Currently, Firefox hosts 40+ about: pages where roughly half of which are System Privileged and half of which are Content Privileged. System Privileged about: pages have full access to internal APIs whereas Content Privileged about: pages rely on various implementations to transfer data between content and privileged components within the browser. Additionally, some of the content privileged about: pages are accessible from web content. Ad hoc security checks, which are scattered throughout the browser, enforce that the various data transfers between content privileged and system privileged land (mostly realized through custom events) are trusted. To sum it up, we can clean up legacy implementations of about: pages and improve the current behavior in the following ways: * First, assess all about: pages and evaluate whether they need to be accessible from web content or not and additionally whether they need to be system privileged or can be content privileged. * Second, unify implementations (e.g. expose attributes to about: pages through webidl) which allows to enforce security checks at specific locations within the codebase. * Third, load all JS from external files and apply a CSP to about: pages which disallows execution of inline scripts. Bonus Points: * Have all about: pages register in a single place/file in our codebase (currently it’s in nsAboutRedirector, AboutRedirector, nsAboutCache, and AboutPages.jsm.) Benefits and Synergy Effects: * Unified structure for all about: pages * Unified Security Model * Code cleanup * Clear structure for new about: pages to be added
Assignee: nobody → ckerschb
Status: NEW → ASSIGNED
Priority: -- → P3
See Also: → better-cert-errors
You need to log in before you can comment on or make changes to this bug.