See if we can remove the special case for resource:// workers needing the system principal

NEW
Unassigned

Status

()

P5
normal
4 years ago
9 months ago

People

(Reporter: bent.mozilla, Unassigned)

Tracking

({sec-other, sec-want})

40 Branch
sec-other, sec-want
Points:
---

Firefox Tracking Flags

(Not tracked)

Details

See bug 1163109. We have a special case for resource:// workers loaded with the system principal where we give those workers the system principal so that they can do cross-site xhr. Maybe we don't need to do that any more?
I doubt I have the full context, but content with the "systemXHR" permission can use the mozSystem non-standard option to XHR: https://developer.mozilla.org/en-US/docs/Web/API/XMLHttpRequest#Non-standard_properties
I'm marking this sec-other because it sounds like there's no known security issue with this code.
Keywords: sec-other, sec-want

Updated

3 years ago
Group: core-security → dom-core-security
Jonas, what _is_ our exact security model for this stuff?  Our worker security model still doesn't make sense to me....
Flags: needinfo?(jonas)
I don't remember our rules for chrome workers. They are mostly there to make it harder for chrome code to XSS itself. I.e. it's there for similar reasons that we don't let data: URLs inherit chrome principals.

IIRC dveditz had stronger opinions than I did about what exact rules we should have.

Also, is there a reason we need to keep this bug closed?
Flags: needinfo?(jonas)
> Also, is there a reason we need to keep this bug closed?

I don't see one offhand.
Group: dom-core-security

Updated

9 months ago
Priority: -- → P5
You need to log in before you can comment on or make changes to this bug.