Issue #2133 - Part 3: Remove TrackingProtection plumbing

9 files changed, 1 insertions, 289 deletions

diff --git a/netwerk/base/nsChannelClassifier.cpp b/netwerk/base/nsChannelClassifier.cpp
index ce06cab8b6..d5a5997a3d 100644
--- a/netwerk/base/nsChannelClassifier.cpp
+++ b/netwerk/base/nsChannelClassifier.cpp
@@ -55,179 +55,6 @@ nsChannelClassifier::nsChannelClassifier()
 {
 }
 
-nsresult
-nsChannelClassifier::ShouldEnableTrackingProtection(nsIChannel *aChannel,
-                                                    bool *result)
-{
-    // Should only be called in the parent process.
-    MOZ_ASSERT(XRE_IsParentProcess());
-
-    NS_ENSURE_ARG(result);
-    *result = false;
-
-    nsCOMPtr<nsILoadContext> loadContext;
-    NS_QueryNotificationCallbacks(aChannel, loadContext);
-    if (!loadContext || !(loadContext->UseTrackingProtection())) {
-      return NS_OK;
-    }
-
-    nsresult rv;
-    nsCOMPtr<mozIThirdPartyUtil> thirdPartyUtil =
-        do_GetService(THIRDPARTYUTIL_CONTRACTID, &rv);
-    NS_ENSURE_SUCCESS(rv, rv);
-
-    nsCOMPtr<nsIHttpChannelInternal> chan = do_QueryInterface(aChannel, &rv);
-    NS_ENSURE_SUCCESS(rv, rv);
-
-    nsCOMPtr<nsIURI> topWinURI;
-    rv = chan->GetTopWindowURI(getter_AddRefs(topWinURI));
-    NS_ENSURE_SUCCESS(rv, rv);
-
-    if (!topWinURI) {
-      LOG(("nsChannelClassifier[%p]: No window URI\n", this));
-    }
-
-    nsCOMPtr<nsIURI> chanURI;
-    rv = aChannel->GetURI(getter_AddRefs(chanURI));
-    NS_ENSURE_SUCCESS(rv, rv);
-
-    // Third party checks don't work for chrome:// URIs in mochitests, so just
-    // default to isThirdParty = true. We check isThirdPartyWindow to expand
-    // the list of domains that are considered first party (e.g., if
-    // facebook.com includes an iframe from fatratgames.com, all subsources
-    // included in that iframe are considered third-party with
-    // isThirdPartyChannel, even if they are not third-party w.r.t.
-    // facebook.com), and isThirdPartyChannel to prevent top-level navigations
-    // from being detected as third-party.
-    bool isThirdPartyChannel = true;
-    bool isThirdPartyWindow = true;
-    thirdPartyUtil->IsThirdPartyURI(chanURI, topWinURI, &isThirdPartyWindow);
-    thirdPartyUtil->IsThirdPartyChannel(aChannel, nullptr, &isThirdPartyChannel);
-    if (!isThirdPartyWindow || !isThirdPartyChannel) {
-      *result = false;
-      if (LOG_ENABLED()) {
-        LOG(("nsChannelClassifier[%p]: Skipping tracking protection checks "
-             "for first party or top-level load channel[%p] with uri %s",
-             this, aChannel, chanURI->GetSpecOrDefault().get()));
-      }
-      return NS_OK;
-    }
-
-    nsCOMPtr<nsIIOService> ios = do_GetService(NS_IOSERVICE_CONTRACTID, &rv);
-    NS_ENSURE_SUCCESS(rv, rv);
-
-    const char ALLOWLIST_EXAMPLE_PREF[] = "channelclassifier.allowlist_example";
-    if (!topWinURI && Preferences::GetBool(ALLOWLIST_EXAMPLE_PREF, false)) {
-      LOG(("nsChannelClassifier[%p]: Allowlisting test domain\n", this));
-      rv = ios->NewURI(NS_LITERAL_CSTRING("http://allowlisted.example.com"),
-                       nullptr, nullptr, getter_AddRefs(topWinURI));
-      NS_ENSURE_SUCCESS(rv, rv);
-    }
-
-    // Take the host/port portion so we can allowlist by site. Also ignore the
-    // scheme, since users who put sites on the allowlist probably don't expect
-    // allowlisting to depend on scheme.
-    nsCOMPtr<nsIURL> url = do_QueryInterface(topWinURI, &rv);
-    if (NS_FAILED(rv)) {
-      return rv; // normal for some loads, no need to print a warning
-    }
-
-    nsCString escaped(NS_LITERAL_CSTRING("https://"));
