Closed Bug 1580596 Opened 1 year ago Closed 2 months ago

Fix usage of nsIDocShellTreeItem in nsDocShell::CheckLoadingPermission

Categories

(Core :: DOM: Navigation, defect, P2)

defect

Tracking

()

RESOLVED FIXED
81 Branch
Fission Milestone M6b
Tracking Status
firefox81 --- fixed

People

(Reporter: djvj, Assigned: smacleod)

References

(Blocks 1 open bug)

Details

(Whiteboard: [rm-docshell-tree-item:simple])

Attachments

(1 file)

https://searchfox.org/mozilla-central/rev/588814f2edddf0e132d77d326ddae50911e8bad1/docshell/base/nsDocShell.cpp#8520

The issue here is that the docshell tree (same-type) is walked up, stopping and returning true at the first ancestor docshell which has a principal which is subsumed by the subject principal.

I suspect this information is unlikely to be shared cross process. Do we have some mechanism to query this via IPC already, or does an implementation need to be added?

Flags: needinfo?(nika)

(In reply to Kannan Vijayan [:djvj] from comment #0)

The issue here is that the docshell tree (same-type) is walked up, stopping and returning true at the first ancestor docshell which has a principal which is subsumed by the subject principal.

This should be straightforward enough to fix. the subject principal will never subsume the principal of an iframe in a different process, so we can walk up the BrowsingContext tree, and assume that the subsume check fails for BCs with missing DocShells.

Flags: needinfo?(nika)
Fission Milestone: --- → M5
Priority: -- → P2
Whiteboard: [rm-docshell-tree-item:simple]
Fission Milestone: M5 → Future

Kannan says replacing nsIDocShellTreeItem calls should block enabling Fission in Nightly (M6).

Fission Milestone: Future → M6
Assignee: nobody → kvijayan

There's a r+ patch which didn't land and no activity in this bug for 2 weeks.
:djvj, could you have a look please?
For more information, please visit auto_nag documentation.

Flags: needinfo?(kvijayan)

The patch was r+ but I was running into testing errors that I could not resolve before I went on PTO. I'll take a look at this when I get back to work. Keeping needinfo.

I can't really get back to this - I have one major and another minor thing on my plate currently which I should focus on. Anyone should feel free to take/work on this.

Flags: needinfo?(kvijayan)

Auditing whether this use of nsIDocShellTreeItem breaks when Fission is enabled blocks Fission Nightly.

Fission Milestone: M6 → M6b
Assignee: kvijayan → smacleod
Status: NEW → ASSIGNED
Pushed by smacleod@mozilla.com:
https://hg.mozilla.org/integration/autoland/rev/2496ca6ee332
Fix usage of nsIDocShellTreeItem in nsDocShell::CheckLoadingPermission r=kmag
Status: ASSIGNED → RESOLVED
Closed: 2 months ago
Resolution: --- → FIXED
Target Milestone: --- → 81 Branch
You need to log in before you can comment on or make changes to this bug.