$OpenBSD$

index 693fda8..66e18f2 100644
--- docshell/base/nsDocShell.cpp.orig	Fri Feb 20 15:40:36 2015
+++ docshell/base/nsDocShell.cpp	Fri Feb 20 15:40:36 2015
@@ -167,6 +167,7 @@
 #include "nsIChannelPolicy.h"
 #include "nsIContentSecurityPolicy.h"
 #include "nsSandboxFlags.h"
+#include "mozIThirdPartyUtil.h"
 #include "nsXULAppAPI.h"
 #include "nsDOMNavigationTiming.h"
 #include "nsISecurityUITelemetry.h"
@@ -2799,14 +2800,29 @@ nsDocShell::GetSessionStorageForPrincipal(nsIPrincipal* aPrincipal,
         return NS_ERROR_UNEXPECTED;
     }
 
+    nsCOMPtr<mozIThirdPartyUtil> thirdPartyUtil =
+                            do_GetService(THIRDPARTYUTIL_CONTRACTID);
+    if (!thirdPartyUtil)
+      return NS_ERROR_FAILURE;
+
+    nsCOMPtr<nsIDocument> doc(do_GetInterface(GetAsSupports(this)));
+    nsCOMPtr<nsIURI> firstPartyIsolationURI;
+    nsresult rv = thirdPartyUtil->GetFirstPartyIsolationURI(nullptr, doc,
+                                           getter_AddRefs(firstPartyIsolationURI));
+    NS_ENSURE_SUCCESS(rv, rv);
+
     if (aCreate) {
-        return manager->CreateStorage(aPrincipal, aDocumentURI,
+        return manager->CreateStorageForFirstParty(firstPartyIsolationURI,
+                                      aPrincipal, aDocumentURI,
                                       mInPrivateBrowsing, aStorage);
     }
 
-    return manager->GetStorage(aPrincipal, mInPrivateBrowsing, aStorage);
+    return manager->GetStorageForFirstParty(firstPartyIsolationURI, aPrincipal,
+                                            mInPrivateBrowsing, aStorage);
 }
 
+// Bacause it is not called from anywhere, nsDocShell::AddSessionStorage()
+// does not need to be modified to isolate DOM Storage to the first party URI.
 nsresult
 nsDocShell::AddSessionStorage(nsIPrincipal* aPrincipal,
                               nsIDOMStorage* aStorage)
@@ -9251,14 +9267,7 @@ nsDocShell::InternalLoad(nsIURI * aURI,
         aLoadType == LOAD_HISTORY ||
         aLoadType == LOAD_LINK) {
 
-        nsCOMPtr<nsIURI> currentURI;
-        if (sURIFixup && mCurrentURI) {
-            rv = sURIFixup->CreateExposableURI(mCurrentURI,
-                                               getter_AddRefs(currentURI));
-            NS_ENSURE_SUCCESS(rv, rv);
-        } else {
-            currentURI = mCurrentURI;
-        }
+        nsCOMPtr<nsIURI> currentURI = mCurrentURI;
         // Split currentURI and aURI on the '#' character.  Make sure we read
         // the return values of SplitURIAtHash; if it fails, we don't want to
         // allow a short-circuited navigation.
@@ -9274,6 +9283,19 @@ nsDocShell::InternalLoad(nsIURI * aURI,
                                   NS_SUCCEEDED(splitRv2) &&
                                   curBeforeHash.Equals(newBeforeHash);
 
+        if (!sameExceptHashes && sURIFixup && currentURI &&
+            NS_SUCCEEDED(splitRv2)) {
+          // Maybe aURI came from the exposable form of currentURI?
+          nsCOMPtr<nsIURI> currentExposableURI;
+          rv = sURIFixup->CreateExposableURI(currentURI,
+                                             getter_AddRefs(currentExposableURI));
+          NS_ENSURE_SUCCESS(rv, rv);
+          splitRv1 = nsContentUtils::SplitURIAtHash(currentExposableURI,
+                                                    curBeforeHash, curHash);
+          sameExceptHashes = NS_SUCCEEDED(splitRv1) &&
+            curBeforeHash.Equals(newBeforeHash);
+        }
+
         bool historyNavBetweenSameDoc = false;
         if (mOSHE && aSHEntry) {
             // We're doing a history load.