Support fission and OOP embedder elements for CSP checks
Categories
(Core :: DOM: Security, task, P3)
Tracking
()
Tracking | Status | |
---|---|---|
firefox77 | --- | fixed |
People
(Reporter: mattwoodrow, Assigned: mattwoodrow)
References
Details
(Whiteboard: [domsecurity-backlog1])
Attachments
(4 files, 1 obsolete file)
Currently AsyncReportViolation runs in the content process, and tries to use the embedder Element/Document to fire violation events. Bug 1589275 is moving the CSP redirect checks to run in the parent, but we still dispatch the report to the content process.
In the case where the embedder is cross-process (and fission is enabled), the embedder will be in a different process, and we won't have access to the Node/Element/Document for it.
I think we'll need to replace references to single-process objects (like nsCSPContex:: mLoadingContext) with objects that can be referenced cross-process (like WindowContext). That way a serialized CSP can still have references to its embedder.
I think we then would want to run AsyncReportViolation in the parent (maybe as well as content), sending messages to the right process as needed.
We should be able to send a message to the parent (if not there already) over PContent referencing the desired WindowContext, and then forward the message to the desired content process via PWindowGlobal (WindowContext can be cast to WindowGlobalParent in the parent process).
Updated•4 years ago
|
Assignee | ||
Updated•4 years ago
|
Assignee | ||
Comment 2•4 years ago
|
||
Depends on D69908
Assignee | ||
Comment 3•4 years ago
|
||
Depends on D69909
Assignee | ||
Comment 4•4 years ago
|
||
Depends on D69910
Assignee | ||
Comment 5•4 years ago
|
||
Depends on D69911
Assignee | ||
Comment 6•4 years ago
|
||
Depends on D69908
Updated•4 years ago
|
Pushed by mwoodrow@mozilla.com: https://hg.mozilla.org/integration/autoland/rev/8a652661a80f Add cross-process violation event via WindowGlobal, fire violation events via WindowGlobal if they are for a window in a different process. r=ckerschb,nika https://hg.mozilla.org/integration/autoland/rev/20e0435a51db Don't specify a callback for CSP redirect checks form DocumentLoadListener, so that events are handled in the parent. r=ckerschb https://hg.mozilla.org/integration/autoland/rev/02bc984b5cd3 Remove support for custom violation callbacks on nsCSPContext since it should no longer be needed. r=ckerschb https://hg.mozilla.org/integration/autoland/rev/0c1282c8e9e9 Remove CSPViolation from DocumentChannel. r=jya
Comment 8•4 years ago
|
||
bugherder |
https://hg.mozilla.org/mozilla-central/rev/8a652661a80f
https://hg.mozilla.org/mozilla-central/rev/20e0435a51db
https://hg.mozilla.org/mozilla-central/rev/02bc984b5cd3
https://hg.mozilla.org/mozilla-central/rev/0c1282c8e9e9
Description
•