-    nsAutoCString temp;
-    rv = url->GetHostPort(temp);
-    NS_ENSURE_SUCCESS(rv, rv);
-    escaped.Append(temp);
-
-    // Stuff the whole thing back into a URI for the permission manager.
-    rv = ios->NewURI(escaped, nullptr, nullptr, getter_AddRefs(topWinURI));
-    NS_ENSURE_SUCCESS(rv, rv);
-
-    nsCOMPtr<nsIPermissionManager> permMgr =
-        do_GetService(NS_PERMISSIONMANAGER_CONTRACTID, &rv);
-    NS_ENSURE_SUCCESS(rv, rv);
-
-    uint32_t permissions = nsIPermissionManager::UNKNOWN_ACTION;
-    rv = permMgr->TestPermission(topWinURI, "trackingprotection", &permissions);
-    NS_ENSURE_SUCCESS(rv, rv);
-
-    if (permissions == nsIPermissionManager::ALLOW_ACTION) {
-      LOG(("nsChannelClassifier[%p]: Allowlisting channel[%p] for %s", this,
-           aChannel, escaped.get()));
-      mIsAllowListed = true;
-      *result = false;
-    } else {
-      *result = true;
-    }
-
-    // Tracking protection will be enabled so return without updating
-    // the security state. If any channels are subsequently cancelled
-    // (page elements blocked) the state will be then updated.
-    if (*result) {
-      if (LOG_ENABLED()) {
-        LOG(("nsChannelClassifier[%p]: Enabling tracking protection checks on "
-             "channel[%p] with uri %s for toplevel window %s", this, aChannel,
-             chanURI->GetSpecOrDefault().get(),
-             topWinURI->GetSpecOrDefault().get()));
-      }
-      return NS_OK;
-    }
-
-    // Tracking protection will be disabled so update the security state
-    // of the document and fire a secure change event. If we can't get the
-    // window for the channel, then the shield won't show up so we can't send
-    // an event to the securityUI anyway.
-    return NotifyTrackingProtectionDisabled(aChannel);
-}
-
-// static
-nsresult
-nsChannelClassifier::NotifyTrackingProtectionDisabled(nsIChannel *aChannel)
-{
-    // Can be called in EITHER the parent or child process.
-    nsCOMPtr<nsIParentChannel> parentChannel;
-    NS_QueryNotificationCallbacks(aChannel, parentChannel);
-    if (parentChannel) {
-      // This channel is a parent-process proxy for a child process request.
-      // Tell the child process channel to do this instead.
-      parentChannel->NotifyTrackingProtectionDisabled();
-      return NS_OK;
-    }
-
-    nsresult rv;
-    nsCOMPtr<mozIThirdPartyUtil> thirdPartyUtil =
-        do_GetService(THIRDPARTYUTIL_CONTRACTID, &rv);
-    NS_ENSURE_SUCCESS(rv, rv);
-
-    nsCOMPtr<mozIDOMWindowProxy> win;
-    rv = thirdPartyUtil->GetTopWindowForChannel(aChannel, getter_AddRefs(win));
-    NS_ENSURE_SUCCESS(rv, rv);
-
-    auto* pwin = nsPIDOMWindowOuter::From(win);
-    nsCOMPtr<nsIDocShell> docShell = pwin->GetDocShell();
-    if (!docShell) {
-      return NS_OK;
-    }
-    nsCOMPtr<nsIDocument> doc = docShell->GetDocument();
-    NS_ENSURE_TRUE(doc, NS_OK);
-
-    // Notify nsIWebProgressListeners of this security event.
-    // Can be used to change the UI state.
-    nsCOMPtr<nsISecurityEventSink> eventSink = do_QueryInterface(docShell, &rv);
-    NS_ENSURE_SUCCESS(rv, NS_OK);
-    uint32_t state = 0;
-    nsCOMPtr<nsISecureBrowserUI> securityUI;
-    docShell->GetSecurityUI(getter_AddRefs(securityUI));
-    if (!securityUI) {
-      return NS_OK;
-    }
-    doc->SetHasTrackingContentLoaded(true);
-    securityUI->GetState(&state);
-    state |= nsIWebProgressListener::STATE_LOADED_TRACKING_CONTENT;
-    eventSink->OnSecurityChange(nullptr, state);
-
-    return NS_OK;
-}
-
 void
 nsChannelClassifier::Start(nsIChannel *aChannel)
 {
@@ -321,7 +148,6 @@ nsChannelClassifier::StartInternal()
 
