allstarschh/bug_1260931_comment_55_smaug.patch

## bug_1260931_comment_55_smaug.patch
commit 5286a88e433ef7d29abb50f45013e008128a7d47
Author: Yoshi Huang <allstars.chh@mozilla.com>
Date:   Wed Aug 24 15:25:59 2016 +0800

    smaug's comment

diff --git a/caps/nsScriptSecurityManager.cpp b/caps/nsScriptSecurityManager.cpp
index 9726583..fb223e0 100644
--- a/caps/nsScriptSecurityManager.cpp
+++ b/caps/nsScriptSecurityManager.cpp
@@ -449,19 +449,27 @@ nsScriptSecurityManager::GetChannelURIPrincipal(nsIChannel* aChannel,
         nsIContentPolicy::TYPE_SUBDOCUMENT == contentPolicyType) {
       // If it's document or sub-document, inherit originAttributes from
       // the document.
       if (loadContext) {
         DocShellOriginAttributes docShellAttrs;
         loadContext->GetOriginAttributes(docShellAttrs);
         attrs.InheritFromDocShellToDoc(docShellAttrs, uri);

+        // Cache the privacy.firstparty.isolate pref.
+        static bool sFirstPartyIsolation = false;
+        static bool sCachedFirstPartyPref = false;
+        if (!sCachedFirstPartyPref) {
+          sCachedFirstPartyPref = true;
+          Preferences::AddBoolVarCache(&sFirstPartyIsolation, "privacy.firstparty.isolate");
+        }
+
         // When the pref is on, we also compute the firstParyDomain attribute
         // if it's top-level document,
-        if (Preferences::GetBool("privacy.firstparty.isolate", false) &&
+        if (sFirstPartyIsolation &&
             nsIContentPolicy::TYPE_DOCUMENT == contentPolicyType) {
           nsCOMPtr<nsIEffectiveTLDService> tldService = do_GetService(NS_EFFECTIVETLDSERVICE_CONTRACTID);
           NS_ENSURE_TRUE(tldService, NS_ERROR_FAILURE);

           nsAutoCString baseDomain;
           tldService->GetBaseDomain(uri, 0, baseDomain);
           attrs.mFirstPartyDomain = NS_ConvertUTF8toUTF16(baseDomain);
         }
diff --git a/dom/base/nsFrameLoader.cpp b/dom/base/nsFrameLoader.cpp
index 7c4d8cd..7506401 100644
--- a/dom/base/nsFrameLoader.cpp
+++ b/dom/base/nsFrameLoader.cpp
@@ -2096,18 +2096,37 @@ nsFrameLoader::MaybeCreateDocShell()
   if (docShell->ItemType() == mDocShell->ItemType()) {
     attrs = nsDocShell::Cast(docShell)->GetOriginAttributes();
   }

   // Inherit origin attributes from parent document. For example,
   // firstPartyDomain is computed from top-level document, it doesn't exist in
   // the top-level docshell.
   if (parentType == nsIDocShellTreeItem::typeContent) {
+    MOZ_ASSERT(attrs.mFirstPartyDomain.IsEmpty(),
+               "Top-level DocShellAttributes shouldn't have FirstPartyDomain attribute.");
     PrincipalOriginAttributes poa = BasePrincipal::Cast(doc->NodePrincipal())->OriginAttributesRef();
     attrs.InheritFromDocToChildDocShell(poa);
+
+#ifdef DEBUG
+    // Cache the privacy.firstparty.isolate pref.
+    static bool sFirstPartyIsolation = false;
+    static bool sCachedFirstPartyPref = false;
+    if (!sCachedFirstPartyPref) {
+      sCachedFirstPartyPref = true;
+      Preferences::AddBoolVarCache(&sFirstPartyIsolation, "privacy.firstparty.isolate");
+    }
+
+    // When the pref is on, top-level document and child-docshell should have
+    // firstParyDomain attribute.
+    if (sFirstPartyIsolation) {
+      MOZ_ASSERT(!poa.mFirstPartyDomain.IsEmpty(), "Top-level document should have FirstPartyDomain attribute.");
+      MOZ_ASSERT(!attrs.mFirstPartyDomain.IsEmpty(), "Child DocShell should have FirstPartyDomain attribute.");
+    }
+#endif /* DEBUG */
   }

   if (OwnerIsAppFrame()) {
     // You can't be both an app and a browser frame.
     MOZ_ASSERT(!OwnerIsMozBrowserFrame());

     nsCOMPtr<mozIApplication> ownApp = GetOwnApp();
     MOZ_ASSERT(ownApp);
diff --git a/netwerk/ipc/NeckoParent.cpp b/netwerk/ipc/NeckoParent.cpp
index 3623b8c..dec4021 100644
--- a/netwerk/ipc/NeckoParent.cpp
+++ b/netwerk/ipc/NeckoParent.cpp
@@ -134,16 +134,17 @@ NeckoParent::GetValidatedAppInfo(const SerializedLoadContext& aSerialized,
       continue;
     }
     aAttrs = DocShellOriginAttributes();
     aAttrs.mAppId = appId;
     aAttrs.mInIsolatedMozBrowser = inBrowserElement;
     aAttrs.mSignedPkg = aSerialized.mOriginAttributes.mSignedPkg;
     aAttrs.mUserContextId = aSerialized.mOriginAttributes.mUserContextId;
     aAttrs.mPrivateBrowsingId = aSerialized.mOriginAttributes.mPrivateBrowsingId;
+    aAttrs.mFirstPartyDomain = aSerialized.mOriginAttributes.mFirstPartyDomain;

