Bug 1948222 - Add IpAddressSpace and ParentIpAddressSpace members in LoadInfo. r=necko-reviewers,valentin

Differential Revision: https://phabricator.services.mozilla.com/D238478

ipc/glue/BackgroundUtils.cpp

@@ -18,6 +18,7 @@
 #include "mozilla/net/InterceptionInfo.h"
 #include "mozilla/net/NeckoChannelParams.h"
 #include "ExpandedPrincipal.h"
+#include "nsIContentPolicy.h"
 #include "nsIScriptSecurityManager.h"
 #include "nsIURI.h"
 #include "nsNetUtil.h"
@@ -599,7 +600,8 @@ nsresult LoadInfoToLoadInfoArgs(nsILoadInfo* aLoadInfo,
       aLoadInfo->GetIsMediaRequest(), aLoadInfo->GetIsMediaInitialRequest(),
       aLoadInfo->GetIsFromObjectOrEmbed(), cookieJarSettingsArgs,
       aLoadInfo->GetRequestBlockingReason(), maybeCspToInheritInfo,
-      aLoadInfo->GetStoragePermission(), overriddenFingerprintingSettingsArg,
+      aLoadInfo->GetStoragePermission(), aLoadInfo->GetParentIpAddressSpace(),
+      aLoadInfo->GetIpAddressSpace(), overriddenFingerprintingSettingsArg,
       aLoadInfo->GetIsMetaRefresh(), aLoadInfo->GetLoadingEmbedderPolicy(),
       aLoadInfo->GetIsOriginTrialCoepCredentiallessEnabledForTopLevel(),
       unstrippedURI, interceptionInfoArg, aLoadInfo->GetIsNewWindowTarget(),
@@ -891,7 +893,8 @@ nsresult LoadInfoArgsToLoadInfo(const LoadInfoArgs& loadInfoArgs,
       /* aIsSameDocumentNavigation */ false,
       loadInfoArgs.allowDeprecatedSystemRequests(),
       loadInfoArgs.isInDevToolsContext(), loadInfoArgs.parserCreatedScript(),
-      loadInfoArgs.storagePermission(), overriddenFingerprintingSettings,
+      loadInfoArgs.storagePermission(), loadInfoArgs.parentIPAddressSpace(),
+      loadInfoArgs.ipAddressSpace(), overriddenFingerprintingSettings,
       loadInfoArgs.isMetaRefresh(), loadInfoArgs.requestBlockingReason(),
       loadingContext, loadInfoArgs.loadingEmbedderPolicy(),
       loadInfoArgs.originTrialCoepCredentiallessEnabledForTopLevel(),

ipc/glue/IPCMessageUtilsSpecializations.h

@@ -890,6 +890,12 @@ struct ParamTraits<std::bitset<N>> {
   }
 };
 
+template <>
+struct ParamTraits<nsILoadInfo::IPAddressSpace>
+    : public ContiguousEnumSerializer<nsILoadInfo::IPAddressSpace,
+                                      nsILoadInfo::IPAddressSpace::Unknown,
+                                      nsILoadInfo::IPAddressSpace::Invalid> {};
+
 } /* namespace IPC */
 
 #endif /* __IPC_GLUE_IPCMESSAGEUTILSSPECIALIZATIONS_H__ */

netwerk/base/LoadInfo.cpp

@@ -31,12 +31,14 @@
 #include "ThirdPartyUtil.h"
 #include "nsFrameLoader.h"
 #include "nsFrameLoaderOwner.h"
+#include "nsIContentPolicy.h"
 #include "nsIContentSecurityPolicy.h"
 #include "nsIDocShell.h"
 #include "mozilla/dom/Document.h"
 #include "nsIHttpChannel.h"
 #include "nsIHttpChannelInternal.h"
 #include "nsIInterfaceRequestorUtils.h"
+#include "nsILoadInfo.h"
 #include "nsIScriptElement.h"
 #include "nsISupportsImpl.h"
 #include "nsISupportsUtils.h"
@@ -223,6 +225,8 @@ LoadInfo::LoadInfo(
                                aLoadingContext->OwnerDoc()->CookieJarSettings())
                                ->Clone();
     }
+    // TODO browsing context id is not set. Check how we need to handle setting
+    // of parent IP address space if not availble.
 
     mInnerWindowID = aLoadingContext->OwnerDoc()->InnerWindowID();
     RefPtr<WindowContext> ctx = WindowContext::GetById(mInnerWindowID);
@@ -325,6 +329,8 @@ LoadInfo::LoadInfo(
       }
     }
 