     bool expectCallback;
     bool trackingProtectionEnabled = false;
-    (void)ShouldEnableTrackingProtection(mChannel, &trackingProtectionEnabled);
 
     if (LOG_ENABLED()) {
       nsCOMPtr<nsIURI> principalURI;
@@ -490,73 +316,6 @@ nsChannelClassifier::SameLoadingURI(nsIDocument *aDoc, nsIChannel *aChannel)
   return NS_SUCCEEDED(rv) && equals;
 }
 
-// static
-nsresult
-nsChannelClassifier::SetBlockedTrackingContent(nsIChannel *channel)
-{
-  // Can be called in EITHER the parent or child process.
-  nsCOMPtr<nsIParentChannel> parentChannel;
-  NS_QueryNotificationCallbacks(channel, parentChannel);
-  if (parentChannel) {
-    // This channel is a parent-process proxy for a child process request. The
-    // actual channel will be notified via the status passed to
-    // nsIRequest::Cancel and do this for us.
-    return NS_OK;
-  }
-
-  nsresult rv;
-  nsCOMPtr<mozIDOMWindowProxy> win;
-  nsCOMPtr<mozIThirdPartyUtil> thirdPartyUtil =
-    do_GetService(THIRDPARTYUTIL_CONTRACTID, &rv);
-  NS_ENSURE_SUCCESS(rv, NS_OK);
-  rv = thirdPartyUtil->GetTopWindowForChannel(channel, getter_AddRefs(win));
-  NS_ENSURE_SUCCESS(rv, NS_OK);
-  auto* pwin = nsPIDOMWindowOuter::From(win);
-  nsCOMPtr<nsIDocShell> docShell = pwin->GetDocShell();
-  if (!docShell) {
-    return NS_OK;
-  }
-  nsCOMPtr<nsIDocument> doc = docShell->GetDocument();
-  NS_ENSURE_TRUE(doc, NS_OK);
-
-  // This event might come after the user has navigated to another page.
-  // To prevent showing the TrackingProtection UI on the wrong page, we need to
-  // check that the loading URI for the channel is the same as the URI currently
-  // loaded in the document.
-  if (!SameLoadingURI(doc, channel)) {
-    return NS_OK;
-  }
-
-  // Notify nsIWebProgressListeners of this security event.
-  // Can be used to change the UI state.
-  nsCOMPtr<nsISecurityEventSink> eventSink = do_QueryInterface(docShell, &rv);
-  NS_ENSURE_SUCCESS(rv, NS_OK);
-  uint32_t state = 0;
-  nsCOMPtr<nsISecureBrowserUI> securityUI;
-  docShell->GetSecurityUI(getter_AddRefs(securityUI));
-  if (!securityUI) {
-    return NS_OK;
-  }
-  doc->SetHasTrackingContentBlocked(true);
-  securityUI->GetState(&state);
-  state |= nsIWebProgressListener::STATE_BLOCKED_TRACKING_CONTENT;
-  eventSink->OnSecurityChange(nullptr, state);
-
-  // Log a warning to the web console.
-  nsCOMPtr<nsIURI> uri;
-  channel->GetURI(getter_AddRefs(uri));
-  NS_ConvertUTF8toUTF16 spec(uri->GetSpecOrDefault());
-  const char16_t* params[] = { spec.get() };
-  nsContentUtils::ReportToConsole(nsIScriptError::warningFlag,
-                                  NS_LITERAL_CSTRING("Tracking Protection"),
-                                  doc,
-                                  nsContentUtils::eNECKO_PROPERTIES,
-                                  "TrackingUriBlocked",
-                                  params, ArrayLength(params));
-
-  return NS_OK;
-}
-
 NS_IMETHODIMP
 nsChannelClassifier::OnClassifyComplete(nsresult aErrorCode)
 {
diff --git a/netwerk/base/nsChannelClassifier.h b/netwerk/base/nsChannelClassifier.h
index c21c1a0e0d..0516b9cbb2 100644
--- a/netwerk/base/nsChannelClassifier.h
+++ b/netwerk/base/nsChannelClassifier.h
@@ -27,8 +27,6 @@ public:
     // Calls nsIURIClassifier.Classify with the principal of the given channel,
     // and cancels the channel on a bad verdict.
     void Start(nsIChannel *aChannel);
-    // Whether or not tracking protection should be enabled on this channel.
-    nsresult ShouldEnableTrackingProtection(nsIChannel *aChannel, bool *result);
 
