Open Bug 1454723 Opened 6 years ago Updated 2 years ago

Potentially fix same-site cookie hanlding within sandbox iframe

Tracking

()

Status:

NEW

People

(Reporter: ckerschb, Unassigned)

References

Details

(Whiteboard: [domsecurity-backlog1])

Christoph Kerschbaumer [:ckerschb]

Reporter

Description

•

6 years ago

I haven't tested this, but I assume our handling of same-site cookies within sandbox iframes is wrong. The tests we have within Bug 1454027 use document.cookie which throw a security error within sandbox iframes anyway. I guess it's wise to at least have some tests for same-site cookie handling of any kind of resource loads.

No need to uplift to 60 though in my opinion!

Christoph Kerschbaumer [:ckerschb]

Reporter

Updated

•

6 years ago

Blocks: samesite-cookies

Christoph Kerschbaumer [:ckerschb]

Reporter

Updated

•

6 years ago

Priority: -- → P3

Whiteboard: [domsecurity-backlog1]

BMO Automation

Updated

•

2 years ago

Severity: normal → S3

You need to log in before you can comment on or make changes to this bug.

Bugzilla

Quick Search

Potentially fix same-site cookie hanlding within sandbox iframe

Categories

(Core :: DOM: Security, enhancement, P3)

Tracking

()

People

(Reporter: ckerschb, Unassigned)

References

Details

(Whiteboard: [domsecurity-backlog1])

Crash Data

Security

(public)

User Story

Description

Updated

Updated

Updated