Bug 827050 - Clear cookies and stored data in the browser clears reme…

…mber my choice permissions for PROMPT_ACTION WebAPIs, r=mounir
iaxat · Jan 7, 2013 · acabe6a · acabe6a
1 parent 4c83d4e
commit acabe6a
Show file tree

Hide file tree

Showing 10 changed files with 268 additions and 21 deletions.
diff --git a/dom/apps/src/Webapps.jsm b/dom/apps/src/Webapps.jsm
@@ -314,7 +314,7 @@ this.DOMApplicationRegistry = {
           let localId = this.webapps[id].localId;
           let permMgr = Cc["@mozilla.org/permissionmanager;1"]
                           .getService(Ci.nsIPermissionManager);
-          permMgr.RemovePermissionsForApp(localId);
+          permMgr.RemovePermissionsForApp(localId, false);
           Services.cookies.removeCookiesForApp(localId, false);
           this._clearPrivateData(localId, false);
         }

diff --git a/extensions/cookie/nsPermissionManager.cpp b/extensions/cookie/nsPermissionManager.cpp
@@ -126,32 +126,37 @@ GetHostForPrincipal(nsIPrincipal* aPrincipal, nsACString& aHost)
   return NS_OK;
 }
 
-class AppUninstallObserver MOZ_FINAL : public nsIObserver {
+class AppClearDataObserver MOZ_FINAL : public nsIObserver {
 public:
   NS_DECL_ISUPPORTS
 
   // nsIObserver implementation.
   NS_IMETHODIMP
   Observe(nsISupports *aSubject, const char *aTopic, const PRUnichar *data)
   {
-    MOZ_ASSERT(!nsCRT::strcmp(aTopic, "webapps-uninstall"));
+    MOZ_ASSERT(!nsCRT::strcmp(aTopic, "webapps-clear-data"));
 
-    nsCOMPtr<nsIAppsService> appsService = do_GetService("@mozilla.org/AppsService;1");
-    nsCOMPtr<mozIApplication> app;
-
-    appsService->GetAppFromObserverMessage(nsAutoString(data), getter_AddRefs(app));
-    NS_ENSURE_TRUE(app, NS_ERROR_UNEXPECTED);
+    nsCOMPtr<mozIApplicationClearPrivateDataParams> params =
+      do_QueryInterface(aSubject);
+    if (!params) {
+      NS_ERROR("'webapps-clear-data' notification's subject should be a mozIApplicationClearPrivateDataParams");
+      return NS_ERROR_UNEXPECTED;
+    }
 
     uint32_t appId;
-    app->GetLocalId(&appId);
-    MOZ_ASSERT(appId != nsIScriptSecurityManager::NO_APP_ID);
+    nsresult rv = params->GetAppId(&appId);
+    NS_ENSURE_SUCCESS(rv, rv);
+
+    bool browserOnly;
+    rv = params->GetBrowserOnly(&browserOnly);
+    NS_ENSURE_SUCCESS(rv, rv);
 
     nsCOMPtr<nsIPermissionManager> permManager = do_GetService("@mozilla.org/permissionmanager;1");
-    return permManager->RemovePermissionsForApp(appId);
+    return permManager->RemovePermissionsForApp(appId, browserOnly);
   }
 };
 
-NS_IMPL_ISUPPORTS1(AppUninstallObserver, nsIObserver)
+NS_IMPL_ISUPPORTS1(AppClearDataObserver, nsIObserver)
 
 } // anonymous namespace
 
@@ -271,10 +276,10 @@ NS_IMETHODIMP DeleteFromMozHostListener::HandleCompletion(uint16_t aReason)
 }
 
 /* static */ void
-nsPermissionManager::AppUninstallObserverInit()
+nsPermissionManager::AppClearDataObserverInit()
 {
   nsCOMPtr<nsIObserverService> observerService = do_GetService("@mozilla.org/observer-service;1");
-  observerService->AddObserver(new AppUninstallObserver(), "webapps-uninstall", /* holdsWeak= */ false);
+  observerService->AddObserver(new AppClearDataObserver(), "webapps-clear-data", /* holdsWeak= */ false);
 }
 
 ////////////////////////////////////////////////////////////////////////////////
@@ -1156,7 +1161,7 @@ nsPermissionManager::GetPermissionsForApp(nsPermissionManager::PermissionHashKey
 }
 
 NS_IMETHODIMP
-nsPermissionManager::RemovePermissionsForApp(uint32_t aAppId)
+nsPermissionManager::RemovePermissionsForApp(uint32_t aAppId, bool aBrowserOnly)
 {
   ENSURE_NOT_CHILD_PROCESS;
   NS_ENSURE_ARG(aAppId != nsIScriptSecurityManager::NO_APP_ID);
@@ -1173,6 +1178,10 @@ nsPermissionManager::RemovePermissionsForApp(uint32_t aAppId)
   sql.AppendLiteral("DELETE FROM moz_hosts WHERE appId=");
   sql.AppendInt(aAppId);
 
+  if (aBrowserOnly) {
+    sql.AppendLiteral(" AND isInBrowserElement=1");
+  }
+
   nsCOMPtr<mozIStorageAsyncStatement> removeStmt;
   nsresult rv = mDBConn->CreateAsyncStatement(sql, getter_AddRefs(removeStmt));
   NS_ENSURE_SUCCESS(rv, rv);

diff --git a/extensions/cookie/nsPermissionManager.h b/extensions/cookie/nsPermissionManager.h
@@ -200,7 +200,7 @@ class nsPermissionManager : public nsIPermissionManager,
    * That way, we can prevent have nsPermissionManager created at startup just
    * to be able to clear data when an application is uninstalled.
    */
-  static void AppUninstallObserverInit();
+  static void AppClearDataObserverInit();
 
 private:
   int32_t GetTypeIndex(const char *aTypeString,

diff --git a/extensions/cookie/test/Makefile.in b/extensions/cookie/test/Makefile.in
@@ -54,8 +54,10 @@ MOCHITEST_FILES = \
 
 MOCHITEST_CHROME_FILES = \
   test_permissionmanager_app_isolation.html \
+  test_app_cleardata_permissions.html \
   test_app_uninstall_permissions.html \
   test_app_uninstall_cookies.html \
+  frame_clear_browser_data.html \
   channel_utils.js \
   $(NULL)
 

