Closed Bug 1501695 Opened 3 years ago Closed 3 years ago

Clear-Site-Data storage directive does not clear Cache or service worker


(Core :: DOM: Service Workers, defect)

63 Branch
Not set



Tracking Status
firefox65 --- fixed


(Reporter: asa.kusuma, Assigned: baku)



(1 file)

User Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/70.0.3538.67 Safari/537.36

Steps to reproduce:

I'm on the latest stable, 63

Setup the repro app:

* Navigate to http://localhost:3000
* Click "Register service worker"
* Click "Popluate Cache"
* Open devTools and verify that cache has been populated and service worker is registered
* Refresh
* Notice that the index.html response included Clear-Site-Data: "storage"

Actual results:

Cache is not cleared and service worker is still registered. Click "Read cache" and "log sw registration" and see console output to confirm.

Expected results:

Cache should be completely cleared and the service worker should be unregistered
Component: Security → DOM: Service Workers
Theoretically we should be clearing this. I haven't tried your STR yet, though. Needinfo so that we don't forget about it.
Flags: needinfo?(jhofmann)
Flags: needinfo?(amarchesini)
> * Navigate to http://localhost:3000

By spec, Clear-Site-Data works only with secure connections. If you use https it will work.
Flags: needinfo?(jhofmann)
Flags: needinfo?(asa.kusuma)
Flags: needinfo?(amarchesini)
User agents are allowed to include localhost as a secure connection:

It's difficult to test behavior if localhost is not supported.

The service worker spec specifically notes that localhost can be included:

Clear-Site-Data spec does not explicitly note that localhost can be included:

So perhaps this is better classified as a feature request and not a bug.
Flags: needinfo?(asa.kusuma)
(In reply to asa.kusuma from comment #3)
> User agents are allowed to include localhost as a secure connection:

Yes you are right. I realized it when checking how to support localhost.
/me working on it.
Assignee: nobody → amarchesini
Attachment #9019984 - Flags: review?(ckerschb)
Comment on attachment 9019984 [details] [diff] [review]

Review of attachment 9019984 [details] [diff] [review]:

yeah, that looks sane to me - thanks!

::: toolkit/components/clearsitedata/ClearSiteData.cpp
@@ +207,5 @@
> +    return;
> +  }
> +
> +  nsCOMPtr<nsIContentSecurityManager> csm =

hah, I didn't know we an idl for the content security manager.
Attachment #9019984 - Flags: review?(ckerschb) → review+
Pushed by
ClearSiteData should be enabled for localhost, r=ckerschb
Closed: 3 years ago
Resolution: --- → FIXED
Target Milestone: --- → mozilla65
Thanks for the quick fix!
You need to log in before you can comment on or make changes to this bug.