After storage access is granted on google docs, we still end up blocking content
Categories
(Core :: Privacy: Anti-Tracking, defect)
Tracking
()
Tracking | Status | |
---|---|---|
firefox73 | --- | fixed |
People
(Reporter: ehsan.akhgari, Assigned: baku)
References
Details
Attachments
(4 files, 1 obsolete file)
Please see this pernosco recording, there is a notebook explaining the sequence of events.
After the storage access API grants storage access to the https://docs.google.com iframe, it tries to load an image from https://ssl.gstatic.com, and that fails, because we use the origin of the image load as the "granted origin" when creating the permission type, and we end up checking the 3rdPartyStorage^https://docs.google.com^https://ssl.gstatic.com
permission instead of 3rdPartyStorage^https://docs.google.com
.
This means that effectively once storage access is granted through the storage access API (or our heuristics), the third-party still has limited storage access and it has no way out of that, since the only way to create a 3rdPartyStorage^https://docs.google.com^https://ssl.gstatic.com
is with our window.open heuristics...
This bug also causes us to not show the "Allowed" label in the Protections UI because there are blocking events logged after the unblocked event related to the permission being granted.
I tested and in Safari once storage access has been granted other subresources gain storage access as well.
Andrea, why do we need this specific logic again? It seems that a simple patch to remove this logic is green on try, and that fixes this bug.
Assignee | ||
Comment 1•4 years ago
|
||
Before answering, I want to test something. I submitted a patch to the tryserver.
Assignee | ||
Updated•4 years ago
|
Assignee | ||
Comment 2•4 years ago
|
||
Reporter | ||
Comment 3•4 years ago
|
||
Reporter | ||
Comment 4•4 years ago
|
||
Granted origins cause a third-party tracker browsing context to not get
full first-party storage access after successfully calling the storage
access API or a heuristic granting ephemeral access.
For example, after https://tracker.example calls the storage access API
successfully in the third-party context, they embed
https://other-tracker.example, and that load fails because of ETP
restrictions. Here what happens is that https://other-tracker.example
is mistakenly considered the granted origin, and because such a
permission doesn't exist, access is denied.
Reporter | ||
Comment 5•4 years ago
|
||
This permission manager migration drops the granted origin part of the
permission type.
Reporter | ||
Comment 6•4 years ago
|
||
Updated•4 years ago
|
Pushed by eakhgari@mozilla.com: https://hg.mozilla.org/integration/autoland/rev/450eec13d73e Part 0: Add a moz.build dependency for trackingPage.html used in browser_protections_UI.js; r=baku https://hg.mozilla.org/integration/autoland/rev/8c3bb23a048b Part 1: Remove the concept of granted origins from the anti-tracking backend; r=baku https://hg.mozilla.org/integration/autoland/rev/18bf461b9630 Part 2: Update existing 'storageAccessAPI' permissions with granted origin used in them; r=baku https://hg.mozilla.org/integration/autoland/rev/959f12e42db9 Part 3: Add an automated test to ensure that after storage access has been granted, the third-party is allowed to load images from tracking origins; r=baku
Comment 8•4 years ago
|
||
Backed out 4 changesets (bug 1603969) for failing at /browser_startup_mainthreadio.js on a CLOSED TREE.
