Closed
Bug 1438691
Opened 6 years ago
Closed 6 years ago
Build a quick-and-dirty way of detecting when privileged framescripts access things outside of the top-level document compartment
Categories
(Core :: DOM: Content Processes, enhancement, P3)
Core
DOM: Content Processes
Tracking
()
RESOLVED
INVALID
People
(Reporter: mconley, Unassigned)
References
Details
Attachments
(1 file)
59 bytes,
text/x-review-board-request
|
Details |
Summary says it all. This is to help get a sense of what things might need to change when we have site isolation enabled.
Comment hidden (mozreview-request) |
Reporter | ||
Comment 2•6 years ago
|
||
My add-on, which I've dramatically named "Tripwire", is a two-parter: an "experiment" Tripwire API that lets it monitor the messages coming from the content processes regarding violations, and the WebExtension which just adds a simple front-end. Both of these depend on the patch in this bug to work. https://github.com/mikeconley/tripwire-api https://github.com/mikeconley/tripwire I'm not 100% certain that what's being reported is accurate yet, but it's a start.
Reporter | ||
Comment 3•6 years ago
|
||
Hey jryans, ehsan said you might find this useful. Maybe. I'm not sure.
Thanks, I'll check it out! As another variation, I've been using :mystor's WIP hack for remote frames (bug 1429896) and looking around for what breaks.
Updated•6 years ago
|
Priority: -- → P3
Reporter | ||
Comment 5•6 years ago
|
||
I think this bug has served it's purpose for our investigation.
Status: NEW → RESOLVED
Closed: 6 years ago
Resolution: --- → INVALID
You need to log in
before you can comment on or make changes to this bug.
Description
•