirdPartyIframe=value", - "Cookies should be set in the iframeBC" - ); - }); - await SpecialPowers.spawn(ABABCNew, [], async () => { - let cookies = content.document.cookie; - is( - cookies, - "ABAIframe=value", - "No cookies should be set in the ABA iframe" - ); - }); - - info("Clean up"); - BrowserTestUtils.removeTab(tab); -}); - -add_task(async function test_3pcb_pref_exception_updates() { - // Start with an empty pref - await SpecialPowers.pushPrefEnv({ - set: [[PREF_NAME, ""]], - }); - - info("Set initial pref value"); - Services.prefs.setStringPref( - PREF_NAME, - `${FIRST_PARTY_SITE},${THIRD_PARTY_SITE};${FIRST_PARTY_SITE},${FIRST_PARTY_SITE}` - ); - await waitForAllowListState([ - `${FIRST_PARTY_SITE},${THIRD_PARTY_SITE}`, - `${FIRST_PARTY_SITE},${FIRST_PARTY_SITE}`, - ]); - - info("Update the pref exception"); - Services.prefs.setStringPref( - PREF_NAME, - `${FIRST_PARTY_SITE},${ANOTHER_THIRD_PARTY_SITE};${FIRST_PARTY_SITE},${FIRST_PARTY_SITE}` - ); - await waitForAllowListState([ - `${FIRST_PARTY_SITE},${ANOTHER_THIRD_PARTY_SITE}`, - `${FIRST_PARTY_SITE},${FIRST_PARTY_SITE}`, - ]); - - info("Remove one exception"); - Services.prefs.setStringPref( - PREF_NAME, - `${FIRST_PARTY_SITE},${ANOTHER_THIRD_PARTY_SITE}` - ); - await waitForAllowListState([ - `${FIRST_PARTY_SITE},${ANOTHER_THIRD_PARTY_SITE}`, - ]); - - info("Remove all exceptions"); - Services.prefs.setStringPref(PREF_NAME, ""); - await waitForAllowListState([]); - - info("Cleanup"); - Services.prefs.clearUserPref(PREF_NAME); -}); - -add_task(async function test_3pcb_rs_exception() { - // Clear cookies before running the test. - Services.cookies.removeAll(); - - info("Import RS entries."); - let thirdPartyEntry = await db.create({ - fpSite: FIRST_PARTY_SITE, - tpSite: THIRD_PARTY_SITE, - }); - let ABAEntry = await db.create({ - fpSite: FIRST_PARTY_SITE, - tpSite: FIRST_PARTY_SITE, - }); - await db.importChanges({}, Date.now()); - await remoteSettingsSync({ created: [thirdPartyEntry, ABAEntry] }); - await waitForAllowListState([ - `${FIRST_PARTY_SITE},${THIRD_PARTY_SITE}`, - `${FIRST_PARTY_SITE},${FIRST_PARTY_SITE}`, - ]); - - info("Opening a new tab."); - let tab = await BrowserTestUtils.openNewForegroundTab( - gBrowser, - FIRST_PARTY_URL - ); - let browser = tab.linkedBrowser; - - info("Creating iframes and setting third-party cookies."); - let { iframeBC, ABABC } = await createNestedIframes( - browser, - FIRST_PARTY_URL, - THIRD_PARTY_URL - ); - await setThirdPartyCookie(browser, iframeBC, ABABC); - - info("Verifying cookies."); - // Verify in the iframeBC to ensure cookies are set. - await SpecialPowers.spawn(iframeBC, [], async () => { - let cookies = content.document.cookie; - is( - cookies, - "thirdPartyFetch=value; thirdPartyIframe=value", - "Cookies should be set in the iframeBC" - ); - }); - - // Verify in the nested ABA iframe to ensure the cookie is set. - await SpecialPowers.spawn(ABABC, [], async () => { - let cookies = content.document.cookie; - is( - cookies, - "ABAIframe=value", - "No cookies should be set in the ABA iframe" - ); - }); - BrowserTestUtils.removeTab(tab); - - info("Clear exceptions and verify cookies are still valid"); - await db.delete(thirdPartyEntry.id); - await db.delete(ABAEntry.id); - await db.importChanges({}, Date.now()); - await remoteSettingsSync({ - deleted: [thirdPartyEntry, ABAEntry], - }); - await waitForAllowListState([]); - - info("Opening the tab again."); - tab = await BrowserTestUtils.openNewForegroundTab(gBrowser, FIRST_PARTY_URL); - browser = tab.linkedBrowser; - - let { iframeBC: iframeBCNew, ABABC: ABABCNew } = await createNestedIframes( - browser, - FIRST_PARTY_URL, - THIRD_PARTY_URL - ); - - await SpecialPowers.spawn(iframeBCNew, [], async () => { - let cookies = content.document.cookie; - is( - cookies, - "thirdPartyFetch=value; thirdPartyIframe=value", - "Cookies should be set in the iframeBC" - ); - }); - await SpecialPowers.spawn(ABABCNew, [], async () => { - let cookies = content.document.cookie; - is( - cookies, - "ABAIframe=value", - "No cookies should be set in the ABA iframe" - ); - }); - - info("Clean up"); - BrowserTestUtils.removeTab(tab); - await db.clear(); - await db.importChanges({}, Date.now()); -}); - -add_task(async function test_3pcb_rs_exception_updates() { - info("Create the third-party entry and the ABA entry."); - let thirdPartyEntry = await db.create({ - fpSite: FIRST_PARTY_SITE, - tpSite: THIRD_PARTY_SITE, - }); - let ABAEntry = await db.create({ - fpSite: FIRST_PARTY_SITE, - tpSite: FIRST_PARTY_SITE, - }); - await db.importChanges({}, Date.now()); - await remoteSettingsSync({ created: [thirdPartyEntry, ABAEntry] }); - await waitForAllowListState([ - `${FIRST_PARTY_SITE},${THIRD_PARTY_SITE}`, - `${FIRST_PARTY_SITE},${FIRST_PARTY_SITE}`, - ]); - - info("Update third-party entry with a different third-party site."); - let thirdPartyEntryUpdated = { ...thirdPartyEntry }; - thirdPartyEntryUpdated.tpSite = ANOTHER_THIRD_PARTY_SITE; - await db.update(thirdPartyEntry); - await db.importChanges({}, Date.now()); - await remoteSettingsSync({ - updated: [{ old: thirdPartyEntry, new: thirdPartyEntryUpdated }], - }); - await waitForAllowListState([ - `${FIRST_PARTY_SITE},${ANOTHER_THIRD_PARTY_SITE}`, - `${FIRST_PARTY_SITE},${FIRST_PARTY_SITE}`, - ]); - - info("Create another entry and remove the ABA entry."); - let anotherThirdPartyEntry = await db.create({ - fpSite: ANOTHER_THIRD_PARTY_SITE, - tpSite: THIRD_PARTY_SITE, - }); - await db.delete(ABAEntry.id); - await db.importChanges({}, Date.now()); - await remoteSettingsSync({ - created: [anotherThirdPartyEntry], - deleted: [ABAEntry], - }); - await waitForAllowListState([ - `${FIRST_PARTY_SITE},${ANOTHER_THIRD_PARTY_SITE}`, - `${ANOTHER_THIRD_PARTY_SITE},${THIRD_PARTY_SITE}`, - ]); - - info("Remove all RS entries."); - await db.delete(thirdPartyEntryUpdated.id); - await db.delete(anotherThirdPartyEntry.id); - await db.importChanges({}, Date.now()); - await remoteSettingsSync({ - deleted: [thirdPartyEntryUpdated, anotherThirdPartyEntry], - }); - await waitForAllowListState([]); - - info("Clean up"); - await db.clear(); - await db.importChanges({}, Date.now()); -}); - -add_task(async function test_3pcb_rs_precedence_over_pref() { - info("Create the third-party entry and the ABA entry."); - let thirdPartyEntry = await db.create({ - fpSite: FIRST_PARTY_SITE, - tpSite: THIRD_PARTY_SITE, - }); - let ABAEntry = await db.create({ - fpSite: FIRST_PARTY_SITE, - tpSite: FIRST_PARTY_SITE, - }); - await db.importChanges({}, Date.now()); - await remoteSettingsSync({ created: [thirdPartyEntry, ABAEntry] }); - await waitForAllowListState([ - `${FIRST_PARTY_SITE},${THIRD_PARTY_SITE}`, - `${FIRST_PARTY_SITE},${FIRST_PARTY_SITE}`, - ]); - - info("Set the duplicate pref exception."); - // Verify that we don't introduce duplicate exceptions if we set the same - // exception via pref. - await SpecialPowers.pushPrefEnv({ - set: [ - [ - PREF_NAME, - `${FIRST_PARTY_SITE},${THIRD_PARTY_SITE};${FIRST_PARTY_SITE},${FIRST_PARTY_SITE}`, - ], - ], - }); - await waitForAllowListState([ - `${FIRST_PARTY_SITE},${THIRD_PARTY_SITE}`, - `${FIRST_PARTY_SITE},${FIRST_PARTY_SITE}`, - ]); - - info("Remove the pref exception."); - // Verify that the RS exception is still there even if we remove the same - // exception via pref. - await SpecialPowers.pushPrefEnv({ - set: [[PREF_NAME, ""]], - }); - await waitForAllowListState([ - `${FIRST_PARTY_SITE},${THIRD_PARTY_SITE}`, - `${FIRST_PARTY_SITE},${FIRST_PARTY_SITE}`, - ]); - - info("Clean up"); - await db.delete(thirdPartyEntry.id); - await db.delete(ABAEntry.id); - await db.importChanges({}, Date.now()); - await remoteSettingsSync({ - deleted: [thirdPartyEntry, ABAEntry], - }); - await waitForAllowListState([]); - await db.clear(); - await db.importChanges({}, Date.now()); -}); diff --git a/netwerk/cookie/test/browser/setFetchCookie.sjs b/netwerk/cookie/test/browser/setFetchCookie.sjs deleted file mode 100644 index 99a3c47816b2..000000000000 --- a/netwerk/cookie/test/browser/setFetchCookie.sjs +++ /dev/null @@ -1,15 +0,0 @@ -function handleRequest(request, response) { - response.setStatusLine(request.httpVersion, 200, "OK"); - response.setHeader( - "Set-Cookie", - "thirdPartyFetch=value; SameSite=None; Secure;", - false - ); - response.setHeader( - "Access-Control-Allow-Origin", - "https://example.com", - false - ); - response.setHeader("Access-Control-Allow-Credentials", "true", false); - response.setHeader("Access-Control-Allow-Methods", "GET", false); -} diff --git a/netwerk/ipc/NeckoChannelParams.ipdlh b/netwerk/ipc/NeckoChannelParams.ipdlh index 0ad680396287..8ad745d44c40 100644 --- a/netwerk/ipc/NeckoChannelParams.ipdlh +++ b/netwerk/ipc/NeckoChannelParams.ipdlh @@ -133,7 +133,6 @@ struct LoadInfoArgs bool initialSecurityCheckDone; bool isInThirdPartyContext; bool? isThirdPartyContextToTopWindow; - bool isOn3PCBExceptionList; bool isFormSubmission; bool isGETRequest; bool sendCSPViolationEvents; @@ -291,8 +290,6 @@ struct ParentLoadInfoForwarderArgs bool isInThirdPartyContext; - bool isOn3PCBExceptionList; - nullable nsIURI unstrippedURI; // IMPORTANT: when you add new properites here you must also update diff --git a/netwerk/protocol/http/nsHttpChannel.cpp b/netwerk/protocol/http/nsHttpChannel.cpp index d25110b07461..f394313d1e73 100644 --- a/netwerk/protocol/http/nsHttpChannel.cpp +++ b/netwerk/protocol/http/nsHttpChannel.cpp @@ -72,7 +72,6 @@ #include "nsContentUtils.h" #include "nsContentSecurityManager.h" #include "nsIClassOfService.h" -#include "CookieService.h" #include "nsIPrincipal.h" #include "nsIScriptError.h" #include "nsIScriptSecurityManager.h" @@ -7160,10 +7159,6 @@ nsresult nsHttpChannel::BeginConnect() { MaybeStartDNSPrefetch(); - // Update whether the channel is on the third-party cookie blocking exception - // list. - CookieService::Update3PCBExceptionInfo(this); - rv = CallOrWaitForResume( [](nsHttpChannel* self) { return self->PrepareToConnect(); }); if (NS_FAILED(rv)) {