Closed Bug 1554847 Opened 1 year ago Closed 1 year ago

Canvas API should consider cross-origin redirects same-origin -> cross-origin -> same-origin

Categories

(Core :: DOM: Security, task, P2)

task

Tracking

()

RESOLVED FIXED
mozilla69
Tracking Status
firefox69 --- fixed

People

(Reporter: baku, Assigned: baku)

Details

(Whiteboard: [domsecurity-active])

Attachments

(4 files)

Status: NEW → ASSIGNED
Priority: -- → P2
Whiteboard: [domsecurity-active]

Bugbug thinks this bug is a task, but please change it back in case of error.

Type: defect → task
Pushed by amarchesini@mozilla.com:
https://hg.mozilla.org/integration/autoland/rev/946e4d9420dd
Improve cross-origin checks in canvas API - imgIRequest.hadCrossOriginRedirects, r=aosmond
https://hg.mozilla.org/integration/autoland/rev/3ff9a221f3e5
Improve cross-origin checks in canvas API - consider intermediate redirects, r=jya
https://hg.mozilla.org/integration/autoland/rev/101bd1c2d688
Improve cross-origin checks in canvas API - propagate allRedirectsSameOrigin to HttpChannelChild actor, r=mayhemer
https://hg.mozilla.org/integration/autoland/rev/17e36d139ac2
Improve cross-origin checks in canvas API - Fix WPT, r=annevk

Backed out 4 changesets (bug 1554847) for wpt failures at /service-workers/service-worker/fetch-canvas-tainting-video-cache.https.html

Backout: https://hg.mozilla.org/integration/autoland/rev/06d609bdcac65efea169a092144a8dfc85b3dc01

Failure push: https://treeherder.mozilla.org/#/jobs?repo=autoland&selectedJob=249680898&revision=17e36d139ac227f457e8aaf4af6297d0fe5df712

Failure log: https://treeherder.mozilla.org/logviewer.html#/jobs?job_id=249680898&repo=autoland&lineNumber=95341

12:20:00 INFO - TEST-PASS | /service-workers/service-worker/fetch-canvas-tainting-video-cache.https.html | url "https://web-platform.test:8443/service-workers/service-worker/resources/fetch-access-control.py?VIDEO&cache=true&mode=same-origin&url=https%3A%2F%2Fweb-platform.test%3A8443%2Fservice-workers%2Fservice-worker%2Fresources%2Ffetch-access-control.py%3FVIDEO%26cache%3Dtrue" with crossOrigin "use-credentials" should be NOT_TAINTED
12:20:00 INFO - TEST-UNEXPECTED-FAIL | /service-workers/service-worker/fetch-canvas-tainting-video-cache.https.html | url "https://www1.web-platform.test:8443/service-workers/service-worker/resources/fetch-access-control.py?VIDEO&cache=true&mode=same-origin&url=https%3A%2F%2Fweb-platform.test%3A8443%2Fservice-workers%2Fservice-worker%2Fresources%2Ffetch-access-control.py%3FVIDEO%26cache%3Dtrue" with crossOrigin "" should be NOT_TAINTED - assert_equals: expected "NOT_TAINTED" but got "TAINTED"
12:20:00 INFO - canvas_taint_test/</<@https://web-platform.test:8443/service-workers/service-worker/resources/fetch-canvas-tainting-tests.js:13:11
12:20:00 INFO - promise callbackcanvas_taint_test/<@https://web-platform.test:8443/service-workers/service-worker/resources/fetch-canvas-tainting-tests.js:12:10
12:20:00 INFO - Test.prototype.step@https://web-platform.test:8443/resources/testharness.js:1587:25
12:20:00 INFO - promise_test/tests.promise_tests</<@https://web-platform.test:8443/resources/testharness.js:591:36
12:20:00 INFO - promise_test/tests.promise_tests<@https://web-platform.test:8443/resources/testharness.js:590:20
12:20:00 INFO - promise callback
promise_test@https://web-platform.test:8443/resources/testharness.js:589:51
12:20:00 INFO - canvas_taint_test@https://web-platform.test:8443/service-workers/service-worker/resources/fetch-canvas-tainting-tests.js:10:3
12:20:00 INFO - do_canvas_tainting_tests@https://web-platform.test:8443/service-workers/service-worker/resources/fetch-canvas-tainting-tests.js:124:3
12:20:00 INFO - @https://web-platform.test:8443/service-workers/service-worker/fetch-canvas-tainting-video-cache.https.html:12:1
12:20:00 INFO - ...................

Flags: needinfo?(amarchesini)
Flags: needinfo?(amarchesini)

I relanded the patches. Should we reopen the bug in the meantime?

Flags: needinfo?(ccoroiu)
Status: RESOLVED → REOPENED
Flags: needinfo?(ccoroiu)
Resolution: FIXED → ---
Target Milestone: mozilla69 → ---
Pushed by amarchesini@mozilla.com:
https://hg.mozilla.org/integration/autoland/rev/c5b6b70112e1
Improve cross-origin checks in canvas API - imgIRequest.hadCrossOriginRedirects, r=aosmond
https://hg.mozilla.org/integration/autoland/rev/6c1abc27fd5d
Improve cross-origin checks in canvas API - consider intermediate redirects, r=jya
https://hg.mozilla.org/integration/autoland/rev/8b04a3843b26
Improve cross-origin checks in canvas API - propagate allRedirectsSameOrigin to HttpChannelChild actor, r=mayhemer
https://hg.mozilla.org/integration/autoland/rev/911c01e80761
Improve cross-origin checks in canvas API - Fix WPT, r=annevk

I suspect this bug to be related to the webcompat regression I discovered here: https://webcompat.com/issues/40371

You need to log in before you can comment on or make changes to this bug.