From 26a029d407be480d791972afb5975cf62c9360a6 Mon Sep 17 00:00:00 2001 From: Daniel Baumann Date: Fri, 19 Apr 2024 02:47:55 +0200 Subject: Adding upstream version 124.0.1. Signed-off-by: Daniel Baumann --- .../components/antitracking/AntiTrackingUtils.h | 174 +++++++++++++++++++++ 1 file changed, 174 insertions(+) create mode 100644 toolkit/components/antitracking/AntiTrackingUtils.h (limited to 'toolkit/components/antitracking/AntiTrackingUtils.h') diff --git a/toolkit/components/antitracking/AntiTrackingUtils.h b/toolkit/components/antitracking/AntiTrackingUtils.h new file mode 100644 index 0000000000..8ed83d0ff7 --- /dev/null +++ b/toolkit/components/antitracking/AntiTrackingUtils.h @@ -0,0 +1,174 @@ +/* -*- Mode: C++; tab-width: 8; indent-tabs-mode: nil; c-basic-offset: 2 -*- */ +/* vim: set ts=8 sts=2 et sw=2 tw=80: */ +/* This Source Code Form is subject to the terms of the Mozilla Public + * License, v. 2.0. If a copy of the MPL was not distributed with this file, + * You can obtain one at http://mozilla.org/MPL/2.0/. */ + +#ifndef mozilla_antitrackingutils_h +#define mozilla_antitrackingutils_h + +#include "mozilla/AlreadyAddRefed.h" +#include "mozilla/Maybe.h" +#include "nsStringFwd.h" +#include "ContentBlockingNotifier.h" + +#include "nsILoadInfo.h" + +class nsPIDOMWindowInner; +class nsPIDOMWindowOuter; +class nsIChannel; +class nsIPermission; +class nsIPrincipal; +class nsIURI; + +namespace mozilla { +namespace dom { +class BrowsingContext; +class CanonicalBrowsingContext; +class Document; +class WindowGlobalParent; +} // namespace dom + +class AntiTrackingUtils final { + public: + static already_AddRefed GetInnerWindow( + dom::BrowsingContext* aBrowsingContext); + + static already_AddRefed GetTopWindow( + nsPIDOMWindowInner* aWindow); + + // Get the current document URI from a document channel as it is being loaded. + static already_AddRefed MaybeGetDocumentURIBeingLoaded( + nsIChannel* aChannel); + + static void CreateStoragePermissionKey(const nsACString& aTrackingOrigin, + nsACString& aPermissionKey); + + // Given a principal, returns the storage permission key that will be used for + // the principal. Returns true on success. + static bool CreateStoragePermissionKey(nsIPrincipal* aPrincipal, + nsACString& aKey); + + static void CreateStorageFramePermissionKey(const nsACString& aTrackingSite, + nsACString& aPermissionKey); + + // Given a principal, returns the per-frame storage permission key that will + // be used for the principal. Returns true on success. + static bool CreateStorageFramePermissionKey(nsIPrincipal* aPrincipal, + nsACString& aKey); + + // Given and embedded URI, returns the permission for allowing storage access + // requests from that URI's site. This permission is site-scoped in two ways: + // the principal it is stored under and the suffix built from aURI are both + // the Site rather than Origin. + static bool CreateStorageRequestPermissionKey(nsIURI* aURI, + nsACString& aPermissionKey); + + // Returns true if the permission passed in is a storage access permission + // for the passed in principal argument. + static bool IsStorageAccessPermission(nsIPermission* aPermission, + nsIPrincipal* aPrincipal); + + // Returns true if the storage permission is granted for the given principal + // and the storage permission key. + static bool CheckStoragePermission(nsIPrincipal* aPrincipal, + const nsAutoCString& aType, + bool aIsInPrivateBrowsing, + uint32_t* aRejectedReason, + uint32_t aBlockedReason); + + // Returns the number of sites that give this principal's origin storage + // access. + static Maybe CountSitesAllowStorageAccess(nsIPrincipal* aPrincipal); + + // Test whether or not there is a storage access permission in aTopPrincipal + // with secondary key for embedee aPrincipal. + static nsresult TestStoragePermissionInParent(nsIPrincipal* aTopPrincipal, + nsIPrincipal* aPrincipal, + uint32_t* aResult); + + // Returns the storage permission state for the given channel. And this is + // meant to be