Backout link: https://hg.mozilla.org/integration/autoland/rev/f60e166c3880576e028cf0a7cb996c389318c821
Push with failures: https://treeherder.mozilla.org/#/jobs?repo=autoland&resultStatus=testfailed%2Cbusted%2Cexception&revision=959f12e42db9ee90892404e748f0cd06d8a82cc8&selectedJob=281765789
Log link: https://treeherder.mozilla.org/logviewer.html#/jobs?job_id=281765789&repo=autoland&lineNumber=1867
Log snippet:
[task 2019-12-18T18:06:52.074Z] 18:06:52 INFO - TEST-PASS | browser/base/content/test/performance/browser_startup_mainthreadio.js | fsync on /private/var/folders/qt/hzgm5cs11kb6bnh26gfs397w000017/T/tmpGn3TM5.mozrunner/permissions.sqlite-journal allowed 7 more times before opening first browser window -
[task 2019-12-18T18:06:52.074Z] 18:06:52 INFO - TEST-PASS | browser/base/content/test/performance/browser_startup_mainthreadio.js | stat on /private/var/folders/qt/hzgm5cs11kb6bnh26gfs397w000017/T/tmpGn3TM5.mozrunner/permissions.sqlite-journal allowed 26 more times before opening first browser window -
[task 2019-12-18T18:06:52.074Z] 18:06:52 INFO - Buffered messages finished
[task 2019-12-18T18:06:52.074Z] 18:06:52 INFO - TEST-UNEXPECTED-FAIL | browser/base/content/test/performance/browser_startup_mainthreadio.js | write on /private/var/folders/qt/hzgm5cs11kb6bnh26gfs397w000017/T/tmpGn3TM5.mozrunner/permissions.sqlite-journal 2 more times than expected before opening first browser window -
[task 2019-12-18T18:06:52.074Z] 18:06:52 INFO - Stack trace:
[task 2019-12-18T18:06:52.074Z] 18:06:52 INFO - chrome://mochikit/content/browser-test.js:test_ok:1292
[task 2019-12-18T18:06:52.074Z] 18:06:52 INFO - chrome://mochitests/content/browser/browser/base/content/test/performance/browser_startup_mainthreadio.js:null:898
[task 2019-12-18T18:06:52.074Z] 18:06:52 INFO - chrome://mochikit/content/browser-test.js:Tester_execTest/<:1062
[task 2019-12-18T18:06:52.074Z] 18:06:52 INFO - chrome://mochikit/content/browser-test.js:Tester_execTest:1097
[task 2019-12-18T18:06:52.078Z] 18:06:52 INFO - chrome://mochikit/content/browser-test.js:nextTest/<:925
[task 2019-12-18T18:06:52.078Z] 18:06:52 INFO - chrome://mochikit/content/tests/SimpleTest/SimpleTest.js:SimpleTest.waitForFocus/waitForFocusInner/focusedOrLoaded/<:808
Pushed by eakhgari@mozilla.com: https://hg.mozilla.org/integration/autoland/rev/a334451b95eb Part 0: Add a moz.build dependency for trackingPage.html used in browser_protections_UI.js; r=baku https://hg.mozilla.org/integration/autoland/rev/c5ad252c525b Part 1: Remove the concept of granted origins from the anti-tracking backend; r=baku https://hg.mozilla.org/integration/autoland/rev/2c0198f3506c Part 2: Update existing 'storageAccessAPI' permissions with granted origin used in them; r=baku https://hg.mozilla.org/integration/autoland/rev/c4d79087eef1 Part 3: Add an automated test to ensure that after storage access has been granted, the third-party is allowed to load images from tracking origins; r=baku
Comment 10•4 years ago
|
||
Backed out 4 changesets (bug 1603969) for failing at /browser_startup_mainthreadio.js on a CLOSED TREE.
