Closed Bug 1587418 Opened 1 year ago Closed 4 months ago

Audit usage of nsIDocShellTreeItem in nsContentUtils::ShouldBlockReservedKeys

Categories

(Core :: DOM: Navigation, defect, P2)

defect

Tracking

()

RESOLVED FIXED
81 Branch
Fission Milestone M6b
Tracking Status
firefox81 --- fixed

People

(Reporter: djvj, Assigned: smacleod)

References

(Blocks 2 open bugs)

Details

(Whiteboard: [rm-docshell-tree-item:sync-state])

Attachments

(2 files)

https://searchfox.org/mozilla-central/rev/7cc0f0e89cb40e43bf5c96906f13d44705401042/dom/base/nsContentUtils.cpp#9597

(Move state to BrowsingContext).

This code retrieves the same-type root from the docshell tree, and then checks the following property of the principal for the root document:

IsSitePermDeny(rootPrincipal, "shortcuts").

The callers of this is key-handling code. Does not seem like this method would be called in contexts where only in-process tree fragments are accessed, and that this query may cross process boundaries.

This check is likely done frequently, and not a candidate for IPC or active querying. The result of this query can be cached ahead of time in the BrowsingContext tree and used from there.

Whiteboard: [rm-docshell-tree-item:sync-state]
Fission Milestone: --- → M5
Priority: -- → P2
Fission Milestone: M5 → Future

Kannan says replacing nsIDocShellTreeItem calls should block enabling Fission in Nightly (M6).

Fission Milestone: Future → M6
Summary: Fix usage of nsIDocShellTreeItem in nsContentUtils::ShouldBlockReservedKeys → Audit usage of nsIDocShellTreeItem in nsContentUtils::ShouldBlockReservedKeys

Auditing whether this use of nsIDocShellTreeItem breaks when Fission is enabled blocks Fission Nightly.

Fission Milestone: M6 → M6b

We can add a WindowContext synced field to the toplevel window context which records a cached permission value for the "shortcuts"_ns permission, much like how we handle the AutoplayPermission: https://searchfox.org/mozilla-central/rev/82c04b9cad5b98bdf682bd477f2b1e3071b004ad/docshell/base/WindowContext.h#49

Assignee: nobody → smacleod
Status: NEW → ASSIGNED

We now cache the shortcuts permission in a synced field on
WindowContext. This will allow checking the permission quickly and
without IPC when Fission is enabled and the top-level document is
in another process.

We now use the cached value of the shortcuts permission from
WindowContext if we cannot get a Browser. This will now work
when calling from a child where the top-level document is OOP.

Depends on D84182

Attachment #9164745 - Attachment description: Bug 1587418 - cache shortcuts permission on WindowContext. r?nika → Bug 1587418 - cache shortcuts permission on WindowContext. r?farre
Attachment #9164746 - Attachment description: Bug 1587418 - check shortcuts permission using WindowContext. r?nika → Bug 1587418 - check shortcuts permission using WindowContext. r?farre
Pushed by smacleod@mozilla.com:
https://hg.mozilla.org/integration/autoland/rev/7e8123465017
cache shortcuts permission on WindowContext. r=farre
https://hg.mozilla.org/integration/autoland/rev/585e728dd155
check shortcuts permission using WindowContext. r=farre
Status: ASSIGNED → RESOLVED
Closed: 4 months ago
Resolution: --- → FIXED
Target Milestone: --- → 81 Branch
You need to log in before you can comment on or make changes to this bug.