1810753 - [DNR] Prevent DNR from affecting requests from other extensions by default

Status: RESOLVED FIXED

(WebExtensions :: Request Handling, task, P2)

Description

[Rob Wu [:robwu]]

Currently, our declarativeNetRequest implementation allows extensions to block or upgrade requests from other extensions when an extension has the declarativeNetRequest permission (not when it only has the declarativeNetRequestWithHostAccess). In contrast, the webRequest API does not offer that capability. The ability to block requests from other extensions was added to DNR because Chromium does a similar thing. We are however not fully convinced in the desirability of allowing extensions to block requests from other extensions, so we should disable the behavior by default.

We verify that behavior in a bunch of unit tests, including:

• https://searchfox.org/mozilla-central/rev/5bcbe6ae54ee5b152f6cef29dc5627ec7c0e1f1e/toolkit/components/extensions/test/xpcshell/test_ext_dnr_without_webrequest.js#129-144
• https://searchfox.org/mozilla-central/rev/5bcbe6ae54ee5b152f6cef29dc5627ec7c0e1f1e/toolkit/components/extensions/test/mochitest/test_ext_dnr_upgradeScheme.html#74,98-103

In terms of implementation, there are multiple approaches:

• We could enforce it at the network level and testMatchOutcome, at https://searchfox.org/mozilla-central/rev/5bcbe6ae54ee5b152f6cef29dc5627ec7c0e1f1e/toolkit/components/extensions/ExtensionDNR.sys.mjs#1298
• We could enforce it at the network level only, at https://searchfox.org/mozilla-central/rev/5bcbe6ae54ee5b152f6cef29dc5627ec7c0e1f1e/toolkit/components/extensions/ExtensionDNR.sys.mjs#1507-1521
  • For the testMatchOutcome method that is opt in via a pref intended for debugging only, we could either keep the current behavior (i.e. allow extensions to opt in to allowing other extensions to affect their requests), or make the includeOtherExtensions flag conditional on the same pref that governs whether extensions are able to modify network requests.

Comment 1

[Rob Wu [:robwu]]

(In reply to Rob Wu [:robwu] from comment #0)

The ability to block requests from other extensions was added to DNR because Chromium does a similar thing. We are however not fully convinced in the desirability of allowing extensions to block requests from other extensions, so we should disable the behavior by default.

Recently a bug was filed in Chromium about this: https://bugs.chromium.org/p/chromium/issues/detail?id=1421697

This was also discussed during a WECG meeting today as part of an ad-hoc topic (meeting notes at https://github.com/w3c/webextensions/pull/363), and the general sentiment was that extensions are not expected to alter requests from other extensions.

Comment 2

[Rob Wu [:robwu]]

A dedicated WECG issue has been filed for this: https://github.com/w3c/webextensions/issues/369

Comment 3

[Rob Wu [:robwu]]

Attachment: Bug 1810753 - Stop applying DNR to requests from other extensions

Comment 4

[Rob Wu [:robwu]]

Attachment: Bug 1810753 - Add moz-extension: checks for initiator in testMatchOutcome

Comment 5

[Rob Wu [:robwu]]

Attachment: Bug 1810753 - Add test for downloads API + DNR

Comment 6

[Pulsebot]

Pushed by rob@robwu.nl:
https://hg.mozilla.org/integration/autoland/rev/3208bcb7bb98
Stop applying DNR to requests from other extensions r=rpl
https://hg.mozilla.org/integration/autoland/rev/9d3cf27b1d0c
Add moz-extension: checks for initiator in testMatchOutcome r=rpl
https://hg.mozilla.org/integration/autoland/rev/a05dc9eeb8b8
Add test for downloads API + DNR r=rpl

Comment 7

[Sandor Molnar[:smolnar]]

https://hg.mozilla.org/mozilla-central/rev/3208bcb7bb98
https://hg.mozilla.org/mozilla-central/rev/9d3cf27b1d0c
https://hg.mozilla.org/mozilla-central/rev/a05dc9eeb8b8

Comment 8

[Rob Wu [:robwu]]

Documented in https://github.com/mdn/content/pull/26189