1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
|
/* -*- Mode: C++; tab-width: 8; indent-tabs-mode: nil; c-basic-offset: 2 -*- */
/* vim: set ts=8 sts=2 et sw=2 tw=80: */
/* This Source Code Form is subject to the terms of the Mozilla Public
* License, v. 2.0. If a copy of the MPL was not distributed with this file,
* You can obtain one at http://mozilla.org/MPL/2.0/. */
#ifndef mozilla_StorageAccess_h
#define mozilla_StorageAccess_h
#include <cstdint>
class nsIChannel;
class nsICookieJarSettings;
class nsIPrincipal;
class nsIURI;
class nsPIDOMWindowInner;
namespace mozilla {
namespace dom {
class Document;
}
// The order of these entries matters, as we use std::min for total ordering
// of permissions. Private Browsing is considered to be more limiting
// then session scoping
enum class StorageAccess {
// The storage should be partitioned for third-party resources. if the
// caller is unable to do it, deny the storage access.
ePartitionForeignOrDeny = -2,
// The storage should be partitioned for third-party trackers. if the caller
// is unable to do it, deny the storage access.
ePartitionTrackersOrDeny = -1,
// Don't allow access to the storage
eDeny = 0,
// Allow access to the storage, but only if it is secure to do so in a
// private browsing context.
ePrivateBrowsing = 1,
// Allow access to the storage, but only persist it for the current session
eSessionScoped = 2,
// Allow access to the storage
eAllow = 3,
// Keep this at the end. Used for serialization, but not a valid value.
eNumValues = 4,
};
/*
* Checks if storage for the given window is permitted by a combination of
* the user's preferences, and whether the window is a third-party iframe.
*
* This logic is intended to be shared between the different forms of
* persistent storage which are available to web pages. Cookies don't use
* this logic, and security logic related to them must be updated separately.
*/
StorageAccess StorageAllowedForWindow(nsPIDOMWindowInner* aWindow,
uint32_t* aRejectedReason = nullptr);
/*
* Checks if storage for the given document is permitted by a combination of
* the user's preferences, and whether the document's window is a third-party
* iframe.
*
* Note, this may be used on documents during the loading process where
* the window's extant document has not been set yet. The code in
* StorageAllowedForWindow(), however, will not work in these cases.
*/
StorageAccess StorageAllowedForDocument(const dom::Document* aDoc);
/*
* Checks if storage should be allowed for a new window with the given
* principal, load URI, and parent.
*/
StorageAccess StorageAllowedForNewWindow(nsIPrincipal* aPrincipal, nsIURI* aURI,
nsPIDOMWindowInner* aParent);
/*
* Checks if storage should be allowed for the given channel. The check will
* be based on the channel result principal and, depending on preferences and
* permissions, mozIThirdPartyUtil.isThirdPartyChannel().
*/
StorageAccess StorageAllowedForChannel(nsIChannel* aChannel);
/*
* Checks if storage for the given principal is permitted by the user's
* preferences. This method should be used only by ServiceWorker loading.
*/
StorageAccess StorageAllowedForServiceWorker(
nsIPrincipal* aPrincipal, nsICookieJarSettings* aCookieJarSettings);
/*
* Returns true if this window/channel/aPrincipal should disable storages
* because of the anti-tracking feature.
* Note that either aWindow or aChannel may be null when calling this
* function. If the caller wants the UI to be notified when the storage gets
* disabled, it must pass a non-null channel object.
*/
bool StorageDisabledByAntiTracking(nsPIDOMWindowInner* aWindow,
nsIChannel* aChannel,
nsIPrincipal* aPrincipal, nsIURI* aURI,
uint32_t& aRejectedReason);
/*
* Returns true if this document should disable storages because of the
* anti-tracking feature.
*/
bool StorageDisabledByAntiTracking(dom::Document* aDocument, nsIURI* aURI,
uint32_t& aRejectedReason);
bool ShouldPartitionStorage(StorageAccess aAccess);
bool ShouldPartitionStorage(uint32_t aRejectedReason);
bool StoragePartitioningEnabled(StorageAccess aAccess,
nsICookieJarSettings* aCookieJarSettings);
bool StoragePartitioningEnabled(uint32_t aRejectedReason,
nsICookieJarSettings* aCookieJarSettings);
} // namespace mozilla
#endif // mozilla_StorageAccess_h
|
