BrowsingContextGroup.cpp (24155B)
1 /* -*- Mode: C++; tab-width: 8; indent-tabs-mode: nil; c-basic-offset: 2 -*- */ 2 /* vim: set ts=8 sts=2 et sw=2 tw=80: */ 3 /* This Source Code Form is subject to the terms of the Mozilla Public 4 * License, v. 2.0. If a copy of the MPL was not distributed with this 5 * file, You can obtain one at http://mozilla.org/MPL/2.0/. */ 6 7 #include "mozilla/dom/BrowsingContextGroup.h" 8 9 #include "mozilla/ClearOnShutdown.h" 10 #include "mozilla/InputTaskManager.h" 11 #include "mozilla/Preferences.h" 12 #include "mozilla/dom/BrowsingContextBinding.h" 13 #include "mozilla/dom/BindingUtils.h" 14 #include "mozilla/dom/ContentChild.h" 15 #include "mozilla/dom/ContentParent.h" 16 #include "mozilla/dom/DocGroup.h" 17 #include "mozilla/StaticPrefs_dom.h" 18 #include "mozilla/ThrottledEventQueue.h" 19 #include "mozilla/dom/ProcessIsolation.h" 20 #include "nsFocusManager.h" 21 #include "nsTHashMap.h" 22 23 namespace mozilla::dom { 24 25 // Maximum number of successive dialogs before we prompt users to disable 26 // dialogs for this window. 27 #define MAX_SUCCESSIVE_DIALOG_COUNT 5 28 29 static StaticRefPtr<BrowsingContextGroup> sChromeGroup; 30 31 static StaticAutoPtr<nsTHashMap<uint64_t, RefPtr<BrowsingContextGroup>>> 32 sBrowsingContextGroups; 33 34 already_AddRefed<BrowsingContextGroup> BrowsingContextGroup::GetOrCreate( 35 uint64_t aId) { 36 if (!sBrowsingContextGroups) { 37 sBrowsingContextGroups = 38 new nsTHashMap<nsUint64HashKey, RefPtr<BrowsingContextGroup>>(); 39 ClearOnShutdown(&sBrowsingContextGroups); 40 } 41 42 return do_AddRef(sBrowsingContextGroups->LookupOrInsertWith( 43 aId, [&aId] { return do_AddRef(new BrowsingContextGroup(aId)); })); 44 } 45 46 already_AddRefed<BrowsingContextGroup> BrowsingContextGroup::GetExisting( 47 uint64_t aId) { 48 if (sBrowsingContextGroups) { 49 return do_AddRef(sBrowsingContextGroups->Get(aId)); 50 } 51 return nullptr; 52 } 53 54 // Only use 53 bits for the BrowsingContextGroup ID. 55 static constexpr uint64_t kBrowsingContextGroupIdTotalBits = 53; 56 static constexpr uint64_t kBrowsingContextGroupIdProcessBits = 22; 57 static constexpr uint64_t kBrowsingContextGroupIdFlagBits = 1; 58 static constexpr uint64_t kBrowsingContextGroupIdBits = 59 kBrowsingContextGroupIdTotalBits - kBrowsingContextGroupIdProcessBits - 60 kBrowsingContextGroupIdFlagBits; 61 62 // IDs for the relevant flags 63 static constexpr uint64_t kPotentiallyCrossOriginIsolatedFlag = 0x1; 64 65 // The next ID value which will be used. 66 static uint64_t sNextBrowsingContextGroupId = 1; 67 68 // Generate the next ID with the given flags. 69 static uint64_t GenerateBrowsingContextGroupId(uint64_t aFlags) { 70 MOZ_RELEASE_ASSERT(aFlags < (uint64_t(1) << kBrowsingContextGroupIdFlagBits)); 71 uint64_t childId = XRE_IsContentProcess() 72 ? ContentChild::GetSingleton()->GetID() 73 : uint64_t(0); 74 MOZ_RELEASE_ASSERT(childId < 75 (uint64_t(1) << kBrowsingContextGroupIdProcessBits)); 76 uint64_t id = sNextBrowsingContextGroupId++; 77 MOZ_RELEASE_ASSERT(id < (uint64_t(1) << kBrowsingContextGroupIdBits)); 78 79 