Bug 1152899 - Disallow the interception of third-party iframes using service workers when the third-party cookie preference is set. r=smaug,baku

docshell/base/nsDocShell.cpp

@@ -200,6 +200,12 @@
 #include "nsIBrowserSearchService.h"
 #endif
 
+#include "mozIThirdPartyUtil.h"
+// Values for the network.cookie.cookieBehavior pref are documented in
+// nsCookieService.cpp
+#define COOKIE_BEHAVIOR_ACCEPT 0 // Allow all cookies.
+#define COOKIE_BEHAVIOR_REJECT_FOREIGN 1 // Reject all third-party cookies.
+
 static NS_DEFINE_CID(kAppShellCID, NS_APPSHELL_CID);
 
 #if defined(DEBUG_bryner) || defined(DEBUG_chb)
@@ -14051,6 +14057,32 @@ nsDocShell::ShouldPrepareForIntercept(nsIURI* aURI, bool aIsNavigate,
     return NS_OK;
   }
 
+  nsresult result;
+  nsCOMPtr<mozIThirdPartyUtil> thirdPartyUtil =
+    do_GetService(THIRDPARTYUTIL_CONTRACTID, &result);
+  NS_ENSURE_SUCCESS(result, result);
+
+  if (mCurrentURI) {
+    nsAutoCString uriSpec;
+    mCurrentURI->GetSpec(uriSpec);
+    if (!(uriSpec.EqualsLiteral("about:blank"))) {
+      // Reject the interception of third-party iframes if the cookie behaviour
+      // is set to reject all third-party cookies (1). In case that this pref
+      // is not set or can't be read, we default to allow all cookies (0) as
+      // this is the default value in all.js.
+      bool isThirdPartyURI = true;
+      result = thirdPartyUtil->IsThirdPartyURI(mCurrentURI, aURI,
+                                               &isThirdPartyURI);
+      NS_ENSURE_SUCCESS(result, result);
+      if (isThirdPartyURI &&
+          (Preferences::GetInt("network.cookie.cookieBehavior",
+                               COOKIE_BEHAVIOR_ACCEPT) ==
+                               COOKIE_BEHAVIOR_REJECT_FOREIGN)) {
+        return NS_OK;
+      }
+    }
+  }
+
   if (aIsNavigate) {
     OriginAttributes attrs(GetAppId(), GetIsInBrowserElement());
     *aShouldIntercept = swm->IsAvailable(attrs, aURI);

dom/workers/test/serviceworkers/mochitest.ini

@@ -129,6 +129,11 @@ support-files =
   strict_mode_error.js
   skip_waiting_installed_worker.js
   skip_waiting_scope/index.html
+  thirdparty/iframe1.html
+  thirdparty/iframe2.html
+  thirdparty/register.html
+  thirdparty/unregister.html
+  thirdparty/sw.js
 
 [test_unregister.html]
 [test_installation_simple.html]
@@ -167,6 +172,7 @@ support-files =
 [test_sanitize_domain.html]
 [test_service_worker_allowed.html]
 [test_app_protocol.html]
+[test_third_party_iframes.html]
 [test_claim_fetch.html]
 [test_force_refresh.html]
 [test_skip_waiting.html]