called in the parent process. This only reflects the fact that + // whether the channel has the storage permission. It doesn't take the window + // hierarchy into account. i.e. this will return + // nsILoadInfo::HasStoragePermission even for a nested iframe that has storage + // permission. + static nsILoadInfo::StoragePermissionState GetStoragePermissionStateInParent( + nsIChannel* aChannel); + + // Returns the toplevel inner window id, returns 0 if this is a toplevel + // window. + static uint64_t GetTopLevelAntiTrackingWindowId( + dom::BrowsingContext* aBrowsingContext); + + // Returns the parent inner window id, returns 0 if this or the parent are not + // a toplevel window. This is mainly used to determine the anti-tracking + // storage area. + static uint64_t GetTopLevelStorageAreaWindowId( + dom::BrowsingContext* aBrowsingContext); + + // Returns the principal of the given browsing context. + // This API should only be used either in child processes with an in-process + // browsing context or in the parent process. + static already_AddRefed GetPrincipal( + dom::BrowsingContext* aBrowsingContext); + + // Returns the principal of the given browsing context and tracking origin. + // This API should only be used either in child processes with an in-process + // browsing context or in the parent process. + static bool GetPrincipalAndTrackingOrigin( + dom::BrowsingContext* aBrowsingContext, nsIPrincipal** aPrincipal, + nsACString& aTrackingOrigin); + + // Retruns the cookie behavior of the given browsingContext, + // return BEHAVIOR_REJECT when fail. + static uint32_t GetCookieBehavior(dom::BrowsingContext* aBrowsingContext); + + // Returns the top-level global window parent. But we would stop at the + // content window which is loaded by addons and consider this window as a top. + // + // Note that this is the parent-process implementation of + // nsGlobalWindowOuter::GetTopExcludingExtensionAccessibleContentFrames + static already_AddRefed + GetTopWindowExcludingExtensionAccessibleContentFrames( + dom::CanonicalBrowsingContext* aBrowsingContext, nsIURI* aURIBeingLoaded); + + // Given a channel, compute and set the IsThirdPartyContextToTopWindow for + // this channel. This function is supposed to be called in the parent process. + static void ComputeIsThirdPartyToTopWindow(nsIChannel* aChannel); + + // Given a channel, this function determines if this channel is a third party. + // Note that this function also considers the top-level window. The channel + // will be considered as a third party only when it's a third party to both + // its parent and the top-level window. + static bool IsThirdPartyChannel(nsIChannel* aChannel); + + // Given a window and a URI, this function first determines if the window is + // third-party with respect to the URI. The function returns if it's true. + // Otherwise, it will continue to check if the window is third-party. + static bool IsThirdPartyWindow(nsPIDOMWindowInner* aWindow, nsIURI* aURI); + + // Given a Document, this function determines if this document + // is considered as a third party with respect to the top level context. + // This prefers to use the document's Channel's LoadInfo, but falls back to + // the BrowsingContext. + static bool IsThirdPartyDocument(dom::Document* aDocument); + + // Given a browsing context, this function determines if this browsing context + // is considered as a third party in respect to the top-level context. + static bool IsThirdPartyContext(dom::BrowsingContext* aBrowsingContext); + + static nsCString GrantedReasonToString( + ContentBlockingNotifier::StorageAccessPermissionGrantedReason aReason); + + /** + * This function updates all the fields used by anti-tracking when a channel + * is opened. We have to do this in the parent to access cross-origin info + * that is not exposed to child processes. + */ + static void UpdateAntiTrackingInfoForChannel(nsIChannel* aChannel); +}; + +} // namespace mozilla + +#endif // mozilla_antitrackingutils_h -- cgit v1.2.3