Closed
Bug 1504581
Opened 6 years ago
Closed 6 years ago
Security testing of the Storage Access API
Categories
(Firefox Graveyard :: Security: Review Requests, enhancement)
Firefox Graveyard
Security: Review Requests
Tracking
(Not tracked)
RESOLVED
WONTFIX
People
(Reporter: pauljt, Assigned: freddy)
References
Details
(Whiteboard: testing)
In bug 1469714 we shipped the Storage Access API [1]. This bug is to consider doing security testing to validate the properties of this API, and check for implementation bugs.
[1] https://developer.mozilla.org/en-US/docs/Web/API/Storage_Access_API
Reporter | ||
Comment 1•6 years ago
|
||
Freddy, can you take a look into this and decide if testing is something which is worthwhile to pursue here?
Assignee: nobody → fbraun
Reporter | ||
Updated•6 years ago
|
Flags: needinfo?(fbraun)
Reporter | ||
Comment 2•6 years ago
|
||
I'm leaning towards closing this - the API itself seems low risk: the API doesnt grant any additional access to storage, rather it re-adds access for pages which have been blocked access to storage by tracking protection.
The most likely risk I see is that the API fails to work, and might break a website. Apart from the normal implementation risks, this doesn't seem like a particularly risky change.
Assignee | ||
Comment 3•6 years ago
|
||
Closing as WONTFIX, as suggested
Status: NEW → RESOLVED
Closed: 6 years ago
Flags: needinfo?(fbraun)
Resolution: --- → WONTFIX
Updated•5 years ago
|
Product: Firefox → Firefox Graveyard
You need to log in
before you can comment on or make changes to this bug.
Description
•