return (childId << (kBrowsingContextGroupIdBits + 80 kBrowsingContextGroupIdFlagBits)) | 81 (id << kBrowsingContextGroupIdFlagBits) | aFlags; 82 } 83 84 // Extract flags from the given ID. 85 static uint64_t GetBrowsingContextGroupIdFlags(uint64_t aId) { 86 return aId & ((uint64_t(1) << kBrowsingContextGroupIdFlagBits) - 1); 87 } 88 89 uint64_t BrowsingContextGroup::CreateId(bool aPotentiallyCrossOriginIsolated) { 90 // We encode the potentially cross-origin isolated bit within the ID so that 91 // the information can be recovered whenever the group needs to be re-created 92 // due to e.g. being garbage-collected. 93 // 94 // In the future if we end up needing more complex information stored within 95 // the ID, we can consider converting it to a more complex type, like a 96 // string. 97 uint64_t flags = 98 aPotentiallyCrossOriginIsolated ? kPotentiallyCrossOriginIsolatedFlag : 0; 99 uint64_t id = GenerateBrowsingContextGroupId(flags); 100 MOZ_ASSERT(GetBrowsingContextGroupIdFlags(id) == flags); 101 return id; 102 } 103 104 already_AddRefed<BrowsingContextGroup> BrowsingContextGroup::Create( 105 bool aPotentiallyCrossOriginIsolated) { 106 return GetOrCreate(CreateId(aPotentiallyCrossOriginIsolated)); 107 } 108 109 BrowsingContextGroup::BrowsingContextGroup(uint64_t aId) : mId(aId) { 110 mTimerEventQueue = ThrottledEventQueue::Create( 111 GetMainThreadSerialEventTarget(), "BrowsingContextGroup timer queue"); 112 113 mWorkerEventQueue = ThrottledEventQueue::Create( 114 GetMainThreadSerialEventTarget(), "BrowsingContextGroup worker queue"); 115 } 116 117 void BrowsingContextGroup::Register(nsISupports* aContext) { 118 MOZ_DIAGNOSTIC_ASSERT(!mDestroyed); 119 MOZ_DIAGNOSTIC_ASSERT(aContext); 120 mContexts.Insert(aContext); 121 } 122 123 void BrowsingContextGroup::Unregister(nsISupports* aContext) { 124 MOZ_DIAGNOSTIC_ASSERT(!mDestroyed); 125 MOZ_DIAGNOSTIC_ASSERT(aContext); 126 mContexts.Remove(aContext); 127 128 MaybeDestroy(); 129 } 130 131 void BrowsingContextGroup::EnsureHostProcess(ContentParent* aProcess) { 132 MOZ_DIAGNOSTIC_ASSERT(!mDestroyed); 133 MOZ_DIAGNOSTIC_ASSERT(this != sChromeGroup, 134 "cannot have content host for chrome group"); 135 MOZ_DIAGNOSTIC_ASSERT(aProcess->GetRemoteType() != PREALLOC_REMOTE_TYPE, 136 "cannot use preallocated process as host"); 137 MOZ_DIAGNOSTIC_ASSERT(!aProcess->GetRemoteType().IsEmpty(), 138 "host process must have remote type"); 139 140 // XXX: The diagnostic crashes in bug 1816025 seemed to come through caller 141 // ContentParent::GetNewOrUsedLaunchingBrowserProcess where we already 142 // did AssertAlive, so IsDead should be irrelevant here. Still it reads 143 // wrong that we ever might do AddBrowsingContextGroup if aProcess->IsDead(). 144 if (aProcess->IsDead() || 145 mHosts.WithEntryHandle(aProcess->GetRemoteType(), [&](auto&& entry) { 146 if (entry) { 147 // We know from bug 1816025 that this happens quite often and we have 148 // bug 1815480 on file that should harden the entire flow. But in the 149 // meantime we can just live with NOT replacing the found host 150 // process with a new one here if it is still alive. 