1498370 - Update the storage access flag when storage access is granted/denied

Status: RESOLVED FIXED

(Core :: DOM: Core & HTML, enhancement, P2)

Description

[(no longer active)]

Consider the following scenario:

  1. example.com embeds two iframes from tracker.example.
  2. The first iframe calls requestStorageAccess() to obtain storage access.
  3. The second iframe will be left without storage access.

Right now we would automatically grant the second iframe storage access if it navigated to tracker.example after step 2 but not before.

Comment 1

[Steven Englehardt [:englehardt]]

Despite what we discussed today, this seems to work. See: https://senglehardt.com/test/storage_access/

Comment 2

[(no longer active)]

Yes, this works right now because we do a permission check in hasStorageAccess(): https://searchfox.org/mozilla-central/rev/1ce4e8a5601da8e744ca6eda69e782318afab54d/dom/base/nsDocument.cpp#13683

But it turns out that this isn't the right way to implement this, since doing this permission check means that when the subframe navigates away we can't easily revoke its access (since the access will continue to appear to be granted due to the permission check.)

So the proper way to implement this is to really look for permission change notifications and update our state accordingly.

Comment 3

[(no longer active)]

I have a patch for this.  The patch itself doesn't include a test, but it is already being tested in browser_storageAccessWithHeuristics.js.  The hunk in nsIDocument::HasStorageAccess() being removed causes that test to fail, the rest of the patch makes it pass again.

Comment 4

[(no longer active)]

Attachment: Bug 1498370 - Update the storage access flag when storage access is granted/denied

Comment 5

[Pulsebot]

Pushed by eakhgari@mozilla.com:
https://hg.mozilla.org/integration/autoland/rev/e362c18e1830
Update the storage access flag when storage access is granted/denied r=baku

Comment 6

[Bogdan Tara[:bogdan_tara | bogdant]]

https://hg.mozilla.org/mozilla-central/rev/e362c18e1830