"Allow Location Access" permission is kept even if previously removed from Permissions Panel
Categories
(Firefox :: Site Identity, defect, P1)
Tracking
()
Tracking | Status | |
---|---|---|
firefox-esr60 | --- | unaffected |
firefox-esr68 | --- | unaffected |
firefox69 | --- | unaffected |
firefox70 | --- | wontfix |
firefox71 | --- | verified |
People
(Reporter: cbadau, Assigned: pbz)
References
(Regression)
Details
(Keywords: regression)
Attachments
(2 files)
Affected versions
- Firefox 70 Beta 5
- latest Nightly 71.0a1 (2019-09-09)
Affected platforms
- Ubuntu 18.04 x64
- Windows 8.1 x64
- macOS 10.13
Steps to reproduce
- Launch Firefox and go to https://goo.gl/oosgTZ.
- Click on "Show my location".
- Check "Remember this decision" and select "Allow Location Access" from doorhanger.
- Refresh the page and click again "Show my location".
- Open the Permissions Panel from Toolbar and clear ("X") the permission "Access your location".
- Refresh the page and click again "Show my location".
Expected result
- The doorhanger asking for permission to share location appears (with "Allow Location Access" and "Don't Allow" options).
Actual result
- The doorhanger asking for permission to share location isn't displayed. The "Allow you location" is still allowed in Permissions Panel (and in about:preferences#privacy -> Permissions -> Location). Please see "issue geolocation.mp4".
Regression range
- First bad: 2019-07-30 (d6b588f22b7e6351c85dd40c56762a7836ee9358)
- Last good: 2019-07-29 (99e9f7c976375024b56cad5ae71d4a9d04969604)
- Pushlog: https://hg.mozilla.org/integration/autoland/pushloghtml?fromchange=99e9f7c976375024b56cad5ae71d4a9d04969604&tochange=d6b588f22b7e6351c85dd40c56762a7836ee9358
- Potential regressor: bug 630614
Additional notes
- On Firefox 69 RC, I can't reproduce the issue because there I don't have "Access your location" in Permissions Panel.
Reporter | ||
Updated•5 years ago
|
Updated•5 years ago
|
Assignee | ||
Comment 1•5 years ago
|
||
This affects sites with iframes where the iframe is granted geo-location permission. I think the site identity code fails to clear the permission, because the permission manager is called with the top level principal.
I'll look into this further.
Updated•5 years ago
|
Assignee | ||
Comment 2•5 years ago
|
||
Updated•5 years ago
|
Pushed by pzuhlcke@mozilla.com: https://hg.mozilla.org/integration/autoland/rev/e6f9d4a2f40c Clear geolocation permission for sub-frames with active sharing state. r=johannh
Comment 4•5 years ago
|
||
bugherder |
Reporter | ||
Comment 5•5 years ago
|
||
Verified fixed on Windows 7 x64, Ubuntu 18.04 x64 and macOS 10.14 using latest Nightly 71.0a1 (2019-09-27).
Comment 6•5 years ago
|
||
Is this something we should consider uplifting to Beta for Fx70 or can this fix ride Fx71 to release?
Assignee | ||
Comment 7•5 years ago
|
||
While it would be low risk uplifting, I don't think the issue is that critical. What do you think Johann?
Comment 8•5 years ago
|
||
Considering that websites rarely use iframes for geolocation prompting I think we can let this ride the trains and take the regression for one release.
Comment 9•5 years ago
|
||
wontfix for 70 per comments 7 and 8.
Description
•