151 MOZ_ASSERT( 152 entry.Data() == aProcess, 153 "There's already another host process for this remote type"); 154 if (!entry.Data()->IsShuttingDown()) { 155 return false; 156 } 157 } 158 159 // This process wasn't already marked as our host, so insert it (or 160 // update if the old process is shutting down), and begin subscribing, 161 // unless the process is still launching. 162 entry.InsertOrUpdate(do_AddRef(aProcess)); 163 164 return true; 165 })) { 166 aProcess->AddBrowsingContextGroup(this); 167 } 168 } 169 170 void BrowsingContextGroup::RemoveHostProcess(ContentParent* aProcess) { 171 MOZ_DIAGNOSTIC_ASSERT(aProcess); 172 MOZ_DIAGNOSTIC_ASSERT(aProcess->GetRemoteType() != PREALLOC_REMOTE_TYPE); 173 auto entry = mHosts.Lookup(aProcess->GetRemoteType()); 174 if (entry && entry.Data() == aProcess) { 175 entry.Remove(); 176 } 177 } 178 179 static void CollectContextInitializers( 180 Span<RefPtr<BrowsingContext>> aContexts, 181 nsTArray<SyncedContextInitializer>& aInits) { 182 // The order that we record these initializers is important, as it will keep 183 // the order that children are attached to their parent in the newly connected 184 // content process consistent. 185 for (auto& context : aContexts) { 186 aInits.AppendElement(context->GetIPCInitializer()); 187 for (const auto& window : context->GetWindowContexts()) { 188 aInits.AppendElement(window->GetIPCInitializer()); 189 CollectContextInitializers(window->Children(), aInits); 190 } 191 } 192 } 193 194 void BrowsingContextGroup::Subscribe(ContentParent* aProcess) { 195 MOZ_DIAGNOSTIC_ASSERT(!mDestroyed); 196 MOZ_DIAGNOSTIC_ASSERT(aProcess && !aProcess->IsLaunching()); 197 MOZ_DIAGNOSTIC_ASSERT(aProcess->GetRemoteType() != PREALLOC_REMOTE_TYPE); 198 199 // Check if we're already subscribed to this process. 200 if (!mSubscribers.EnsureInserted(aProcess)) { 201 return; 202 } 203 204 #ifdef MOZ_DIAGNOSTIC_ASSERT_ENABLED 205 // If the process is already marked as dead, we won't be the host, but may 206 // still need to subscribe to the process due to creating a popup while 207 // shutting down. 208 if (!aProcess->IsDead()) { 209 auto hostEntry = mHosts.Lookup(aProcess->GetRemoteType()); 210 MOZ_DIAGNOSTIC_ASSERT(hostEntry && hostEntry.Data() == aProcess, 211 "Cannot subscribe a non-host process"); 212 } 213 #endif 214 215 // FIXME: This won't send non-discarded children of discarded BCs, but those 216 // BCs will be in the process of being destroyed anyway. 217 // FIXME: Prevent that situation from occuring. 218 nsTArray<SyncedContextInitializer> inits(mContexts.Count()); 219 CollectContextInitializers(mToplevels, inits); 220 221 nsTArray<OriginAgentClusterInitializer> useOriginAgentCluster; 222 for (auto& entry : mUseOriginAgentCluster) { 223 if (!aProcess->ValidatePrincipal(entry.GetKey())) { 224 continue; 225 } 226 227 useOriginAgentCluster.AppendElement(OriginAgentClusterInitializer( 228 WrapNotNull(RefPtr{entry.GetKey()}), entry.GetData())); 229 } 230 231 // Send all of our contexts to the target content process. 