Only use ephemeral storage when storage would otherwise be blocked

chromium_src/components/content_settings/browser/content_settings_manager_impl.cc

@@ -0,0 +1,99 @@
+/* Copyright (c) 2020 The Brave Authors. All rights reserved.
+ * This Source Code Form is subject to the terms of the Mozilla Public
+ * License, v. 2.0. If a copy of the MPL was not distributed with this file,
+ * You can obtain one at http://mozilla.org/MPL/2.0/. */
+
+#include "components/content_settings/browser/content_settings_manager_impl.h"
+
+#include "components/content_settings/browser/page_specific_content_settings.h"
+#include "components/content_settings/core/browser/cookie_settings.h"
+#include "components/page_load_metrics/browser/page_load_metrics_observer.h"
+
+namespace content_settings {
+namespace {
+void OnStorageAccessed(int process_id,
+                       int frame_id,
+                       const GURL& origin_url,
+                       const GURL& top_origin_url,
+                       bool blocked_by_policy,
+                       page_load_metrics::StorageType storage_type);
+
+void OnDomStorageAccessed(int process_id,
+                          int frame_id,
+                          const GURL& origin_url,
+                          const GURL& top_origin_url,
+                          bool local,
+                          bool blocked_by_policy);
+}  // namespace
+
+void ContentSettingsManagerImpl::AllowStorageAccessWithoutEphemeralStorage(
+    int32_t render_frame_id,
+    StorageType storage_type,
+    const url::Origin& origin,
+    const GURL& site_for_cookies,
+    const url::Origin& top_frame_origin,
+    base::OnceCallback<void(bool)> callback) {
+  GURL url = origin.GetURL();
+  bool allowed = cookie_settings_->IsCookieAccessAllowed(url, site_for_cookies,
+                                                         top_frame_origin);
+  if (delegate_->AllowStorageAccess(render_process_id_, render_frame_id,
+                                    storage_type, url, allowed, &callback)) {
+    DCHECK(!callback);
+    return;
+  }
+
+  switch (storage_type) {
+    case StorageType::DATABASE:
+      PageSpecificContentSettings::WebDatabaseAccessed(
+          render_process_id_, render_frame_id, url, !allowed);
+      break;
+    case StorageType::LOCAL_STORAGE:
+      OnDomStorageAccessed(render_process_id_, render_frame_id, url,
+                           top_frame_origin.GetURL(), true, !allowed);
+      OnStorageAccessed(render_process_id_, render_frame_id, url,
+                        top_frame_origin.GetURL(), !allowed,
+                        page_load_metrics::StorageType::kLocalStorage);
+      break;
+    case StorageType::SESSION_STORAGE:
+      OnDomStorageAccessed(render_process_id_, render_frame_id, url,
+                           top_frame_origin.GetURL(), false, !allowed);
+      OnStorageAccessed(render_process_id_, render_frame_id, url,
+                        top_frame_origin.GetURL(), !allowed,
+                        page_load_metrics::StorageType::kSessionStorage);
+
+      break;
+    case StorageType::FILE_SYSTEM:
+      PageSpecificContentSettings::FileSystemAccessed(
+          render_process_id_, render_frame_id, url, !allowed);
+      OnStorageAccessed(render_process_id_, render_frame_id, url,
+                        top_frame_origin.GetURL(), !allowed,
+                        page_load_metrics::StorageType::kFileSystem);
+      break;
+    case StorageType::INDEXED_DB:
+      PageSpecificContentSettings::IndexedDBAccessed(
+          render_process_id_, render_frame_id, url, !allowed);
+      OnStorageAccessed(render_process_id_, render_frame_id, url,
+                        top_frame_origin.GetURL(), !allowed,
+                        page_load_metrics::StorageType::kIndexedDb);
+      break;
+    case StorageType::CACHE:
+      PageSpecificContentSettings::CacheStorageAccessed(
+          render_process_id_, render_frame_id, url, !allowed);
+      OnStorageAccessed(render_process_id_, render_frame_id, url,
+                        top_frame_origin.GetURL(), !allowed,
+                        page_load_metrics::StorageType::kCacheStorage);
+      break;
+    case StorageType::WEB_LOCKS:
+      // State not persisted, no need to record anything.
+      break;
+  }
+
+  std::move(callback).Run(allowed);
+}
+}  // namespace content_settings
+
+#define IsCookieAccessAllowed IsCookieAccessOrEphemeralCookiesAccessAllowed
+
+#include "../../../../../components/content_settings/browser/content_settings_manager_impl.cc"
+
+#undef IsCookieAccessAllowed

chromium_src/components/content_settings/browser/content_settings_manager_impl.h

@@ -0,0 +1,21 @@
+/* Copyright (c) 2020 The Brave Authors. All rights reserved.
+ * This Source Code Form is subject to the terms of the Mozilla Public
+ * License, v. 2.0. If a copy of the MPL was not distributed with this file,
+ * You can obtain one at http://mozilla.org/MPL/2.0/. */
+
+#ifndef BRAVE_CHROMIUM_SRC_COMPONENTS_CONTENT_SETTINGS_BROWSER_CONTENT_SETTINGS_MANAGER_IMPL_H_
+#define BRAVE_CHROMIUM_SRC_COMPONENTS_CONTENT_SETTINGS_BROWSER_CONTENT_SETTINGS_MANAGER_IMPL_H_
+
+#define BRAVE_CONTENT_SETTINGS_MANAGER_IMPL_H                  \
+ public:                                                       \
+  void AllowStorageAccessWithoutEphemeralStorage(              \
+      int32_t render_frame_id, StorageType storage_type,       \
+      const url::Origin& origin, const GURL& site_for_cookies, \
+      const url::Origin& top_frame_origin,                     \
+      base::OnceCallback<void(bool)> callback) override;
+
+#include "../../../../../components/content_settings/browser/content_settings_manager_impl.h"
+
+#undef BRAVE_CONTENT_SETTINGS_MANAGER_IMPL_H
+
+#endif  // BRAVE_CHROMIUM_SRC_COMPONENTS_CONTENT_SETTINGS_BROWSER_CONTENT_SETTINGS_MANAGER_IMPL_H_

chromium_src/components/content_settings/core/common/cookie_settings_base.cc

@@ -11,6 +11,7 @@
 #include "components/content_settings/core/common/content_settings.h"
 #include "components/content_settings/core/common/content_settings_pattern.h"
 #include "components/content_settings/core/common/features.h"
+#include "net/base/features.h"
 #include "net/base/registry_controlled_domains/registry_controlled_domain.h"
 #include "url/gurl.h"
 #include "url/origin.h"
@@ -171,6 +172,33 @@ bool CookieSettingsBase::IsCookieAccessAllowed(
   return IsChromiumCookieAccessAllowed(url, site_for_cookies, top_frame_origin);
 }
 
+bool CookieSettingsBase::IsAllCookiesBlocked(
+    const GURL& url,
+    const GURL& site_for_cookies,
+    const base::Optional<url::Origin>& top_frame_origin) const {
+  // Get content settings only - do not consider default 3rd-party blocking.
+  ContentSetting setting;
+  GetCookieSettingInternal(
+      url, top_frame_origin ? top_frame_origin->GetURL() : site_for_cookies,
+      false, nullptr, &setting);
+  return setting == CONTENT_SETTING_BLOCK;
+}
+
+bool CookieSettingsBase::IsCookieAccessOrEphemeralCookiesAccessAllowed(
+    const GURL& url,
+    const GURL& site_for_cookies,
+    const base::Optional<url::Origin>& top_frame_origin) const {
+  if (IsCookieAccessAllowed(url, site_for_cookies, top_frame_origin))
+    return true;
+  if (IsAllCookiesBlocked(url, site_for_cookies, top_frame_origin))
+    return false;
+  if (!base::FeatureList::IsEnabled(net::features::kBraveEphemeralStorage))
+    return false;
+  if (!top_frame_origin.has_value())
+    return false;
+  return *top_frame_origin != url::Origin::Create(url);
+}
+
 }  // namespace content_settings
 
 #define IsCookieAccessAllowed IsChromiumCookieAccessAllowed

chromium_src/components/content_settings/core/common/cookie_settings_base.h

@@ -6,13 +6,20 @@
 #ifndef BRAVE_CHROMIUM_SRC_COMPONENTS_CONTENT_SETTINGS_CORE_COMMON_COOKIE_SETTINGS_BASE_H_
 #define BRAVE_CHROMIUM_SRC_COMPONENTS_CONTENT_SETTINGS_CORE_COMMON_COOKIE_SETTINGS_BASE_H_
 
-#define BRAVE_COOKIE_SETTINGS_BASE_H                                      \
- private:                                                                 \
-  bool IsChromiumCookieAccessAllowed(const GURL& url,                     \
-                                     const GURL& first_party_url) const;  \
-  bool IsChromiumCookieAccessAllowed(                                     \
-      const GURL& url,                                                    \
-      const GURL& site_for_cookies,                                       \
+#define BRAVE_COOKIE_SETTINGS_BASE_H                                     \
+ private:                                                                \
+  bool IsChromiumCookieAccessAllowed(const GURL& url,                    \
+                                     const GURL& first_party_url) const; \
+  bool IsChromiumCookieAccessAllowed(                                    \
+      const GURL& url, const GURL& site_for_cookies,                     \
+      const base::Optional<url::Origin>& top_frame_origin) const;        \
+  bool IsAllCookiesBlocked(                                              \
+      const GURL& url, const GURL& site_for_cookies,                     \
+      const base::Optional<url::Origin>& top_frame_origin) const;        \
+                                                                         \
+ public:                                                                 \
+  bool IsCookieAccessOrEphemeralCookiesAccessAllowed(                    \
+      const GURL& url, const GURL& site_for_cookies,                     \
       const base::Optional<url::Origin>& top_frame_origin) const;
 
 #include "../../../../../../components/content_settings/core/common/cookie_settings_base.h"

chromium_src/net/base/network_delegate.cc

@@ -0,0 +1,26 @@
+/* Copyright (c) 2020 The Brave Authors. All rights reserved.
+ * This Source Code Form is subject to the terms of the Mozilla Public
+ * License, v. 2.0. If a copy of the MPL was not distributed with this file,
+ * You can obtain one at http://mozilla.org/MPL/2.0/. */
+
+#include "net/base/network_delegate.h"
+
+#include "net/url_request/url_request.h"
+
+namespace net {
+bool NetworkDelegate::OnCanGetCookiesWithoutEphemeralCookies(
+    const URLRequest& request,
+    bool allowed_from_caller) {
+  return OnCanGetCookies(request, allowed_from_caller);
+}
+
+bool NetworkDelegate::OnCanSetCookieWithoutEphemeralCookies(
+    const URLRequest& request,
+    const CanonicalCookie& cookie,
+    CookieOptions* options,
+    bool allowed_from_caller) {
+  return OnCanSetCookie(request, cookie, options, allowed_from_caller);
+}
+}  // namespace net
+
+#include "../../../../net/base/network_delegate.cc"

chromium_src/net/base/network_delegate.h

@@ -0,0 +1,20 @@
+/* Copyright (c) 2019 The Brave Authors. All rights reserved.
+ * This Source Code Form is subject to the terms of the Mozilla Public
+ * License, v. 2.0. If a copy of the MPL was not distributed with this file,
+ * You can obtain one at http://mozilla.org/MPL/2.0/. */
+
+#ifndef BRAVE_CHROMIUM_SRC_NET_BASE_NETWORK_DELEGATE_H_
+#define BRAVE_CHROMIUM_SRC_NET_BASE_NETWORK_DELEGATE_H_
+
+#define BRAVE_NETWORK_DELEGATE_H                                \
+  virtual bool OnCanGetCookiesWithoutEphemeralCookies(          \
+      const URLRequest& request, bool allowed_from_caller);     \
+  virtual bool OnCanSetCookieWithoutEphemeralCookies(           \
+      const URLRequest& request, const CanonicalCookie& cookie, \
+      CookieOptions* options, bool allowed_from_caller);
+
+#include "../../../../net/base/network_delegate.h"
+
+#undef BRAVE_NETWORK_DELEGATE_H
+
+#endif  // BRAVE_CHROMIUM_SRC_NET_BASE_NETWORK_DELEGATE_H_

chromium_src/net/url_request/url_request_http_job.cc

@@ -6,32 +6,39 @@
 #include "net/url_request/url_request_http_job.h"
 
