Closed Bug 1332310 Opened 8 years ago Closed 8 years ago

Update TriggeringPrincipal when adding to session history within docshell

Categories

(Core :: DOM: Security, defect, P1)

defect

Tracking

()

RESOLVED FIXED
mozilla53
Tracking Status
firefox-esr45 --- unaffected
firefox50 --- unaffected
firefox51 --- unaffected
firefox52 --- unaffected
firefox53 + fixed

People

(Reporter: ckerschb, Assigned: ckerschb)

References

Details

(Whiteboard: [domsecurity-active])

Attachments

(1 file)

No description provided.
Assignee: nobody → ckerschb
Blocks: 1307736
Status: NEW → ASSIGNED
Priority: -- → P1
Whiteboard: [domsecurity-active]
Boris, it seems that Bug 1307736 is a little more complicated than we thought and will require more work. Tanvi requested tracking for 53 [1]. In particular she is worried about the triggeringPrincipal fallback within docshell and hence she wants to update at least the triggeringPrincipal part when adding to session history [2] (which makes sense to me). If you agree, then we land this bug now and clear the tracking-requested for 53 from Bug 1307736. Agreed? [1] https://bugzilla.mozilla.org/show_bug.cgi?id=1307736#c11 [2] https://bugzilla.mozilla.org/show_bug.cgi?id=1307736#c33
Attachment #8828359 - Flags: review?(bzbarsky)
Comment on attachment 8828359 [details] [diff] [review] bug_1332310_add_triggeringprincipal_when_adding_session_history.patch r=me as far as it goes, but why can't we also land the changes to nsDocShell::CreateContentViewer?
Attachment #8828359 - Flags: review?(bzbarsky) → review+
Oh, and this needs a much better commit message. We're only changing the AddState case, not general session history addition.
(In reply to Boris Zbarsky [:bz] (still a bit busy) from comment #2) > Comment on attachment 8828359 [details] [diff] [review] > bug_1332310_add_triggeringprincipal_when_adding_session_history.patch > > r=me as far as it goes, but why can't we also land the changes to > nsDocShell::CreateContentViewer? Yes, we can land those with this bug too - thanks.
[Tracking Requested - why for this release]: This Bug is a partial fix for Bug 1307736 and why Tanvi requested tracking for 53 [1]. We will land this bug and I will clear the tracking flags for Bug 1307736 as agreed with bz and tanvi. [1] https://bugzilla.mozilla.org/show_bug.cgi?id=1307736#c33
Pushed by mozilla@christophkerschbaumer.com: https://hg.mozilla.org/integration/mozilla-inbound/rev/9396973616a5 Update AddState and CreateContentViewer to provide an accurate triggeringPrincipal for creating a history entry. r=bz
Status: ASSIGNED → RESOLVED
Closed: 8 years ago
Resolution: --- → FIXED
Target Milestone: --- → mozilla53
You need to log in before you can comment on or make changes to this bug.

Attachment

General

Created:
Updated:
Size: