Open
Bug 1315553
Opened 8 years ago
Updated 2 years ago
Opening an about:blank tab with an explicit NullPrincipal breaks the document
Categories
(Firefox :: Tabbed Browser, defect)
Tracking
()
NEW
People
(Reporter: zombie, Unassigned)
References
Details
(Keywords: regression)
+++ This bug was initially created as a clone of Bug #1310331 +++ As part of bug 1310331, we need to mark a tab created with the "about:blank" url as having a NullPrincipal (and maybe with the appropriate addonId origin attribute). I'm trying to do that using the following code: gBrowser.addTab("about:blank", {originPrincipal: Services.scriptSecurityManager.createNullPrincipal({})}); (works in the browser console) A tab is opened, but the document inside never finishes loading, remaining in readyState: "uninitialized" forever. This looks like a platform bug, but I'm unsure about the product/component.
Reporter | ||
Updated•8 years ago
|
Priority: P3 → --
Whiteboard: triaged
Reporter | ||
Comment 1•8 years ago
|
||
Well, this is confusing. This seems to work in Aurora, and anything other than Nightly, but it's not a recent change. It's broken in any Nightly build from the last 6 months -- tested all the way back to 47 before giving up.
Reporter | ||
Comment 2•8 years ago
|
||
Hey Mike, I followed this down to docShell land, and knowing you visited there, you'll either know where to look, or at least who to ni? next. ;)
Flags: needinfo?(mconley)
Reporter | ||
Comment 3•8 years ago
|
||
> It's broken in any Nightly build from the last 6 months I somehow messed this up. It worked in Nightly until November 28, and broke in the November 29 build. --- We managed to work around this in bug 1310331, so it's not blocking things anymore. Though this still looks like a bug, and we still might wish to set an origin attribute down the line (which current solution doesn't allow us to do). Clearing the ni? from Mike, feel free to look at this whenever you get to it.
Component: WebExtensions: Frontend → Tabbed Browser
Flags: needinfo?(mconley)
Product: Toolkit → Firefox
Version: unspecified → 52 Branch
Comment 4•8 years ago
|
||
It being broken on nightly only sounds like it has to do with usercontextid not matching the tab somehow? It looks like you're not passing your new null principal any origin attributes (or only an addonId but not a usercontextid)
Comment 5•8 years ago
|
||
(In reply to Tomislav Jovanovic :zombie from comment #3) > > It's broken in any Nightly build from the last 6 months > > I somehow messed this up. It worked in Nightly until November 28, and broke > in the November 29 build. This is 2015? Can you provide a pushlog?
Flags: needinfo?(tomica)
Reporter | ||
Comment 6•8 years ago
|
||
> It being broken on nightly only sounds like it has to do with usercontextid > not matching the tab somehow? It looks like you're not passing your new null > principal any origin attributes (or only an addonId but not a usercontextid) Yes, the STR above is an empty NullPrincipal without any origin attributes (the final goal is to probably use addonId). Is that not allowed anymore? Is usercontextid now mandatory? > This is 2015? Can you provide a pushlog? And I manged to mess up the correction. :( I'm distracted, should probably step away from the keyboard. It stopped working in Nightly build from *September* 29th, a month and a half ago.
Flags: needinfo?(tomica)
Comment 7•8 years ago
|
||
(In reply to Tomislav Jovanovic :zombie from comment #6) > And I manged to mess up the correction. :( > I'm distracted, should probably step away from the keyboard. > > > It stopped working in Nightly build from *September* 29th, a month and a > half ago. That's presumably because "originPrincipal" was only introduced then, because we used it for a security fix. https://hg.mozilla.org/mozilla-central/rev/a45cfe898352 before then, the null principal argument had no effect. I expect that the issue is that we're creating an about:blank content viewer and then loading about:blank in there, so various location change things might not fire given that the URIs are the same, or something?
Blocks: CVE-2017-5420
Keywords: regression
Comment 8•8 years ago
|
||
Could be, but that wouldn't generally affect readyState. That said, about:blank is all sorts of black magic; just ask hsivonen. It's possible that the actual about:blank load is simply not happening in this case, and the initial about:blank _is_ in the "uninitialized" readyState.
Updated•2 years ago
|
Severity: normal → S3
You need to log in
before you can comment on or make changes to this bug.
Description
•