STP - First Iteration

browser/renderer_host/BUILD.gn

@@ -2,6 +2,8 @@ source_set("renderer_host") {
   sources = [
     "brave_navigation_ui_data.cc",
     "brave_navigation_ui_data.h",
+    "brave_render_message_filter.cc",
+    "brave_render_message_filter.h",
   ]
 
   deps = [

browser/renderer_host/brave_render_message_filter.cc

@@ -0,0 +1,100 @@
+/* This Source Code Form is subject to the terms of the Mozilla Public
+ * License, v. 2.0. If a copy of the MPL was not distributed with this file,
+ * You can obtain one at http://mozilla.org/MPL/2.0/. */
+
+#include "brave/browser/renderer_host/brave_render_message_filter.h"
+
+#include "brave/browser/brave_browser_process_impl.h"
+#include "brave/components/brave_shields/browser/tracking_protection_service.h"
+#include "brave/components/brave_shields/browser/brave_shields_util.h"
+#include "brave/components/brave_shields/common/brave_shield_constants.h"
+#include "chrome/browser/content_settings/host_content_settings_map_factory.h"
+#include "chrome/browser/content_settings/tab_specific_content_settings.h"
+#include "chrome/browser/profiles/profile.h"
+#include "chrome/common/render_messages.h"
+#include "components/content_settings/core/browser/cookie_settings.h"
+#include "content/public/browser/browser_thread.h"
+
+using content::BrowserThread;
+
+BraveRenderMessageFilter::BraveRenderMessageFilter(int render_process_id, 
+	Profile* profile)
+	: ChromeRenderMessageFilter(render_process_id, profile),
+	  host_content_settings_map_(HostContentSettingsMapFactory::GetForProfile(profile)),
+	  weak_factory_(this) {
+}
+
+BraveRenderMessageFilter::~BraveRenderMessageFilter() {}
+
+bool BraveRenderMessageFilter::OnMessageReceived(const IPC::Message& message) {
+  bool handled = true;
+  IPC_BEGIN_MESSAGE_MAP(BraveRenderMessageFilter, message)
+    IPC_MESSAGE_HANDLER(ChromeViewHostMsg_AllowDatabase, OnAllowDatabase);
+    IPC_MESSAGE_HANDLER(ChromeViewHostMsg_AllowDOMStorage, OnAllowDOMStorage);
+    IPC_MESSAGE_HANDLER(ChromeViewHostMsg_AllowIndexedDB, OnAllowIndexedDB);
+    IPC_MESSAGE_UNHANDLED(handled = false)
+  IPC_END_MESSAGE_MAP()
+
+  if (handled) return true; 
+  return ChromeRenderMessageFilter::OnMessageReceived(message);
+}
+
+bool BraveRenderMessageFilter::ShouldStoreState(const GURL& origin_url, 
+	const GURL& top_origin_url) {
+	CHECK(g_brave_browser_process->tracking_protection_service()->IsInitialized());
+
+	bool allow_brave_shields = brave_shields::IsAllowContentSetting(
+      host_content_settings_map_, top_origin_url, top_origin_url, CONTENT_SETTINGS_TYPE_PLUGINS,
+      brave_shields::kBraveShields);
+
+	bool allow_trackers = brave_shields::IsAllowContentSetting(
+      host_content_settings_map_, top_origin_url, top_origin_url, CONTENT_SETTINGS_TYPE_PLUGINS, 
+      brave_shields::kTrackers);
+
+  	return !(allow_brave_shields && !allow_trackers &&
+      !g_brave_browser_process->tracking_protection_service()->ShouldStoreState(origin_url)) &&
+  		cookie_settings_->IsCookieAccessAllowed(origin_url, top_origin_url);;
+}
+
+void BraveRenderMessageFilter::OnAllowDatabase(int render_frame_id,
+               const GURL& origin_url,
+               const GURL& top_origin_url,
+               const base::string16& name,
+               const base::string16& display_name,
+               bool* allowed) {
+	*allowed = ShouldStoreState(origin_url, top_origin_url);
+
+  	BrowserThread::PostTask(
+      BrowserThread::UI, FROM_HERE,
+      base::Bind(&TabSpecificContentSettings::WebDatabaseAccessed,
+                 render_process_id_, render_frame_id, origin_url, name,
+                 display_name, !*allowed));
+}
+
+void BraveRenderMessageFilter::OnAllowDOMStorage(int render_frame_id,
+                                                  const GURL& origin_url,
+                                                  const GURL& top_origin_url,
+                                                  bool local,
+                                                  bool* allowed) {
+  *allowed = ShouldStoreState(origin_url, top_origin_url);
+
+  BrowserThread::PostTask(
+      BrowserThread::UI, FROM_HERE,
+      base::Bind(&TabSpecificContentSettings::DOMStorageAccessed,
+                 render_process_id_, render_frame_id, origin_url, local,
+                 !*allowed));
+}
+
+void BraveRenderMessageFilter::OnAllowIndexedDB(int render_frame_id,
+                                                 const GURL& origin_url,
+                                                 const GURL& top_origin_url,
+                                                 const base::string16& name,
+                                                 bool* allowed) {
+  *allowed = ShouldStoreState(origin_url, top_origin_url);
+
+  BrowserThread::PostTask(
+      BrowserThread::UI, FROM_HERE,
+      base::Bind(&TabSpecificContentSettings::IndexedDBAccessed,
+                 render_process_id_, render_frame_id, origin_url, name,
+                 !*allowed));
+}

browser/renderer_host/brave_render_message_filter.h

@@ -0,0 +1,49 @@
+/* This Source Code Form is subject to the terms of the Mozilla Public
+ * License, v. 2.0. If a copy of the MPL was not distributed with this file,
+ * You can obtain one at http://mozilla.org/MPL/2.0/. */
+
+#ifndef BRAVE_BROWSER_RENDERER_HOST_BRAVE_RENDER_MESSAGE_FILTER_H_
+#define BRAVE_BROWSER_RENDERER_HOST_BRAVE_RENDER_MESSAGE_FILTER_H_
+
+#include "chrome/browser/renderer_host/chrome_render_message_filter.h"
+#include "components/content_settings/core/browser/host_content_settings_map.h"
+#include "content/public/browser/browser_message_filter.h"
+
+class BraveRenderMessageFilter : public ChromeRenderMessageFilter {
+ public:
+  BraveRenderMessageFilter(int render_process_id, Profile* profile);
+  bool OnMessageReceived(const IPC::Message& message) override;
+
+ private:
+  friend class base::DeleteHelper<BraveRenderMessageFilter>; 
+
+  ~BraveRenderMessageFilter() override;
+
+  void OnAllowDatabase(int render_frame_id,
+                       const GURL& origin_url,
+                       const GURL& top_origin_url,
+                       const base::string16& name,
+                       const base::string16& display_name,
+                       bool* allowed);
+
+  void OnAllowDOMStorage(int render_frame_id,
+                         const GURL& origin_url,
+                         const GURL& top_origin_url,
+                         bool local,
+                         bool* allowed);
+
+  void OnAllowIndexedDB(int render_frame_id,
+                        const GURL& origin_url,
+                        const GURL& top_origin_url,
+                        const base::string16& name,
+                        bool* allowed);
+
+  bool ShouldStoreState(const GURL& origin_url, const GURL& top_origin_url);
+
+  HostContentSettingsMap *host_content_settings_map_;
+  base::WeakPtrFactory<BraveRenderMessageFilter> weak_factory_;
+
+  DISALLOW_COPY_AND_ASSIGN(BraveRenderMessageFilter);
+};
+
+#endif  // BRAVE_BROWSER_RENDERER_HOST_BRAVE_RENDER_MESSAGE_FILTER_H_

components/brave_shields/browser/brave_shields_util.cc

@@ -56,9 +56,16 @@ bool IsAllowContentSettingFromIO(net::URLRequest* request,
   if (!io_data) {
     return GetDefaultFromResourceIdentifier(resource_identifier);
   }
+  return IsAllowContentSetting(io_data->GetHostContentSettingsMap(), primary_url, secondary_url, 
+    setting_type, resource_identifier);
+}
+
+bool IsAllowContentSetting(HostContentSettingsMap* map,
+    const GURL& primary_url, const GURL& secondary_url,
+    ContentSettingsType setting_type,
+    const std::string& resource_identifier) {
   content_settings::SettingInfo setting_info;
-  std::unique_ptr<base::Value> value =
-      io_data->GetHostContentSettingsMap()->GetWebsiteSetting(
+  std::unique_ptr<base::Value> value = map->GetWebsiteSetting(
           primary_url, secondary_url,
           setting_type,
           resource_identifier, &setting_info);

components/brave_shields/browser/brave_shields_util.h

@@ -20,9 +20,15 @@ struct Referrer;
 }
 
 class GURL;
+class HostContentSettingsMap;
 