+    UpdateParentAddressSpaceInfo();
+
     // For chrome docshell, the mPrivateBrowsingId remains 0 even its
     // UsePrivateBrowsing() is true, so we only update the mPrivateBrowsingId in
     // origin attributes if the type of the docshell is content.
@@ -401,6 +407,8 @@ LoadInfo::LoadInfo(nsPIDOMWindowOuter* aOuterWindow, nsIURI* aURI,
   mCookieJarSettings = CookieJarSettings::Create(
       isPrivate ? CookieJarSettings::ePrivate : CookieJarSettings::eRegular,
       shouldResistFingerprinting);
+
+  UpdateParentAddressSpaceInfo();
 }
 
 LoadInfo::LoadInfo(dom::CanonicalBrowsingContext* aBrowsingContext,
@@ -494,6 +502,8 @@ LoadInfo::LoadInfo(dom::CanonicalBrowsingContext* aBrowsingContext,
     net::CookieJarSettings::Cast(mCookieJarSettings)
         ->SetFingerprintingRandomizationKey(randomKey);
   }
+
+  UpdateParentAddressSpaceInfo();
 }
 
 LoadInfo::LoadInfo(dom::WindowGlobalParent* aParentWGP,
@@ -618,6 +628,8 @@ LoadInfo::LoadInfo(dom::WindowGlobalParent* aParentWGP,
           document->Trials().IsEnabled(OriginTrial::CoepCredentialless);
     }
   }
+
+  UpdateParentAddressSpaceInfo();
 }
 
 // Used for TYPE_FRAME or TYPE_IFRAME load.
@@ -711,6 +723,8 @@ LoadInfo::LoadInfo(const LoadInfo& rhs)
       mIsInDevToolsContext(rhs.mIsInDevToolsContext),
       mParserCreatedScript(rhs.mParserCreatedScript),
       mStoragePermission(rhs.mStoragePermission),
+      mParentIPAddressSpace(rhs.mParentIPAddressSpace),
+      mIPAddressSpace(rhs.mIPAddressSpace),
       mOverriddenFingerprintingSettings(rhs.mOverriddenFingerprintingSettings),
 #ifdef DEBUG
       mOverriddenFingerprintingSettingsIsSet(
@@ -773,6 +787,8 @@ LoadInfo::LoadInfo(
     bool aIsSameDocumentNavigation, bool aAllowDeprecatedSystemRequests,
     bool aIsInDevToolsContext, bool aParserCreatedScript,
     nsILoadInfo::StoragePermissionState aStoragePermission,
+    nsILoadInfo::IPAddressSpace aParentIPAddressSpace,
+    nsILoadInfo::IPAddressSpace aIPAddressSpace,
     const Maybe<RFPTargetSet>& aOverriddenFingerprintingSettings,
     bool aIsMetaRefresh, uint32_t aRequestBlockingReason,
     nsINode* aLoadingContext,
@@ -856,6 +872,8 @@ LoadInfo::LoadInfo(
       mIsInDevToolsContext(aIsInDevToolsContext),
       mParserCreatedScript(aParserCreatedScript),
       mStoragePermission(aStoragePermission),
+      mParentIPAddressSpace(aParentIPAddressSpace),
+      mIPAddressSpace(aIPAddressSpace),
       mOverriddenFingerprintingSettings(aOverriddenFingerprintingSettings),
       mIsMetaRefresh(aIsMetaRefresh),
       mLoadingEmbedderPolicy(aLoadingEmbedderPolicy),
@@ -895,6 +913,7 @@ void LoadInfo::ComputeAncestors(
     aBrowsingContextIDs.AppendElement(ancestorBC->Id());
   }
 }
+
 void LoadInfo::ComputeIsThirdPartyContext(nsPIDOMWindowOuter* aOuterWindow) {
   ExtContentPolicyType type =
       nsContentUtils::InternalContentPolicyTypeToExternal(
@@ -1274,6 +1293,31 @@ LoadInfo::SetStoragePermission(
   return NS_OK;
 }
 
