Open Bug 1494457 Opened 5 years ago Updated 6 months ago

PBackgroundLocalStorageCache, PBackgroundSDBConnection, PCacheStorage can be constructed with fraudulent principal, origin, private browsing id


(Core :: Storage: localStorage & sessionStorage, enhancement, P3)




Fission Milestone Future


(Reporter: tjr, Unassigned)


(Depends on 1 open bug, Blocks 1 open bug)


In PBackground.ipdl, the following methods accept a principal, origin, and/or privatebrowsingId and uses it to construct actors which contains those values as members.

- PBackgroundSDBConnection
- PBackgroundLocalStorageCache
- PCacheStorage

A Rogue Content Process could supply fraudulent values to these Actor Constructor and operate on another origin's data. The supplied principal/etc should be checked to ensure that the supplied data is valid for this content process.
See Also: → 1494458
Priority: -- → P3

This bug is not a Fission MVP blocker.

Fission Milestone: --- → Future
Severity: normal → S3
You need to log in before you can comment on or make changes to this bug.