corysanin/tubestation
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Bug 1778510: Require subclasses of nsIGlobalObject implement ShouldRFP r=asuth

Browse Source 
For the less common subclasses we will hardcode a choice to always obey
RFP if the pref is enabled.

Differential Revision: https://phabricator.services.mozilla.com/D157562
This commit is contained in:
Tom Ritter
2022-11-28 18:04:04 +00:00
parent 79bbab3382
commit 9b61ead1b5
7 changed files with 35 additions and 3 deletions
Download Patch File Download Diff File Expand all files Collapse all files

4
dom/base/nsGlobalWindowInner.cpp
View File

@@ -1629,7 +1629,9 @@ bool nsGlobalWindowInner::ShouldResistFingerprinting() const {
if (mDoc) { if (mDoc) {
return mDoc->ShouldResistFingerprinting(); return mDoc->ShouldResistFingerprinting();
} }
return nsIScriptGlobalObject::ShouldResistFingerprinting(); return nsContentUtils::ShouldResistFingerprinting(
"If we do not have a document then we do not have any context"
"to make an informed RFP choice, so we fall back to the global pref");
} }
OriginTrials nsGlobalWindowInner::Trials() const { OriginTrials nsGlobalWindowInner::Trials() const {

4
dom/base/nsGlobalWindowOuter.cpp
View File

@@ -1670,7 +1670,9 @@ bool nsGlobalWindowOuter::ShouldResistFingerprinting() const {
if (mDoc) { if (mDoc) {
return mDoc->ShouldResistFingerprinting(); return mDoc->ShouldResistFingerprinting();
} }
return nsIScriptGlobalObject::ShouldResistFingerprinting(); return nsContentUtils::ShouldResistFingerprinting(
"If we do not have a document then we do not have any context"
"to make an informed RFP choice, so we fall back to the global pref");
} }
uint32_t nsGlobalWindowOuter::GetPrincipalHashValue() const { uint32_t nsGlobalWindowOuter::GetPrincipalHashValue() const {

2
dom/base/nsIGlobalObject.h
View File

@@ -242,7 +242,7 @@ class nsIGlobalObject : public nsISupports,
* Check whether we should avoid leaking distinguishing information to JS/CSS. * Check whether we should avoid leaking distinguishing information to JS/CSS.
* https://w3c.github.io/fingerprinting-guidance/ * https://w3c.github.io/fingerprinting-guidance/
*/ */
virtual bool ShouldResistFingerprinting() const; virtual bool ShouldResistFingerprinting() const = 0;
/** /**
* Threadsafe way to get nsIPrincipal::GetHashValue for the associated * Threadsafe way to get nsIPrincipal::GetHashValue for the associated

7
dom/bindings/SimpleGlobalObject.h
View File

@@ -13,6 +13,7 @@
#ifndef mozilla_dom_SimpleGlobalObject_h__ #ifndef mozilla_dom_SimpleGlobalObject_h__
#define mozilla_dom_SimpleGlobalObject_h__ #define mozilla_dom_SimpleGlobalObject_h__
#include "nsContentUtils.h"
#include "nsIGlobalObject.h" #include "nsIGlobalObject.h"
#include "nsWrapperCache.h" #include "nsWrapperCache.h"
#include "js/TypeDecls.h" #include "js/TypeDecls.h"
@@ -72,6 +73,12 @@ class SimpleGlobalObject : public nsIGlobalObject, public nsWrapperCache {
MOZ_CRASH("SimpleGlobalObject doesn't use DOM bindings!"); MOZ_CRASH("SimpleGlobalObject doesn't use DOM bindings!");
} }
bool ShouldResistFingerprinting() const override {
return nsContentUtils::ShouldResistFingerprinting(
"Presently we don't have enough context to make an informed decision"
"on JS Sandboxes. See 1782853");
}
private: private:
SimpleGlobalObject(JSObject* global, GlobalType type) : mType(type) { SimpleGlobalObject(JSObject* global, GlobalType type) : mType(type) {
SetWrapper(global); SetWrapper(global);

7
dom/script/ShadowRealmGlobalScope.h
View File

@@ -12,6 +12,7 @@
#include "mozilla/Maybe.h" #include "mozilla/Maybe.h"
#include "mozilla/OriginTrials.h" #include "mozilla/OriginTrials.h"
#include "mozilla/dom/BindingDeclarations.h" #include "mozilla/dom/BindingDeclarations.h"
#include "nsContentUtils.h"
#include "nsIGlobalObject.h" #include "nsIGlobalObject.h"
#include "nsWrapperCache.h" #include "nsWrapperCache.h"
@@ -54,6 +55,12 @@ class ShadowRealmGlobalScope : public nsIGlobalObject, public nsWrapperCache {
JS::loader::ModuleLoaderBase* GetModuleLoader(JSContext* aCx) override; JS::loader::ModuleLoaderBase* GetModuleLoader(JSContext* aCx) override;
bool ShouldResistFingerprinting() const override {
return nsContentUtils::ShouldResistFingerprinting(
"Presently we don't have enough context to make an informed decision"
"on JS Sandboxes. See 1782853");
}
private: private:
virtual ~ShadowRealmGlobalScope() = default; virtual ~ShadowRealmGlobalScope() = default;

7
js/xpconnect/src/BackstagePass.h
View File

@@ -8,6 +8,7 @@
#define BackstagePass_h__ #define BackstagePass_h__
#include "js/loader/ModuleLoaderBase.h" #include "js/loader/ModuleLoaderBase.h"
#include "mozilla/BasePrincipal.h"
#include "mozilla/StorageAccess.h" #include "mozilla/StorageAccess.h"
#include "nsISupports.h" #include "nsISupports.h"
#include "nsWeakReference.h" #include "nsWeakReference.h"
@@ -67,6 +68,12 @@ class BackstagePass final : public nsIGlobalObject,
mModuleLoader = aModuleLoader; mModuleLoader = aModuleLoader;
} }
bool ShouldResistFingerprinting() const override {
// BackstagePass is always the System Principal
MOZ_RELEASE_ASSERT(mPrincipal->IsSystemPrincipal());
return false;
}
private: private:
virtual ~BackstagePass() = default; virtual ~BackstagePass() = default;

7
js/xpconnect/src/SandboxPrivate.h
View File

@@ -11,6 +11,7 @@
#include "mozilla/StaticPrefs_dom.h" #include "mozilla/StaticPrefs_dom.h"
#include "mozilla/StorageAccess.h" #include "mozilla/StorageAccess.h"
#include "mozilla/net/CookieJarSettings.h" #include "mozilla/net/CookieJarSettings.h"
#include "nsContentUtils.h"
#include "nsIGlobalObject.h" #include "nsIGlobalObject.h"
#include "nsIScriptObjectPrincipal.h" #include "nsIScriptObjectPrincipal.h"
#include "nsIPrincipal.h" #include "nsIPrincipal.h"
@@ -96,6 +97,12 @@ class SandboxPrivate : public nsIGlobalObject,
return 0; return 0;
} }
bool ShouldResistFingerprinting() const override {
return nsContentUtils::ShouldResistFingerprinting(
"Presently we don't have enough context to make an informed decision"
"on JS Sandboxes. See 1782853");
}
private: private:
explicit SandboxPrivate(nsIPrincipal* principal) : mPrincipal(principal) {} explicit SandboxPrivate(nsIPrincipal* principal) : mPrincipal(principal) {}