Closed
Bug 1508355
Opened 6 years ago
Closed 6 years ago
Add a test to make sure "Save Page As" respect First-Party Isolation
Categories
(Firefox :: Menus, enhancement, P5)
Firefox
Menus
Tracking
()
RESOLVED
FIXED
Firefox 66
Tracking | Status | |
---|---|---|
firefox66 | --- | fixed |
People
(Reporter: arthur, Assigned: timhuang)
References
(Blocks 1 open bug)
Details
(Whiteboard: [tor 22343])
Attachments
(1 file, 2 obsolete files)
In Tor Browser, we introduced a patch to isolate a number of "Saving" options by first-party. Namely:
* File menu:
- Save Page As
* Context menu in content pages:
- Save Page As
- Save Image As
- Save Video As
- Save Link As
- Save Frame As
* Page Info "Media" Panel:
- Save As
This involves ensuring the request channel has the correct principal (and OriginAttribute) so that we get proper stream isolation.
We'd like to propose uplifting this patch to Firefox.
Current Tor Browser patch:
https://torpat.ch/22343
Original Tor ticket:
https://trac.torproject.org/22343
Updated•6 years ago
|
Priority: -- → P3
Updated•6 years ago
|
Priority: P3 → P5
Assignee | ||
Comment 1•6 years ago
|
||
I believe that all "Save ... As" has followed OAs after bug 1469916. But it still doesn't have a test case for them.
Assignee: nobody → tihuang
Summary: "Save Page As" should respect First-Party Isolation → Add a test to make sure "Save Page As" respect First-Party Isolation
Assignee | ||
Comment 2•6 years ago
|
||
This patch adds a test case which tests following "Save ... As" options:
* File menu:
- Save Page As
* Context menu in content pages:
- Save Page As
- Save Image As
- Save Video As
- Save Link As
- Save Frame As
* Page Info "Media" Panel:
- Save As
It triggers the save process and checks if the OA of the saving channel
has the correct first party domain.
Attachment #9036290 -
Flags: review?(richard)
Attachment #9036290 -
Flags: review?(amarchesini)
Comment 3•6 years ago
|
||
Comment on attachment 9036290 [details] [diff] [review]
Add a test case for assuring all "Save ... As" options honor the first party domain. r=baku,richard@torproject.org
Review of attachment 9036290 [details] [diff] [review]:
-----------------------------------------------------------------
::: browser/components/originattributes/test/browser/browser_firstPartyIsolation_saveAs.js
@@ +62,5 @@
> +});
> +
> +function createTemporarySaveDirectory() {
> + let saveDir = Services.dirsvc.get("TmpD", Ci.nsIFile);
> + saveDir.append("testsavedir");
saveDir.creatUnique(Ci.nsIFile.DIRECTORY_TYPE, 0o755);
without checking the existence.
Attachment #9036290 -
Flags: review?(amarchesini) → review+
Comment 4•6 years ago
|
||
Comment on attachment 9036290 [details] [diff] [review]
Add a test case for assuring all "Save ... As" options honor the first party domain. r=baku,richard@torproject.org
Review of attachment 9036290 [details] [diff] [review]:
-----------------------------------------------------------------
Looks good to me
Updated•6 years ago
|
Attachment #9036290 -
Flags: review?(richard) → review+
Assignee | ||
Updated•6 years ago
|
Attachment #9036290 -
Attachment is obsolete: true
Assignee | ||
Comment 6•6 years ago
|
||
Fixing an issue which causes a test failure.
Attachment #9037986 -
Flags: review+
Assignee | ||
Updated•6 years ago
|
Attachment #9037921 -
Attachment is obsolete: true
Assignee | ||
Comment 7•6 years ago
|
||
Try looks good.
https://treeherder.mozilla.org/#/jobs?repo=try&revision=d754c4d8ac5eb0dfcb0641ee086274a453c4304d
Keywords: checkin-needed
Pushed by csabou@mozilla.com:
https://hg.mozilla.org/integration/mozilla-inbound/rev/0f709682e4a0
Add a test case for assuring all "Save ... As" options honor the first party domain. r=baku,richard@torproject.org
Keywords: checkin-needed
Comment 9•6 years ago
|
||
bugherder |
Status: NEW → RESOLVED
Closed: 6 years ago
status-firefox66:
--- → fixed
Resolution: --- → FIXED
Target Milestone: --- → Firefox 66
You need to log in
before you can comment on or make changes to this bug.
Description
•