diff --git a/ipc/glue/BackgroundUtils.cpp b/ipc/glue/BackgroundUtils.cpp index 0f3f2976e219..536030a45bb1 100644 --- a/ipc/glue/BackgroundUtils.cpp +++ b/ipc/glue/BackgroundUtils.cpp @@ -18,6 +18,7 @@ #include "mozilla/net/InterceptionInfo.h" #include "mozilla/net/NeckoChannelParams.h" #include "ExpandedPrincipal.h" +#include "nsIContentPolicy.h" #include "nsIScriptSecurityManager.h" #include "nsIURI.h" #include "nsNetUtil.h" @@ -599,7 +600,8 @@ nsresult LoadInfoToLoadInfoArgs(nsILoadInfo* aLoadInfo, aLoadInfo->GetIsMediaRequest(), aLoadInfo->GetIsMediaInitialRequest(), aLoadInfo->GetIsFromObjectOrEmbed(), cookieJarSettingsArgs, aLoadInfo->GetRequestBlockingReason(), maybeCspToInheritInfo, - aLoadInfo->GetStoragePermission(), overriddenFingerprintingSettingsArg, + aLoadInfo->GetStoragePermission(), aLoadInfo->GetParentIpAddressSpace(), + aLoadInfo->GetIpAddressSpace(), overriddenFingerprintingSettingsArg, aLoadInfo->GetIsMetaRefresh(), aLoadInfo->GetLoadingEmbedderPolicy(), aLoadInfo->GetIsOriginTrialCoepCredentiallessEnabledForTopLevel(), unstrippedURI, interceptionInfoArg, aLoadInfo->GetIsNewWindowTarget(), @@ -891,7 +893,8 @@ nsresult LoadInfoArgsToLoadInfo(const LoadInfoArgs& loadInfoArgs, /* aIsSameDocumentNavigation */ false, loadInfoArgs.allowDeprecatedSystemRequests(), loadInfoArgs.isInDevToolsContext(), loadInfoArgs.parserCreatedScript(), - loadInfoArgs.storagePermission(), overriddenFingerprintingSettings, + loadInfoArgs.storagePermission(), loadInfoArgs.parentIPAddressSpace(), + loadInfoArgs.ipAddressSpace(), overriddenFingerprintingSettings, loadInfoArgs.isMetaRefresh(), loadInfoArgs.requestBlockingReason(), loadingContext, loadInfoArgs.loadingEmbedderPolicy(), loadInfoArgs.originTrialCoepCredentiallessEnabledForTopLevel(), diff --git a/ipc/glue/IPCMessageUtilsSpecializations.h b/ipc/glue/IPCMessageUtilsSpecializations.h index c1001068055c..fe5d5b01736a 100644 --- a/ipc/glue/IPCMessageUtilsSpecializations.h +++ b/ipc/glue/IPCMessageUtilsSpecializations.h @@ -890,6 +890,12 @@ struct ParamTraits> { } }; +template <> +struct ParamTraits + : public ContiguousEnumSerializer {}; + } /* namespace IPC */ #endif /* __IPC_GLUE_IPCMESSAGEUTILSSPECIALIZATIONS_H__ */ diff --git a/netwerk/base/LoadInfo.cpp b/netwerk/base/LoadInfo.cpp index d9c35679b866..530e51b1e6db 100644 --- a/netwerk/base/LoadInfo.cpp +++ b/netwerk/base/LoadInfo.cpp @@ -31,12 +31,14 @@ #include "ThirdPartyUtil.h" #include "nsFrameLoader.h" #include "nsFrameLoaderOwner.h" +#include "nsIContentPolicy.h" #include "nsIContentSecurityPolicy.h" #include "nsIDocShell.h" #include "mozilla/dom/Document.h" #include "nsIHttpChannel.h" #include "nsIHttpChannelInternal.h" #include "nsIInterfaceRequestorUtils.h" +#include "nsILoadInfo.h" #include "nsIScriptElement.h" #include "nsISupportsImpl.h" #include "nsISupportsUtils.h" @@ -223,6 +225,8 @@ LoadInfo::LoadInfo( aLoadingContext->OwnerDoc()->CookieJarSettings()) ->Clone(); } + // TODO browsing context id is not set. Check how we need to handle setting + // of parent IP address space if not availble. mInnerWindowID = aLoadingContext->OwnerDoc()->InnerWindowID(); RefPtr ctx = WindowContext::GetById(mInnerWindowID); @@ -325,6 +329,8 @@ LoadInfo::LoadInfo( } } + UpdateParentAddressSpaceInfo(); + // For chrome docshell, the mPrivateBrowsingId remains 0 even its // UsePrivateBrowsing() is true, so we only update the mPrivateBrowsingId in // origin attributes if the type of the docshell is content. @@ -401,6 +407,8 @@ LoadInfo::LoadInfo(nsPIDOMWindowOuter* aOuterWindow, nsIURI* aURI, mCookieJarSettings = CookieJarSettings::Create( isPrivate ? CookieJarSettings::ePrivate : CookieJarSettings::eRegular, shouldResistFingerprinting); + + UpdateParentAddressSpaceInfo(); } LoadInfo::LoadInfo(dom::CanonicalBrowsingContext* aBrowsingContext, @@ -494,6 +502,8 @@ LoadInfo::LoadInfo(dom::CanonicalBrowsingContext* aBrowsingContext, net::CookieJarSettings::Cast(mCookieJarSettings) ->SetFingerprintingRandomizationKey(randomKey); } + + UpdateParentAddressSpaceInfo(); } LoadInfo::LoadInfo(dom::WindowGlobalParent* aParentWGP, @@ -618,6 +628,8 @@ LoadInfo::LoadInfo(dom::WindowGlobalParent* aParentWGP, document->Trials().IsEnabled(OriginTrial::CoepCredentialless); } } + + UpdateParentAddressSpaceInfo(); } // Used for TYPE_FRAME or TYPE_IFRAME load. @@ -711,6 +723,8 @@ LoadInfo::LoadInfo(const LoadInfo& rhs) mIsInDevToolsContext(rhs.mIsInDevToolsContext), mParserCreatedScript(rhs.mParserCreatedScript), mStoragePermission(rhs.mStoragePermission), + mParentIPAddressSpace(rhs.mParentIPAddressSpace), + mIPAddressSpace(rhs.mIPAddressSpace), mOverriddenFingerprintingSettings(rhs.mOverriddenFingerprintingSettings), #ifdef DEBUG mOverriddenFingerprintingSettingsIsSet( @@ -773,6 +787,8 @@ LoadInfo::LoadInfo( bool aIsSameDocumentNavigation, bool aAllowDeprecatedSystemRequests, bool aIsInDevToolsContext, bool aParserCreatedScript, nsILoadInfo::StoragePermissionState aStoragePermission, + nsILoadInfo::IPAddressSpace aParentIPAddressSpace, + nsILoadInfo::IPAddressSpace aIPAddressSpace, const Maybe& aOverriddenFingerprintingSettings, bool aIsMetaRefresh, uint32_t aRequestBlockingReason, nsINode* aLoadingContext, @@ -856,6 +872,8 @@ LoadInfo::LoadInfo( mIsInDevToolsContext(aIsInDevToolsContext), mParserCreatedScript(aParserCreatedScript), mStoragePermission(aStoragePermission), + mParentIPAddressSpace(aParentIPAddressSpace), + mIPAddressSpace(aIPAddressSpace), mOverriddenFingerprintingSettings(aOverriddenFingerprintingSettings), mIsMetaRefresh(aIsMetaRefresh), mLoadingEmbedderPolicy(aLoadingEmbedderPolicy), @@ -895,6 +913,7 @@ void LoadInfo::ComputeAncestors( aBrowsingContextIDs.AppendElement(ancestorBC->Id()); } } + void LoadInfo::ComputeIsThirdPartyContext(nsPIDOMWindowOuter* aOuterWindow) { ExtContentPolicyType type = nsContentUtils::InternalContentPolicyTypeToExternal( @@ -1274,6 +1293,31 @@ LoadInfo::SetStoragePermission( return NS_OK; } +NS_IMETHODIMP +LoadInfo::GetIpAddressSpace(nsILoadInfo::IPAddressSpace* aIPAddressSpace) { + *aIPAddressSpace = mIPAddressSpace; + return NS_OK; +} + +NS_IMETHODIMP +LoadInfo::SetIpAddressSpace(nsILoadInfo::IPAddressSpace aIPAddressSpace) { + mIPAddressSpace = aIPAddressSpace; + return NS_OK; +} + +NS_IMETHODIMP +LoadInfo::GetParentIpAddressSpace( + nsILoadInfo::IPAddressSpace* aIPAddressSpace) { + *aIPAddressSpace = mParentIPAddressSpace; + return NS_OK; +} + +NS_IMETHODIMP +LoadInfo::SetParentIpAddressSpace(nsILoadInfo::IPAddressSpace aIPAddressSpace) { + mParentIPAddressSpace = aIPAddressSpace; + return NS_OK; +} + const Maybe& LoadInfo::GetOverriddenFingerprintingSettings() { #ifdef DEBUG RefPtr browsingContext; @@ -2581,4 +2625,38 @@ LoadInfo::SetSkipHTTPSUpgrade(bool aSkipHTTPSUpgrade) { return NS_OK; } +void LoadInfo::UpdateParentAddressSpaceInfo() { + MOZ_ASSERT(mInternalContentPolicyType != nsContentPolicyType::TYPE_INVALID, + "Content policy must be set before updating address spsace"); + ExtContentPolicyType externalType = + nsContentUtils::InternalContentPolicyTypeToExternal( + mInternalContentPolicyType); + + RefPtr bc; + GetBrowsingContext(getter_AddRefs(bc)); + if (!bc) { + // TODO: confirm this assumption holds for all cases + // See Bug 1967165 + mParentIPAddressSpace = nsILoadInfo::Local; + return; + } + // if this main or sub document then we need to assign IPAddressSpace of + // the parent's browsing context + if (externalType == ExtContentPolicy::TYPE_DOCUMENT || + externalType == ExtContentPolicy::TYPE_SUBDOCUMENT) { + if (bc->GetParent()) { + mParentIPAddressSpace = bc->GetParent()->GetCurrentIPAddressSpace(); + } else if (RefPtr opener = bc->GetOpener()) { + mParentIPAddressSpace = opener->GetCurrentIPAddressSpace(); + } else { + // TODO: add if this was loaded from about:blank. In that case we need to + // give assign local IPAddress + } + } else { + // For non-document loads, we need to set the parent IPAddressSpace to + // IPAddress space of the browsing context + mParentIPAddressSpace = bc->GetCurrentIPAddressSpace(); + } +} + } // namespace mozilla::net diff --git a/netwerk/base/LoadInfo.h b/netwerk/base/LoadInfo.h index f691db7ca9aa..b0b8022cb672 100644 --- a/netwerk/base/LoadInfo.h +++ b/netwerk/base/LoadInfo.h @@ -267,6 +267,8 @@ class LoadInfo final : public nsILoadInfo { bool aIsSameDocumentNavigation, bool aAllowDeprecatedSystemRequests, bool aIsInDevToolsContext, bool aParserCreatedScript, nsILoadInfo::StoragePermissionState aStoragePermission, + nsILoadInfo::IPAddressSpace aParentIPAddressSpace, + nsILoadInfo::IPAddressSpace aIPAddressSpace, const Maybe& aOverriddenFingerprintingSettings, bool aIsMetaRefresh, uint32_t aRequestBlockingReason, nsINode* aLoadingContext, @@ -311,6 +313,8 @@ class LoadInfo final : public nsILoadInfo { void UpdateFrameBrowsingContextID(uint64_t aFrameBrowsingContextID) { mFrameBrowsingContextID = aFrameBrowsingContextID; } + + void UpdateParentAddressSpaceInfo(); MOZ_NEVER_INLINE void ReleaseMembers(); // if you add a member, please also update the copy constructor and consider @@ -395,6 +399,10 @@ class LoadInfo final : public nsILoadInfo { bool mParserCreatedScript = false; nsILoadInfo::StoragePermissionState mStoragePermission = nsILoadInfo::NoStoragePermission; + // IP Address space of the parent browsing context. + nsILoadInfo::IPAddressSpace mParentIPAddressSpace = nsILoadInfo::Public; + nsILoadInfo::IPAddressSpace mIPAddressSpace = nsILoadInfo::Public; + Maybe mOverriddenFingerprintingSettings; #ifdef DEBUG // A boolean used to ensure the mOverriddenFingerprintingSettings is set @@ -441,12 +449,12 @@ class LoadInfo final : public nsILoadInfo { bool mIsNewWindowTarget = false; bool mSkipHTTPSUpgrade = false; }; - // This is exposed solely for testing purposes and should not be used outside of // LoadInfo already_AddRefed