Closed
Bug 1616297
Opened 4 years ago
Closed 2 years ago
Ensure data sanitization is compatible with dFPI
Categories
(Toolkit :: Data Sanitization, task, P3)
Toolkit
Data Sanitization
Tracking
()
RESOLVED
FIXED
People
(Reporter: johannh, Unassigned)
References
(Blocks 1 open bug)
Details
With dFPI we'll end up storing data for both first parties and third parties under principals with different origin attributes, which has the potential to break data sanitization.
We should ensure that:
- Forget About This Site still deletes all traces of a site (including third-party principals, I suppose)
- Clear History still clears history
- Delete Site Data and the Site Data Manager still correctly delete data by origin
Reporter | ||
Updated•4 years ago
|
Blocks: DynamicFirstPartyIsolation
Comment 1•4 years ago
|
||
I tested all three items and they seems to work as expected for cookies, localStorage, sessionStorage, and IndexedDB. The exceptions are Bug 1629664 and two bugs unrelated to dfpi (Bug 1629667 and Bug 1629658). In general, both isolated and non-isolated storage is cleared when clearing happens per-origin (expected), and time-based clearing / clearing all origins clear all storage locations from all origins.
Updated•2 years ago
|
Status: NEW → RESOLVED
Closed: 2 years ago
Resolution: --- → FIXED
You need to log in
before you can comment on or make changes to this bug.
Description
•