3 files changed, 404 insertions, 0 deletions
diff --git a/toolkit/components/clearsitedata/ClearSiteData.cpp b/toolkit/components/clearsitedata/ClearSiteData.cpp
new file mode 100644
index 0000000000..2ce6734f74
--- /dev/null
+++ b/toolkit/components/clearsitedata/ClearSiteData.cpp
@@ -0,0 +1,315 @@
+/* -*- Mode: C++; tab-width: 8; indent-tabs-mode: nil; c-basic-offset: 2 -*- */
+/* vim: set ts=8 sts=2 et sw=2 tw=80: */
+/* This Source Code Form is subject to the terms of the Mozilla Public
+ * License, v. 2.0. If a copy of the MPL was not distributed with this file,
+ * You can obtain one at http://mozilla.org/MPL/2.0/. */
+
+#include "ClearSiteData.h"
+
+#include "mozilla/net/HttpBaseChannel.h"
+#include "mozilla/OriginAttributes.h"
+#include "mozilla/Preferences.h"
+#include "mozilla/Services.h"
+#include "mozilla/Unused.h"
+#include "nsASCIIMask.h"
+#include "nsCharSeparatedTokenizer.h"
+#include "nsContentSecurityManager.h"
+#include "nsContentUtils.h"
+#include "nsIClearDataService.h"
+#include "nsIHttpChannel.h"
+#include "nsIHttpProtocolHandler.h"
+#include "nsIObserverService.h"
+#include "nsIPrincipal.h"
+#include "nsIScriptError.h"
+#include "nsIScriptSecurityManager.h"
+#include "nsNetUtil.h"
+
+using namespace mozilla;
+
+namespace {
+
+StaticRefPtr<ClearSiteData> gClearSiteData;
+
+}  // namespace
+
+// This object is used to suspend/resume the channel.
+class ClearSiteData::PendingCleanupHolder final : public nsIClearDataCallback {
+ public:
+  NS_DECL_ISUPPORTS
+
+  explicit PendingCleanupHolder(nsIHttpChannel* aChannel)
+      : mChannel(aChannel), mPendingOp(false) {}
+
+  nsresult Start() {
+    MOZ_ASSERT(!mPendingOp);
+    nsresult rv = mChannel->Suspend();
+    if (NS_WARN_IF(NS_FAILED(rv))) {
+      return rv;
+    }
+
+    mPendingOp = true;
+    return NS_OK;
+  }
+
+  // nsIClearDataCallback interface
+
+  NS_IMETHOD
+  OnDataDeleted(uint32_t aFailedFlags) override {
+    MOZ_ASSERT(mPendingOp);
+    mPendingOp = false;
+
+    mChannel->Resume();
+    mChannel = nullptr;
+
+    return NS_OK;
+  }
+
+ private:
+  ~PendingCleanupHolder() {
+    if (mPendingOp) {
+      mChannel->Resume();
+    }
+  }
+
+  nsCOMPtr<nsIHttpChannel> mChannel;
+  bool mPendingOp;
+};
+
+NS_INTERFACE_MAP_BEGIN(ClearSiteData::PendingCleanupHolder)
+  NS_INTERFACE_MAP_ENTRY_AMBIGUOUS(nsISupports, nsIClearDataCallback)
+  NS_INTERFACE_MAP_ENTRY(nsIClearDataCallback)
+NS_INTERFACE_MAP_END
+
+NS_IMPL_ADDREF(ClearSiteData::PendingCleanupHolder)
