| blob | dd6f326604e5e1edc579ca3bb58d19f8cb01a57b |
1 /* -*- Mode: C++; tab-width: 8; indent-tabs-mode: nil; c-basic-offset: 2 -*- */
2 /* vim: set ts=8 sts=2 et sw=2 tw=80: */
3 /* This Source Code Form is subject to the terms of the Mozilla Public
4 * License, v. 2.0. If a copy of the MPL was not distributed with this file,
5 * You can obtain one at http://mozilla.org/MPL/2.0/. */
7 #ifndef mozilla_antitrackingservice_h
8 #define mozilla_antitrackingservice_h
40 // Grant the permission for aOrigin to have access to the first party storage.
41 // This methods can handle 2 different scenarios:
42 // - aParentContext is a 3rd party context, it opens an aOrigin window and the
43 // user interacts with it. We want to grant the permission at the
44 // combination: top-level + aParentWindow + aOrigin.
45 // Ex: example.net loads an iframe tracker.com, which opens a popup
46 // tracker.org and the user interacts with it. tracker.org is allowed if
47 // loaded by tracker.com when loaded by example.net.
48 // - aParentContext is a first party context and a 3rd party resource
49 // (probably becuase of a script) opens a popup and the user interacts with
50 // it. We want to grant the permission for the 3rd party context to have
51 // access to the first party stoage when loaded in aParentWindow. Ex:
52 // example.net import tracker.com/script.js which does opens a popup and the
53 // user interacts with it. tracker.com is allowed when loaded by
54 // example.net.
57 PerformPermissionGrant;
70 // This function handles tasks that have to be done in the process
71 // of the window that we just grant permission for.
77 // For IPC only.
91 // This function checks if the document has explicit permission either to
92 // allow or deny access to cookies. This may be because of the "cookie"
93 // permission or because the domain is on the ContentBlockingAllowList
94 // e.g. because the user flipped the sheild.
95 // This returns:
96 // Some(true) if unpartitioned cookies will be permitted
97 // Some(false) if unpartitioned cookies will be blocked
98 // None if it is not clear from permission alone what to do
103 // Calls CheckCookiesPermittedDecidesStorageAccessAPI in the Content Parent
104 // using aBrowsingContext's Top's Window Global's CookieJarSettings.
110 // This function checks if the browser settings give explicit permission
111 // either to allow or deny access to cookies. This only checks the
112 // cookieBehavior setting. This requires an additional bool to indicate
113 // whether or not the context considered is third-party. This returns:
114 // Some(true) if unpartitioned cookies will be permitted
115 // Some(false) if unpartitioned cookies will be blocked
116 // None if it is not clear from settings alone what to do
121 // This function checks if the document's context (like if it is third-party
122 // or an iframe) gives an answer of how a the StorageAccessAPI call, that is
123 // meant to be called by an embedded third party, should return.
124 // This requires an argument that allows some checks to be run only if the
125 // caller of this function is performing a request for storage access.
126 // This returns:
127 // Some(true) if the calling context has access to cookies if it is not
128 // disallowed by the browser settings and cookie permissions
129 // Some(false) if the calling context should not have access to cookies if
130 // it is not expressly allowed by the browser settings and
131 // cookie permissions
132 // None if the calling context does not determine the document's access to
133 // unpartitioned cookies
137 // This function checks if the document's context (like if it is third-party
138 // or an iframe) gives an answer of how a the StorageAccessAPI call that is
139 // meant to be called in a top-level context, should return.
140 // This returns:
141 // Some(true) if the calling context indicates calls to the top-level
142 // API must resolve if it is not
143 // disallowed by the browser settings and cookie permissions
144 // Some(false) if the calling context must reject when calling top level
145 // portions of the API if it is not expressly allowed by the
146 // browser settings and cookie permissions
147 // None if the calling context does not determine the outcome of the
148 // document's use of the top-level portions of the Storage Access API.
152 // This function checks if the document has already been granted or denied
153 // access to its unpartitioned cookies by the StorageAccessAPI
154 // This returns:
155 // Some(true) if the document has been granted access by the Storage Access
156 // API before
157 // Some(false) if the document has been denied access by the Storage Access
158 // API before
159 // None if the document has not been granted or denied access by the Storage
160 // Access API before
164 // This function performs the asynchronous portion of checking if requests
165 // for storage access will be successful or not. This includes calling
166 // Document member functions that creating a permission prompt request and
167 // trying to perform an "autogrant" if aRequireGrant is true.
168 // This will return a promise whose values correspond to those of a
169 // ContentBlocking::AllowAccessFor call that ends the function.
181 // This function performs browser setting, cookie behavior and requesting
182 // context checks that might grant/reject storage access immediately using
183 // information provided by the inputs aPrincipal and aParentContext. To reduce
184 // redundancy the following out parameters with information also required in
185 // AllowAccessFor() are set in the function: aTrackingPrinciple,
186 // aTrackingOrigin, aTopLevelWindowId, aBehavior. If storage access can be
187 // granted/rejected due to settings/behavior returns a promise, else returns
188 // nullptr.
218 };