232 (void)aProcess->SendRegisterBrowsingContextGroup(Id(), inits, 233 useOriginAgentCluster); 234 } 235 236 void BrowsingContextGroup::Unsubscribe(ContentParent* aProcess) { 237 MOZ_DIAGNOSTIC_ASSERT(aProcess); 238 MOZ_DIAGNOSTIC_ASSERT(aProcess->GetRemoteType() != PREALLOC_REMOTE_TYPE); 239 mSubscribers.Remove(aProcess); 240 aProcess->RemoveBrowsingContextGroup(this); 241 242 #ifdef MOZ_DIAGNOSTIC_ASSERT_ENABLED 243 auto hostEntry = mHosts.Lookup(aProcess->GetRemoteType()); 244 MOZ_DIAGNOSTIC_ASSERT(!hostEntry || hostEntry.Data() != aProcess, 245 "Unsubscribing existing host entry"); 246 #endif 247 } 248 249 ContentParent* BrowsingContextGroup::GetHostProcess( 250 const nsACString& aRemoteType) { 251 return mHosts.GetWeak(aRemoteType); 252 } 253 254 void BrowsingContextGroup::UpdateToplevelsSuspendedIfNeeded() { 255 if (!StaticPrefs::dom_suspend_inactive_enabled()) { 256 return; 257 } 258 259 mToplevelsSuspended = ShouldSuspendAllTopLevelContexts(); 260 for (const auto& context : mToplevels) { 261 nsPIDOMWindowOuter* outer = context->GetDOMWindow(); 262 if (!outer) { 263 continue; 264 } 265 nsCOMPtr<nsPIDOMWindowInner> inner = outer->GetCurrentInnerWindow(); 266 if (!inner) { 267 continue; 268 } 269 if (mToplevelsSuspended && !inner->GetWasSuspendedByGroup()) { 270 inner->Suspend(); 271 inner->SetWasSuspendedByGroup(true); 272 } else if (!mToplevelsSuspended && inner->GetWasSuspendedByGroup()) { 273 inner->Resume(); 274 inner->SetWasSuspendedByGroup(false); 275 } 276 } 277 } 278 279 bool BrowsingContextGroup::ShouldSuspendAllTopLevelContexts() const { 280 for (const auto& context : mToplevels) { 281 if (!context->InactiveForSuspend()) { 282 return false; 283 } 284 } 285 return true; 286 } 287 288 BrowsingContextGroup::~BrowsingContextGroup() { Destroy(); } 289 290 void BrowsingContextGroup::Destroy() { 291 #ifdef MOZ_DIAGNOSTIC_ASSERT_ENABLED 292 if (mDestroyed) { 293 MOZ_DIAGNOSTIC_ASSERT(mHosts.Count() == 0); 294 MOZ_DIAGNOSTIC_ASSERT(mSubscribers.Count() == 0); 295 MOZ_DIAGNOSTIC_ASSERT_IF(sBrowsingContextGroups, 296 !sBrowsingContextGroups->Contains(Id()) || 297 *sBrowsingContextGroups->Lookup(Id()) != this); 298 } 299 mDestroyed = true; 300 #endif 301 302 // Make sure to call `RemoveBrowsingContextGroup` for every entry in both 303 // `mHosts` and `mSubscribers`. This will visit most entries twice, but 304 // `RemoveBrowsingContextGroup` is safe to call multiple times. 305 for (const auto& entry : mHosts.Values()) { 306 entry->RemoveBrowsingContextGroup(this); 307 } 308 for (const auto& key : mSubscribers) { 309 key->RemoveBrowsingContextGroup(this); 310 } 311 mHosts.Clear(); 312 mSubscribers.Clear(); 313 314 if (sBrowsingContextGroups) { 315 sBrowsingContextGroups->Remove(Id()); 316 } 317 } 318 319 void BrowsingContextGroup::AddKeepAlive() { 320 MOZ_DIAGNOSTIC_ASSERT(!mDestroyed); 321 MOZ_DIAGNOSTIC_ASSERT(XRE_IsParentProcess()); 322 mKeepAliveCount++; 323 } 324 325 void BrowsingContextGroup::RemoveKeepAlive() { 326 MOZ_DIAGNOSTIC_ASSERT(!mDestroyed); 327 MOZ_DIAGNOSTIC_ASSERT(mKeepAliveCount > 0); 328 MOZ_DIAGNOSTIC_ASSERT(XRE_IsParentProcess()); 329 