Backout link: https://hg.mozilla.org/integration/autoland/rev/8e4bf1412364d275c57c29a03a0d4ed3964042b7
Push with failures: https://treeherder.mozilla.org/#/jobs?repo=autoland&resultStatus=testfailed%2Cbusted%2Cexception&revision=c4d79087eef1bbdf20ab8ec5033aadb9cfde370c&selectedJob=281817256
Log link: https://treeherder.mozilla.org/logviewer.html#/jobs?job_id=281817256&repo=autoland&lineNumber=2226
Log snippet:
[task 2019-12-18T23:37:43.500Z] 23:37:43 INFO - TEST-PASS | browser/base/content/test/performance/browser_startup_mainthreadio.js | stat on C:\Users\task_1576711785\AppData\Local\Temp\tmp_rqevv.mozrunner\cookies.sqlite-wal as many times as expected before opening first browser window -
[task 2019-12-18T23:37:43.501Z] 23:37:43 INFO - Buffered messages finished
[task 2019-12-18T23:37:43.501Z] 23:37:43 INFO - TEST-UNEXPECTED-FAIL | browser/base/content/test/performance/browser_startup_mainthreadio.js | fsync on C:\Users\task_1576711785\AppData\Local\Temp\tmp_rqevv.mozrunner\permissions.sqlite 1 more times than expected before opening first browser window -
[task 2019-12-18T23:37:43.501Z] 23:37:43 INFO - Stack trace:
[task 2019-12-18T23:37:43.501Z] 23:37:43 INFO - chrome://mochikit/content/browser-test.js:test_ok:1292
[task 2019-12-18T23:37:43.501Z] 23:37:43 INFO - chrome://mochitests/content/browser/browser/base/content/test/performance/browser_startup_mainthreadio.js:null:898
[task 2019-12-18T23:37:43.502Z] 23:37:43 INFO - chrome://mochikit/content/browser-test.js:Tester_execTest/<:1062
[task 2019-12-18T23:37:43.502Z] 23:37:43 INFO - chrome://mochikit/content/browser-test.js:Tester_execTest:1097
[task 2019-12-18T23:37:43.502Z] 23:37:43 INFO - chrome://mochikit/content/browser-test.js:nextTest/<:925
[task 2019-12-18T23:37:43.502Z] 23:37:43 INFO - chrome://mochikit/content/tests/SimpleTest/SimpleTest.js:SimpleTest.waitForFocus/waitForFocusInner/focusedOrLoaded/<:808
[task 2019-12-18T23:37:43.502Z] 23:37:43 INFO - TEST-PASS | browser/base/content/test/performance/browser_startup_mainthreadio.js | read on C:\Users\task_1576711785\AppData\Local\Temp\tmp_rqevv.mozrunner\permissions.sqlite as many times as expected before opening first browser window -
[task 2019-12-18T23:37:43.502Z] 23:37:43 INFO - TEST-PASS | browser/base/content/test/performance/browser_startup_mainthreadio.js | stat on C:\Users\task_1576711785\AppData\Local\Temp\tmp_rqevv.mozrunner\permissions.sqlite as many times as expected before opening first browser window -
[task 2019-12-18T23:37:43.503Z] 23:37:43 INFO - TEST-PASS | browser/base/content/test/performance/browser_startup_mainthreadio.js | write on C:\Users\task_1576711785\AppData\Local\Temp\tmp_rqevv.mozrunner\permissions.sqlite allowed 2 more times before opening first browser window -
[task 2019-12-18T23:37:43.503Z] 23:37:43 INFO - Not taking screenshot here: see the one that was previously logged
Comment 11•4 years ago
|
||
Pushed by eakhgari@mozilla.com: https://hg.mozilla.org/integration/autoland/rev/b334df2b9432 Part 0: Add a moz.build dependency for trackingPage.html used in browser_protections_UI.js; r=baku https://hg.mozilla.org/integration/autoland/rev/e9201bce4739 Part 1: Remove the concept of granted origins from the anti-tracking backend; r=baku https://hg.mozilla.org/integration/autoland/rev/90cfe8b05b7f Part 2: Update existing 'storageAccessAPI' permissions with granted origin used in them; r=baku https://hg.mozilla.org/integration/autoland/rev/9f5b767d83ed Part 3: Add an automated test to ensure that after storage access has been granted, the third-party is allowed to load images from tracking origins; r=baku
Comment 12•4 years ago
|
||
bugherder |
https://hg.mozilla.org/mozilla-central/rev/b334df2b9432
https://hg.mozilla.org/mozilla-central/rev/e9201bce4739
https://hg.mozilla.org/mozilla-central/rev/90cfe8b05b7f
https://hg.mozilla.org/mozilla-central/rev/9f5b767d83ed
Reporter | ||
Updated•4 years ago
|
Description
•