+NS_IMETHODIMP
+LoadInfo::GetIpAddressSpace(nsILoadInfo::IPAddressSpace* aIPAddressSpace) {
+  *aIPAddressSpace = mIPAddressSpace;
+  return NS_OK;
+}
+
+NS_IMETHODIMP
+LoadInfo::SetIpAddressSpace(nsILoadInfo::IPAddressSpace aIPAddressSpace) {
+  mIPAddressSpace = aIPAddressSpace;
+  return NS_OK;
+}
+
+NS_IMETHODIMP
+LoadInfo::GetParentIpAddressSpace(
+    nsILoadInfo::IPAddressSpace* aIPAddressSpace) {
+  *aIPAddressSpace = mParentIPAddressSpace;
+  return NS_OK;
+}
+
+NS_IMETHODIMP
+LoadInfo::SetParentIpAddressSpace(nsILoadInfo::IPAddressSpace aIPAddressSpace) {
+  mParentIPAddressSpace = aIPAddressSpace;
+  return NS_OK;
+}
+
 const Maybe<RFPTargetSet>& LoadInfo::GetOverriddenFingerprintingSettings() {
 #ifdef DEBUG
   RefPtr<BrowsingContext> browsingContext;
@@ -2581,4 +2625,38 @@ LoadInfo::SetSkipHTTPSUpgrade(bool aSkipHTTPSUpgrade) {
   return NS_OK;
 }
 
+void LoadInfo::UpdateParentAddressSpaceInfo() {
+  MOZ_ASSERT(mInternalContentPolicyType != nsContentPolicyType::TYPE_INVALID,
+             "Content policy must be set before updating address spsace");
+  ExtContentPolicyType externalType =
+      nsContentUtils::InternalContentPolicyTypeToExternal(
+          mInternalContentPolicyType);
+
+  RefPtr<mozilla::dom::BrowsingContext> bc;
+  GetBrowsingContext(getter_AddRefs(bc));
+  if (!bc) {
+    // TODO: confirm this assumption holds for all cases
+    // See Bug 1967165
+    mParentIPAddressSpace = nsILoadInfo::Local;
+    return;
+  }
+  // if this main or sub document then we need to assign IPAddressSpace of
+  // the parent's browsing context
+  if (externalType == ExtContentPolicy::TYPE_DOCUMENT ||
+      externalType == ExtContentPolicy::TYPE_SUBDOCUMENT) {
+    if (bc->GetParent()) {
+      mParentIPAddressSpace = bc->GetParent()->GetCurrentIPAddressSpace();
+    } else if (RefPtr<dom::BrowsingContext> opener = bc->GetOpener()) {
+      mParentIPAddressSpace = opener->GetCurrentIPAddressSpace();
+    } else {
+      // TODO: add if this was loaded from about:blank. In that case we need to
+      // give assign local IPAddress
+    }
+  } else {
+    // For non-document loads, we need to set the parent IPAddressSpace to
+    // IPAddress space of the browsing context
+    mParentIPAddressSpace = bc->GetCurrentIPAddressSpace();
+  }
+}
+
 }  // namespace mozilla::net

netwerk/base/LoadInfo.h

@@ -267,6 +267,8 @@ class LoadInfo final : public nsILoadInfo {
       bool aIsSameDocumentNavigation, bool aAllowDeprecatedSystemRequests,
       bool aIsInDevToolsContext, bool aParserCreatedScript,
       nsILoadInfo::StoragePermissionState aStoragePermission,
+      nsILoadInfo::IPAddressSpace aParentIPAddressSpace,
+      nsILoadInfo::IPAddressSpace aIPAddressSpace,
       const Maybe<RFPTargetSet>& aOverriddenFingerprintingSettings,
       bool aIsMetaRefresh, uint32_t aRequestBlockingReason,
       nsINode* aLoadingContext,
@@ -311,6 +313,8 @@ class LoadInfo final : public nsILoadInfo {
   void UpdateFrameBrowsingContextID(uint64_t aFrameBrowsingContextID) {
     mFrameBrowsingContextID = aFrameBrowsingContextID;
   }
+
+  void UpdateParentAddressSpaceInfo();
   MOZ_NEVER_INLINE void ReleaseMembers();
 
