Closed Bug 1498370 Opened 2 years ago Closed 2 years ago

Update the storage access flag when storage access is granted/denied

Categories

(Core :: DOM: Core & HTML, enhancement, P2)

enhancement

Tracking

()

RESOLVED FIXED
mozilla64
Tracking Status
firefox64 --- fixed

People

(Reporter: ehsan, Assigned: ehsan)

References

Details

Attachments

(1 file)

Consider the following scenario:

  1. example.com embeds two iframes from tracker.example.
  2. The first iframe calls requestStorageAccess() to obtain storage access.
  3. The second iframe will be left without storage access.

Right now we would automatically grant the second iframe storage access if it navigated to tracker.example after step 2 but not before.
Despite what we discussed today, this seems to work. See: https://senglehardt.com/test/storage_access/
Yes, this works right now because we do a permission check in hasStorageAccess(): https://searchfox.org/mozilla-central/rev/1ce4e8a5601da8e744ca6eda69e782318afab54d/dom/base/nsDocument.cpp#13683

But it turns out that this isn't the right way to implement this, since doing this permission check means that when the subframe navigates away we can't easily revoke its access (since the access will continue to appear to be granted due to the permission check.)

So the proper way to implement this is to really look for permission change notifications and update our state accordingly.
Blocks: 1498591
I have a patch for this.  The patch itself doesn't include a test, but it is already being tested in browser_storageAccessWithHeuristics.js.  The hunk in nsIDocument::HasStorageAccess() being removed causes that test to fail, the rest of the patch makes it pass again.
Priority: -- → P2
Pushed by eakhgari@mozilla.com:
https://hg.mozilla.org/integration/autoland/rev/e362c18e1830
Update the storage access flag when storage access is granted/denied r=baku
https://hg.mozilla.org/mozilla-central/rev/e362c18e1830
Status: NEW → RESOLVED
Closed: 2 years ago
Resolution: --- → FIXED
Target Milestone: --- → mozilla64
Component: DOM → DOM: Core & HTML
You need to log in before you can comment on or make changes to this bug.