Closed
Bug 1501695
Opened 6 years ago
Closed 6 years ago
Clear-Site-Data storage directive does not clear Cache or service worker
Categories
(Core :: DOM: Service Workers, defect)
Tracking
()
RESOLVED
FIXED
mozilla65
| Tracking | Status | |
|---|---|---|
| firefox65 | --- | fixed |
People
(Reporter: asa.kusuma, Assigned: baku)
Details
Attachments
(1 file)
|
4.35 KB,
patch
|
ckerschb
:
review+
|
Details | Diff | Splinter Review |
User Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/70.0.3538.67 Safari/537.36
Steps to reproduce:
I'm on the latest stable, 63
Setup the repro app: https://github.com/asakusuma/sw-clear-site-data/tree/firefox-bug
* Navigate to http://localhost:3000
* Click "Register service worker"
* Click "Popluate Cache"
* Open devTools and verify that cache has been populated and service worker is registered
* Refresh
* Notice that the index.html response included Clear-Site-Data: "storage"
Actual results:
Cache is not cleared and service worker is still registered. Click "Read cache" and "log sw registration" and see console output to confirm.
Expected results:
Cache should be completely cleared and the service worker should be unregistered
|
||
Updated•6 years ago
|
Component: Security → DOM: Service Workers
|
||
Comment 1•6 years ago
|
||
Theoretically we should be clearing this. I haven't tried your STR yet, though. Needinfo so that we don't forget about it.
Flags: needinfo?(jhofmann)
Flags: needinfo?(amarchesini)
|
Assignee | |
Comment 2•6 years ago
|
||
> * Navigate to http://localhost:3000
By spec, Clear-Site-Data works only with secure connections. If you use https it will work.
Flags: needinfo?(jhofmann)
Flags: needinfo?(asa.kusuma)
Flags: needinfo?(amarchesini)
|
Reporter | |
Comment 3•6 years ago
|
||
User agents are allowed to include localhost as a secure connection: https://w3c.github.io/webappsec-secure-contexts/#localhost
It's difficult to test behavior if localhost is not supported.
The service worker spec specifically notes that localhost can be included: https://www.w3.org/TR/service-workers-1/#secure-context
Clear-Site-Data spec does not explicitly note that localhost can be included: https://www.w3.org/TR/clear-site-data/#incomplete
So perhaps this is better classified as a feature request and not a bug.
Flags: needinfo?(asa.kusuma)
|
|
Assignee | |
Comment 4•6 years ago
|
||
(In reply to asa.kusuma from comment #3)
> User agents are allowed to include localhost as a secure connection:
> https://w3c.github.io/webappsec-secure-contexts/#localhost
Yes you are right. I realized it when checking how to support localhost.
/me working on it.
Assignee: nobody → amarchesini
|
|
Assignee | |
Comment 5•6 years ago
|
||
Attachment #9019984 -
Flags: review?(ckerschb)
|
||
Comment 6•6 years ago
|
||
Comment on attachment 9019984 [details] [diff] [review]
clearSiteDataLocalhost.patch
Review of attachment 9019984 [details] [diff] [review]:
-----------------------------------------------------------------
yeah, that looks sane to me - thanks!
::: toolkit/components/clearsitedata/ClearSiteData.cpp
@@ +207,5 @@
> + return;
> + }
> +
> + nsCOMPtr<nsIContentSecurityManager> csm =
> + do_GetService(NS_CONTENTSECURITYMANAGER_CONTRACTID);
hah, I didn't know we an idl for the content security manager.
Attachment #9019984 -
Flags: review?(ckerschb) → review+
Pushed by amarchesini@mozilla.com:
https://hg.mozilla.org/integration/mozilla-inbound/rev/0bc87bd86202
ClearSiteData should be enabled for localhost, r=ckerschb
|
||
Comment 8•6 years ago
|
||
| bugherder | ||
Status: UNCONFIRMED → RESOLVED
Closed: 6 years ago
status-firefox65:
--- → fixed
Resolution: --- → FIXED
Target Milestone: --- → mozilla65
|
|
Reporter | |
Comment 9•6 years ago
|
||
Thanks for the quick fix!
You need to log in
before you can comment on or make changes to this bug.
Description
•