mKeepAliveCount--; 330 331 MaybeDestroy(); 332 } 333 334 auto BrowsingContextGroup::MakeKeepAlivePtr() -> KeepAlivePtr { 335 AddKeepAlive(); 336 return KeepAlivePtr{do_AddRef(this).take()}; 337 } 338 339 void BrowsingContextGroup::MaybeDestroy() { 340 // Once there are no synced contexts referencing a `BrowsingContextGroup`, we 341 // can clear subscribers and destroy this group. We only do this in the parent 342 // process, as it will orchestrate destruction of BCGs in content processes. 343 if (XRE_IsParentProcess() && mContexts.IsEmpty() && mKeepAliveCount == 0 && 344 this != sChromeGroup) { 345 Destroy(); 346 347 // We may have been deleted here, as `Destroy()` will clear references. Do 348 // not access any members at this point. 349 } 350 } 351 352 void BrowsingContextGroup::ChildDestroy() { 353 MOZ_DIAGNOSTIC_ASSERT(XRE_IsContentProcess()); 354 MOZ_DIAGNOSTIC_ASSERT(!mDestroyed); 355 MOZ_DIAGNOSTIC_ASSERT(mContexts.IsEmpty()); 356 Destroy(); 357 } 358 359 nsISupports* BrowsingContextGroup::GetParentObject() const { 360 return xpc::NativeGlobal(xpc::PrivilegedJunkScope()); 361 } 362 363 JSObject* BrowsingContextGroup::WrapObject(JSContext* aCx, 364 JS::Handle<JSObject*> aGivenProto) { 365 return BrowsingContextGroup_Binding::Wrap(aCx, this, aGivenProto); 366 } 367 368 nsresult BrowsingContextGroup::QueuePostMessageEvent(nsIRunnable* aRunnable) { 369 MOZ_ASSERT(StaticPrefs::dom_separate_event_queue_for_post_message_enabled()); 370 371 if (!mPostMessageEventQueue) { 372 nsCOMPtr<nsISerialEventTarget> target = GetMainThreadSerialEventTarget(); 373 mPostMessageEventQueue = ThrottledEventQueue::Create( 374 target, "PostMessage Queue", 375 nsIRunnablePriority::PRIORITY_DEFERRED_TIMERS); 376 nsresult rv = mPostMessageEventQueue->SetIsPaused(false); 377 MOZ_ALWAYS_SUCCEEDS(rv); 378 } 379 380 // Ensure the queue is enabled 381 if (mPostMessageEventQueue->IsPaused()) { 382 nsresult rv = mPostMessageEventQueue->SetIsPaused(false); 383 MOZ_ALWAYS_SUCCEEDS(rv); 384 } 385 386 return mPostMessageEventQueue->Dispatch(aRunnable, NS_DISPATCH_NORMAL); 387 } 388 389 void BrowsingContextGroup::FlushPostMessageEvents() { 390 if (!mPostMessageEventQueue) { 391 return; 392 } 393 nsresult rv = mPostMessageEventQueue->SetIsPaused(true); 394 MOZ_ALWAYS_SUCCEEDS(rv); 395 nsCOMPtr<nsIRunnable> event; 396 while ((event = mPostMessageEventQueue->GetEvent())) { 397 NS_DispatchToMainThread(event.forget()); 398 } 399 } 400 401 bool BrowsingContextGroup::HasActiveBC() { 402 for (auto& topLevelBC : Toplevels()) { 403 if (topLevelBC->IsActive()) { 404 return true; 405 } 406 } 407 return false; 408 } 409 410 void BrowsingContextGroup::IncInputEventSuspensionLevel() { 411 MOZ_ASSERT(StaticPrefs::dom_input_events_canSuspendInBCG_enabled()); 412 if (!mHasIncreasedInputTaskManagerSuspensionLevel && HasActiveBC()) { 413 IncInputTaskManagerSuspensionLevel(); 414 } 415 ++mInputEventSuspensionLevel; 416 } 417 418 void BrowsingContextGroup::DecInputEventSuspensionLevel() { 419 MOZ_ASSERT(StaticPrefs::dom_input_events_canSuspendInBCG_enabled()); 420 --mInputEventSuspensionLevel; 