diff --git a/extensions/cookie/test/frame_clear_browser_data.html b/extensions/cookie/test/frame_clear_browser_data.html
@@ -0,0 +1,15 @@
+<!DOCTYPE html>
+<html>
+  <body>
+  </body>
+  <script>
+    addEventListener('message', function(e) {
+      if (e.data == 'clear') {
+        navigator.mozApps.getSelf().onsuccess = function() {
+          this.result.clearBrowserData();
+          document.body.innerHTML = "<done></done>";
+        };
+      }
+    });
+  </script>
+</html>
diff --git a/extensions/cookie/test/test_app_cleardata_permissions.html b/extensions/cookie/test/test_app_cleardata_permissions.html
@@ -0,0 +1,213 @@
+<!DOCTYPE HTML>
+<html>
+<head>
+  <meta charset="utf-8">
+  <title>Tests that clearing mozbrowser private data removes the onlyInBrowser permissions</title>
+  <script type="application/javascript" src="chrome://mochikit/content/tests/SimpleTest/SimpleTest.js"></script>
+  <link rel="stylesheet" type="text/css" href="chrome://mochikit/content/tests/SimpleTest/test.css"?>
+</head>
+<body>
+<p id="display"></p>
+<div id="content">
+  <iframe src="http://example.com/tests/error404"></iframe>
+</div>
+<pre id="test">
+<script type="application/javascript;version=1.7">
+
+const Ci = Components.interfaces;
+const Cc = Components.classes;
+const Cu = Components.utils;
+
+SimpleTest.waitForExplicitFinish();
+
+var permManager = Cc["@mozilla.org/permissionmanager;1"]
+                    .getService(Ci.nsIPermissionManager);
+var appsService = Cc['@mozilla.org/AppsService;1']
+                    .getService(Ci.nsIAppsService);
+var secMan = Cc['@mozilla.org/scriptsecuritymanager;1']
+               .getService(Ci.nsIScriptSecurityManager);
+var ioService = Cc["@mozilla.org/network/io-service;1"]
+                  .getService(Components.interfaces.nsIIOService);
+
+var Webapps = {};
+Cu.import("resource://gre/modules/Webapps.jsm", Webapps);
+
+/**
+ * This function will make sure that the next applications we try to install
+ * will be installed. That means it will behave like if the user allowed the app
+ * to be installed in the door hanger.
+ */
+function confirmNextInstall() {
+  var panel = window.top.QueryInterface(Ci.nsIInterfaceRequestor)
+                        .getInterface(Ci.nsIWebNavigation)
+                        .QueryInterface(Ci.nsIDocShell)
+                        .chromeEventHandler.ownerDocument.defaultView
+                        .PopupNotifications.panel
+
+  panel.addEventListener("popupshown", function() {
+    panel.removeEventListener("popupshown", arguments.callee, false);
+    this.childNodes[0].button.doCommand();
+  }, false);
+}
+
+// If aAppId = -1, returns permissions count, regardless of app.
+function getPermissionCountForApp(aAppId) {
+  var nbPermissions = 0;
+  var enumerator = permManager.enumerator;
+
+  while (enumerator.hasMoreElements()) {
+    var permission = enumerator.getNext().QueryInterface(Ci.nsIPermission);
+
+    if (permission.appId == aAppId || aAppId == -1) {
+      nbPermissions++;
+    }
+  }
+
+  return nbPermissions;
+}
+
+permManager.addFromPrincipal(window.document.nodePrincipal, "webapps-manage",
+                             Ci.nsIPermissionManager.ALLOW_ACTION);
+permManager.addFromPrincipal(window.document.nodePrincipal, "browser",
+                             Ci.nsIPermissionManager.ALLOW_ACTION);
+
+var previousPrefs = {
+  mozBrowserFramesEnabled: null,
+  installerDryRun: null,
+};
+
+// Save the prefs we want to change (so we can re-set them later) and set them
+// to the needed value.
+try {
+  previousPrefs.mozBrowserFramesEnabled = SpecialPowers.getBoolPref('dom.mozBrowserFramesEnabled');
+} catch(e)
+{
+}
+SpecialPowers.setBoolPref('dom.mozBrowserFramesEnabled', true);
+
+try {
+  previousPrefs.installerDryRun = SpecialPowers.getBoolPref('browser.mozApps.installer.dry_run');
+} catch(e) {
+}
+SpecialPowers.setBoolPref('browser.mozApps.installer.dry_run', true);
+
+// We want to simulate that all apps are launchable, for testing purpose.
+var gPreviousLaunchableValue = Webapps.DOMApplicationRegistry.allAppsLaunchable;
+Webapps.DOMApplicationRegistry.allAppsLaunchable = true;
+
+// URL of the manifest of the app we want to install.
+const gManifestURL = "http://www.example.com:80/chrome/dom/tests/mochitest/webapps/apps/basic.webapp";
+// ID of the installed app.
+var gTestAppId = 0;
+
+addLoadEvent(function() {
+  confirmNextInstall();
+
+  navigator.mozApps.install(gManifestURL, null).onsuccess = function() {
+    gTestAppId = appsService.getAppLocalIdByManifestURL(gManifestURL);
+
+    is(getPermissionCountForApp(gTestAppId), 0, "App should have no permission");
+
+    var currentPermissionCount = getPermissionCountForApp(-1);
+
+    var principal = secMan.getAppCodebasePrincipal(ioService.newURI("http://www.example.com", null, null),
+                                                   gTestAppId, true);
+
+    permManager.addFromPrincipal(principal, "foobar", Ci.nsIPermissionManager.ALLOW_ACTION);
+    permManager.addFromPrincipal(principal, "foo", Ci.nsIPermissionManager.DENY_ACTION);
+    permManager.addFromPrincipal(principal, "bar", Ci.nsIPermissionManager.ALLOW_ACTION, Ci.nsIPermissionManager.EXPIRE_SESSION, 0);
+
+    principal = secMan.getAppCodebasePrincipal(ioService.newURI("http://www.example.org", null, null),
+                                               gTestAppId, true);
+    permManager.addFromPrincipal(principal, "foobar", Ci.nsIPermissionManager.ALLOW_ACTION);
+
+    is(getPermissionCountForApp(gTestAppId), 4, "App should have 4 permissions");
+
+    var frame = document.createElement('iframe');
+    frame.setAttribute('mozbrowser', '');
+    frame.setAttribute('mozapp', gManifestURL);
+    frame.src = 'http://www.example.com/chrome/extensions/cookie/test/frame_clear_browser_data.html';
+    frame.name = 'app';
+
+    frame.addEventListener('load', appFrameLoadEvent);
+
+    document.body.appendChild(frame);
+  };
+});
+
+function appFrameLoadEvent() {
+  /*
+   * The app frame has been loaded. We can now add permissions for the app to
+   * create browsers and we will load a page in this browser and wait for the
+   * load event.
+   */
+  permManager.addFromPrincipal(window.frames[1].document.nodePrincipal, "browser",
+                               Ci.nsIPermissionManager.ALLOW_ACTION);
+
+  var frame = document.createElement('iframe');
+  frame.setAttribute('mozbrowser', '');
+  frame.src = 'http://example.com/tests/error404_2';
+
+  frame.addEventListener('load', browserLoadEvent);
+
+  document.getElementsByName('app')[0].contentDocument.body.appendChild(frame);
+}
+
+function browserLoadEvent() {
+  /*
+   * The browser inside the app has loaded.
+   */
+
+  frames[1].postMessage("clear", "http://www.example.com");
+
+  waitForClearBrowserData();
+};
+
+function waitForClearBrowserData() {
+  SimpleTest.executeSoon(function() {
+    if (frames[1].document.getElementsByTagName('done').length == 0) {
+      waitForClearBrowserData();
+    } else {
+      checks();
+    }
+  });
+}
+function checks() {
+  navigator.mozApps.mgmt.getAll().onsuccess = function() {
+    for (i in this.result) {
+      var app = this.result[i];
+      if (app.manifestURL == gManifestURL) {
+        is(getPermissionCountForApp(gTestAppId), 0, "App should have 0 permissions");
+
+        Webapps.DOMApplicationRegistry.allAppsLaunchable = gPreviousLaunchableValue;
+
+        // Now we uninstall the app and make sure everything is clean.
+        app.uninstall().onsuccess = function() {
+          is(getPermissionCountForApp(gTestAppId), 0, "App should have 0 permissions");
+          finish();
+        };
+      }
+    }
+  };
+}
+
+/**
+ * This method will be called when the test will be done. It is going to clear
+ * all storage data, permissions, etc.
+ */
+function finish() {
+  permManager.removeFromPrincipal(window.document.nodePrincipal, "webapps-manage",
+                                  Ci.nsIPermissionManager.ALLOW_ACTION);
+  permManager.removeFromPrincipal(window.document.nodePrincipal, "browser",
+                                  Ci.nsIPermissionManager.ALLOW_ACTION);
+
+  SpecialPowers.setBoolPref('dom.mozBrowserFramesEnabled', previousPrefs.mozBrowserFramesEnabled);
+  SpecialPowers.setBoolPref('browser.mozApps.installer.dry_run', previousPrefs.installerDryRun);
+
+  SimpleTest.finish();
+}
+
+</script>
+</pre>
+</body>
+</html>
diff --git a/layout/build/nsLayoutStatics.cpp b/layout/build/nsLayoutStatics.cpp
@@ -265,7 +265,7 @@ nsLayoutStatics::Initialize()
 
