Open Bug 1576722 Opened 2 years ago Updated 2 years ago

Messages sent to a legacy actor parent during session restore can have a null principal'd target

Categories

(Firefox :: Tabbed Browser, defect, P3)

defect

Tracking

()

People

(Reporter: jaws, Unassigned)

References

Details

(Keywords: sec-want)

While investigating bug 1573924, I discovered that within receiveMessage on the parent actor script, message.target.contentPrincipal was incorrectly the null principal.

This is reproducible by reverting the change to AboutLoginsParent.jsm from bug 1573924 and running the browser_sessionRestore.js test in verify mode that is added in the same bug.

Component: General → IPC
Keywords: sec-want
Product: Firefox → Core

This isn't a Core::IPC bug, it's caused by how the contentPrincipal attribute on the browser custom element is set up. Moving to Firefox::Tabbed Browser.

The browser custom element defines a contentPrincipal getter, which fetches a local value https://searchfox.org/mozilla-central/rev/325c1a707819602feff736f129cb36055ba6d94f/toolkit/content/widgets/browser-custom-element.js#755-759. This value is updated when the locationChange event fires, which is likely after the messages sent up are sent. The principal you're seeing is probably the one from https://searchfox.org/mozilla-central/rev/325c1a707819602feff736f129cb36055ba6d94f/toolkit/content/widgets/browser-custom-element.js#1255.

If your code instead reads the principal from the browsingContext.currentWindowGlobal.documentPrincipal, it should be somewhat more accurate. Like all things running in a different process, the principal may be out of date as the updates are send asynchronously.

Component: IPC → Tabbed Browser
Product: Core → Firefox
Priority: -- → P3
You need to log in before you can comment on or make changes to this bug.