421 if (!mInputEventSuspensionLevel && 422 mHasIncreasedInputTaskManagerSuspensionLevel) { 423 DecInputTaskManagerSuspensionLevel(); 424 } 425 } 426 427 void BrowsingContextGroup::DecInputTaskManagerSuspensionLevel() { 428 MOZ_ASSERT(StaticPrefs::dom_input_events_canSuspendInBCG_enabled()); 429 MOZ_ASSERT(mHasIncreasedInputTaskManagerSuspensionLevel); 430 431 InputTaskManager::Get()->DecSuspensionLevel(); 432 mHasIncreasedInputTaskManagerSuspensionLevel = false; 433 } 434 435 void BrowsingContextGroup::IncInputTaskManagerSuspensionLevel() { 436 MOZ_ASSERT(StaticPrefs::dom_input_events_canSuspendInBCG_enabled()); 437 MOZ_ASSERT(!mHasIncreasedInputTaskManagerSuspensionLevel); 438 MOZ_ASSERT(HasActiveBC()); 439 440 InputTaskManager::Get()->IncSuspensionLevel(); 441 mHasIncreasedInputTaskManagerSuspensionLevel = true; 442 } 443 444 void BrowsingContextGroup::UpdateInputTaskManagerIfNeeded(bool aIsActive) { 445 MOZ_ASSERT(StaticPrefs::dom_input_events_canSuspendInBCG_enabled()); 446 if (!aIsActive) { 447 if (mHasIncreasedInputTaskManagerSuspensionLevel) { 448 MOZ_ASSERT(mInputEventSuspensionLevel > 0); 449 if (!HasActiveBC()) { 450 DecInputTaskManagerSuspensionLevel(); 451 } 452 } 453 } else { 454 if (mInputEventSuspensionLevel && 455 !mHasIncreasedInputTaskManagerSuspensionLevel) { 456 IncInputTaskManagerSuspensionLevel(); 457 } 458 } 459 } 460 461 /* static */ 462 BrowsingContextGroup* BrowsingContextGroup::GetChromeGroup() { 463 MOZ_DIAGNOSTIC_ASSERT(XRE_IsParentProcess()); 464 if (!sChromeGroup && XRE_IsParentProcess()) { 465 sChromeGroup = BrowsingContextGroup::Create(); 466 ClearOnShutdown(&sChromeGroup); 467 } 468 469 return sChromeGroup; 470 } 471 472 void BrowsingContextGroup::GetDocGroups(nsTArray<DocGroup*>& aDocGroups) { 473 MOZ_ASSERT(NS_IsMainThread()); 474 AppendToArray(aDocGroups, mDocGroups.Values()); 475 } 476 477 already_AddRefed<DocGroup> BrowsingContextGroup::AddDocument( 478 Document* aDocument) { 479 MOZ_ASSERT(NS_IsMainThread()); 480 481 nsCOMPtr<nsIPrincipal> principal = aDocument->NodePrincipal(); 482 483 // Determine the DocGroup (agent cluster) key to use for this principal. 484 // 485 // https://html.spec.whatwg.org/#obtain-similar-origin-window-agent 486 DocGroupKey key; 487 if (auto originKeyed = UsesOriginAgentCluster(principal)) { 488 key.mOriginKeyed = *originKeyed; 489 } else { 490 #ifdef MOZ_DIAGNOSTIC_ASSERT_ENABLED 491 MOZ_CRASH( 492 "Document loading without first determining origin keying for origin!"); 493 #endif 494 key.mOriginKeyed = false; 495 } 496 if (key.mOriginKeyed) { 497 nsresult rv = principal->GetOrigin(key.mKey); 498 NS_ENSURE_SUCCESS(rv, nullptr); 499 } else { 500 nsresult rv = principal->GetSiteOrigin(key.mKey); 501 NS_ENSURE_SUCCESS(rv, nullptr); 502 } 503 504 RefPtr<DocGroup>& docGroup = mDocGroups.LookupOrInsertWith( 505 key, [&] { return DocGroup::Create(this, key); }); 506 507 docGroup->AddDocument(aDocument); 508 return do_AddRef(docGroup); 509 } 510 511 void BrowsingContextGroup::RemoveDocument(Document* aDocument, 512 DocGroup* aDocGroup) { 513 MOZ_ASSERT(NS_IsMainThread()); 514 RefPtr<DocGroup> docGroup = aDocGroup; 515 // Removing the last document in DocGroup might decrement the 516 // DocGroup BrowsingContextGroup's refcount to 0. 