Closed Bug 1498370 Opened 3 years ago Closed 3 years ago

Update the storage access flag when storage access is granted/denied


(Core :: DOM: Core & HTML, enhancement, P2)




Tracking Status
firefox64 --- fixed


(Reporter: ehsan.akhgari, Assigned: ehsan.akhgari)




(1 file)

Consider the following scenario:

  1. embeds two iframes from tracker.example.
  2. The first iframe calls requestStorageAccess() to obtain storage access.
  3. The second iframe will be left without storage access.

Right now we would automatically grant the second iframe storage access if it navigated to tracker.example after step 2 but not before.
Despite what we discussed today, this seems to work. See:
Yes, this works right now because we do a permission check in hasStorageAccess():

But it turns out that this isn't the right way to implement this, since doing this permission check means that when the subframe navigates away we can't easily revoke its access (since the access will continue to appear to be granted due to the permission check.)

So the proper way to implement this is to really look for permission change notifications and update our state accordingly.
Blocks: 1498591
I have a patch for this.  The patch itself doesn't include a test, but it is already being tested in browser_storageAccessWithHeuristics.js.  The hunk in nsIDocument::HasStorageAccess() being removed causes that test to fail, the rest of the patch makes it pass again.
Priority: -- → P2
Pushed by
Update the storage access flag when storage access is granted/denied r=baku
Closed: 3 years ago
Resolution: --- → FIXED
Target Milestone: --- → mozilla64
Component: DOM → DOM: Core & HTML
You need to log in before you can comment on or make changes to this bug.