 private:
     // True if the channel is on the allow list.
@@ -49,12 +47,6 @@ private:
     bool IsHostnameWhitelisted(nsIURI *aUri, const nsACString &aWhitelisted);
     // Checks that the channel was loaded by the URI currently loaded in aDoc
     static bool SameLoadingURI(nsIDocument *aDoc, nsIChannel *aChannel);
-
-public:
-    // If we are blocking tracking content, update the corresponding flag in
-    // the respective docshell and call nsISecurityEventSink::onSecurityChange.
-    static nsresult SetBlockedTrackingContent(nsIChannel *channel);
-    static nsresult NotifyTrackingProtectionDisabled(nsIChannel *aChannel);
 };
 
 } // namespace net
diff --git a/netwerk/base/nsIParentChannel.idl b/netwerk/base/nsIParentChannel.idl
index 2858bb95ea..389760ae02 100644
--- a/netwerk/base/nsIParentChannel.idl
+++ b/netwerk/base/nsIParentChannel.idl
@@ -20,7 +20,7 @@ class HttpChannelParentListener;
  * Implemented by chrome side of IPC protocols.
  */
 
-[scriptable, uuid(e0fc4801-6030-4653-a59f-1fb282bd1a04)]
+[scriptable, uuid(ea588118-46ab-4fe8-9591-4c6e39cf4331)]
 interface nsIParentChannel : nsIStreamListener
 {
   /**
@@ -29,12 +29,6 @@ interface nsIParentChannel : nsIStreamListener
   [noscript] void setParentListener(in HttpChannelParentListener listener);
 
   /**
-   * Called to notify the HttpChannelChild that tracking protection was
-   * disabled for this load.
-   */
-  [noscript] void notifyTrackingProtectionDisabled();
-
-  /**
    * Called to invoke deletion of the IPC protocol.
    */
   void delete();
diff --git a/netwerk/protocol/data/DataChannelParent.cpp b/netwerk/protocol/data/DataChannelParent.cpp
index a55612e881..43515e941a 100644
--- a/netwerk/protocol/data/DataChannelParent.cpp
+++ b/netwerk/protocol/data/DataChannelParent.cpp
@@ -35,13 +35,6 @@ DataChannelParent::SetParentListener(HttpChannelParentListener* aListener)
 }
 
