From 7f279821027f5e3edc875f7bf4389e1ea693a7de Mon Sep 17 00:00:00 2001 From: brave-builds Date: Wed, 24 Jun 2020 01:13:00 +0000 Subject: [PATCH] Uplift of #5879 (squashed) to beta --- .../browser/brave_shields_util.cc | 57 ++++++++++++---- .../browser/brave_shields_util_unittest.cc | 41 +++++++----- components/brave_shields/common/BUILD.gn | 4 ++ .../common/brave_shield_utils.cc | 49 ++++++++++++++ .../brave_shields/common/brave_shield_utils.h | 17 +++++ renderer/brave_content_settings_agent_impl.cc | 65 +++---------------- renderer/brave_content_settings_agent_impl.h | 5 -- 7 files changed, 148 insertions(+), 90 deletions(-) create mode 100644 components/brave_shields/common/brave_shield_utils.cc create mode 100644 components/brave_shields/common/brave_shield_utils.h diff --git a/components/brave_shields/browser/brave_shields_util.cc b/components/brave_shields/browser/brave_shields_util.cc index 5207bf69e278..b22ca857b52e 100644 --- a/components/brave_shields/browser/brave_shields_util.cc +++ b/components/brave_shields/browser/brave_shields_util.cc @@ -16,6 +16,7 @@ #include "brave/components/brave_shields/browser/brave_shields_web_contents_observer.h" #include "brave/components/brave_shields/browser/referrer_whitelist_service.h" #include "brave/components/brave_shields/common/brave_shield_constants.h" +#include "brave/components/brave_shields/common/brave_shield_utils.h" #include "brave/components/brave_shields/common/features.h" #include "brave/components/content_settings/core/common/content_settings_util.h" #include "chrome/browser/content_settings/host_content_settings_map_factory.h" @@ -332,25 +333,53 @@ void SetFingerprintingControlType(Profile* profile, if (!primary_pattern.IsValid()) return; - auto* map = HostContentSettingsMapFactory::GetForProfile(profile); - map->SetContentSettingCustomScope( - primary_pattern, ContentSettingsPattern::Wildcard(), - ContentSettingsType::PLUGINS, kFingerprintingV2, - GetDefaultAllowFromControlType(type)); + // Clear previous value to have only one rule for one pattern. + HostContentSettingsMapFactory::GetForProfile(profile)-> + SetContentSettingCustomScope( + primary_pattern, + ContentSettingsPattern::FromString("https://balanced/*"), + ContentSettingsType::PLUGINS, + kFingerprintingV2, + CONTENT_SETTING_DEFAULT); + HostContentSettingsMapFactory::GetForProfile(profile)-> + SetContentSettingCustomScope(primary_pattern, + ContentSettingsPattern::Wildcard(), + ContentSettingsType::PLUGINS, + kFingerprintingV2, + CONTENT_SETTING_DEFAULT); + + auto content_setting = CONTENT_SETTING_BLOCK; + auto secondary_pattern = + ContentSettingsPattern::FromString("https://balanced/*"); + + if (type != ControlType::DEFAULT) { + content_setting = GetDefaultBlockFromControlType(type); + secondary_pattern = ContentSettingsPattern::Wildcard(); + } + + HostContentSettingsMapFactory::GetForProfile(profile)-> + SetContentSettingCustomScope(primary_pattern, + secondary_pattern, + ContentSettingsType::PLUGINS, + kFingerprintingV2, + content_setting); RecordShieldsSettingChanged(); } ControlType GetFingerprintingControlType(Profile* profile, const GURL& url) { - auto* map = HostContentSettingsMapFactory::GetForProfile(profile); - ContentSetting setting = map->GetContentSetting( - url, GURL(), ContentSettingsType::PLUGINS, kFingerprintingV2); - if (setting == CONTENT_SETTING_BLOCK) { - return ControlType::BLOCK; - } else if (setting == CONTENT_SETTING_ALLOW) { - return