Closed Bug 1555036 Opened 3 months ago Closed 2 months ago

COOP: check browsing context's popup sandboxing flag

Categories

(Core :: Document Navigation, task, P2)

task

Tracking

()

RESOLVED FIXED
mozilla69
Fission Milestone M3
Tracking Status
firefox69 --- fixed

People

(Reporter: valentin.gosu, Assigned: valentin.gosu)

References

(Blocks 1 open bug)

Details

Attachments

(1 file)

I was just looking over the COOP implementation and I realised something is missing:
"If doc's browsing context's popup sandboxing flag set is not empty, then navigate doc's browsing context to a network error." [1]

[1] https://gist.github.com/annevk/6f2dd8c79c77123f39797f6bdac43f3e

Nika, I'm not exactly sure what the popup sandboxing flag is, or how to get it from the BC.
Can you point me in the right direction? Thanks!

Flags: needinfo?(nika)
Fission Milestone: --- → M3
Priority: -- → P2

I believe that the sandbox flags you're interested in are the ones defined here: https://searchfox.org/mozilla-central/rev/7556a400affa9eb99e522d2d17c40689fa23a729/dom/base/IframeSandboxKeywordList.h#22. Specifically, the "allow-popups" flag sets the SANDBOXED_AUXILIARY_NAVIGATION flag internally.

On a nsIDocShell I believe you can get the flags with nsIDocShell::GetSandboxFlags() (https://searchfox.org/mozilla-central/rev/7556a400affa9eb99e522d2d17c40689fa23a729/docshell/base/nsDocShell.cpp#5468), but I'm guessing you'll want them in the LoadInfo. I don't think the SANDBOXED_AUXILIARY_NAVIGATION bit is currently copied over, though I may be wrong, but it shouldn't be too hard to do. We also do it with some other sandbox flags here:https://searchfox.org/mozilla-central/rev/7556a400affa9eb99e522d2d17c40689fa23a729/docshell/base/nsDocShell.cpp#10405-10407

Flags: needinfo?(nika)
Assignee: nobody → valentin.gosu
Attachment #9071096 - Attachment description: Bug 1555036 - If there is a Cross-Origin-Opener-Policy mismatch and the SANDBOXED_AUXILIARY_NAVIGATION is set navigate to a network error r=nika → Bug 1555036 - If there is a Cross-Origin-Opener-Policy mismatch and the SANDBOXED_AUXILIARY_NAVIGATION is set navigate to a network error r=mayhemer
Pushed by valentin.gosu@gmail.com:
https://hg.mozilla.org/integration/autoland/rev/311baee18a93
If there is a Cross-Origin-Opener-Policy mismatch and the SANDBOXED_AUXILIARY_NAVIGATION is set navigate to a network error r=mayhemer
Status: NEW → RESOLVED
Closed: 2 months ago
Resolution: --- → FIXED
Target Milestone: --- → mozilla69
You need to log in before you can comment on or make changes to this bug.