Open Bug 1314234 Opened 8 years ago Updated 2 years ago

Move INTERNAL_LOAD_FLAGS_INHERIT_PRINCIPAL computation in LoadURI() and kill remove that flag

Tracking

()

Status:

NEW

People

(Reporter: ckerschb, Unassigned)

References

Details

(Whiteboard: [domsecurity-backlog1])

Christoph Kerschbaumer [:ckerschb]

Reporter

Description

•

8 years ago

> Comment from Boris from Bug 1308889

Now that I write this down... is it not the case that LoadURI is the _only_ place that passes INTERNAL_LOAD_FLAGS_INHERIT_PRINCIPAL?  Can we push that entire computation that's conditioned on that flag out of InternalLoad to LoadURI, and just have InternalLoad have simple semantics: If aPrincipalToInherit is non-null and the URL wants to inherit a principal, it will inherit it; if either of those is not the case, there will be no inheritance.  Then we can kill INTERNAL_LOAD_FLAGS_INHERIT_PRINCIPAL altogether.  Followup probably OK for this change, if we want to reduce risk.

Christoph Kerschbaumer [:ckerschb]

Reporter

Updated

•

8 years ago

Priority: -- → P3

Whiteboard: [domsecurity-backlog1]

Christoph Kerschbaumer [:ckerschb]

Reporter

Updated

•

8 years ago

Depends on: 1308889

BMO Automation

Updated

•

2 years ago

Severity: normal → S3

You need to log in before you can comment on or make changes to this bug.

Bugzilla

Quick Search

Move INTERNAL_LOAD_FLAGS_INHERIT_PRINCIPAL computation in LoadURI() and kill remove that flag

Categories

(Core :: DOM: Security, defect, P3)

Tracking

()

People

(Reporter: ckerschb, Unassigned)

References

Details

(Whiteboard: [domsecurity-backlog1])

Crash Data

Security

(public)

User Story

Description

Updated

Updated

Updated