From b078ce3073e2a64b3f8a839537290f5c0f2e966e Mon Sep 17 00:00:00 2001 From: Christoph Kerschbaumer Date: Mon, 19 Aug 2013 12:31:24 -0700 Subject: [PATCH] Bug 897516 - Implement a separate cookie jar for safebrowsing - cookie separation part. r=mmc --- caps/idl/nsIScriptSecurityManager.idl | 1 + docshell/base/LoadContext.cpp | 20 ++++++++++++++++++- docshell/base/LoadContext.h | 20 ++++++++++++++++++- netwerk/base/public/nsNetUtil.h | 2 ++ toolkit/components/url-classifier/Makefile.in | 1 + .../nsUrlClassifierStreamUpdater.cpp | 12 +++++++++++ 6 files changed, 54 insertions(+), 2 deletions(-) diff --git a/caps/idl/nsIScriptSecurityManager.idl b/caps/idl/nsIScriptSecurityManager.idl index 449ba9878d9..5137ac85b23 100644 --- a/caps/idl/nsIScriptSecurityManager.idl +++ b/caps/idl/nsIScriptSecurityManager.idl @@ -227,6 +227,7 @@ interface nsIScriptSecurityManager : nsIXPCSecurityManager const unsigned long NO_APP_ID = 0; const unsigned long UNKNOWN_APP_ID = 4294967295; // UINT32_MAX + const unsigned long SAFEBROWSING_APP_ID = 4294967294; // UINT32_MAX - 1 /** * Returns the jar prefix for the app. diff --git a/docshell/base/LoadContext.cpp b/docshell/base/LoadContext.cpp index 34f80f933e1..a4419dadc29 100644 --- a/docshell/base/LoadContext.cpp +++ b/docshell/base/LoadContext.cpp @@ -8,7 +8,7 @@ namespace mozilla { -NS_IMPL_ISUPPORTS1(LoadContext, nsILoadContext) +NS_IMPL_ISUPPORTS2(LoadContext, nsILoadContext, nsIInterfaceRequestor) //----------------------------------------------------------------------------- // LoadContext::nsILoadContext @@ -111,4 +111,22 @@ LoadContext::GetAppId(uint32_t* aAppId) return NS_OK; } +//----------------------------------------------------------------------------- +// LoadContext::nsIInterfaceRequestor +//----------------------------------------------------------------------------- +NS_IMETHODIMP +LoadContext::GetInterface(const nsIID &aIID, void **aResult) +{ + NS_ENSURE_ARG_POINTER(aResult); + *aResult = nullptr; + + if (aIID.Equals(NS_GET_IID(nsILoadContext))) { + *aResult = static_cast(this); + NS_ADDREF_THIS(); + return NS_OK; + } + + return NS_NOINTERFACE; +} + } // namespace mozilla diff --git a/docshell/base/LoadContext.h b/docshell/base/LoadContext.h index 476082db5d2..c680a603908 100644 --- a/docshell/base/LoadContext.h +++ b/docshell/base/LoadContext.h @@ -11,6 +11,7 @@ #include "mozilla/Attributes.h" #include "nsIWeakReferenceUtils.h" #include "mozilla/dom/Element.h" +#include "nsIInterfaceRequestor.h" class mozIApplication; @@ -24,13 +25,18 @@ namespace mozilla { * typically provided by nsDocShell. This is only used when the original * docshell is in a different process and we need to copy certain values from * it. + * + * Note: we also generate a new nsILoadContext using LoadContext(uint32_t aAppId) + * to separate the safebrowsing cookie. */ -class LoadContext MOZ_FINAL : public nsILoadContext +class LoadContext MOZ_FINAL : public nsILoadContext, + public nsIInterfaceRequestor { public: NS_DECL_ISUPPORTS NS_DECL_NSILOADCONTEXT + NS_DECL_NSIINTERFACEREQUESTOR // AppId/inBrowser arguments override those in SerializedLoadContext provided // by child process. @@ -47,6 +53,18 @@ public: #endif {} + // Constructor taking reserved appId for the safebrowsing cookie. + LoadContext(uint32_t aAppId) + : mTopFrameElement(nullptr) + , mAppId(aAppId) + , mIsContent(false) + , mUsePrivateBrowsing(false) + , mIsInBrowserElement(false) +#ifdef DEBUG + , mIsNotNull(true) +#endif + {} + private: nsWeakPtr mTopFrameElement; uint32_t mAppId; diff --git a/netwerk/base/public/nsNetUtil.h b/netwerk/base/public/nsNetUtil.h index 809ff411adb..70ef0854f06 100644 --- a/netwerk/base/public/nsNetUtil.h +++ b/netwerk/base/public/nsNetUtil.h @@ -1354,6 +1354,8 @@ NS_UsePrivateBrowsing(nsIChannel *channel) // know about script security manager. #define NECKO_NO_APP_ID 0 #define NECKO_UNKNOWN_APP_ID UINT32_MAX +// special app id reserved for separating the safebrowsing cookie +#define NECKO_SAFEBROWSING_APP_ID UINT32_MAX - 1 /** * Gets AppId and isInBrowserElement from channel's nsILoadContext. diff --git a/toolkit/components/url-classifier/Makefile.in b/toolkit/components/url-classifier/Makefile.in index 934d6dc2b8e..c82f440c40e 100644 --- a/toolkit/components/url-classifier/Makefile.in +++ b/toolkit/components/url-classifier/Makefile.in @@ -5,5 +5,6 @@ LOCAL_INCLUDES = \ -I$(srcdir)/../build \ + -I$(topsrcdir)/ipc/chromium/src \ $(SQLITE_CFLAGS) \ $(NULL) diff --git a/toolkit/components/url-classifier/nsUrlClassifierStreamUpdater.cpp b/toolkit/components/url-classifier/nsUrlClassifierStreamUpdater.cpp index 69c520ed800..7e98e7d656d 100644 --- a/toolkit/components/url-classifier/nsUrlClassifierStreamUpdater.cpp +++ b/toolkit/components/url-classifier/nsUrlClassifierStreamUpdater.cpp @@ -15,9 +15,13 @@ #include "nsToolkitCompsCID.h" #include "nsUrlClassifierStreamUpdater.h" #include "prlog.h" +#include "nsIInterfaceRequestor.h" +#include "mozilla/LoadContext.h" static const char* gQuitApplicationMessage = "quit-application"; +#undef LOG + // NSPR_LOG_MODULES=UrlClassifierStreamUpdater:5 #if defined(PR_LOGGING) static const PRLogModuleInfo *gUrlClassifierStreamUpdaterLog = nullptr; @@ -124,6 +128,14 @@ nsUrlClassifierStreamUpdater::FetchUpdate(nsIURI *aUpdateUrl, mChannel->SetContentType(NS_LITERAL_CSTRING("application/vnd.google.safebrowsing-update")); } + // Create a custom LoadContext for SafeBrowsing, so we can use callbacks on + // the channel to query the appId which allows separation of safebrowsing + // cookies in a separate jar. + nsCOMPtr sbContext = + new mozilla::LoadContext(NECKO_SAFEBROWSING_APP_ID); + rv = mChannel->SetNotificationCallbacks(sbContext); + NS_ENSURE_SUCCESS(rv, rv); + // Make the request rv = mChannel->AsyncOpen(this, nullptr); NS_ENSURE_SUCCESS(rv, rv);