From a90a5cba08fdf6c0ceb95101c275108a152a3aed Mon Sep 17 00:00:00 2001 From: Daniel Baumann Date: Wed, 12 Jun 2024 07:35:37 +0200 Subject: Merging upstream version 127.0. Signed-off-by: Daniel Baumann --- .../components/antitracking/AntiTrackingUtils.cpp | 34 ++++++++++++++++++---- 1 file changed, 28 insertions(+), 6 deletions(-) (limited to 'toolkit/components/antitracking/AntiTrackingUtils.cpp') diff --git a/toolkit/components/antitracking/AntiTrackingUtils.cpp b/toolkit/components/antitracking/AntiTrackingUtils.cpp index d9624237de..56d1b9e9e5 100644 --- a/toolkit/components/antitracking/AntiTrackingUtils.cpp +++ b/toolkit/components/antitracking/AntiTrackingUtils.cpp @@ -567,9 +567,8 @@ AntiTrackingUtils::GetStoragePermissionStateInParent(nsIChannel* aChannel) { if (policyType == ExtContentPolicy::TYPE_SUBDOCUMENT) { // For loads of framed documents, we only use storage access - // if the load is the result of a same-origin, self-initiated + // if the load is the result of a same-origin, same-site-initiated // navigation of the frame. - uint64_t targetWindowIdNoTop = bc->GetCurrentInnerWindowId(); uint64_t triggeringWindowId; rv = loadInfo->GetTriggeringWindowId(&triggeringWindowId); if (NS_WARN_IF(NS_FAILED(rv))) { @@ -581,10 +580,29 @@ AntiTrackingUtils::GetStoragePermissionStateInParent(nsIChannel* aChannel) { if (NS_WARN_IF(NS_FAILED(rv))) { return nsILoadInfo::NoStoragePermission; } + + nsIScriptSecurityManager* ssm = nsContentUtils::GetSecurityManager(); + RefPtr channelResultPrincipal; + rv = ssm->GetChannelResultPrincipal(aChannel, + getter_AddRefs(channelResultPrincipal)); + if (NS_WARN_IF(NS_FAILED(rv))) { + return nsILoadInfo::NoStoragePermission; + } RefPtr httpChannel = do_QueryObject(aChannel); + bool crossSiteInitiated = false; + if (bc && bc->GetParent()->GetCurrentWindowContext()) { + RefPtr triggeringWGP = + WindowGlobalParent::GetByInnerWindowId(triggeringWindowId); + if (triggeringWGP && triggeringWGP->DocumentPrincipal()) { + rv = triggeringWGP->DocumentPrincipal()->IsThirdPartyPrincipal( + channelResultPrincipal, &crossSiteInitiated); + if (NS_FAILED(rv)) { + crossSiteInitiated = false; + } + } + } - if (targetWindowIdNoTop == triggeringWindowId && - triggeringWindowHasStorageAccess && + if (!crossSiteInitiated && triggeringWindowHasStorageAccess && trackingPrincipal->Equals(framePrincipal) && httpChannel && !httpChannel->HasRedirectTaintedOrigin()) { return nsILoadInfo::HasStoragePermission; @@ -880,7 +898,9 @@ bool AntiTrackingUtils::IsThirdPartyChannel(nsIChannel* aChannel) { } bool thirdParty = true; rv = tpuService->IsThirdPartyChannel(aChannel, nullptr, &thirdParty); - NS_ENSURE_SUCCESS(rv, true); + if (NS_FAILED(rv)) { + return true; + } return thirdParty; } @@ -955,7 +975,9 @@ bool AntiTrackingUtils::IsThirdPartyDocument(Document* aDocument) { nsresult rv = tpuService->IsThirdPartyChannel(aDocument->GetChannel(), nullptr, &thirdParty); - NS_ENSURE_SUCCESS(rv, true); + if (NS_FAILED(rv)) { + return true; + } return thirdParty; } -- cgit v1.2.3