From fbaf0bb26397aa498eb9156f06d5a6fe34dd7dd8 Mon Sep 17 00:00:00 2001 From: Daniel Baumann Date: Fri, 19 Apr 2024 03:14:29 +0200 Subject: Merging upstream version 125.0.1. Signed-off-by: Daniel Baumann --- netwerk/cookie/CookieServiceChild.cpp | 169 +++++++++++++++++++--------------- 1 file changed, 95 insertions(+), 74 deletions(-) (limited to 'netwerk/cookie/CookieServiceChild.cpp') diff --git a/netwerk/cookie/CookieServiceChild.cpp b/netwerk/cookie/CookieServiceChild.cpp index a005b5dbe7..84f34a9a37 100644 --- a/netwerk/cookie/CookieServiceChild.cpp +++ b/netwerk/cookie/CookieServiceChild.cpp @@ -107,6 +107,12 @@ RefPtr CookieServiceChild::TrackCookieLoad( RefPtr self(this); + // TODO (Bug 1874174): A channel could access both unpartitioned and + // partitioned cookie jars. We will need to pass partitioned and unpartitioned + // originAttributes according the storage access. + nsTArray attrsList; + attrsList.AppendElement(attrs); + return SendGetCookieList( uri, result.contains(ThirdPartyAnalysis::IsForeign), result.contains(ThirdPartyAnalysis::IsThirdPartyTrackingResource), @@ -115,14 +121,18 @@ RefPtr CookieServiceChild::TrackCookieLoad( result.contains( ThirdPartyAnalysis::IsStorageAccessPermissionGranted), rejectedReason, isSafeTopLevelNav, isSameSiteForeign, - hadCrossSiteRedirects, attrs) + hadCrossSiteRedirects, attrsList) ->Then( GetCurrentSerialEventTarget(), __func__, - [self, uri, attrs](const nsTArray& aCookiesList) { - for (uint32_t i = 0; i < aCookiesList.Length(); i++) { - RefPtr cookie = Cookie::Create(aCookiesList[i], attrs); - cookie->SetIsHttpOnly(false); - self->RecordDocumentCookie(cookie, attrs); + [self, uri](const nsTArray& aCookiesListTable) { + for (auto& entry : aCookiesListTable) { + auto& cookies = entry.cookies(); + for (auto& cookieEntry : cookies) { + RefPtr cookie = + Cookie::Create(cookieEntry, entry.attrs()); + cookie->SetIsHttpOnly(false); + self->RecordDocumentCookie(cookie, entry.attrs()); + } } return GenericPromise::CreateAndResolve(true, __func__); }, @@ -215,11 +225,13 @@ IPCResult CookieServiceChild::RecvRemoveBatchDeletedCookies( } IPCResult CookieServiceChild::RecvTrackCookiesLoad( - nsTArray&& aCookiesList, const OriginAttributes& aAttrs) { - for (uint32_t i = 0; i < aCookiesList.Length(); i++) { - RefPtr cookie = Cookie::Create(aCookiesList[i], aAttrs); - cookie->SetIsHttpOnly(false); - RecordDocumentCookie(cookie, aAttrs); + nsTArray&& aCookiesListTable) { + for (auto& entry : aCookiesListTable) { + for (auto& cookieEntry : entry.cookies()) { + RefPtr cookie = Cookie::Create(cookieEntry, entry.attrs()); + cookie->SetIsHttpOnly(false); + RecordDocumentCookie(cookie, entry.attrs()); + } } nsCOMPtr obsService = services::GetObserverService(); @@ -313,34 +325,14 @@ CookieServiceChild::GetCookieStringFromDocument(dom::Document* aDocument, aCookieString.Truncate(); - nsCOMPtr principal = aDocument->EffectiveCookiePrincipal(); - - if (!CookieCommons::IsSchemeSupported(principal)) { - return NS_OK; - } - - nsAutoCString baseDomain; - nsresult rv = CookieCommons::GetBaseDomain(principal, baseDomain); - if (NS_WARN_IF(NS_FAILED(rv))) { - return NS_OK; - } - - CookieKey key(baseDomain, principal->OriginAttributesRef()); - CookiesList* cookiesList = nullptr; - mCookiesMap.Get(key, &cookiesList); - - if (!cookiesList) { - return NS_OK; - } + nsCOMPtr cookiePrincipal = + aDocument->EffectiveCookiePrincipal(); - nsAutoCString hostFromURI; - rv = nsContentUtils::GetHostOrIPv6WithBrackets(principal, hostFromURI); - if (NS_WARN_IF(NS_FAILED(rv))) { - return NS_OK; - } - - nsAutoCString pathFromURI; - principal->GetFilePath(pathFromURI); + // TODO (Bug 1874174): A document could access both unpartitioned and + // partitioned cookie jars. We will need to prepare partitioned and + // unpartitioned principals for access both cookie