Closed Bug 1438691 Opened 6 years ago Closed 6 years ago

Build a quick-and-dirty way of detecting when privileged framescripts access things outside of the top-level document compartment

Categories

(Core :: DOM: Content Processes, enhancement, P3)

Product:
Core
Component:
DOM: Content Processes
Type:
enhancement

Tracking

()

Status:
RESOLVED INVALID

People

(Reporter: mconley, Unassigned)

References

Details

Attachments

(1 file)

Bug 1438691 - [Please never land this] Tripwire observer notifications
59 bytes, text/x-review-board-request
Details 
Summary says it all. This is to help get a sense of what things might need to change when we have site isolation enabled.
My add-on, which I've dramatically named "Tripwire", is a two-parter: an "experiment" Tripwire API that lets it monitor the messages coming from the content processes regarding violations, and the WebExtension which just adds a simple front-end.

Both of these depend on the patch in this bug to work.

https://github.com/mikeconley/tripwire-api
https://github.com/mikeconley/tripwire

I'm not 100% certain that what's being reported is accurate yet, but it's a start.
Hey jryans,

ehsan said you might find this useful. Maybe. I'm not sure.
Thanks, I'll check it out!  As another variation, I've been using :mystor's WIP hack for remote frames (bug 1429896) and looking around for what breaks.
Priority: -- → P3
I think this bug has served it's purpose for our investigation.
Status: NEW → RESOLVED
Closed: 6 years ago
Resolution: --- → INVALID
You need to log in before you can comment on or make changes to this bug.

Attachment

General

Creator:
Created:
Updated:
Size: