Open Bug 1589162 Opened 5 years ago Updated 3 years ago

investigate permission changes related to extensions

Categories

(WebExtensions :: General, defect, P3)

Product:
WebExtensions
Component:
General
Type:
defect

Tracking

(Not tracked)

People

(Reporter: mixedpuppy, Unassigned)

References

(Blocks 1 open bug)

Details

Webextensions use permissions for geolocation and storage, we'll need to verify any potential issues related to site permissions changes in bug 1422056.

We should investigate this sooner, then plan the related fixes. Added needinfo assigned to myself to take an initial look.

Flags: needinfo?(lgreco)
Priority: -- → P2

(In reply to Luca Greco [:rpl] [:luca] [:lgreco] from comment #2)

We should investigate this sooner, then plan the related fixes. Added needinfo assigned to myself to take an initial look.

Based on the initial look I gave to this issue:

  • the "permissions.isolateBy.privateBrowsing" pref is currently true only on Nightly and Beta, but not yet on release
  • the "permissions.isolateBy.userContext" pref is currently false by default on all channels
  • for the webextensions, both these prefs would make the "geo" and "persistent-storage" site permission to don't be allowed when an extension page is opened in a "private" or in a "user context" tab
  • "permissions.isolateBy.privateBrowsing" shouldn't affect the "persistent-storage" permission for the browser.storage.local API (because internally it uses its own extension principal which wouldn't have the private browsing origin attribute)
  • "permissions.isolateBy.userContext" is likely going to affect the "persistent-storage" permission for the browser.storage.local API (because the extension principal used internally is using a reserved userContextId to make the IndexedDB database not visible or directly accessible from the regular extension principal)

To ensure that the extension "site permission" allowed in regular tabs are going to be also allowed in private tabs, when the "permissions.isolateBy.privateBrowsing" pref is set to true, may just require us to add the same "site permission" on both the plain extension principal and the extension principal + the private browsing origin attribute.

On the contrary doing the same for "permissions.isolateBy.userContext" is likely going to be a bit trickier, because besides the default userContexts defined by ContextualIdentityService.jsm, more userContextIds can be created and destroyed from an extension using the contextualIdentities API.

Flags: needinfo?(lgreco)

Thanks for the investigation! Seems like a complete listing to me.

Blocks: 1641584
Severity: normal → S4
Type: task → defect
Priority: P2 → P3
You need to log in before you can comment on or make changes to this bug.