+NS_IMPL_RELEASE(ClearSiteData::PendingCleanupHolder)
+
+/* static */
+void ClearSiteData::Initialize() {
+  MOZ_ASSERT(!gClearSiteData);
+  MOZ_ASSERT(NS_IsMainThread());
+
+  if (!XRE_IsParentProcess()) {
+    return;
+  }
+
+  RefPtr<ClearSiteData> service = new ClearSiteData();
+
+  nsCOMPtr<nsIObserverService> obs = services::GetObserverService();
+  if (NS_WARN_IF(!obs)) {
+    return;
+  }
+
+  obs->AddObserver(service, NS_HTTP_ON_EXAMINE_RESPONSE_TOPIC, false);
+  obs->AddObserver(service, NS_XPCOM_SHUTDOWN_OBSERVER_ID, false);
+  gClearSiteData = service;
+}
+
+/* static */
+void ClearSiteData::Shutdown() {
+  MOZ_ASSERT(NS_IsMainThread());
+
+  if (!gClearSiteData) {
+    return;
+  }
+
+  RefPtr<ClearSiteData> service = gClearSiteData;
+  gClearSiteData = nullptr;
+
+  nsCOMPtr<nsIObserverService> obs = services::GetObserverService();
+  if (NS_WARN_IF(!obs)) {
+    return;
+  }
+
+  obs->RemoveObserver(service, NS_HTTP_ON_EXAMINE_RESPONSE_TOPIC);
+  obs->RemoveObserver(service, NS_XPCOM_SHUTDOWN_OBSERVER_ID);
+}
+
+ClearSiteData::ClearSiteData() = default;
+ClearSiteData::~ClearSiteData() = default;
+
+NS_IMETHODIMP
+ClearSiteData::Observe(nsISupports* aSubject, const char* aTopic,
+                       const char16_t* aData) {
+  if (!strcmp(aTopic, NS_XPCOM_SHUTDOWN_OBSERVER_ID)) {
+    Shutdown();
+    return NS_OK;
+  }
+
+  MOZ_ASSERT(!strcmp(aTopic, NS_HTTP_ON_EXAMINE_RESPONSE_TOPIC));
+
+  nsCOMPtr<nsIHttpChannel> channel = do_QueryInterface(aSubject);
+  if (NS_WARN_IF(!channel)) {
+    return NS_OK;
+  }
+
+  ClearDataFromChannel(channel);
+  return NS_OK;
+}
+
+void ClearSiteData::ClearDataFromChannel(nsIHttpChannel* aChannel) {
+  MOZ_ASSERT(aChannel);
+
+  nsresult rv;
+  nsCOMPtr<nsIURI> uri;
+
+  nsIScriptSecurityManager* ssm = nsContentUtils::GetSecurityManager();
+  if (NS_WARN_IF(!ssm)) {
+    return;
+  }
+
+  nsCOMPtr<nsIPrincipal> principal;
+  rv = ssm->GetChannelResultStoragePrincipal(aChannel,
+                                             getter_AddRefs(principal));
+  if (NS_WARN_IF(NS_FAILED(rv) || !principal)) {
+    return;
+  }
+
+  bool secure = principal->GetIsOriginPotentiallyTrustworthy();
+  if (NS_WARN_IF(NS_FAILED(rv)) || !secure) {
+    return;
+  }
+
+  // We want to use the final URI to check if Clear-Site-Data should be allowed
+  // or not.
+  rv = aChannel->GetURI(getter_AddRefs(uri));
+  if (NS_WARN_IF(NS_FAILED(rv))) {
+    return;
+  }
+
+  uint32_t flags = ParseHeader(aChannel, uri);
+  if (flags == 0) {
+    // Nothing to do.