CreateTruncatedPrincipal(nsIPrincipal*); } // namespace net + } // namespace mozilla #endif // mozilla_LoadInfo_h diff --git a/netwerk/base/TRRLoadInfo.cpp b/netwerk/base/TRRLoadInfo.cpp index 2f9a2e107fb7..dd8cc849fb3d 100644 --- a/netwerk/base/TRRLoadInfo.cpp +++ b/netwerk/base/TRRLoadInfo.cpp @@ -208,6 +208,28 @@ TRRLoadInfo::SetStoragePermission( return NS_ERROR_NOT_IMPLEMENTED; } +NS_IMETHODIMP +TRRLoadInfo::GetParentIpAddressSpace( + nsILoadInfo::IPAddressSpace* aIPAddressSpace) { + return NS_ERROR_NOT_IMPLEMENTED; +} + +NS_IMETHODIMP +TRRLoadInfo::SetParentIpAddressSpace( + nsILoadInfo::IPAddressSpace aIPAddressSpace) { + return NS_ERROR_NOT_IMPLEMENTED; +} + +NS_IMETHODIMP +TRRLoadInfo::GetIpAddressSpace(nsILoadInfo::IPAddressSpace* aIPAddressSpace) { + return NS_ERROR_NOT_IMPLEMENTED; +} + +NS_IMETHODIMP +TRRLoadInfo::SetIpAddressSpace(nsILoadInfo::IPAddressSpace aIPAddressSpace) { + return NS_ERROR_NOT_IMPLEMENTED; +} + const Maybe& TRRLoadInfo::GetOverriddenFingerprintingSettings() { return mOverriddenFingerprintingSettings; } diff --git a/netwerk/base/nsILoadInfo.idl b/netwerk/base/nsILoadInfo.idl index aa04e701e578..1cfda408c33c 100644 --- a/netwerk/base/nsILoadInfo.idl +++ b/netwerk/base/nsILoadInfo.idl @@ -650,13 +650,13 @@ interface nsILoadInfo : nsISupports * IP AddressSpace of the resource being loaded. This will be set after connection to the server has been established. * This is used to check if the request crosses address boundaries between public to a more private address space. */ - attribute nsILoadInfo_IPAddressSpace ipAddressSpace; + [infallible] attribute nsILoadInfo_IPAddressSpace ipAddressSpace; /** * IP AddressSpace of the document/sub-document that trigeered this request. * This will be set from the browsing context of the document that triggered this request. */ - attribute nsILoadInfo_IPAddressSpace parentIpAddressSpace; + [infallible] attribute nsILoadInfo_IPAddressSpace parentIpAddressSpace; /** * The result of the storage permission check of the loading document. This diff --git a/netwerk/ipc/NeckoChannelParams.ipdlh b/netwerk/ipc/NeckoChannelParams.ipdlh index 37044cf8b7e1..018dfa028eea 100644 --- a/netwerk/ipc/NeckoChannelParams.ipdlh +++ b/netwerk/ipc/NeckoChannelParams.ipdlh @@ -37,6 +37,7 @@ using nsContentPolicyType from "nsIContentPolicy.h"; using mozilla::net::PreferredAlternativeDataDeliveryTypeIPC from "nsICacheInfoChannel.h"; using nsILoadInfo::CrossOriginEmbedderPolicy from "nsILoadInfo.h"; using nsILoadInfo::StoragePermissionState from "nsILoadInfo.h"; +using nsILoadInfo::IPAddressSpace from "nsILoadInfo.h"; using struct mozilla::dom::LoadingSessionHistoryInfo from "mozilla/dom/SessionHistoryEntry.h"; using mozilla::dom::RequestMode from "mozilla/dom/RequestBinding.h"; using mozilla::net::LinkHeader from "nsNetUtil.h"; @@ -196,7 +197,9 @@ struct LoadInfoArgs uint32_t requestBlockingReason; CSPInfo? cspToInheritInfo; StoragePermissionState storagePermission; - RFPTargetSet? overriddenFingerprintingSettings; + IPAddressSpace parentIPAddressSpace; + IPAddressSpace ipAddressSpace; + RFPTargetSet? overriddenFingerprintingSettings; bool isMetaRefresh; CrossOriginEmbedderPolicy loadingEmbedderPolicy; bool originTrialCoepCredentiallessEnabledForTopLevel;