Open Bug 1608651 Opened 5 years ago Updated 1 year ago

All extensions crashing on window.open() and privacy.firstparty.isolate;true after 1590032

Categories

(Core :: DOM: Security, defect, P3)

Product:
Core
Component:
DOM: Security
Type:
defect

Tracking

()

Tracking Flags:
Tracking Status
firefox-esr68 --- unaffected
firefox72 --- disabled
firefox73 --- disabled
firefox74 --- disabled
firefox75 --- disabled
firefox76 --- disabled
firefox77 --- disabled
firefox78 --- disabled
firefox79 --- disabled

People

(Reporter: svanderger, Assigned: timhuang)

References

(Regression)

Details

(Keywords: regression, Whiteboard: [domsecurity-backlog])

Attachments

(1 obsolete file)

User Agent: Mozilla/5.0 (X11; Linux x86_64; rv:68.0) Gecko/20100101 Firefox/68.0

Steps to reproduce:

  1. Create new profile
  2. Set privacy.firstparty.isolate;true on about:config page
  3. Install uMatrix (1.4.0) from
    https://addons.mozilla.org/firefox/addon/umatrix/
  4. Open this page
    http://www.gtalbot.org/FirefoxSection/Popup/PopupAndFirefox.html
    and click "Open a requested popup" in "Interactive demo" section
  5. Click on uMatrix icon in urlbar and see blank popup

After that all addons not working on my main profile, include simple addons like https://addons.mozilla.org/firefox/addon/minimize-the-window/

Mozregression pointed on this
https://hg.mozilla.org/integration/autoland/pushloghtml?fromchange=e832b3b54e4919b969ea871f8745bace7c6b7ac1&tochange=4a0dc82465d2a8d7ca6bc66371310081d07a774a

Component: Untriaged → DOM: Security
Product: Firefox → Core
Regressed by: 1590032
Has Regression Range: --- → yes
status-firefox72: --- → affected
status-firefox73: --- → affected
status-firefox74: --- → affected

Sorry, forgot to specify platform: Kubuntu 18.04.3 LTS x86_64.

Tim, based on the mozregress result, would you check this?

Flags: needinfo?(tihuang)
Assignee: nobody → tihuang
Priority: -- → P1
Whiteboard: [domsecurity-active]
Status: UNCONFIRMED → ASSIGNED
status-firefox72: affecteddisabled
status-firefox73: affectedfix-optional
status-firefox-esr68: --- → unaffected
Ever confirmed: true

Tim, what is the status of this P1 wrt 74? Thanks

I am working on this. But, I haven't found the root cause. So, I don't think I can fix this in 74.

Flags: needinfo?(tihuang)

This patch stops the propagation of the firstPartyDomain through opener
if the opened window has the system principal. This is for the case that
the ViewPopup of the web extnesion would have a content window as its
opener, but it is opened in a system window. We should stop propagate
the firstPartyDomain in this case. Or Firefox would crash in a
originAttributes check afterward.

status-firefox76: --- → fix-optional
status-firefox77: --- → affected
Priority: P1 → P2
Whiteboard: [domsecurity-active] → [domsecurity-backlog]

Marking 75 and 76 as disabled because this feature (privacy.firstparty.isolate) is off by default.
(However, a few extensions would enable it.)

status-firefox75: fix-optionaldisabled
status-firefox76: fix-optionaldisabled
Severity: normal → S2

Tim, there is a patch in this bug, are you planning to land it? Thanks

status-firefox77: fix-optionaldisabled
status-firefox78: --- → disabled
status-firefox79: --- → affected
Flags: needinfo?(tihuang)

Yes, I want to land the patch. But, this patch needs to be updated and I haven't had time to do it. I will start to finish it.

Flags: needinfo?(tihuang)

Tim, do you plan on taking a look at this again?

Flags: needinfo?(tihuang)

I don't plan to fix this bug in the near future. I think I should unassign myself from this bug.

Assignee: tihuang → nobody
Status: ASSIGNED → NEW
Flags: needinfo?(tihuang)
Attachment #9125528 - Attachment is obsolete: true

:ckerschb Since privacy.firstparty.isolate is still off by default, should this still be an S2 ticket?

Flags: needinfo?(ckerschb)

I think S3 would be good for this. I will take the bug again to see if I can fix this right.

Assignee: nobody → tihuang
Severity: S2 → S3
Flags: needinfo?(ckerschb)
Priority: P2 → P3
You need to log in before you can comment on or make changes to this bug.

Attachment

General

Creator:
Created:
Updated:
Size: