Using temporarySiteSettings to store private tab preferences

fix #4468 Auditors: @bbondy, @bridiver Test Plan: Test bravery panel, site permissions, mixed content, flash in private tabs and the preferences should not write to disk and affect regular tabs
brave · Oct 3, 2016 · b347a96 · b347a96
1 parent 9117f09
commit b347a96
Show file tree

Hide file tree

Showing 5 changed files with 60 additions and 58 deletions.
diff --git a/js/components/braveryPanel.js b/js/components/braveryPanel.js
@@ -75,6 +75,9 @@ class BraveryPanel extends ImmutableComponent {
   get isFpShown () {
     return this.props.braveryPanelDetail.get('expandFp')
   }
+  get isPrivate () {
+    return this.props.frameProps.getIn(['isPrivate'])
+  }
   get redirectedResources () {
     return this.props.frameProps.get('httpsEverywhere')
   }
@@ -144,7 +147,7 @@ class BraveryPanel extends ImmutableComponent {
     if (setting !== 'noScript' && (parsedUrl.protocol === 'https:' || parsedUrl.protocol === 'http:')) {
       ruleKey = `https?://${parsedUrl.host}`
     }
-    appActions.changeSiteSetting(ruleKey, setting, e.target.value)
+    appActions.changeSiteSetting(ruleKey, setting, e.target.value, this.isPrivate)
     this.onReload()
   }
   get displayHost () {

diff --git a/js/components/frame.js b/js/components/frame.js
@@ -210,11 +210,11 @@ class Frame extends ImmutableComponent {
     }
     if (typeof activeSiteSettings.get('flash') === 'number') {
       if (activeSiteSettings.get('flash') < Date.now()) {
-        appActions.removeSiteSetting(origin, 'flash')
+        appActions.removeSiteSetting(origin, 'flash', this.props.isPrivate)
       }
     }
     if (activeSiteSettings.get('noScript') === 0) {
-      appActions.removeSiteSetting(origin, 'noScript')
+      appActions.removeSiteSetting(origin, 'noScript', this.props.isPrivate)
     }
   }
 
@@ -314,7 +314,7 @@ class Frame extends ImmutableComponent {
 
   get zoomLevel () {
     const zoom = this.props.frameSiteSettings && this.props.frameSiteSettings.get('zoomLevel')
-    appActions.removeSiteSetting(this.origin, 'zoomLevel')
+    appActions.removeSiteSetting(this.origin, 'zoomLevel', this.props.isPrivate)
     return zoom
   }
 

diff --git a/js/components/main.js b/js/components/main.js
@@ -715,6 +715,10 @@ class Main extends ImmutableComponent {
   }
 
   get allSiteSettings () {
+    const activeFrame = FrameStateUtil.getActiveFrame(this.props.windowState)
+    if (activeFrame && activeFrame.get('isPrivate')) {
+      return this.props.appState.get('temporarySiteSettings')
+    }
     return this.props.appState.get('siteSettings')
   }
 
@@ -741,11 +745,6 @@ class Main extends ImmutableComponent {
   }
 
   get braveShieldsDisabled () {
-    const activeFrame = FrameStateUtil.getActiveFrame(this.props.windowState)
-    if (activeFrame && activeFrame.get('isPrivate')) {
-      return true
-    }
-
     const activeRequestedLocation = this.activeRequestedLocation
     if (!activeRequestedLocation) {
       return true

diff --git a/js/components/siteInfo.js b/js/components/siteInfo.js
@@ -101,10 +101,6 @@ class SiteInfo extends ImmutableComponent {
           </ul>
         </li>
     }
-    // Disable in private mode for now
-    if (this.isPrivate) {
-      runInsecureContentInfo = null
-    }
 
     return <Dialog onHide={this.props.onHide} className='siteInfo' isClickDismiss>
       <ul onClick={(e) => e.stopPropagation()}>

diff --git a/js/state/contentSettings.js b/js/state/contentSettings.js
@@ -79,6 +79,53 @@ const getBlock3rdPartyStorage = (braveryDefaults) => {
   }
 }
 