517 RefPtr<BrowsingContextGroup> kungFuDeathGrip(this); 518 docGroup->RemoveDocument(aDocument); 519 520 if (docGroup->IsEmpty()) { 521 mDocGroups.Remove(docGroup->GetKey()); 522 } 523 } 524 525 already_AddRefed<BrowsingContextGroup> BrowsingContextGroup::Select( 526 WindowContext* aParent, BrowsingContext* aOpener) { 527 if (aParent) { 528 return do_AddRef(aParent->Group()); 529 } 530 if (aOpener) { 531 return do_AddRef(aOpener->Group()); 532 } 533 return Create(); 534 } 535 536 void BrowsingContextGroup::GetAllGroups( 537 nsTArray<RefPtr<BrowsingContextGroup>>& aGroups) { 538 aGroups.Clear(); 539 if (!sBrowsingContextGroups) { 540 return; 541 } 542 543 aGroups = ToArray(sBrowsingContextGroups->Values()); 544 } 545 546 // For tests only. 547 void BrowsingContextGroup::ResetDialogAbuseState() { 548 mDialogAbuseCount = 0; 549 // Reset the timer. 550 mLastDialogQuitTime = 551 TimeStamp::Now() - 552 TimeDuration::FromSeconds(DEFAULT_SUCCESSIVE_DIALOG_TIME_LIMIT); 553 } 554 555 bool BrowsingContextGroup::DialogsAreBeingAbused() { 556 if (mLastDialogQuitTime.IsNull() || nsContentUtils::IsCallerChrome()) { 557 return false; 558 } 559 560 TimeDuration dialogInterval(TimeStamp::Now() - mLastDialogQuitTime); 561 if (dialogInterval.ToSeconds() < 562 Preferences::GetInt("dom.successive_dialog_time_limit", 563 DEFAULT_SUCCESSIVE_DIALOG_TIME_LIMIT)) { 564 mDialogAbuseCount++; 565 566 return PopupBlocker::GetPopupControlState() > PopupBlocker::openAllowed || 567 mDialogAbuseCount > MAX_SUCCESSIVE_DIALOG_COUNT; 568 } 569 570 // Reset the abuse counter 571 mDialogAbuseCount = 0; 572 573 return false; 574 } 575 576 bool BrowsingContextGroup::IsPotentiallyCrossOriginIsolated() { 577 return GetBrowsingContextGroupIdFlags(mId) & 578 kPotentiallyCrossOriginIsolatedFlag; 579 } 580 581 void BrowsingContextGroup::NotifyFocusedOrActiveBrowsingContextToProcess( 582 ContentParent* aProcess) { 583 MOZ_DIAGNOSTIC_ASSERT(aProcess); 584 // If the focused or active BrowsingContexts belong in this group, 585 // tell the newly subscribed process. 586 if (nsFocusManager* fm = nsFocusManager::GetFocusManager()) { 587 BrowsingContext* focused = fm->GetFocusedBrowsingContextInChrome(); 588 if (focused && focused->Group() != this) { 589 focused = nullptr; 590 } 591 BrowsingContext* active = fm->GetActiveBrowsingContextInChrome(); 592 if (active && active->Group() != this) { 593 active = nullptr; 594 } 595 596 if (focused || active) { 597 (void)aProcess->SendSetupFocusedAndActive( 598 focused, fm->GetActionIdForFocusedBrowsingContextInChrome(), active, 599 fm->GetActionIdForActiveBrowsingContextInChrome()); 600 } 601 } 602 } 603 604 // Non-http(s) principals always use origin agent clusters. 