Bug 1848783, part 6 - Revoke has storage access when the permission i…

…s revoked - r=anti-tracking-reviewers,timhuang Differential Revision: https://phabricator.services.mozilla.com/D187287
dothq · Sep 20, 2023 · 7b66b30 · 7b66b30
1 parent aa4774d
commit 7b66b30
Show file tree

Hide file tree

Showing 7 changed files with 31 additions and 13 deletions.
diff --git a/dom/base/nsGlobalWindowInner.cpp b/dom/base/nsGlobalWindowInner.cpp
@@ -7461,7 +7461,7 @@ void nsGlobalWindowInner::ForgetSharedWorker(SharedWorker* aSharedWorker) {
   mSharedWorkers.RemoveElement(aSharedWorker);
 }
 
-void nsGlobalWindowInner::StorageAccessPermissionGranted() {
+void nsGlobalWindowInner::StorageAccessPermissionChanged() {
   // Invalidate cached StorageAllowed field so that calls to GetLocalStorage
   // give us the updated localStorage object.
   ClearStorageAllowedCache();
@@ -7649,7 +7649,16 @@ void nsPIDOMWindowInner::SaveStorageAccessPermissionGranted() {
     Unused << wc->SetUsingStorageAccess(true);
   }
 
-  nsGlobalWindowInner::Cast(this)->StorageAccessPermissionGranted();
+  nsGlobalWindowInner::Cast(this)->StorageAccessPermissionChanged();
+}
+
+void nsPIDOMWindowInner::SaveStorageAccessPermissionRevoked() {
+  WindowContext* wc = GetWindowContext();
+  if (wc) {
+    Unused << wc->SetUsingStorageAccess(false);
+  }
+
+  nsGlobalWindowInner::Cast(this)->StorageAccessPermissionChanged();
 }
 
 bool nsPIDOMWindowInner::UsingStorageAccess() {

diff --git a/dom/base/nsGlobalWindowInner.h b/dom/base/nsGlobalWindowInner.h
@@ -1097,9 +1097,9 @@ class nsGlobalWindowInner final : public mozilla::dom::EventTarget,
   nsIPrincipal* GetClientPrincipal();
 
   // This method is called if this window loads a 3rd party tracking resource
-  // and the storage is just been granted. The window can reset the partitioned
+  // and the storage is just been changed. The window can reset the partitioned
   // storage objects and switch to the first party cookie jar.
-  void StorageAccessPermissionGranted();
+  void StorageAccessPermissionChanged();
 
  protected:
   static void NotifyDOMWindowDestroyed(nsGlobalWindowInner* aWindow);

diff --git a/dom/base/nsPIDOMWindow.h b/dom/base/nsPIDOMWindow.h
@@ -639,6 +639,7 @@ class nsPIDOMWindowInner : public mozIDOMWindow {
       mozilla::TaskCategory aCategory) const = 0;
 
   void SaveStorageAccessPermissionGranted();
+  void SaveStorageAccessPermissionRevoked();
 
   bool UsingStorageAccess();
 

diff --git a/dom/ipc/PWindowGlobal.ipdl b/dom/ipc/PWindowGlobal.ipdl
@@ -220,7 +220,7 @@ parent:
                                       CookieStruct[] cookies);
 
 child:
-  async NotifyPermissionChange(nsCString type);
+  async NotifyPermissionChange(nsCString type, uint32_t permission);
 };
 
 } // namespace dom

diff --git a/dom/ipc/WindowGlobalChild.cpp b/dom/ipc/WindowGlobalChild.cpp
@@ -549,15 +549,22 @@ IPCResult WindowGlobalChild::RecvRawMessage(
   return IPC_OK();
 }
 
-IPCResult WindowGlobalChild::RecvNotifyPermissionChange(
-    const nsCString& aType) {
+IPCResult WindowGlobalChild::RecvNotifyPermissionChange(const nsCString& aType,
+                                                        uint32_t aPermission) {
   nsCOMPtr<nsIObserverService> observerService = services::GetObserverService();
   NS_ENSURE_TRUE(observerService,
                  IPC_FAIL(this, "Failed to get observer service"));
   nsPIDOMWindowInner* notifyTarget =
       static_cast<nsPIDOMWindowInner*>(this->GetWindowGlobal());
   observerService->NotifyObservers(notifyTarget, "perm-changed-notify-only",
                                    NS_ConvertUTF8toUTF16(aType).get());
+  // We only need to handle the revoked permission case here. The permission
+  // grant case is handled via the Storage Access API code.
+  if (this->GetWindowGlobal() &&
+      this->GetWindowGlobal()->UsingStorageAccess() &&
+      aPermission != nsIPermissionManager::ALLOW_ACTION) {
+    this->GetWindowGlobal()->SaveStorageAccessPermissionRevoked();
+  }
   return IPC_OK();
 }
 

diff --git a/dom/ipc/WindowGlobalChild.h b/dom/ipc/WindowGlobalChild.h
@@ -201,7 +201,8 @@ class WindowGlobalChild final : public WindowGlobalActor,
       dom::SessionStoreRestoreData* aData,
       RestoreTabContentResolver&& aResolve);
 
-  mozilla::ipc::IPCResult RecvNotifyPermissionChange(const nsCString& aType);
+  mozilla::ipc::IPCResult RecvNotifyPermissionChange(const nsCString& aType,
+                                                     uint32_t aPermission);
 
   virtual void ActorDestroy(ActorDestroyReason aWhy) override;
 

diff --git a/extensions/permissions/PermissionManager.cpp b/extensions/permissions/PermissionManager.cpp
@@ -604,8 +604,8 @@ bool IsPersistentExpire(uint32_t aExpire, const nsACString& aType) {
 }
 
 nsresult NotifySecondaryKeyPermissionUpdateInContentProcess(
-    const nsACString& aType, const nsACString& aSecondaryKey,
-    nsIPrincipal* aTopPrincipal) {
+    const nsACString& aType, uint32_t aPermission,
+    const nsACString& aSecondaryKey, nsIPrincipal* aTopPrincipal) {
   NS_ENSURE_ARG_POINTER(aTopPrincipal);
   MOZ_ASSERT(XRE_IsParentProcess());
   AutoTArray<RefPtr<BrowsingContextGroup>, 5> bcGroups;
@@ -636,7 +636,7 @@ nsresult NotifySecondaryKeyPermissionUpdateInContentProcess(
             if (!wgp) {
               continue;
             }
-            bool success = wgp->SendNotifyPermissionChange(aType);
+            bool success = wgp->SendNotifyPermissionChange(aType, aPermission);
             Unused << NS_WARN_IF(!success);
           }
         }
@@ -1833,8 +1833,8 @@ nsresult PermissionManager::AddInternal(
     nsAutoCString secondaryKey;
     isSecondaryKeyed = GetSecondaryKey(aType, secondaryKey);
     if (isSecondaryKeyed) {
-      NotifySecondaryKeyPermissionUpdateInContentProcess(aType, secondaryKey,
-                                                         aPrincipal);
+      NotifySecondaryKeyPermissionUpdateInContentProcess(
+          aType, aPermission, secondaryKey, aPrincipal);
     }
 
     nsTArray<ContentParent*> cplist;