+const hostSettingsToContentSettings = (hostSettings, contentSettings) => {
+  // We do 2 passes for setting content settings. On the first pass we consider all shield types.
+  for (let hostPattern in hostSettings) {
+    let hostSetting = hostSettings[hostPattern]
+    if (['number', 'boolean'].includes(typeof hostSetting.noScript)) {
+      addContentSettings(contentSettings.javascript, hostPattern, '*',
+        hostSetting.noScript === true ? 'block' : 'allow')
+    }
+    if (typeof hostSetting.runInsecureContent === 'boolean') {
+      addContentSettings(contentSettings.runInsecureContent, hostPattern, '*',
+        hostSetting.runInsecureContent ? 'allow' : 'block')
+    }
+    if (hostSetting.cookieControl) {
+      if (hostSetting.cookieControl === 'block3rdPartyCookie') {
+        addContentSettings(contentSettings.cookies, hostPattern, '*', 'block')
+        addContentSettings(contentSettings.cookies, hostPattern, parseSiteSettingsPattern(hostPattern), 'allow')
+        addContentSettings(contentSettings.referer, hostPattern, '*', 'block')
+        cookieExceptions.forEach((exceptionPair) =>
+          addContentSettings(contentSettings.cookies, exceptionPair[0], exceptionPair[1], 'allow'))
+      } else {
+        addContentSettings(contentSettings.cookies, hostPattern, '*', 'allow')
+        addContentSettings(contentSettings.referer, hostPattern, '*', 'allow')
+      }
+    }
+    if (typeof hostSetting.fingerprintingProtection === 'boolean') {
+      addContentSettings(contentSettings.canvasFingerprinting, hostPattern, '*', hostSetting.fingerprintingProtection ? 'block' : 'allow')
+    }
+    if (hostSetting.adControl) {
+      addContentSettings(contentSettings.adInsertion, hostPattern, '*', hostSetting.adControl === 'showBraveAds' ? 'allow' : 'block')
+    }
+    if (typeof hostSetting.flash === 'number') {
+      addContentSettings(contentSettings.flashActive, hostPattern, '*', 'allow')
+    }
+  }
+  // On the second pass we consider only shieldsUp === false settings since we want those to take precedence.
+  for (let hostPattern in hostSettings) {
+    let hostSetting = hostSettings[hostPattern]
+    if (hostSetting.shieldsUp === false) {
+      addContentSettings(contentSettings.cookies, hostPattern, '*', 'allow')
+      addContentSettings(contentSettings.canvasFingerprinting, hostPattern, '*', 'allow')
+      addContentSettings(contentSettings.adInsertion, hostPattern, '*', 'block')
+      addContentSettings(contentSettings.javascript, hostPattern, '*', 'allow')
+      addContentSettings(contentSettings.referer, hostPattern, '*', 'allow')
+    }
+  }
+}
+
 const getContentSettingsFromSiteSettings = (appState) => {
   let braveryDefaults = siteSettings.braveryDefaults(appState, appConfig)
 
@@ -126,51 +173,8 @@ const getContentSettingsFromSiteSettings = (appState) => {
     }]
   }
 
-  let hostSettings = appState.get('siteSettings').toJS()
-  // We do 2 passes for setting content settings. On the first pass we consider all shield types.
-  for (let hostPattern in hostSettings) {
-    let hostSetting = hostSettings[hostPattern]
-    if (['number', 'boolean'].includes(typeof hostSetting.noScript)) {
-      addContentSettings(contentSettings.javascript, hostPattern, '*',
-        hostSetting.noScript === true ? 'block' : 'allow')
-    }
-    if (typeof hostSetting.runInsecureContent === 'boolean') {
-      addContentSettings(contentSettings.runInsecureContent, hostPattern, '*',
-        hostSetting.runInsecureContent ? 'allow' : 'block')
-    }
-    if (hostSetting.cookieControl) {
-      if (hostSetting.cookieControl === 'block3rdPartyCookie') {
-        addContentSettings(contentSettings.cookies, hostPattern, '*', 'block')
-        addContentSettings(contentSettings.cookies, hostPattern, parseSiteSettingsPattern(hostPattern), 'allow')
-        addContentSettings(contentSettings.referer, hostPattern, '*', 'block')
-        cookieExceptions.forEach((exceptionPair) =>
-          addContentSettings(contentSettings.cookies, exceptionPair[0], exceptionPair[1], 'allow'))
-      } else {
-        addContentSettings(contentSettings.cookies, hostPattern, '*', 'allow')
-        addContentSettings(contentSettings.referer, hostPattern, '*', 'allow')
-      }
-    }
-    if (typeof hostSetting.fingerprintingProtection === 'boolean') {
-      addContentSettings(contentSettings.canvasFingerprinting, hostPattern, '*', hostSetting.fingerprintingProtection ? 'block' : 'allow')
-    }
-    if (hostSetting.adControl) {
-      addContentSettings(contentSettings.adInsertion, hostPattern, '*', hostSetting.adControl === 'showBraveAds' ? 'allow' : 'block')
-    }
-    if (typeof hostSetting.flash === 'number') {
-      addContentSettings(contentSettings.flashActive, hostPattern, '*', 'allow')
-    }
-  }
-  // On the second pass we consider only shieldsUp === false settings since we want those to take precedence.
-  for (let hostPattern in hostSettings) {
-    let hostSetting = hostSettings[hostPattern]
-    if (hostSetting.shieldsUp === false) {
-      addContentSettings(contentSettings.cookies, hostPattern, '*', 'allow')
-      addContentSettings(contentSettings.canvasFingerprinting, hostPattern, '*', 'allow')
-      addContentSettings(contentSettings.adInsertion, hostPattern, '*', 'block')
-      addContentSettings(contentSettings.javascript, hostPattern, '*', 'allow')
-      addContentSettings(contentSettings.referer, hostPattern, '*', 'allow')
-    }
-  }
+  hostSettingsToContentSettings(appState.get('siteSettings').toJS(), contentSettings)
+  hostSettingsToContentSettings(appState.get('temporarySiteSettings').toJS(), contentSettings)
 
   return { content_settings: contentSettings }
 }