1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
|
/* -*- Mode: C++; tab-width: 8; indent-tabs-mode: nil; c-basic-offset: 2 -*- */
/* vim: set ts=8 sts=2 et sw=2 tw=80: */
/* This Source Code Form is subject to the terms of the Mozilla Public
* License, v. 2.0. If a copy of the MPL was not distributed with this file,
* You can obtain one at http://mozilla.org/MPL/2.0/. */
#ifndef mozilla_antitrackingutils_h
#define mozilla_antitrackingutils_h
#include "mozilla/AlreadyAddRefed.h"
#include "mozilla/Maybe.h"
#include "nsStringFwd.h"
#include "ContentBlockingNotifier.h"
#include "nsILoadInfo.h"
class nsPIDOMWindowInner;
class nsPIDOMWindowOuter;
class nsIChannel;
class nsIPermission;
class nsIPrincipal;
class nsIURI;
namespace mozilla {
namespace dom {
class BrowsingContext;
class CanonicalBrowsingContext;
class Document;
class WindowGlobalParent;
} // namespace dom
class AntiTrackingUtils final {
public:
static already_AddRefed<nsPIDOMWindowInner> GetInnerWindow(
dom::BrowsingContext* aBrowsingContext);
static already_AddRefed<nsPIDOMWindowOuter> GetTopWindow(
nsPIDOMWindowInner* aWindow);
// Get the current document URI from a document channel as it is being loaded.
static already_AddRefed<nsIURI> MaybeGetDocumentURIBeingLoaded(
nsIChannel* aChannel);
static void CreateStoragePermissionKey(const nsACString& aTrackingOrigin,
nsACString& aPermissionKey);
// Given a principal, returns the storage permission key that will be used for
// the principal. Returns true on success.
static bool CreateStoragePermissionKey(nsIPrincipal* aPrincipal,
nsACString& aKey);
static void CreateStorageFramePermissionKey(const nsACString& aTrackingSite,
nsACString& aPermissionKey);
// Given a principal, returns the per-frame storage permission key that will
// be used for the principal. Returns true on success.
static bool CreateStorageFramePermissionKey(nsIPrincipal* aPrincipal,
nsACString& aKey);
// Given and embedded URI, returns the permission for allowing storage access
// requests from that URI's site. This permission is site-scoped in two ways:
// the principal it is stored under and the suffix built from aURI are both
// the Site rather than Origin.
static bool CreateStorageRequestPermissionKey(nsIURI* aURI,
nsACString& aPermissionKey);
// Returns true if the permission passed in is a storage access permission
// for the passed in principal argument.
static bool IsStorageAccessPermission(nsIPermission* aPermission,
nsIPrincipal* aPrincipal);
// Returns true if the storage permission is granted for the given principal
// and the storage permission key.
static bool CheckStoragePermission(nsIPrincipal* aPrincipal,
const nsAutoCString& aType,
bool aIsInPrivateBrowsing,
uint32_t* aRejectedReason,
uint32_t aBlockedReason);
// Returns the number of sites that give this principal's origin storage
// access.
static Maybe<size_t> CountSitesAllowStorageAccess(nsIPrincipal* aPrincipal);
// Test whether or not there is a storage access permission in aTopPrincipal
// with secondary key for embedee aPrincipal.
static nsresult TestStoragePermissionInParent(nsIPrincipal* aTopPrincipal,
nsIPrincipal* aPrincipal,
uint32_t* aResult);
// Returns the storage permission state for the given channel. And this is
// meant to be called in the parent process. This only reflects the fact that
// whether the channel has the storage permission. It doesn't take the window
// hierarchy into account. i.e. this will return
// nsILoadInfo::HasStoragePermission even for a nested iframe that has storage
// permission.
static nsILoadInfo::StoragePermissionState GetStoragePermissionStateInParent(
nsIChannel* aChannel);
// Returns the toplevel inner window id, returns 0 if this is a toplevel
// window.
static uint64_t GetTopLevelAntiTrackingWindowId(
dom::BrowsingContext* aBrowsingContext);
// Returns the parent inner window id, returns 0 if this or the parent are not
// a toplevel window. This is mainly used to determine the anti-tracking
// storage area.
static uint64_t GetTopLevelStorageAreaWindowId(
dom::BrowsingContext* aBrowsingContext);
// Returns the principal of the given browsing context.
// This API should only be used either in child processes with an in-process
// browsing context or in the parent process.
static already_AddRefed<nsIPrincipal> GetPrincipal(
dom::BrowsingContext* aBrowsingContext);
// Returns the principal of the given browsing context and tracking origin.
// This API should only be used either in child processes with an in-process
// browsing context or in the parent process.
static bool GetPrincipalAndTrackingOrigin(
dom::BrowsingContext* aBrowsingContext, nsIPrincipal** aPrincipal,
nsACString& aTrackingOrigin);
// Retruns the cookie behavior of the given browsingContext,
// return BEHAVIOR_REJECT when fail.
static uint32_t GetCookieBehavior(dom::BrowsingContext* aBrowsingContext);
// Returns the top-level global window parent. But we would stop at the
// content window which is loaded by addons and consider this window as a top.
//
// Note that this is the parent-process implementation of
// nsGlobalWindowOuter::GetTopExcludingExtensionAccessibleContentFrames
static already_AddRefed<dom::WindowGlobalParent>
GetTopWindowExcludingExtensionAccessibleContentFrames(
dom::CanonicalBrowsingContext* aBrowsingContext, nsIURI* aURIBeingLoaded);
// Given a channel, compute and set the IsThirdPartyContextToTopWindow for
// this channel. This function is supposed to be called in the parent process.
static void ComputeIsThirdPartyToTopWindow(nsIChannel* aChannel);
// Given a channel, this function determines if this channel is a third party.
// Note that this function also considers the top-level window. The channel
// will be considered as a third party only when it's a third party to both
// its parent and the top-level window.
static bool IsThirdPartyChannel(nsIChannel* aChannel);
// Given a window and a URI, this function first determines if the window is
// third-party with respect to the URI. The function returns if it's true.
// Otherwise, it will continue to check if the window is third-party.
static bool IsThirdPartyWindow(nsPIDOMWindowInner* aWindow, nsIURI* aURI);
// Given a Document, this function determines if this document
// is considered as a third party with respect to the top level context.
// This prefers to use the document's Channel's LoadInfo, but falls back to
// the BrowsingContext.
static bool IsThirdPartyDocument(dom::Document* aDocument);
// Given a browsing context, this function determines if this browsing context
// is considered as a third party in respect to the top-level context.
static bool IsThirdPartyContext(dom::BrowsingContext* aBrowsingContext);
static nsCString GrantedReasonToString(
ContentBlockingNotifier::StorageAccessPermissionGrantedReason aReason);
/**
* This function updates all the fields used by anti-tracking when a channel
* is opened. We have to do this in the parent to access cross-origin info
* that is not exposed to child processes.
*/
static void UpdateAntiTrackingInfoForChannel(nsIChannel* aChannel);
};
} // namespace mozilla
#endif // mozilla_antitrackingutils_h
|