Closed
Bug 1264574
Opened 8 years ago
Closed 8 years ago
Isolate cache to URL bar domain (Tor 13742)
Categories
(Core :: DOM: Security, defect, P2)
Core
DOM: Security
Tracking
()
RESOLVED
DUPLICATE
of bug 1260931
People
(Reporter: huseby, Assigned: huseby)
References
(Blocks 2 open bugs)
Details
(Whiteboard: [tor-testing][OA-testing][domsecurity-backlog1][ETA 11/7])
Attachments
(1 file, 1 obsolete file)
|
4.79 KB,
patch
|
Details | Diff | Splinter Review |
The Tor Patch for testing cache isolation.
|
Assignee | |
Comment 1•8 years ago
|
||
|
|
Assignee | |
Updated•8 years ago
|
Summary: Isolate cache to URL bar domain. → Test the Isolate cache to URL bar domain.
|
||
Comment 2•8 years ago
|
||
This patch needs a good explanation of what you are doing. Messing this way with the id extension will just blow all of the current cache and might break some functionality.
|
||
Updated•8 years ago
|
Whiteboard: [tor][OA] → [tor][OA][domsecurity-backlog]
|
|
||
Comment 3•8 years ago
|
||
Comment on attachment 8741294 [details] [diff] [review] the Tor Browser patch (WIP) Review of attachment 8741294 [details] [diff] [review]: ----------------------------------------------------------------- ::: netwerk/protocol/http/nsHttpChannel.cpp @@ +2775,4 @@ > if (mLoadFlags & LOAD_BYPASS_LOCAL_CACHE_IF_BUSY) > cacheEntryOpenFlags |= nsICacheStorage::OPEN_BYPASS_IF_BUSY; > > + extension.Append(nsPrintfCString("%s@%d", cacheDomain.get(), mPostID)); personally, I would add the cacheDomain to the ext id (if that is even the best place to add it) only if it's different from the domain of the URL we are loading with this channel. That way you won't blow currently single-domain cached stuff from the people's caches while the isolation will still work. Also, mPostID must be added only when non-null.
|
|
||
Comment 4•8 years ago
|
||
Also, this should be optional IMO. It will effectively disable cache for loads of some third-party hosted resources like jquery and fonts, which is IMO unfortunate and goes against the cache use. I would engage this only when the channel is loaded as part of page where tracking protection is enabled (from the Firefox point of view) or with some other annotation flag that Tor browser can set.
|
||
Comment 5•8 years ago
|
||
Here's a link that tracks the Tor Browser patch as it is rebased. https://torpat.ch/13742
|
|
Assignee | |
Updated•8 years ago
|
Summary: Test the Isolate cache to URL bar domain. → Test the Isolate cache to URL bar domain (Tor 13742)
Whiteboard: [tor][OA][domsecurity-backlog] → [tor][OA-testing][domsecurity-backlog]
|
|
Assignee | |
Updated•8 years ago
|
Whiteboard: [tor][OA-testing][domsecurity-backlog] → [tor-testing][OA-testing][domsecurity-backlog]
|
|
Assignee | |
Updated•8 years ago
|
Priority: -- → P1
|
|
||
Updated•8 years ago
|
Priority: P1 → P3
Whiteboard: [tor-testing][OA-testing][domsecurity-backlog] → [tor-testing][OA-testing][domsecurity-backlog1]
|
||
Updated•8 years ago
|
Priority: P3 → P1
|
||
Updated•8 years ago
|
Whiteboard: [tor-testing][OA-testing][domsecurity-backlog1] → [tor-testing][OA-testing][domsecurity-backlog1][ETA 11/7]
|
|
||
Updated•8 years ago
|
Priority: P1 → P2
|
|
||
Comment 6•8 years ago
|
||
The patch from Tor browser is implementation instead of testing, and we may not have to do extra thing once Yoshi's patch in bug 1260931 lands. Cache testing is taken care of in bug 1264577.
Summary: Test the Isolate cache to URL bar domain (Tor 13742) → Isolate cache to URL bar domain (Tor 13742)
|
|
||
Comment 7•8 years ago
|
||
(In reply to Jonathan Hao [:jhao] from comment #6) > The patch from Tor browser is implementation instead of testing, and we may > not have to do extra thing once Yoshi's patch in bug 1260931 lands. Cache > testing is taken care of in bug 1264577. Jonathan, thanks for this clarification information. Tim, when you verified that the cache is really isolated in bug 1264577, please set this bug as WONTFIX.
Flags: needinfo?(tihuang)
|
|
||
Updated•8 years ago
|
Blocks: FirstPartyIsolation
|
|
Assignee | |
Updated•8 years ago
|
Assignee: nobody → huseby
|
|
Assignee | |
Updated•8 years ago
|
Status: NEW → ASSIGNED
|
|
Assignee | |
Comment 8•8 years ago
|
||
this patch is a test cache that confirms that http/content cache isolation is working with first party origin isolation. since it appears to be working, i'm going to close this bug as resolved, duplicate.
Attachment #8741294 -
Attachment is obsolete: true
Flags: needinfo?(tihuang)
|
|
Assignee | |
Updated•8 years ago
|
Status: ASSIGNED → RESOLVED
Closed: 8 years ago
Resolution: --- → DUPLICATE
You need to log in
before you can comment on or make changes to this bug.
Description
•