Closed
Bug 1470174
Opened 6 years ago
Closed 3 years ago
"Clear private data on exit" does not delete icon cache (at cache/icons/)
Categories
(Firefox for Android Graveyard :: Favicon Handling, defect)
Tracking
(firefox62 affected)
RESOLVED
MOVED
Tracking | Status | |
---|---|---|
firefox62 | --- | affected |
People
(Reporter: robwu, Unassigned)
References
Details
(Keywords: privacy, sec-other)
(blocked on bug 1466130 because the relevant code is being refactored) The "Clear private data on exit" option in Fennec does not wipe the cache/icons/ directory (created by https://searchfox.org/mozilla-central/rev/d0a41d2e7770fc00df7844d5f840067cc35ba26f/mobile/android/base/java/org/mozilla/gecko/icons/storage/DiskStorage.java#71 ). In contrast, the "Clear Private Data" action (via the menu) does wipe the cache (when the "Offline Website Data" is selected): https://searchfox.org/mozilla-central/rev/d0a41d2e7770fc00df7844d5f840067cc35ba26f/mobile/android/base/java/org/mozilla/gecko/preferences/PrivateDataPreference.java#55-58 To make sure that the data is wiped in both cases ("Clear private data on exit" and "Clear Private Data" menu item), the icon cleanup logic should be triggered from Sanitizer.jsm (maybe at a (new?) cache category instead of the "Offline Website Data" category).
Updated•6 years ago
|
Group: firefox-core-security
Comment 1•6 years ago
|
||
I made this a private bug because it is similar to bug 1448305.
Comment 2•6 years ago
|
||
Keeping hidden because it reveals bug 1448305, but this one is more "just a bug" than a security problem.
Reporter | ||
Comment 3•6 years ago
|
||
Andrea, your bug (bug 1466130) blocks this bug. Are you able to fix bug 1466130 in Firefox 63? I'd like to get the fix for this bug and bug 1448305 in the same release (63), so that the known issues with leaks of private icons are fixed in the same release.
Updated•5 years ago
|
Group: firefox-core-security → mobile-core-security
Comment 4•3 years ago
|
||
Fixed on Fenix by https://github.com/mozilla-mobile/android-components/issues/7766
Status: NEW → RESOLVED
Closed: 3 years ago
Resolution: --- → MOVED
Reporter | ||
Comment 5•3 years ago
|
||
Thanks for the feedback Kevin.
Since the bug got fixed such a long time ago, it would probably be fine to open this bug to the public.
Updated•3 years ago
|
Group: mobile-core-security
Updated•3 years ago
|
Product: Firefox for Android → Firefox for Android Graveyard
You need to log in
before you can comment on or make changes to this bug.
Description
•