+    return;
+  }
+
+  int32_t cleanFlags = 0;
+  RefPtr<PendingCleanupHolder> holder = new PendingCleanupHolder(aChannel);
+
+  if (flags & eCookies) {
+    LogOpToConsole(aChannel, uri, eCookies);
+    cleanFlags |= nsIClearDataService::CLEAR_COOKIES;
+  }
+
+  if (flags & eStorage) {
+    LogOpToConsole(aChannel, uri, eStorage);
+    cleanFlags |= nsIClearDataService::CLEAR_DOM_STORAGES;
+  }
+
+  if (cleanFlags) {
+    nsCOMPtr<nsIClearDataService> csd =
+        do_GetService("@mozilla.org/clear-data-service;1");
+    MOZ_ASSERT(csd);
+
+    rv = holder->Start();
+    if (NS_WARN_IF(NS_FAILED(rv))) {
+      return;
+    }
+
+    rv = csd->DeleteDataFromPrincipal(principal, false /* user request */,
+                                      cleanFlags, holder);
+    if (NS_WARN_IF(NS_FAILED(rv))) {
+      return;
+    }
+  }
+}
+
+uint32_t ClearSiteData::ParseHeader(nsIHttpChannel* aChannel,
+                                    nsIURI* aURI) const {
+  MOZ_ASSERT(aChannel);
+
+  nsAutoCString headerValue;
+  nsresult rv = aChannel->GetResponseHeader("Clear-Site-Data"_ns, headerValue);
+  if (NS_FAILED(rv)) {
+    return 0;
+  }
+
+  uint32_t flags = 0;
+
+  for (auto value : nsCCharSeparatedTokenizer(headerValue, ',').ToRange()) {
+    // XXX This seems unnecessary, since the tokenizer already strips whitespace
+    // around tokens.
+    value.StripTaggedASCII(mozilla::ASCIIMask::MaskWhitespace());
+
+    if (value.EqualsLiteral("\"cookies\"")) {
+      flags |= eCookies;
+      continue;
+    }
+
+    if (value.EqualsLiteral("\"storage\"")) {
+      flags |= eStorage;
+      continue;
+    }
+
+    if (value.EqualsLiteral("\"*\"")) {
+      flags = eCookies | eStorage;
+      break;
+    }
+
+    LogErrorToConsole(aChannel, aURI, value);
+  }
+
+  return flags;
+}
+
+void ClearSiteData::LogOpToConsole(nsIHttpChannel* aChannel, nsIURI* aURI,
+                                   Type aType) const {
+  nsAutoString type;
+  TypeToString(aType, type);
+
+  nsTArray<nsString> params;
+  params.AppendElement(type);
+
+  LogToConsoleInternal(aChannel, aURI, "RunningClearSiteDataValue", params);
+}
+
+void ClearSiteData::LogErrorToConsole(nsIHttpChannel* aChannel, nsIURI* aURI,
+                                      const nsACString& aUnknownType) const {
+  nsTArray<nsString> params;
+  params.AppendElement(NS_ConvertUTF8toUTF16(aUnknownType));
+
+  LogToConsoleInternal(aChannel, aURI, "UnknownClearSiteDataValue", params);
+}
+
+void ClearSiteData::LogToConsoleInternal(
+    nsIHttpChannel* aChannel, nsIURI* aURI, const char* aMsg,
+    const nsTArray<nsString>& aParams) const {
+  MOZ_ASSERT(aChannel);
+
+  nsCOMPtr<net::HttpBaseChannel> httpChannel = do_QueryInterface(aChannel);
+  if (!httpChannel) {
+    return;
+  }
+
+  nsAutoCString uri;
+  nsresult rv = aURI->GetSpec(uri);
+  if (NS_WARN_IF(NS_FAILED(rv))) {
+    return;
+  }
+
+  httpChannel->AddConsoleReport(nsIScriptError::infoFlag, "Clear-Site-Data"_ns,
+                                nsContentUtils::eSECURITY_PROPERTIES, uri, 0, 0,
+                                nsDependentCString(aMsg), aParams);
+}
+
+void ClearSiteData::TypeToString(Type aType, nsAString& aStr) const {
+  switch (aType) {
+    case eCookies:
+      aStr.AssignLiteral("cookies");
+      break;
+
+    case eStorage:
+      aStr.AssignLiteral("storage");
+      break;
+
+    default:
+      MOZ_CRASH("Unknown type.");
+  }
+}
+
+NS_INTERFACE_MAP_BEGIN(ClearSiteData)
+  NS_INTERFACE_MAP_ENTRY_AMBIGUOUS(nsISupports, nsIObserver)
+  NS_INTERFACE_MAP_ENTRY(nsIObserver)
+NS_INTERFACE_MAP_END
+
+NS_IMPL_ADDREF(ClearSiteData)
+NS_IMPL_RELEASE(ClearSiteData)
diff --git a/toolkit/components/clearsitedata/ClearSiteData.h b/toolkit/components/clearsitedata/ClearSiteData.h
new file mode 100644
index 0000000000..3cc18e4603
--- /dev/null
+++ b/toolkit/components/clearsitedata/ClearSiteData.h
@@ -0,0 +1,64 @@
+/* -*- Mode: C++; tab-width: 8; indent-tabs-mode: nil; c-basic-offset: 2 -*- */
+/* vim: set ts=8 sts=2 et sw=2 tw=80: */
+/* This Source Code Form is subject to the terms of the Mozilla Public
+ * License, v. 2.0. If a copy of the MPL was not distributed with this file,
+ * You can obtain one at http://mozilla.org/MPL/2.0/. */
+
+#ifndef mozilla_clearsitedata_h
+#define mozilla_clearsitedata_h
+
+#include "nsIObserver.h"
+#include "nsTArray.h"
+
+class nsIHttpChannel;
+class nsIPrincipal;
+class nsIURI;
+
+namespace mozilla {
+
+class ClearSiteData final : public nsIObserver {
+ public:
+  NS_DECL_ISUPPORTS
+  NS_DECL_NSIOBSERVER
+
+  static void Initialize();
+
+ private:
+  ClearSiteData();
+  ~ClearSiteData();
+
+  static void Shutdown();
+
+  class PendingCleanupHolder;
+
+  // Starts the cleanup if the channel contains the Clear-Site-Data header and
+  // if the URI is secure.
+  void ClearDataFromChannel(nsIHttpChannel* aChannel);
+
+  // From the Clear-Site-Data header, it returns a bitmap with Type values.
+  uint32_t ParseHeader(nsIHttpChannel* aChannel, nsIURI* aURI) const;
+
+  enum Type {
+    eCookies = 0x02,
+    eStorage = 0x04,
+  };
+
+  // This method writes a console message when a cleanup operation is going to
+  // be executed.
+  void LogOpToConsole(nsIHttpChannel* aChannel, nsIURI* aURI, Type aType) const;
+
+  // Logging of an unknown type value.
+  void LogErrorToConsole(nsIHttpChannel* aChannel, nsIURI* aURI,
+                         const nsACString& aUnknownType) const;
+
+  void LogToConsoleInternal(nsIHttpChannel* aChannel, nsIURI* aURI,
+                            const char* aMsg,
+                            const nsTArray<nsString>& aParams) const;
+
+  // This method converts a Type to the corrisponding string format.
+  void TypeToString(Type aType, nsAString& aStr) const;
+};
+
+}  // namespace mozilla
+
+#endif  // mozilla_clearsitedata_h
diff --git a/toolkit/components/clearsitedata/moz.build b/toolkit/components/clearsitedata/moz.build
new file mode 100644
index 0000000000..3d57093466
--- /dev/null
+++ b/toolkit/components/clearsitedata/moz.build
@@ -0,0 +1,25 @@
+# -*- Mode: python; indent-tabs-mode: nil; tab-width: 40 -*-
+# vim: set filetype=python:
+# This Source Code Form is subject to the terms of the Mozilla Public
+# License, v. 2.0. If a copy of the MPL was not distributed with this
+# file, You can obtain one at http://mozilla.org/MPL/2.0/.
+
+EXPORTS.mozilla = [
+    "ClearSiteData.h",
+]
+
+UNIFIED_SOURCES += [
+    "ClearSiteData.cpp",
+]
+
+LOCAL_INCLUDES += [
+    "/netwerk/base",
+    "/netwerk/protocol/http",
+]
+
+include("/ipc/chromium/chromium-config.mozbuild")
+
+with Files("**"):
+    BUG_COMPONENT = ("Toolkit", "Data Sanitization")
+
+FINAL_LIBRARY = "xul"