dom/workers/test/serviceworkers/test_third_party_iframes.html

@@ -0,0 +1,174 @@
+<!--
+  Any copyright is dedicated to the Public Domain.
+  http://creativecommons.org/publicdomain/zero/1.0/
+-->
+<!DOCTYPE HTML>
+<html>
+<head>
+  <meta http-equiv="Content-type" content="text/html;charset=UTF-8">
+  <title>Bug 1152899 - Disallow the interception of third-party iframes using service workers when the third-party cookie preference is set</title>
+  <script type="text/javascript" src="/tests/SimpleTest/SimpleTest.js"></script>
+  <link rel="stylesheet" type="text/css" href="/tests/SimpleTest/test.css" />
+</head>
+<body>
+<p id="display"></p>
+<div id="content" style="display: none">
+<iframe></iframe>
+</div>
+<pre id="test"></pre>
+<script class="testbody" type="text/javascript;version=1.7">
+
+SimpleTest.waitForExplicitFinish();
+
+let index = 0;
+function next() {
+  info("Step " + index);
+  if (index >= steps.length) {
+    SimpleTest.finish();
+    return;
+  }
+  try {
+    let i = index++;
+    steps[i]();
+  } catch(ex) {
+    ok(false, "Caught exception", ex);
+  }
+}
+
+onload = next;
+
+let iframe;
+let basePath = "/tests/dom/workers/test/serviceworkers/thirdparty/";
+let origin = window.location.protocol + "//" + window.location.host;
+let thirdPartyOrigin = "https://example.com";
+
+function testIframeLoaded() {
+  ok(true, "Iframe loaded");
+  iframe.removeEventListener("load", testIframeLoaded);
+  let message = {
+    source: "parent",
+    href: origin + basePath + "iframe2.html"
+  };
+  iframe.contentWindow.postMessage(message.toSource(), "*");
+}
+
+function loadThirdPartyIframe() {
+  let message = {
+    source: "parent",
+    href: thirdPartyOrigin + basePath + "iframe2.html"
+  }
+  iframe.contentWindow.postMessage(message.toSource(), "*");
+}
+
+function runTest(aExpectedResponses) {
+  iframe = document.querySelector("iframe");
+  iframe.src = thirdPartyOrigin + basePath + "register.html";
+  let responsesIndex = 0;
+  window.onmessage = function(e) {
+    let status = e.data.status;
+    let expected = aExpectedResponses[responsesIndex];
+    if (status == expected.status) {
+      ok(true, "Received expected " + expected.status);
+      if (expected.next) {
+        expected.next();
+      }
+    } else {
+      ok(false, "Expected " + expected.status + " got " + status);
+    }
+    responsesIndex++;
+  };
+}
+
+function testShouldIntercept(done) {
+  runTest([{
+    status: "ok"
+  }, {
+    status: "registrationdone",
+    next: function() {
+      iframe.addEventListener("load", testIframeLoaded);
+      iframe.src = origin + basePath + "iframe1.html";
+    }
+  }, {
+    status: "networkresponse",
+    next: loadThirdPartyIframe
+  }, {
+    status: "swresponse",
+    next: function() {
+      iframe.src = origin + basePath + "unregister.html";
+    }
+  }, {
+    status: "unregistrationdone",
+    next: function() {
+      window.onmessage = null;
+      ok(true, "Test finished successfully");
+      done();
+    }
+  }]);
+}
+
+function testShouldNotIntercept(done) {
+  runTest([{
+    status: "ok"
+  }, {
+    status: "registrationdone",
+    next: function() {
+      iframe.addEventListener("load", testIframeLoaded);
+      iframe.src = origin + basePath + "iframe1.html";
+    }
+  }, {
+    status: "networkresponse",
+    next: loadThirdPartyIframe
+  }, {
+    status: "networkresponse",
+    next: function() {
+      iframe.src = origin + basePath + "unregister.html";
+    }
+  }, {
+    status: "unregistrationdone",
+    next: function() {
+      window.onmessage = null;
+      ok(true, "Test finished successfully");
+      done();
+    }
+  }]);
+}
+
+const COOKIE_BEHAVIOR_ACCEPT        = 0;
+const COOKIE_BEHAVIOR_REJECTFOREIGN = 1;
+const COOKIE_BEHAVIOR_REJECT        = 2;
+const COOKIE_BEHAVIOR_LIMITFOREIGN  = 3;
+
+let steps = [() => {
+  SpecialPowers.pushPrefEnv({"set": [
+    ["dom.serviceWorkers.exemptFromPerDomainMax", true],
+    ["dom.serviceWorkers.enabled", true],
+    ["dom.serviceWorkers.testing.enabled", true],
+    ["browser.dom.window.dump.enabled", true],
+    ["network.cookie.cookieBehavior", COOKIE_BEHAVIOR_ACCEPT]
+  ]}, next);
+}, () => {
+  testShouldIntercept(next);
+}, () => {
+  SpecialPowers.pushPrefEnv({"set": [
+    ["network.cookie.cookieBehavior", COOKIE_BEHAVIOR_REJECTFOREIGN]
+  ]}, next);
+}, () => {
+  testShouldNotIntercept(next);
+}, () => {
+  SpecialPowers.pushPrefEnv({"set": [
+    ["network.cookie.cookieBehavior", COOKIE_BEHAVIOR_REJECT]
+  ]}, next);
+}, () => {
+  testShouldIntercept(next);
+}, () => {
+  SpecialPowers.pushPrefEnv({"set": [
+    ["network.cookie.cookieBehavior", COOKIE_BEHAVIOR_LIMITFOREIGN]
+  ]}, next);
+}, () => {
+  testShouldIntercept(next);
+}];
+
+</script>
+</pre>
+</body>
+</html>