 #include "base/bind.h"
-#include "net/base/features.h"
 #include "net/base/isolation_info.h"
 #include "net/cookies/cookie_monster.h"
 #include "net/url_request/url_request.h"
 
-namespace {
+namespace net {
 
-bool ShouldUseEphemeralStorage(net::URLRequestHttpJob* http_job) {
-  if (!base::FeatureList::IsEnabled(net::features::kBraveEphemeralStorage))
+bool URLRequestHttpJob::CanGetNonEphemeralCookies() {
+  if (request_info_.privacy_mode != PRIVACY_MODE_DISABLED)
     return false;
-
-  const net::IsolationInfo& isolation_info =
-      http_job->request()->isolation_info();
-  if (!isolation_info.top_frame_origin().has_value() ||
-      !isolation_info.frame_origin().has_value())
+  if (!request_)
     return false;
-  if (*isolation_info.top_frame_origin() == *isolation_info.frame_origin())
+  if (!request_->network_delegate())
     return false;
+  return request_->network_delegate()->OnCanGetCookiesWithoutEphemeralCookies(
+      *request_, /*allowed_from_caller=*/true);
+}
 
-  return true;
+bool URLRequestHttpJob::CanSetNonEphemeralCookie(
+    const net::CanonicalCookie& cookie,
+    CookieOptions* options) {
+  if (!request_)
+    return false;
+  if (!request_->network_delegate())
+    return false;
+  return request_->network_delegate()->OnCanSetCookieWithoutEphemeralCookies(
+      *request_, cookie, options,
+      /*allowed_from_caller=*/true);
 }
 
-}  // namespace
+}  // namespace net
 
 #define BRAVE_ADDCOOKIEHEADERANDSTART                                          \
-  if (ShouldUseEphemeralStorage(this))                                         \
+  if (!CanGetNonEphemeralCookies())                                            \
     static_cast<CookieMonster*>(cookie_store)                                  \
         ->GetEphemeralCookieListWithOptionsAsync(                              \
             request_->url(),                                                   \
@@ -41,7 +48,7 @@ bool ShouldUseEphemeralStorage(net::URLRequestHttpJob* http_job) {
   else
 
 #define BRAVE_SAVECOOKIESANDNOTIFYHEADERSCOMPLETE                              \
-  if (ShouldUseEphemeralStorage(this))                                         \
+  if (!CanSetNonEphemeralCookie(*cookie, &options))                            \
     static_cast<CookieMonster*>(request_->context()->cookie_store())           \
         ->SetEphemeralCanonicalCookieAsync(                                    \
             std::move(cookie), request_->url(),                                \

chromium_src/net/url_request/url_request_http_job.h

@@ -0,0 +1,20 @@
+/* Copyright (c) 2020 The Brave Authors. All rights reserved.
+ * This Source Code Form is subject to the terms of the Mozilla Public
+ * License, v. 2.0. If a copy of the MPL was not distributed with this file,
+ * You can obtain one at http://mozilla.org/MPL/2.0/. */
+
+#ifndef BRAVE_CHROMIUM_SRC_NET_URL_REQUEST_URL_REQUEST_HTTP_JOB_H_
+#define BRAVE_CHROMIUM_SRC_NET_URL_REQUEST_URL_REQUEST_HTTP_JOB_H_
+
+#define ShouldFixMismatchedContentLength                                      \
+  CanGetNonEphemeralCookies();                                                \
+  bool CanSetNonEphemeralCookie(const net::CanonicalCookie&, CookieOptions*); \
+  bool CanSetCookieIncludingEphemeral(const net::CanonicalCookie&,            \
+                                      CookieOptions*);                        \
+  bool ShouldFixMismatchedContentLength
+
+#include "../../../../net/url_request/url_request_http_job.h"
+
+#undef ShouldFixMismatchedContentLength
+
+#endif  // BRAVE_CHROMIUM_SRC_NET_URL_REQUEST_URL_REQUEST_HTTP_JOB_H_