Closed Bug 1557887 Opened 1 year ago Closed 1 year ago
Escape from partition by force-creating the initial about:blank document
Type: defect → task
Pushed by email@example.com: https://hg.mozilla.org/integration/autoland/rev/762351d3c242 Part 1: Add the browser.contentStoragePrincipal attribute; r=mconley https://hg.mozilla.org/integration/autoland/rev/a81f25db2f60 Part 2: Add the nsISHEntry.storagePrincipalToInherit attribute; r=baku https://hg.mozilla.org/integration/autoland/rev/934849c71795 Part 3: Extend nsIDocShell.createAboutBlankContentViewer() to accept a storage principal argument; r=baku https://hg.mozilla.org/integration/autoland/rev/d291a18dd7b9 Part 4: Port the browser.createAboutBlankContentViewer() API to the storage principal aware version of the docshell API; r=baku https://hg.mozilla.org/integration/autoland/rev/5c23b9ba930f Part 5: Pass a storage principal argument through the browser loadURI()/addTab() APIs; r=baku,mconley https://hg.mozilla.org/integration/autoland/rev/33144e1ff5ab Part 6: Pass a storage principal to the rest of the call sites for createAboutBlankContentViewer(); r=baku https://hg.mozilla.org/integration/autoland/rev/cb76a6d08dac Part 7: Ensure that the third-party checks in the anti-tracking backend do not fail in the presence of third-party about:blank URIs; r=baku https://hg.mozilla.org/integration/autoland/rev/6bc9f19f7edd Part 8: Ensure that third-party context partitioning doesn't fail for doubly+ nested iframes; r=baku https://hg.mozilla.org/integration/autoland/rev/6f92c507abed Part 9: Ensure that anti-tracking checks do not fail with non-HTTP channels; r=baku https://hg.mozilla.org/integration/autoland/rev/b6a2568c9bd0 Part 10: Prevent initial about:blank documents from escaping out of partitioned storage by using the correct storage principal when creating them; r=baku https://hg.mozilla.org/integration/autoland/rev/4a63f0a3a1f2 Part 11: Run the partitioning tests with third-party window objects that have loaded an initial about:blank document in addition to normal third-party window objects; r=baku
You need to log in before you can comment on or make changes to this bug.