Closed
Bug 1405884
Opened 7 years ago
Closed 7 years ago
Isolate indexedDB by OriginAttributes
Categories
(Core :: Storage: IndexedDB, enhancement, P3)
Core
Storage: IndexedDB
Tracking
()
RESOLVED
INVALID
People
(Reporter: arthur, Unassigned)
References
(Blocks 1 open bug)
Details
(Whiteboard: [tor])
indexedDB is a supercookie vector. We should isolate it by origin attributes. (Currently, Tor Browser disables indexedDB, but in the future, we would like to support a memory-only, clearable, first-party isolated indexedDB.)
|
||
Updated•7 years ago
|
Priority: -- → P3
|
||
Comment 1•7 years ago
|
||
IDB is already isolated. Open a nilla profile, set FPI=true, visit YT and watch ~/profile/storage/default entries like: https+++www.youtube.com^firstPartyDomain=youtube.com
Or am I missing something here?
> we would like to support a memory-only, clearable, first-party isolated indexedDB
that excludes `moz-extension+++`* entries - FTFY
|
||
Comment 2•7 years ago
|
||
I confirm. IndexedDB uses QuotaManager, and QuotaManager supports OriginAttributes.
Status: NEW → RESOLVED
Closed: 7 years ago
Resolution: --- → INVALID
|
Reporter | |
Comment 3•7 years ago
|
||
That's great! Sorry for not realizing this already.
|
||
Comment 4•7 years ago
|
||
Yes, it's isolated.
|
||
Comment 5•6 years ago
|
||
(In reply to Andrea Marchesini [:baku] from comment #2) > I confirm. IndexedDB uses QuotaManager, and QuotaManager supports > OriginAttributes. For reference, this got done in bug 1278037 I believe.
You need to log in
before you can comment on or make changes to this bug.
Description
•