   InitProcessPriorityManager();
 
-  nsPermissionManager::AppUninstallObserverInit();
+  nsPermissionManager::AppClearDataObserverInit();
   nsCookieService::AppClearDataObserverInit();
   nsApplicationCacheService::AppClearDataObserverInit();
 

diff --git a/netwerk/base/public/nsIPermissionManager.idl b/netwerk/base/public/nsIPermissionManager.idl
@@ -36,7 +36,7 @@ interface nsIObserver;
 interface nsIPrincipal;
 interface nsIDOMWindow;
 
-[scriptable, uuid(6c68cd87-4569-4695-8bc8-ad609f624b96)]
+[scriptable, uuid(9b6ffbb9-5536-4216-afcf-1b7cd7b54005)]
 interface nsIPermissionManager : nsISupports
 {
   /**
@@ -192,8 +192,12 @@ interface nsIPermissionManager : nsISupports
 
   /**
    * Remove all permissions associated with a given app id.
+   * @param aAppId       The appId of the app
+   * @param aBrowserOnly Whether we should remove permissions associated with
+   *                     a browser element (true) or all permissions (false).
    */
-  void removePermissionsForApp(in unsigned long appId);
+  void removePermissionsForApp(in unsigned long appId,
+                               in boolean browserOnly);
 };
 
 %{ C++

diff --git a/netwerk/test/unit/test_auth_jar.js b/netwerk/test/unit/test_auth_jar.js
@@ -10,6 +10,9 @@ function createURI(s) {
 }
 
 function run_test() {
+  // Set up a profile.
+  do_get_profile();
+
   var secMan = Cc["@mozilla.org/scriptsecuritymanager;1"].getService(Ci.nsIScriptSecurityManager);
   const kURI1 = "http://example.com";
   var app1 = secMan.getAppCodebasePrincipal(createURI(kURI1), 1, false);
@@ -49,4 +52,4 @@ function run_test() {
   do_check_eq(domain.value, "example.com");
   do_check_eq(user.value, "user2");
   do_check_eq(pass.value, "pass2");
-}
+}