ControlType::ALLOW; - } - return ControlType::DEFAULT; + ContentSettingsForOneType fingerprinting_rules; + HostContentSettingsMapFactory::GetForProfile(profile)-> + GetSettingsForOneType(ContentSettingsType::PLUGINS, + brave_shields::kFingerprintingV2, + &fingerprinting_rules); + + ContentSetting fp_setting = + GetBraveFPContentSettingFromRules(fingerprinting_rules, url); + if (fp_setting == CONTENT_SETTING_DEFAULT) + return ControlType::DEFAULT; + return fp_setting == CONTENT_SETTING_ALLOW ? ControlType::ALLOW + : ControlType::BLOCK; } void SetHTTPSEverywhereEnabled(Profile* profile, diff --git a/components/brave_shields/browser/brave_shields_util_unittest.cc b/components/brave_shields/browser/brave_shields_util_unittest.cc index 98b636ecb498..c87b6c140790 100644 --- a/components/brave_shields/browser/brave_shields_util_unittest.cc +++ b/components/brave_shields/browser/brave_shields_util_unittest.cc @@ -617,24 +617,33 @@ TEST_F(BraveShieldsUtilTest, SetFingerprintingControlType_Default) { /* DEFAULT */ brave_shields::SetFingerprintingControlType( profile(), ControlType::DEFAULT, GURL()); - setting = - map->GetContentSetting(GURL(), GURL(), ContentSettingsType::PLUGINS, - brave_shields::kFingerprintingV2); - EXPECT_EQ(CONTENT_SETTING_DEFAULT, setting); - setting = map->GetContentSetting(GURL(), GURL("https://firstParty"), - ContentSettingsType::PLUGINS, - brave_shields::kFingerprintingV2); - EXPECT_EQ(CONTENT_SETTING_DEFAULT, setting); + ControlType type = + brave_shields::GetFingerprintingControlType(profile(), GURL()); + EXPECT_EQ(ControlType::DEFAULT, type); // setting should apply to all urls - setting = map->GetContentSetting(GURL("http://brave.com"), GURL(), - ContentSettingsType::PLUGINS, - brave_shields::kFingerprintingV2); - EXPECT_EQ(CONTENT_SETTING_DEFAULT, setting); - setting = map->GetContentSetting( - GURL("http://brave.com"), GURL("https://firstParty"), - ContentSettingsType::PLUGINS, brave_shields::kFingerprintingV2); - EXPECT_EQ(CONTENT_SETTING_DEFAULT, setting); + type = brave_shields::GetFingerprintingControlType( + profile(), GURL("http://brave.com")); + EXPECT_EQ(ControlType::DEFAULT, type); + + /* Global ALLOW and Site explicit DEFAULT */ + brave_shields::SetFingerprintingControlType(profile(), ControlType::ALLOW, + GURL()); + brave_shields::SetFingerprintingControlType(profile(), ControlType::DEFAULT, + GURL("http://brave.com")); + + // Site should have DEFAULT if it's explicitly set. + type = brave_shields::GetFingerprintingControlType( + profile(), GURL("http://brave.com")); + EXPECT_EQ(ControlType::DEFAULT, type); + + /* Global BLOCK and Site explicit DEFAULT */ + brave_shields::SetFingerprintingControlType(profile(), ControlType::BLOCK, + GURL()); + // Site should have DEFAULT if it's explicitly set. + type = brave_shields::GetFingerprintingControlType( + profile(), GURL("http://brave.com")); + EXPECT_EQ(ControlType::DEFAULT, type); } TEST_F(BraveShieldsUtilTest, SetFingerprintingControlType_ForOrigin) { diff --git a/components/brave_shields/common/BUILD.gn b/components/brave_shields/common/BUILD.gn index 26a1a37d20a2..dd92f850b0e8 100644 --- a/components/brave_shields/common/BUILD.gn +++ b/components/brave_shields/common/BUILD.gn @@ -1,11 +1,15 @@ source_set("common") { sources = [ "brave_shield_constants.h", + "brave_shield_utils.cc", + "brave_shield_utils.h", "features.cc", "features.h", ] deps = [ "//base", + "//components/content_settings/core/common", + "//url", ] } diff --git a/components/brave_shields/common/brave_shield_utils.cc b/components/brave_shields/common/brave_shield_utils.cc new file mode 100644 index 000000000000..1755820630ca --- /dev/null +++ b/components/brave_shields/common/brave_shield_utils.cc @@ -0,0 +1,49 @@ +/* Copyright 2020 The Brave Authors. All rights reserved. + * This Source Code Form is subject to the terms of the Mozilla Public + * License, v. 2.0. If a copy of the MPL was not distributed with this file, + * You can obtain one at http://mozilla.org/MPL/2.0/. */ + +#include "brave/components/brave_shields/common/brave_shield_utils.h" + +#include "base/optional.h" +#include "components/content_settings/core/common/content_settings_pattern.h" +#include "url/gurl.h" + +ContentSetting GetBraveFPContentSettingFromRules( + const ContentSettingsForOneType& fp_rules, + const GURL& primary_url) { + base::Optional global_fp_rule; + base::Optional global_fp_balanced_rule; + + for (const auto& rule : fp_rules) { + if (rule.primary_pattern != ContentSettingsPattern::Wildcard() && + rule.primary_pattern.Matches(primary_url)) { + if (rule.secondary_pattern == + ContentSettingsPattern::FromString("https://balanced")) { + return CONTENT_SETTING_DEFAULT; + } + if (rule.secondary_pattern == ContentSettingsPattern::Wildcard()) + return rule.GetContentSetting(); + } + + if (rule.primary_pattern == ContentSettingsPattern::Wildcard()) { + if (rule.secondary_pattern == + ContentSettingsPattern::FromString("https://balanced")) { + DCHECK(!global_fp_rule); + global_fp_balanced_rule = rule; + } + if (rule.secondary_pattern == ContentSettingsPattern::Wildcard()) { + DCHECK(!global_fp_balanced_rule); + global_fp_rule = rule; + } + } + } + + if (global_fp_balanced_rule) + return CONTENT_SETTING_DEFAULT; + + if (global_fp_rule) + return global_fp_rule->GetContentSetting(); + + return CONTENT_SETTING_DEFAULT; +} diff --git a/components/brave_shields/common/brave_shield_utils.h b/components/brave_shields/common/brave_shield_utils.h new file mode 100644 index 000000000000..6b114c3286ca --- /dev/null +++ b/components/brave_shields/common/brave_shield_utils.h @@ -0,0 +1,17 @@ +/* Copyright 2020 The Brave Authors. All rights reserved. + * This Source Code Form is subject to the terms of the Mozilla Public + * License, v. 2.0. If a copy of the MPL was not distributed with this file, + * You can obtain one at http://mozilla.org/MPL/2.0/. */ + +#ifndef BRAVE_COMPONENTS_BRAVE_SHIELDS_COMMON_BRAVE_SHIELD_UTILS_H_ +#define BRAVE_COMPONENTS_BRAVE_SHIELDS_COMMON_BRAVE_SHIELD_UTILS_H_ + +#include "components/content_settings/core/common/content_settings.h" + +class GURL; + +ContentSetting GetBraveFPContentSettingFromRules( + const ContentSettingsForOneType& fp_rules, + const GURL& primary_url); + +#endif // BRAVE_COMPONENTS_BRAVE_SHIELDS_COMMON_BRAVE_SHIELD_UTILS_H_ diff --git a/renderer/brave_content_settings_agent_impl.cc b/renderer/brave_content_settings_agent_impl.cc index 4d68acc29e1c..8cada5c22bd7 100644 --- a/renderer/brave_content_settings_agent_impl.cc +++ b/renderer/brave_content_settings_agent_impl.cc @@ -15,6 +15,7 @@ #include "base/strings/utf_string_conversions.h" #include "brave/common/render_messages.h" #include "brave/common/shield_exceptions.h" +#include "brave/components/brave_shields/common/brave_shield_utils.h" #include "brave/components/brave_shields/common/features.h" #include "brave/content/common/frame_messages.h" #include "components/content_settings/core/common/content_settings_pattern.h" @@ -64,27 +65,6 @@ bool IsBraveShieldsDown(const blink::WebFrame* frame, return setting == CONTENT_SETTING_BLOCK; } -template -ContentSetting GetBraveContentSettingFromRules( - const ContentSettingsForOneType& shield_rules, - const ContentSettingsForOneType& rules, - const blink::WebFrame* frame, - const URL& secondary_url) { - // if shields is down, allow everything - if (IsBraveShieldsDown(frame, secondary_url, shield_rules)) - return CONTENT_SETTING_ALLOW; - - const GURL& primary_url = GetOriginOrURL(frame); - const GURL& secondary_gurl = secondary_url; - for (const auto& rule : rules) { - if (rule.primary_pattern.Matches(primary_url) && - rule.secondary_pattern.Matches(secondary_gurl)) { - return rule.GetContentSetting(); - } - } - return CONTENT_SETTING_DEFAULT; -} - } // namespace BraveContentSettingsAgentImpl::BraveContentSettingsAgentImpl( @@ -198,36 +178,6 @@ void BraveContentSettingsAgentImpl::DidBlockFingerprinting( Send(new BraveViewHostMsg_FingerprintingBlocked(routing_id(), details)); } -ContentSetting BraveContentSettingsAgentImpl::GetFPContentSettingFromRules( - const ContentSettingsForOneType& rules, - const blink::WebFrame* frame, - const GURL& secondary_url) { - - if (rules.size() == 0) - return CONTENT_SETTING_DEFAULT; - - const GURL& primary_url = GetOriginOrURL(frame); - - for (const auto& rule : rules) { - ContentSettingsPattern secondary_pattern = rule.secondary_pattern; - if (rule.secondary_pattern == - ContentSettingsPattern::FromString("https://firstParty/*")) { - secondary_pattern = ContentSettingsPattern::FromString( - "[*.]" + GetOriginOrURL(frame).HostNoBrackets()); - } - - if (rule.primary_pattern.Matches(primary_url) && - (secondary_pattern == ContentSettingsPattern::Wildcard() || - secondary_pattern.Matches(secondary_url))) { - return rule.GetContentSetting(); - } - } - - // for cases which are third party resources and doesn't match any existing - // rules, block them by default - return CONTENT_SETTING_BLOCK; -} - bool BraveContentSettingsAgentImpl::IsBraveShieldsDown( const blink::WebFrame* frame, const GURL& secondary_url) { @@ -259,10 +209,15 @@ BraveFarblingLevel BraveContentSettingsAgentImpl::GetBraveFarblingLevel() { ContentSetting setting = CONTENT_SETTING_DEFAULT; if (content_setting_rules_) { - setting = GetBraveContentSettingFromRules( - content_setting_rules_->brave_shields_rules, - content_setting_rules_->fingerprinting_rules, frame, - url::Origin(frame->GetDocument().GetSecurityOrigin()).GetURL()); + if (IsBraveShieldsDown( + frame, + url::Origin(frame->GetDocument().GetSecurityOrigin()).GetURL())) { + setting = CONTENT_SETTING_ALLOW; + } else { + setting = GetBraveFPContentSettingFromRules( + content_setting_rules_->fingerprinting_rules, + GetOriginOrURL(frame)); + } } if (setting == CONTENT_SETTING_BLOCK) { diff --git a/renderer/brave_content_settings_agent_impl.h b/renderer/brave_content_settings_agent_impl.h index bdc39b13168c..6d74d986484f 100644 --- a/renderer/brave_content_settings_agent_impl.h +++ b/renderer/brave_content_settings_agent_impl.h @@ -47,11 +47,6 @@ class BraveContentSettingsAgentImpl const base::string16& details); private: - ContentSetting GetFPContentSettingFromRules( - const ContentSettingsForOneType& rules, - const blink::WebFrame* frame, - const GURL& secondary_url); - bool IsBraveShieldsDown( const blink::WebFrame* frame, const GURL& secondary_url);