605 static bool AlwaysUseOriginAgentCluster(nsIPrincipal* aPrincipal) { 606 return !aPrincipal->GetIsContentPrincipal() || 607 (!aPrincipal->SchemeIs("http") && !aPrincipal->SchemeIs("https")); 608 } 609 610 void BrowsingContextGroup::SetUseOriginAgentClusterFromNetwork( 611 nsIPrincipal* aPrincipal, bool aUseOriginAgentCluster) { 612 MOZ_ASSERT(XRE_IsParentProcess()); 613 // Ignore this set call if it will have no effect on loads in this BCG (e.g. 614 // because the BCG is cross-origin isolated or the origin will always be 615 // origin-keyed). 616 if (AlwaysUseOriginAgentCluster(aPrincipal) || 617 IsPotentiallyCrossOriginIsolated()) { 618 return; 619 } 620 621 MOZ_ASSERT(!mUseOriginAgentCluster.Contains(aPrincipal)); 622 mUseOriginAgentCluster.InsertOrUpdate(aPrincipal, aUseOriginAgentCluster); 623 624 // Tell any content processes subscribed to this BrowsingContextGroup about 625 // the new flag. 626 EachParent([&](ContentParent* aContentParent) { 627 // If this ContentParent can never load this principal, don't send it the 628 // information. 629 if (!aContentParent->ValidatePrincipal(aPrincipal)) { 630 return; 631 } 632 633 (void)aContentParent->SendSetUseOriginAgentCluster( 634 Id(), WrapNotNull(aPrincipal), aUseOriginAgentCluster); 635 }); 636 } 637 638 void BrowsingContextGroup::SetUseOriginAgentClusterFromIPC( 639 nsIPrincipal* aPrincipal, bool aUseOriginAgentCluster) { 640 MOZ_ASSERT(!AlwaysUseOriginAgentCluster(aPrincipal)); 641 MOZ_ASSERT(!IsPotentiallyCrossOriginIsolated()); 642 MOZ_ASSERT(!mUseOriginAgentCluster.Contains(aPrincipal)); 643 mUseOriginAgentCluster.InsertOrUpdate(aPrincipal, aUseOriginAgentCluster); 644 } 645 646 Maybe<bool> BrowsingContextGroup::UsesOriginAgentCluster( 647 nsIPrincipal* aPrincipal) { 648 // Check if agent clusters (DocGroups) for aPrincipal should be origin-keyed. 649 // https://html.spec.whatwg.org/#origin-keyed-agent-clusters 650 if (AlwaysUseOriginAgentCluster(aPrincipal) || 651 IsPotentiallyCrossOriginIsolated()) { 652 return Some(true); 653 } 654 655 // If this assertion fails, we may return `Nothing()` below unexpectedly, as 656 // the parent process may have chosen to not process-switch. 657 MOZ_DIAGNOSTIC_ASSERT( 658 XRE_IsParentProcess() || 659 ValidatePrincipalCouldPotentiallyBeLoadedBy( 660 aPrincipal, ContentChild::GetSingleton()->GetRemoteType(), {}), 661 "Attempting to create document with unexpected principal"); 662 663 if (auto entry = mUseOriginAgentCluster.Lookup(aPrincipal)) { 664 return Some(entry.Data()); 665 } 666 return Nothing(); 667 } 668 669 void BrowsingContextGroup::EnsureUsesOriginAgentClusterInitialized( 670 nsIPrincipal* aPrincipal) { 671 if (UsesOriginAgentCluster(aPrincipal).isSome()) { 672 return; 673 } 674 675 MOZ_RELEASE_ASSERT(!XRE_IsContentProcess(), 676 "Cannot determine origin-keying in content process!"); 677 678 // We're about to load a document for this principal without hitting the 679 // network, so simulate no HTTP header being received on the network. 680 SetUseOriginAgentClusterFromNetwork( 681 aPrincipal, StaticPrefs::dom_origin_agent_cluster_default()); 682 } 683 684 NS_IMPL_CYCLE_COLLECTION_WRAPPERCACHE(BrowsingContextGroup, mContexts, 685 mToplevels, mHosts, mSubscribers, 686 mTimerEventQueue, mWorkerEventQueue, 687 mDocGroups) 688 689 } // namespace mozilla::dom