 namespace brave_shields {
 
+bool IsAllowContentSetting(HostContentSettingsMap* map,
+    const GURL& primary_url, const GURL& secondary_url,
+    ContentSettingsType setting_type,
+    const std::string& resource_identifier);
+
 bool IsAllowContentSettingFromIO(net::URLRequest* request,
     const GURL& primary_url, const GURL& secondary_url,
     ContentSettingsType setting_type,

components/brave_shields/browser/tracking_protection_service.cc

@@ -9,6 +9,8 @@
 
 #include "base/base_paths.h"
 #include "base/bind.h"
+#include "base/files/file_path.h"
+#include "base/files/file_util.h"
 #include "base/logging.h"
 #include "base/macros.h"
 #include "base/memory/ptr_util.h"
@@ -17,7 +19,8 @@
 #include "brave/components/brave_shields/browser/dat_file_util.h"
 #include "brave/vendor/tracking-protection/TPParser.h"
 
-#define DAT_FILE "TrackingProtection.dat"
+#define NAVIGATION_TRACKERS_FILE "TrackingProtection.dat"
+#define STORAGE_TRACKERS_FILE "StorageTrackingProtection.dat"
 #define DAT_FILE_VERSION "1"
 #define THIRD_PARTY_HOSTS_CACHE_SIZE 20
 
@@ -43,6 +46,7 @@ TrackingProtectionService::TrackingProtectionService()
       "syndication.twitter.com",
       "cdn.syndication.twimg.com"
     }),
+    first_party_storage_trackers_initailized_(false),
     weak_factory_(this) {
 }
 
@@ -86,6 +90,38 @@ bool TrackingProtectionService::ShouldStartRequest(const GURL& url,
   return false;
 }
 
+bool TrackingProtectionService::ShouldStoreState(const GURL& url) {
+  if (!first_party_storage_trackers_initailized_) {
+    LOG(ERROR) << "First party storage trackers not initialized";
+    return true;
+  }
+
+  std::string host = url.host();
+  return !(std::find(first_party_storage_trackers_.begin(), first_party_storage_trackers_.end(), host) 
+    != first_party_storage_trackers_.end());
+}
+
+void TrackingProtectionService::ParseStorageTrackersData() {
+  if (storage_trackers_buffer_.empty()) {
+    LOG(ERROR) << "Could not obtain tracking protection data";
+    return;
+  }
+
+  std::stringstream st(std::string(storage_trackers_buffer_.begin(), storage_trackers_buffer_.end()));
+  std::string tracker;
+
+  while(std::getline(st, tracker, ',')) {
+    first_party_storage_trackers_.push_back(tracker);
+  }
+
+  if(first_party_storage_trackers_.empty()) {
+    LOG(ERROR) << "No first party trackers found";
+    return;
+  }
+
+  first_party_storage_trackers_initailized_ = true;
+}
+
 bool TrackingProtectionService::Init() {
   Register(kTrackingProtectionComponentName,
            g_tracking_protection_component_id_,
@@ -108,14 +144,23 @@ void TrackingProtectionService::OnDATFileDataReady() {
 void TrackingProtectionService::OnComponentReady(
     const std::string& component_id,
     const base::FilePath& install_dir) {
-  base::FilePath dat_file_path =
-      install_dir.AppendASCII(DAT_FILE_VERSION).AppendASCII(DAT_FILE);
+  base::FilePath navigation_tracking_protection_path =
+      install_dir.AppendASCII(DAT_FILE_VERSION).AppendASCII(NAVIGATION_TRACKERS_FILE);
 
   GetTaskRunner()->PostTaskAndReply(
       FROM_HERE,
-      base::Bind(&GetDATFileData, dat_file_path, &buffer_),
+      base::Bind(&GetDATFileData, navigation_tracking_protection_path, &buffer_),
       base::Bind(&TrackingProtectionService::OnDATFileDataReady,
                  weak_factory_.GetWeakPtr()));
+
+  base::FilePath storage_tracking_protection_path =
+      install_dir.AppendASCII(DAT_FILE_VERSION).AppendASCII(STORAGE_TRACKERS_FILE);
+
+  GetTaskRunner()->PostTaskAndReply(
+      FROM_HERE,
+      base::Bind(&GetDATFileData, storage_tracking_protection_path, &storage_trackers_buffer_),
+      base::Bind(&TrackingProtectionService::ParseStorageTrackersData,
+                 weak_factory_.GetWeakPtr()));
 }
 
 // Ported from Android: net/blockers/blockers_worker.cc

components/brave_shields/browser/tracking_protection_service.h

@@ -45,12 +45,14 @@ class TrackingProtectionService : public BaseBraveShieldsService {
   bool ShouldStartRequest(const GURL& spec,
     content::ResourceType resource_type,
     const std::string& tab_host) override;
+  bool ShouldStoreState(const GURL& url);
 
  protected:
   bool Init() override;
   void Cleanup() override;
   void OnComponentReady(const std::string& component_id,
       const base::FilePath& install_dir) override;
+  void ParseStorageTrackersData();
 
  private:
   friend class ::TrackingProtectionServiceTest;
@@ -64,6 +66,7 @@ class TrackingProtectionService : public BaseBraveShieldsService {
   std::vector<std::string> GetThirdPartyHosts(const std::string& base_host);
 
   brave_shields::DATFileDataBuffer buffer_;
+  brave_shields::DATFileDataBuffer storage_trackers_buffer_;
 
   std::unique_ptr<CTPParser> tracking_protection_client_;
   // TODO: Temporary hack which matches both browser-laptop and Android code
@@ -72,6 +75,9 @@ class TrackingProtectionService : public BaseBraveShieldsService {
   std::map<std::string, std::vector<std::string>> third_party_hosts_cache_;
   std::mutex third_party_hosts_mutex_;
 
+  std::vector<std::string> first_party_storage_trackers_;
+  bool first_party_storage_trackers_initailized_;
+
   base::WeakPtrFactory<TrackingProtectionService> weak_factory_;
 
   DISALLOW_COPY_AND_ASSIGN(TrackingProtectionService);

patches/chrome-browser-chrome_content_browser_client.cc.patch

@@ -0,0 +1,21 @@
+diff --git a/chrome/browser/chrome_content_browser_client.cc b/chrome/browser/chrome_content_browser_client.cc
+index a85e9d9c17ef8bfcc89f96376675932e656dab03..3bee18f4f26d4a8ac7eaa2cff6c79395aabbcba6 100644
+--- a/chrome/browser/chrome_content_browser_client.cc
++++ b/chrome/browser/chrome_content_browser_client.cc
+@@ -29,6 +29,7 @@
+ #include "base/strings/utf_string_conversions.h"
+ #include "base/sys_info.h"
+ #include "base/threading/thread_task_runner_handle.h"
++#include "brave/browser/renderer_host/brave_render_message_filter.h"
+ #include "build/build_config.h"
+ #include "chrome/browser/after_startup_task_utils.h"
+ #include "chrome/browser/browser_about_handler.h"
+@@ -1262,7 +1263,7 @@ void ChromeContentBrowserClient::RenderProcessWillLaunch(
+     service_manager::mojom::ServiceRequest* service_request) {
+   int id = host->GetID();
+   Profile* profile = Profile::FromBrowserContext(host->GetBrowserContext());
+-  host->AddFilter(new ChromeRenderMessageFilter(id, profile));
++  host->AddFilter(new BraveRenderMessageFilter(id, profile));
+ #if BUILDFLAG(ENABLE_EXTENSIONS)
+   host->AddFilter(new cast::CastTransportHostFilter(profile));
+ #endif

patches/chrome-browser-renderer_host-chrome_render_message_filter.h.patch

@@ -0,0 +1,20 @@
+diff --git a/chrome/browser/renderer_host/chrome_render_message_filter.h b/chrome/browser/renderer_host/chrome_render_message_filter.h
+index e1ce2f28510360f9d3e5cefd5c0fdd74e48d61da..5972976ad1fc1b467ba830e7ddf048515a638c0e 100644
+--- a/chrome/browser/renderer_host/chrome_render_message_filter.h
++++ b/chrome/browser/renderer_host/chrome_render_message_filter.h
+@@ -18,6 +18,7 @@
+
+ class GURL;
+ class Profile;
++class BraveRenderMessageFilter;
+
+ namespace chrome_browser_net {
+ class Predictor;
+@@ -47,6 +48,7 @@ class ChromeRenderMessageFilter : public content::BrowserMessageFilter {
+                                 content::BrowserThread::ID* thread) override;
+
+  private:
++  friend class BraveRenderMessageFilter;
+   friend class content::BrowserThread;
+   friend class base::DeleteHelper<ChromeRenderMessageFilter>;
+