     return nullptr;
   }

   if (contextArray.Length() != 0) {
     return "App does not have permission";
   }
	commit 5286a88e433ef7d29abb50f45013e008128a7d47
	Author: Yoshi Huang <allstars.chh@mozilla.com>
	Date: Wed Aug 24 15:25:59 2016 +0800

	smaug's comment

	diff --git a/caps/nsScriptSecurityManager.cpp b/caps/nsScriptSecurityManager.cpp
	index 9726583..fb223e0 100644
	--- a/caps/nsScriptSecurityManager.cpp
	+++ b/caps/nsScriptSecurityManager.cpp
	@@ -449,19 +449,27 @@ nsScriptSecurityManager::GetChannelURIPrincipal(nsIChannel* aChannel,
	nsIContentPolicy::TYPE_SUBDOCUMENT == contentPolicyType) {
	// If it's document or sub-document, inherit originAttributes from
	// the document.
	if (loadContext) {
	DocShellOriginAttributes docShellAttrs;
	loadContext->GetOriginAttributes(docShellAttrs);
	attrs.InheritFromDocShellToDoc(docShellAttrs, uri);

	+ // Cache the privacy.firstparty.isolate pref.
	+ static bool sFirstPartyIsolation = false;
	+ static bool sCachedFirstPartyPref = false;
	+ if (!sCachedFirstPartyPref) {
	+ sCachedFirstPartyPref = true;
	+ Preferences::AddBoolVarCache(&sFirstPartyIsolation, "privacy.firstparty.isolate");
	+ }
	+
	// When the pref is on, we also compute the firstParyDomain attribute
	// if it's top-level document,
	- if (Preferences::GetBool("privacy.firstparty.isolate", false) &&
	+ if (sFirstPartyIsolation &&
	nsIContentPolicy::TYPE_DOCUMENT == contentPolicyType) {
	nsCOMPtr<nsIEffectiveTLDService> tldService = do_GetService(NS_EFFECTIVETLDSERVICE_CONTRACTID);
	NS_ENSURE_TRUE(tldService, NS_ERROR_FAILURE);

	nsAutoCString baseDomain;
	tldService->GetBaseDomain(uri, 0, baseDomain);
	attrs.mFirstPartyDomain = NS_ConvertUTF8toUTF16(baseDomain);
	}
	diff --git a/dom/base/nsFrameLoader.cpp b/dom/base/nsFrameLoader.cpp
	index 7c4d8cd..7506401 100644
	--- a/dom/base/nsFrameLoader.cpp
	+++ b/dom/base/nsFrameLoader.cpp
	@@ -2096,18 +2096,37 @@ nsFrameLoader::MaybeCreateDocShell()
	if (docShell->ItemType() == mDocShell->ItemType()) {
	attrs = nsDocShell::Cast(docShell)->GetOriginAttributes();
	}

	// Inherit origin attributes from parent document. For example,
	// firstPartyDomain is computed from top-level document, it doesn't exist in
	// the top-level docshell.
	if (parentType == nsIDocShellTreeItem::typeContent) {
	+ MOZ_ASSERT(attrs.mFirstPartyDomain.IsEmpty(),
	+ "Top-level DocShellAttributes shouldn't have FirstPartyDomain attribute.");
	PrincipalOriginAttributes poa = BasePrincipal::Cast(doc->NodePrincipal())->OriginAttributesRef();
	attrs.InheritFromDocToChildDocShell(poa);
	+
	+#ifdef DEBUG
	+ // Cache the privacy.firstparty.isolate pref.
	+ static bool sFirstPartyIsolation = false;
	+ static bool sCachedFirstPartyPref = false;
	+ if (!sCachedFirstPartyPref) {
	+ sCachedFirstPartyPref = true;
	+ Preferences::AddBoolVarCache(&sFirstPartyIsolation, "privacy.firstparty.isolate");
	+ }
	+
	+ // When the pref is on, top-level document and child-docshell should have
	+ // firstParyDomain attribute.
	+ if (sFirstPartyIsolation) {
	+ MOZ_ASSERT(!poa.mFirstPartyDomain.IsEmpty(), "Top-level document should have FirstPartyDomain attribute.");
	+ MOZ_ASSERT(!attrs.mFirstPartyDomain.IsEmpty(), "Child DocShell should have FirstPartyDomain attribute.");
	+ }
	+#endif /* DEBUG */
	}

	if (OwnerIsAppFrame()) {
	// You can't be both an app and a browser frame.
	MOZ_ASSERT(!OwnerIsMozBrowserFrame());

	nsCOMPtr<mozIApplication> ownApp = GetOwnApp();
	MOZ_ASSERT(ownApp);
	diff --git a/netwerk/ipc/NeckoParent.cpp b/netwerk/ipc/NeckoParent.cpp
	index 3623b8c..dec4021 100644
	--- a/netwerk/ipc/NeckoParent.cpp
	+++ b/netwerk/ipc/NeckoParent.cpp
	@@ -134,16 +134,17 @@ NeckoParent::GetValidatedAppInfo(const SerializedLoadContext& aSerialized,
	continue;
	}
	aAttrs = DocShellOriginAttributes();
	aAttrs.mAppId = appId;
	aAttrs.mInIsolatedMozBrowser = inBrowserElement;
	aAttrs.mSignedPkg = aSerialized.mOriginAttributes.mSignedPkg;
	aAttrs.mUserContextId = aSerialized.mOriginAttributes.mUserContextId;
	aAttrs.mPrivateBrowsingId = aSerialized.mOriginAttributes.mPrivateBrowsingId;
	+ aAttrs.mFirstPartyDomain = aSerialized.mOriginAttributes.mFirstPartyDomain;

	return nullptr;
	}

	if (contextArray.Length() != 0) {
	return "App does not have permission";
	}