summaryrefslogtreecommitdiffstats
path: root/toolkit/components/antitracking/AntiTrackingUtils.cpp
diff options
context:
space:
mode:
Diffstat (limited to 'toolkit/components/antitracking/AntiTrackingUtils.cpp')
-rw-r--r--toolkit/components/antitracking/AntiTrackingUtils.cpp34
1 files changed, 28 insertions, 6 deletions
diff --git a/toolkit/components/antitracking/AntiTrackingUtils.cpp b/toolkit/components/antitracking/AntiTrackingUtils.cpp
index d9624237de..56d1b9e9e5 100644
--- a/toolkit/components/antitracking/AntiTrackingUtils.cpp
+++ b/toolkit/components/antitracking/AntiTrackingUtils.cpp
@@ -567,9 +567,8 @@ AntiTrackingUtils::GetStoragePermissionStateInParent(nsIChannel* aChannel) {
if (policyType == ExtContentPolicy::TYPE_SUBDOCUMENT) {
// For loads of framed documents, we only use storage access
- // if the load is the result of a same-origin, self-initiated
+ // if the load is the result of a same-origin, same-site-initiated
// navigation of the frame.
- uint64_t targetWindowIdNoTop = bc->GetCurrentInnerWindowId();
uint64_t triggeringWindowId;
rv = loadInfo->GetTriggeringWindowId(&triggeringWindowId);
if (NS_WARN_IF(NS_FAILED(rv))) {
@@ -581,10 +580,29 @@ AntiTrackingUtils::GetStoragePermissionStateInParent(nsIChannel* aChannel) {
if (NS_WARN_IF(NS_FAILED(rv))) {
return nsILoadInfo::NoStoragePermission;
}
+
+ nsIScriptSecurityManager* ssm = nsContentUtils::GetSecurityManager();
+ RefPtr<nsIPrincipal> channelResultPrincipal;
+ rv = ssm->GetChannelResultPrincipal(aChannel,
+ getter_AddRefs(channelResultPrincipal));
+ if (NS_WARN_IF(NS_FAILED(rv))) {
+ return nsILoadInfo::NoStoragePermission;
+ }
RefPtr<net::HttpBaseChannel> httpChannel = do_QueryObject(aChannel);
+ bool crossSiteInitiated = false;
+ if (bc && bc->GetParent()->GetCurrentWindowContext()) {
+ RefPtr<WindowGlobalParent> triggeringWGP =
+ WindowGlobalParent::GetByInnerWindowId(triggeringWindowId);
+ if (triggeringWGP && triggeringWGP->DocumentPrincipal()) {
+ rv = triggeringWGP->DocumentPrincipal()->IsThirdPartyPrincipal(
+ channelResultPrincipal, &crossSiteInitiated);
+ if (NS_FAILED(rv)) {
+ crossSiteInitiated = false;
+ }
+ }
+ }
- if (targetWindowIdNoTop == triggeringWindowId &&
- triggeringWindowHasStorageAccess &&
+ if (!crossSiteInitiated && triggeringWindowHasStorageAccess &&
trackingPrincipal->Equals(framePrincipal) && httpChannel &&
!httpChannel->HasRedirectTaintedOrigin()) {
return nsILoadInfo::HasStoragePermission;
@@ -880,7 +898,9 @@ bool AntiTrackingUtils::IsThirdPartyChannel(nsIChannel* aChannel) {
}
bool thirdParty = true;
rv = tpuService->IsThirdPartyChannel(aChannel, nullptr, &thirdParty);
- NS_ENSURE_SUCCESS(rv, true);
+ if (NS_FAILED(rv)) {
+ return true;
+ }
return thirdParty;
}
@@ -955,7 +975,9 @@ bool AntiTrackingUtils::IsThirdPartyDocument(Document* aDocument) {
nsresult rv = tpuService->IsThirdPartyChannel(aDocument->GetChannel(),
nullptr, &thirdParty);
- NS_ENSURE_SUCCESS(rv, true);
+ if (NS_FAILED(rv)) {
+ return true;
+ }
return thirdParty;
}
generated by cgit v1.2.3 (git 2.39.1) at 2024-07-12 03:36:08 +0000