jars. + nsTArray> principals; + principals.AppendElement(cookiePrincipal); bool thirdParty = true; nsPIDOMWindowInner* innerWindow = aDocument->GetInnerWindow(); @@ -355,54 +347,83 @@ CookieServiceChild::GetCookieStringFromDocument(dom::Document* aDocument, } } - bool isPotentiallyTrustworthy = - principal->GetIsOriginPotentiallyTrustworthy(); - int64_t currentTimeInUsec = PR_Now(); - int64_t currentTime = currentTimeInUsec / PR_USEC_PER_SEC; - - cookiesList->Sort(CompareCookiesForSending()); - for (uint32_t i = 0; i < cookiesList->Length(); i++) { - Cookie* cookie = cookiesList->ElementAt(i); - // check the host, since the base domain lookup is conservative. - if (!CookieCommons::DomainMatches(cookie, hostFromURI)) { - continue; + for (auto& principal : principals) { + if (!CookieCommons::IsSchemeSupported(principal)) { + return NS_OK; } - // We don't show HttpOnly cookies in content processes. - if (cookie->IsHttpOnly()) { - continue; + nsAutoCString baseDomain; + nsresult rv = CookieCommons::GetBaseDomain(principal, baseDomain); + if (NS_WARN_IF(NS_FAILED(rv))) { + return NS_OK; } - if (thirdParty && !CookieCommons::ShouldIncludeCrossSiteCookieForDocument( - cookie, aDocument)) { - continue; - } + CookieKey key(baseDomain, principal->OriginAttributesRef()); + CookiesList* cookiesList = nullptr; + mCookiesMap.Get(key, &cookiesList); - // do not display the cookie if it is secure and the host scheme isn't - if (cookie->IsSecure() && !isPotentiallyTrustworthy) { + if (!cookiesList) { continue; } - // if the nsIURI path doesn't match the cookie path, don't send it back - if (!CookieCommons::PathMatches(cookie, pathFromURI)) { - continue; + nsAutoCString hostFromURI; + rv = nsContentUtils::GetHostOrIPv6WithBrackets(principal, hostFromURI); + if (NS_WARN_IF(NS_FAILED(rv))) { + return NS_OK; } - // check if the cookie has expired - if (cookie->Expiry() <= currentTime) { - continue; - } + nsAutoCString pathFromURI; + principal->GetFilePath(pathFromURI); - if (!cookie->Name().IsEmpty() || !cookie->Value().IsEmpty()) { - if (!aCookieString.IsEmpty()) { - aCookieString.AppendLiteral("; "); + bool isPotentiallyTrustworthy = + principal->GetIsOriginPotentiallyTrustworthy(); + int64_t currentTimeInUsec = PR_Now(); + int64_t currentTime = currentTimeInUsec / PR_USEC_PER_SEC; + + cookiesList->Sort(CompareCookiesForSending()); + for (uint32_t i = 0; i < cookiesList->Length(); i++) { + Cookie* cookie = cookiesList->ElementAt(i); + // check the host, since the base domain lookup is conservative. + if (!CookieCommons::DomainMatches(cookie, hostFromURI)) { + continue; } - if (!cookie->Name().IsEmpty()) { - aCookieString.Append(cookie->Name().get()); - aCookieString.AppendLiteral("="); - aCookieString.Append(cookie->Value().get()); - } else { - aCookieString.Append(cookie->Value().get()); + + // We don't show HttpOnly cookies in content processes. + if (cookie->IsHttpOnly()) { + continue; + } + + if (thirdParty && !CookieCommons::ShouldIncludeCrossSiteCookieForDocument( + cookie, aDocument)) { + continue; + } + + // do not display the cookie if it is secure and the host scheme isn't + if (cookie->IsSecure() && !isPotentiallyTrustworthy) { + continue; + } + + // if the nsIURI path doesn't match the cookie path, don't send it back + if (!CookieCommons::PathMatches(cookie, pathFromURI)) { + continue; + } + + // check if the cookie has expired + if (cookie->Expiry() <= currentTime) { + continue; + } + + if (!cookie->Name().IsEmpty() || !cookie->Value().IsEmpty()) { + if (!aCookieString.IsEmpty()) { + aCookieString.AppendLiteral("; "); + } + if (!cookie->Name().IsEmpty()) { + aCookieString.Append(cookie->Name().get()); + aCookieString.AppendLiteral("="); + aCookieString.Append(cookie->Value().get()); + } else { + aCookieString.Append(cookie->Value().get()); + } } } } -- cgit v1.2.3