Open Bug 1446645 Opened 6 years ago Updated 2 years ago

nsISecretDecoderRing.logoutAndTeardown() should probably only terminate client-cert-authenticated connections

Categories

(Core :: Security: PSM, defect, P3)

Product:
Core
Component:
Security: PSM
Version:
59 Branch
Platform:
x86_64
Windows 10
Type:
defect

Tracking

()

Tracking Flags:
Tracking Status
firefox-esr52 --- unaffected
firefox-esr60 --- wontfix
firefox59 --- wontfix
firefox60 - wontfix
firefox61 --- wontfix
firefox62 --- wontfix
firefox72 --- wontfix
firefox73 --- wontfix
firefox74 --- wontfix
firefox75 --- fix-optional

People

(Reporter: alice0775, Unassigned)

References

(Blocks 1 open bug)

Details

(Keywords: regression, Whiteboard: [psm-backlog]) 

[Tracking Requested - why for this release]: UX regression, "Clear Recent History" unexpectedly cancels ongoing download and clears

Reproducible: always

Steps To Reproduce:
1. Download something large file (e.g, http://archive.mozilla.org/pub/firefox/nightly/2018/03/2018-03-01-02-47-24-mozilla-central/firefox-60.0a1.en-US.linux-x86_64.tar.bz2 )
2. Perform "Clear Recent History...(Ctrl+Shift+Del)" while the downloads is in progress

Actual Results:
The ongoing downloads is canceled and cleared.

Expected Results:
The ongoing downloads should be continued.


Regression window:
https://hg.mozilla.org/integration/autoland/pushloghtml?fromchange=dccea4ad69cb82cbc384eb100f1471d1ccb75e0d&tochange=746eeb7be00252fa38228f3f291bf948983bd57d

Regressed by:
746eeb7be002	David Keeler — bug 1425032 - use new "cancel all connections" notification for PKCS#11 logout r=mgoodwin


@David Keeler,
Your patch causes the regression, can you look into this?
Flags: needinfo?(dkeeler)
Hmmm - maybe we need to change "cancel all connections" to "cancel all connections for which a client certificate was used. Honestly, though, I don't think it's that surprising that clearing history would cause in-progress downloads to be cancelled as well.
Component: Downloads Panel → Security: PSM
Flags: needinfo?(dkeeler)
Priority: -- → P3
Product: Firefox → Core
Summary: "Clear Recent History…" also clear currently ongoing downloads → nsISecretDecoderRing.logoutAndTeardown() should probably only terminate client-cert-authenticated connections
Whiteboard: [psm-backlog]
There is no particular complaint about this regression(Download is canceled).
However, I think that it needs UX-team decision.
And I think it also needs a confirmation dialog at least. 
(Firefox has already similar dialog "Cancel All Downloads" when trying to close the browser)
Feels like a bit of an edge case, not new in 60, so not tracking
status-firefox59: affectedwontfix
tracking-firefox60: ?-

Hi,

I've tested this using the latest Nightly 74.0a1 (2020-02-10) (64-bit), beta73.0 (64-bit) and release 72.0.2 (64-bit) for windows 10 pro and I’m able to reproduce the issue. Based on this I will mark firefox72, 73 and 74 flag as affected.

Best,
Clara

status-firefox72: --- → affected
status-firefox73: --- → affected
status-firefox74: --- → affected
Blocks: 1196329
Severity: normal → S3
You need to log in before you can comment on or make changes to this bug.