Closed
Bug 1230563
Opened 9 years ago
Closed 9 years ago
Cookie permissions should override the CookiesLifetimePolicy
Categories
(Core :: DOM: Core & HTML, defect)
Core
DOM: Core & HTML
Tracking
()
RESOLVED
FIXED
mozilla46
People
(Reporter: nika, Assigned: nika)
References
Details
(Keywords: regression)
Attachments
(2 files, 1 obsolete file)
2.96 KB,
patch
|
ehsan.akhgari
:
review+
Sylvestre
:
approval-mozilla-aurora+
|
Details | Diff | Splinter Review |
4.71 KB,
patch
|
Sylvestre
:
approval-mozilla-aurora+
|
Details | Diff | Splinter Review |
No description provided.
Assignee | ||
Comment 1•9 years ago
|
||
Assignee | ||
Comment 2•9 years ago
|
||
See bug 536509 comment 75 It appears as though the reason for this problem is that the cookies permissions were checked after cookiesLifetimePolicy (which means that they overrode each other in the wrong order. This patch is untested - and mostly exists as a record.
Assignee: nobody → michael
Blocks: 536509
Assignee | ||
Comment 4•9 years ago
|
||
I think it's just confirming that it actually works, and writing the test - sorry for the delay, I've been busy. I'll try to take a shot at finishing it off once I land in orlando.
Assignee | ||
Comment 5•9 years ago
|
||
Try run looks pretty green, but I'm not sure what the best way to write a test for this would be.
Flags: needinfo?(ehsan)
Assignee | ||
Comment 6•9 years ago
|
||
(try: https://treeherder.mozilla.org/#/jobs?repo=try&revision=a51129b7580d)
Comment 7•9 years ago
|
||
[Tracking Requested - why for this release]: This is a regression from bug 536509.
status-firefox42:
--- → unaffected
status-firefox43:
--- → affected
status-firefox44:
--- → affected
status-firefox45:
--- → affected
tracking-firefox43:
--- → ?
tracking-firefox44:
--- → ?
tracking-firefox45:
--- → ?
Comment 8•9 years ago
|
||
(In reply to Michael Layzell [:mystor] from comment #5) > Try run looks pretty green, but I'm not sure what the best way to write a > test for this would be. I'm not sure what actually causes the localStorage to be cleared when we restart, I expect that is one of the notifications that DOMStorageManager::Observe() or DOMStorageObserver::Observe() handles. So in order to test this, you need to start by setting the network.cookie.lifetimePolicy pref, and then get access to the right observer based on the answer to the above question and emit the appropriate notification, and then check whether localStorage is empty afterwards.
Flags: needinfo?(ehsan)
Assignee | ||
Comment 9•9 years ago
|
||
Smaug suggested that you might know how persistence for localstorage works, which will be very useful for writing a test for this patch :) Basically the question is how we'd go about testing whether or not localStorage data is persisted across sessions from within a test. I have been looking and it seems to me like the change is that Persist()'s return value changes here: https://dxr.mozilla.org/mozilla-central/source/dom/storage/DOMStorageCache.cpp#147 and that seems to control whether the data is saved anywhere. I haven't found any place where stuff is explicitly cleared.
Flags: needinfo?(honzab.moz)
Comment 10•9 years ago
|
||
Search for "AsyncClear" in DOMStorageObserver.cpp, there's a couple of places where we do that.
Assignee | ||
Comment 11•9 years ago
|
||
(In reply to :Ehsan Akhgari from comment #10) > Search for "AsyncClear" in DOMStorageObserver.cpp, there's a couple of > places where we do that. Async clear has this documentation: // Called when the whole storage is cleared by the DOM API, schedules delete of the scope This isn't very likely to be called by the session storage stuff. I'm pretty sure from my investigation that the way this is done by simply not persisting changes to the DB when the session-only setting is set. I'm not sure if it's possible to simulate this behavior without actually restarting the browser.
Comment 12•9 years ago
|
||
OK, fair enough! We can't simulate a browser restart in our test suites unfortunately.
Comment 13•9 years ago
|
||
Regression, tracking. Michael, we are in the second half of the beta cycle. Do you have an eta for this bug? Thanks
Flags: needinfo?(michael)
Keywords: regression
Comment 14•9 years ago
|
||
(In reply to Michael Layzell [:mystor] from comment #9) > Smaug suggested that you might know how persistence for localstorage works, > which will be very useful for writing a test for this patch :) > > Basically the question is how we'd go about testing whether or not > localStorage data is persisted across sessions from within a test. I have > been looking and it seems to me like the change is that Persist()'s return > value changes here: > https://dxr.mozilla.org/mozilla-central/source/dom/storage/DOMStorageCache. > cpp#147 and that seems to control whether the data is saved anywhere. I > haven't found any place where stuff is explicitly cleared. I don't much understand the question. If you want to test inter-session persistence, you can be inspired with [1]. The localStorageFlushAndReload() helper function will fire the given callback after the cache is flushed to disk and reloaded again. This applies only to localStorage and its persistent data set. However, see [2], it could be altered to clear also any private and session-only data (the mData member of DOMStorageCache has 3 items: kDefaultSet, kPrivateSet, kSessionSet.) Does it help? [1] http://hg.mozilla.org/mozilla-central/annotate/29258f59e545/dom/tests/mochitest/localstorage/test_bug600307-DBOps.html#l41 [2] http://hg.mozilla.org/mozilla-central/annotate/29258f59e545/dom/storage/DOMStorageCache.cpp#l600
Flags: needinfo?(honzab.moz)
It's not ideal that we shipped one version with this bug, but since i am a week away from entering RC mode, I am leaning towards wontfixing this.
Assignee | ||
Comment 18•9 years ago
|
||
Hey, I'm so sorry in the delay on getting to this. I didn't dig through my holiday bugmail backlog at all until today. I've attached a potential mechanism for testing this behavior - unfortunately it extends the webidl interface for DOMStorage by adding a [ChromeOnly] method, so I am not sure it's a good idea. I figured I'd post it at least as a potential mechanism for testing this patch, to make it safer to merge into beta/aurora. Sorry again for the delay!
Attachment #8705766 -
Flags: review?(ehsan)
Assignee | ||
Updated•9 years ago
|
Flags: needinfo?(michael)
Comment 19•9 years ago
|
||
Comment on attachment 8705766 [details] [diff] [review] Test for corrected cookie permission behavior Review of attachment 8705766 [details] [diff] [review]: ----------------------------------------------------------------- Thanks, this is great! ::: dom/tests/mochitest/localstorage/frameLocalStorageSessionOnly.html @@ +1,5 @@ > +<!doctype html> > +<html> > + <body> > + <script> > + debugger; Why? ::: dom/tests/mochitest/localstorage/test_localStorageSessionPrefOverride.html @@ +1,1 @@ > +<html xmlns="http://www.w3.org/1999/xhtml"> Please drop the @xmlns. XHTML is dead. :-)
Attachment #8705766 -
Flags: review?(ehsan) → review+
Assignee | ||
Comment 20•9 years ago
|
||
Comment on attachment 8695895 [details] [diff] [review] Cookie permissions should override the CookiesLifetimePolicy I just realized that I never asked anyone to review this :S
Attachment #8695895 -
Flags: review?(ehsan)
Assignee | ||
Updated•9 years ago
|
Attachment #8705766 -
Attachment is obsolete: true
Updated•9 years ago
|
Attachment #8695895 -
Flags: review?(ehsan) → review+
Comment 22•9 years ago
|
||
Tracking for 46 assuming this also affects the current nightly. Recent regression. Once this lands for 46 and we do some testing, please request uplift to 45 (whether it is aurora, or beta by that time). Thanks!
Comment 23•9 years ago
|
||
https://hg.mozilla.org/integration/mozilla-inbound/rev/c96da719d455 https://hg.mozilla.org/integration/mozilla-inbound/rev/ffac58123eb0
Assignee | ||
Comment 25•9 years ago
|
||
Comment on attachment 8695895 [details] [diff] [review] Cookie permissions should override the CookiesLifetimePolicy Approval Request Comment [Feature/regressing bug #]: bug 536509 [User impact if declined]: Explicit cookie allow permissions will not override the session only lifetime policy for localstorage and indexeddb. Cookies are unaffected. [Describe test coverage new/current, TreeHerder]: Tests are located in the other patch, and confirm the correct behavior in localStorage. [Risks and why]: Should be fairly low risk, as it is a minor change with tests. [String/UUID change made/needed]: N/A
Attachment #8695895 -
Flags: approval-mozilla-aurora?
Comment 26•9 years ago
|
||
bugherder |
https://hg.mozilla.org/mozilla-central/rev/c96da719d455 https://hg.mozilla.org/mozilla-central/rev/ffac58123eb0
Status: NEW → RESOLVED
Closed: 9 years ago
Resolution: --- → FIXED
Target Milestone: --- → mozilla46
Comment 27•9 years ago
|
||
Comment on attachment 8695895 [details] [diff] [review] Cookie permissions should override the CookiesLifetimePolicy Fix a regression, has test, taking it.
Attachment #8695895 -
Flags: approval-mozilla-aurora? → approval-mozilla-aurora+
Comment 28•9 years ago
|
||
Comment on attachment 8705783 [details] [diff] [review] Part 2: Test for corrected cookie permission behavior [Triage Comment] let's take the test too
Attachment #8705783 -
Flags: approval-mozilla-aurora+
Comment 29•9 years ago
|
||
bugherder uplift |
https://hg.mozilla.org/releases/mozilla-aurora/rev/3f9c48e199bf https://hg.mozilla.org/releases/mozilla-aurora/rev/0991cdfecaee
Updated•6 years ago
|
Component: DOM → DOM: Core & HTML
You need to log in
before you can comment on or make changes to this bug.
Description
•