   // if you add a member, please also update the copy constructor and consider
@@ -395,6 +399,10 @@ class LoadInfo final : public nsILoadInfo {
   bool mParserCreatedScript = false;
   nsILoadInfo::StoragePermissionState mStoragePermission =
       nsILoadInfo::NoStoragePermission;
+  // IP Address space of the parent browsing context.
+  nsILoadInfo::IPAddressSpace mParentIPAddressSpace = nsILoadInfo::Public;
+  nsILoadInfo::IPAddressSpace mIPAddressSpace = nsILoadInfo::Public;
+
   Maybe<RFPTargetSet> mOverriddenFingerprintingSettings;
 #ifdef DEBUG
   // A boolean used to ensure the mOverriddenFingerprintingSettings is set
@@ -441,12 +449,12 @@ class LoadInfo final : public nsILoadInfo {
   bool mIsNewWindowTarget = false;
   bool mSkipHTTPSUpgrade = false;
 };
-
 // This is exposed solely for testing purposes and should not be used outside of
 // LoadInfo
 already_AddRefed<nsIPrincipal> CreateTruncatedPrincipal(nsIPrincipal*);
 
 }  // namespace net
+
 }  // namespace mozilla
 
 #endif  // mozilla_LoadInfo_h

netwerk/base/TRRLoadInfo.cpp

@@ -208,6 +208,28 @@ TRRLoadInfo::SetStoragePermission(
   return NS_ERROR_NOT_IMPLEMENTED;
 }
 
+NS_IMETHODIMP
+TRRLoadInfo::GetParentIpAddressSpace(
+    nsILoadInfo::IPAddressSpace* aIPAddressSpace) {
+  return NS_ERROR_NOT_IMPLEMENTED;
+}
+
+NS_IMETHODIMP
+TRRLoadInfo::SetParentIpAddressSpace(
+    nsILoadInfo::IPAddressSpace aIPAddressSpace) {
+  return NS_ERROR_NOT_IMPLEMENTED;
+}
+
+NS_IMETHODIMP
+TRRLoadInfo::GetIpAddressSpace(nsILoadInfo::IPAddressSpace* aIPAddressSpace) {
+  return NS_ERROR_NOT_IMPLEMENTED;
+}
+
+NS_IMETHODIMP
+TRRLoadInfo::SetIpAddressSpace(nsILoadInfo::IPAddressSpace aIPAddressSpace) {
+  return NS_ERROR_NOT_IMPLEMENTED;
+}
+
 const Maybe<RFPTargetSet>& TRRLoadInfo::GetOverriddenFingerprintingSettings() {
   return mOverriddenFingerprintingSettings;
 }

netwerk/base/nsILoadInfo.idl

@@ -650,13 +650,13 @@ interface nsILoadInfo : nsISupports
 * IP AddressSpace of the resource being loaded. This will be set after connection to the server has been established.
 * This is used to check if the request crosses address boundaries between public to a more private address space.
 */
-  attribute nsILoadInfo_IPAddressSpace ipAddressSpace;
+  [infallible] attribute nsILoadInfo_IPAddressSpace ipAddressSpace;
 
 /**
 * IP AddressSpace of the document/sub-document that trigeered this request.
 * This will be set from the browsing context of the document that triggered this request.
 */
-  attribute nsILoadInfo_IPAddressSpace parentIpAddressSpace;
+  [infallible] attribute nsILoadInfo_IPAddressSpace parentIpAddressSpace;
 
   /**
    * The result of the storage permission check of the loading document. This

netwerk/ipc/NeckoChannelParams.ipdlh

@@ -37,6 +37,7 @@ using nsContentPolicyType from "nsIContentPolicy.h";
 using mozilla::net::PreferredAlternativeDataDeliveryTypeIPC from "nsICacheInfoChannel.h";
 using nsILoadInfo::CrossOriginEmbedderPolicy from "nsILoadInfo.h";
 using nsILoadInfo::StoragePermissionState from "nsILoadInfo.h";
+using nsILoadInfo::IPAddressSpace from "nsILoadInfo.h";
 using struct mozilla::dom::LoadingSessionHistoryInfo from "mozilla/dom/SessionHistoryEntry.h";
 using mozilla::dom::RequestMode from "mozilla/dom/RequestBinding.h";
 using mozilla::net::LinkHeader from "nsNetUtil.h";
@@ -196,7 +197,9 @@ struct LoadInfoArgs
   uint32_t                    requestBlockingReason;
   CSPInfo?                    cspToInheritInfo;
   StoragePermissionState      storagePermission;
-  RFPTargetSet?              overriddenFingerprintingSettings;
+  IPAddressSpace              parentIPAddressSpace;
+  IPAddressSpace              ipAddressSpace;
+  RFPTargetSet?               overriddenFingerprintingSettings;
   bool                        isMetaRefresh;
   CrossOriginEmbedderPolicy   loadingEmbedderPolicy;
   bool                        originTrialCoepCredentiallessEnabledForTopLevel;