dom/workers/test/serviceworkers/thirdparty/iframe1.html

@@ -0,0 +1,30 @@
+<!--
+  Any copyright is dedicated to the Public Domain.
+  http://creativecommons.org/publicdomain/zero/1.0/
+-->
+<html>
+<head>
+  <meta http-equiv="Content-type" content="text/html;charset=UTF-8">
+  <title>SW third party iframe test</title>
+
+  <script type="text/javascript;version=1.7">
+    function messageListener(event) {
+      let message = eval(event.data);
+
+      dump("got message " + JSON.stringify(message) + "\n");
+      if (message.source == "parent") {
+        document.getElementById("iframe2").src = message.href;
+      }
+      else if (message.source == "iframe") {
+        parent.postMessage(event.data, "*");
+      }
+    }
+  </script>
+
+</head>
+
+<body onload="window.addEventListener('message', messageListener, false);">
+  <iframe id="iframe2"></iframe>
+</body>
+
+</html>

dom/workers/test/serviceworkers/thirdparty/iframe2.html

@@ -0,0 +1,7 @@
+<!DOCTYPE html>
+<script>
+  window.parent.postMessage({
+    source: "iframe",
+    status: "networkresponse"
+  }, "*");
+</script>

dom/workers/test/serviceworkers/thirdparty/register.html

@@ -0,0 +1,27 @@
+<!DOCTYPE html>
+<script>
+  function ok(v, msg) {
+    window.parent.postMessage({status: "ok", result: !!v, message: msg}, "*");
+  }
+
+  var isDone = false;
+  function done(reg) {
+    if (!isDone) {
+      ok(reg.waiting || reg.active,
+         "Either active or waiting worker should be available.");
+      window.parent.postMessage({status: "registrationdone"}, "*");
+      isDone = true;
+    }
+  }
+
+  navigator.serviceWorker.register("sw.js", {scope: "."})
+    .then(function(registration) {
+      if (registration.installing) {
+        registration.installing.onstatechange = function(e) {
+          done(registration);
+        };
+      } else {
+        done(registration);
+      }
+    });
+</script>

dom/workers/test/serviceworkers/thirdparty/sw.js

@@ -0,0 +1,14 @@
+self.addEventListener("fetch", function(event) {
+  dump("fetch " + event.request.url + "\n");
+  if (event.request.url.indexOf("iframe2.html") >= 0) {
+    var body =
+      "<script>" +
+        "window.parent.postMessage({" +
+          "source: 'iframe', status: 'swresponse'" +
+        "}, '*');" +
+      "</script>";
+    event.respondWith(new Response(body, {
+      headers: {'Content-Type': 'text/html'}
+    }));
+  }
+});

dom/workers/test/serviceworkers/thirdparty/unregister.html

@@ -0,0 +1,12 @@
+<!DOCTYPE html>
+<script>
+  navigator.serviceWorker.getRegistration(".").then(function(registration) {
+    if(!registration) {
+      window.parent.postMessage({status: "unregistrationdone"}, "*");
+      return;
+    }
+    registration.unregister().then(() => {
+      window.parent.postMessage({status: "unregistrationdone"}, "*");
+    });
+  });
+</script>