Open
Bug 1340694
Opened 9 years ago
Updated 3 months ago
don't set fetch/xhr referrer based on exact nsIPrincipal URI value
Categories
(Core :: DOM: Networking, defect, P3)
Core
DOM: Networking
Tracking
()
NEW
People
(Reporter: bkelly, Unassigned)
References
Details
(Whiteboard: [necko-triaged])
In nsContentUtils::SetFetchReferrerURIWithPolicy() we set the referrer based on the URI in the nsIPrincipal:
https://dxr.mozilla.org/mozilla-central/source/dom/base/nsContentUtils.cpp#8530
This is called when fetch/xhr are used from worker threads.
This is very fragile since its not obvious that the nsIPrincipal URI is significant here. It would be much better to make these paths get the referrer from WorkerPrivate::GetResolvedScriptURI() or WorkerPrivate::ScriptURL().
https://dxr.mozilla.org/mozilla-central/source/dom/workers/WorkerPrivate.h#506
|
Reporter | |
Comment 1•9 years ago
|
||
Note, because of this issue we likely send the wrong referer header for blob: URL workers at the moment. See:
https://github.com/w3c/webappsec-referrer-policy/issues/95
|
|
Reporter | |
Comment 2•9 years ago
|
||
To clarify comment 1, a blob: URL worker currently ends up with a principal where the URL is the triggering document URL, not the blob URL.
|
||
Updated•9 years ago
|
Priority: -- → P3
|
||
Updated•7 years ago
|
See Also: → refactor-referrer-policy-setup
|
Assignee | |
Updated•6 years ago
|
Component: DOM → DOM: Core & HTML
|
||
Updated•3 years ago
|
Severity: normal → S3
|
||
Updated•3 months ago
|
Component: DOM: Core & HTML → DOM: Networking
|
||
Comment 3•3 months ago
|
||
We need to confirm if this is still the case. 5 points for the investigation efforts, ranked low since this likely is fixed(?).
Whiteboard: [necko-triaged]
You need to log in
before you can comment on or make changes to this bug.
Description
•