Bug 897516 - Implement a separate cookie jar for safebrowsing - cookie separation part. r=mmc

2024-09-13 09:24:08 -07:00 · 2013-08-19 12:31:24 -07:00 · 2013-08-19 12:31:24 -07:00 · b078ce3073
commit b078ce3073
parent f3411c98be
6 changed files with 54 additions and 2 deletions
--- a/caps/idl/nsIScriptSecurityManager.idl
+++ b/caps/idl/nsIScriptSecurityManager.idl
@ -227,6 +227,7 @@ interface nsIScriptSecurityManager : nsIXPCSecurityManager

    const unsigned long NO_APP_ID = 0;
    const unsigned long UNKNOWN_APP_ID = 4294967295; // UINT32_MAX
+    const unsigned long SAFEBROWSING_APP_ID = 4294967294; // UINT32_MAX - 1

    /**
     * Returns the jar prefix for the app.
--- a/docshell/base/LoadContext.cpp
+++ b/docshell/base/LoadContext.cpp
@ -8,7 +8,7 @@

 namespace mozilla {

-NS_IMPL_ISUPPORTS1(LoadContext, nsILoadContext)
+NS_IMPL_ISUPPORTS2(LoadContext, nsILoadContext, nsIInterfaceRequestor)

 //-----------------------------------------------------------------------------
 // LoadContext::nsILoadContext
@ -111,4 +111,22 @@ LoadContext::GetAppId(uint32_t* aAppId)
  return NS_OK;
 }

+//-----------------------------------------------------------------------------
+// LoadContext::nsIInterfaceRequestor
+//-----------------------------------------------------------------------------
+NS_IMETHODIMP
+LoadContext::GetInterface(const nsIID &aIID, void **aResult)
+{
+  NS_ENSURE_ARG_POINTER(aResult);
+  *aResult = nullptr;
+
+  if (aIID.Equals(NS_GET_IID(nsILoadContext))) {
+    *aResult = static_cast<nsILoadContext*>(this);
+    NS_ADDREF_THIS();
+    return NS_OK;
+  }
+
+  return NS_NOINTERFACE;
+}
+
 } // namespace mozilla
--- a/docshell/base/LoadContext.h
+++ b/docshell/base/LoadContext.h
@ -11,6 +11,7 @@
 #include "mozilla/Attributes.h"
 #include "nsIWeakReferenceUtils.h"
 #include "mozilla/dom/Element.h"
+#include "nsIInterfaceRequestor.h"

 class mozIApplication;

@ -24,13 +25,18 @@ namespace mozilla {
 * typically provided by nsDocShell.  This is only used when the original
 * docshell is in a different process and we need to copy certain values from
 * it.
+ *
+ * Note: we also generate a new nsILoadContext using LoadContext(uint32_t aAppId)
+ * to separate the safebrowsing cookie.
 */

-class LoadContext MOZ_FINAL : public nsILoadContext
+class LoadContext MOZ_FINAL : public nsILoadContext,
+                              public nsIInterfaceRequestor
 {
 public:
  NS_DECL_ISUPPORTS
  NS_DECL_NSILOADCONTEXT
+  NS_DECL_NSIINTERFACEREQUESTOR

  // AppId/inBrowser arguments override those in SerializedLoadContext provided
  // by child process.
@ -47,6 +53,18 @@ public:
 #endif
  {}

+  // Constructor taking reserved appId for the safebrowsing cookie.
+  LoadContext(uint32_t aAppId)
+    : mTopFrameElement(nullptr)
+    , mAppId(aAppId)
+    , mIsContent(false)
+    , mUsePrivateBrowsing(false)
+    , mIsInBrowserElement(false)
+#ifdef DEBUG
+    , mIsNotNull(true)
+#endif
+  {}
+
 private:
  nsWeakPtr     mTopFrameElement;
  uint32_t      mAppId;
--- a/netwerk/base/public/nsNetUtil.h
+++ b/netwerk/base/public/nsNetUtil.h
@ -1354,6 +1354,8 @@ NS_UsePrivateBrowsing(nsIChannel *channel)
 // know about script security manager.
 #define NECKO_NO_APP_ID 0
 #define NECKO_UNKNOWN_APP_ID UINT32_MAX
+// special app id reserved for separating the safebrowsing cookie
+#define NECKO_SAFEBROWSING_APP_ID UINT32_MAX - 1

 /**
 * Gets AppId and isInBrowserElement from channel's nsILoadContext.
--- a/toolkit/components/url-classifier/Makefile.in
+++ b/toolkit/components/url-classifier/Makefile.in
@ -5,5 +5,6 @@

 LOCAL_INCLUDES = \
  -I$(srcdir)/../build \
+  -I$(topsrcdir)/ipc/chromium/src \
  $(SQLITE_CFLAGS) \
  $(NULL)
--- a/toolkit/components/url-classifier/nsUrlClassifierStreamUpdater.cpp
+++ b/toolkit/components/url-classifier/nsUrlClassifierStreamUpdater.cpp
@ -15,9 +15,13 @@
 #include "nsToolkitCompsCID.h"
 #include "nsUrlClassifierStreamUpdater.h"
 #include "prlog.h"
+#include "nsIInterfaceRequestor.h"
+#include "mozilla/LoadContext.h"

 static const char* gQuitApplicationMessage = "quit-application";

+#undef LOG
+
 // NSPR_LOG_MODULES=UrlClassifierStreamUpdater:5
 #if defined(PR_LOGGING)
 static const PRLogModuleInfo *gUrlClassifierStreamUpdaterLog = nullptr;
@ -124,6 +128,14 @@ nsUrlClassifierStreamUpdater::FetchUpdate(nsIURI *aUpdateUrl,
    mChannel->SetContentType(NS_LITERAL_CSTRING("application/vnd.google.safebrowsing-update"));
  }

+   // Create a custom LoadContext for SafeBrowsing, so we can use callbacks on
+   // the channel to query the appId which allows separation of safebrowsing
+   // cookies in a separate jar.
+  nsCOMPtr<nsIInterfaceRequestor> sbContext =
+    new mozilla::LoadContext(NECKO_SAFEBROWSING_APP_ID);
+  rv = mChannel->SetNotificationCallbacks(sbContext);
+  NS_ENSURE_SUCCESS(rv, rv);
+
  // Make the request
  rv = mChannel->AsyncOpen(this, nullptr);
  NS_ENSURE_SUCCESS(rv, rv);