 NS_IMETHODIMP
-DataChannelParent::NotifyTrackingProtectionDisabled()
-{
-    // Nothing to do.
-    return NS_OK;
-}
-
-NS_IMETHODIMP
 DataChannelParent::Delete()
 {
     // Nothing to do.
diff --git a/netwerk/protocol/ftp/FTPChannelParent.cpp b/netwerk/protocol/ftp/FTPChannelParent.cpp
index a823a21f0e..21dd048411 100644
--- a/netwerk/protocol/ftp/FTPChannelParent.cpp
+++ b/netwerk/protocol/ftp/FTPChannelParent.cpp
@@ -556,13 +556,6 @@ FTPChannelParent::SetParentListener(HttpChannelParentListener* aListener)
 }
 
 NS_IMETHODIMP
-FTPChannelParent::NotifyTrackingProtectionDisabled()
-{
-  // One day, this should probably be filled in.
-  return NS_OK;
-}
-
-NS_IMETHODIMP
 FTPChannelParent::Delete()
 {
   if (mIPCClosed || !SendDeleteSelf())
diff --git a/netwerk/protocol/http/HttpChannelChild.cpp b/netwerk/protocol/http/HttpChannelChild.cpp
index 8594f17a2f..a733b05145 100644
--- a/netwerk/protocol/http/HttpChannelChild.cpp
+++ b/netwerk/protocol/http/HttpChannelChild.cpp
@@ -1471,13 +1471,6 @@ HttpChannelChild::RecvFlushedForDiversion()
   return true;
 }
 
-bool
-HttpChannelChild::RecvNotifyTrackingProtectionDisabled()
-{
-  nsChannelClassifier::NotifyTrackingProtectionDisabled(this);
-  return true;
-}
-
 void
 HttpChannelChild::FlushedForDiversion()
 {
diff --git a/netwerk/protocol/http/HttpChannelChild.h b/netwerk/protocol/http/HttpChannelChild.h
index 983f35be75..b11702813b 100644
--- a/netwerk/protocol/http/HttpChannelChild.h
+++ b/netwerk/protocol/http/HttpChannelChild.h
@@ -103,7 +103,6 @@ public:
 
   bool IsSuspended();
 
-  bool RecvNotifyTrackingProtectionDisabled() override;
   void FlushedForDiversion();
 
 protected:
diff --git a/netwerk/protocol/http/HttpChannelParent.cpp b/netwerk/protocol/http/HttpChannelParent.cpp
index b296478516..0b6e7eb82c 100644
--- a/netwerk/protocol/http/HttpChannelParent.cpp
+++ b/netwerk/protocol/http/HttpChannelParent.cpp
@@ -1366,14 +1366,6 @@ HttpChannelParent::SetParentListener(HttpChannelParentListener* aListener)
 }
 
 NS_IMETHODIMP
-HttpChannelParent::NotifyTrackingProtectionDisabled()
-{
-  if (!mIPCClosed)
-    Unused << SendNotifyTrackingProtectionDisabled();
-  return NS_OK;
-}
-
-NS_IMETHODIMP
 HttpChannelParent::Delete()
 {
   if (!mIPCClosed)
diff --git a/netwerk/protocol/http/PHttpChannel.ipdl b/netwerk/protocol/http/PHttpChannel.ipdl
index d43b27afcb..fee39105e4 100644
--- a/netwerk/protocol/http/PHttpChannel.ipdl
+++ b/netwerk/protocol/http/PHttpChannel.ipdl
@@ -142,9 +142,6 @@ child:
   async AssociateApplicationCache(nsCString groupID,
                                   nsCString clientID);
 
-  // Tell the child that tracking protection was disabled for this load.
-  async NotifyTrackingProtectionDisabled();
-
   // Parent has been suspended for diversion; no more events to be enqueued.
   async FlushedForDiversion();