Closed Bug 1639195 Opened 8 months ago Closed 8 months ago

Make BrowserChild::RecvLoadURL() to use the correct triggering principal

Categories

(Core :: DOM: Security, task, P1)

task

Tracking

()

RESOLVED FIXED
mozilla78
Tracking Status
firefox78 --- fixed

People

(Reporter: timhuang, Assigned: timhuang)

References

(Blocks 1 open bug)

Details

(Whiteboard: [domsecurity-active])

Attachments

(2 files)

We would always use the system principal as the triggering principal in BrowserChild::RecvLoadURL(). This is incorrect in the case where navigating one iframe in the same origin in Fission. We should use a correct triggering principal.

This patch makes the triggering princpal to be propagated to the
BrowserChild when calling LoadURL in nsFrameLoader. And use it as the
triggering principal for loading instead of the system principal.

Depends on D75965

Pushed by tihuang@mozilla.com:
https://hg.mozilla.org/integration/autoland/rev/5cf6e62ea26b
Part 1: Make BrowserChild::RecvLoadURL() to use the correct triggering princpal. r=ckerschb,mattwoodrow
https://hg.mozilla.org/integration/autoland/rev/55ff7a761ebb
Part 2: Add a test. r=ckerschb
Status: ASSIGNED → RESOLVED
Closed: 8 months ago
Resolution: --- → FIXED
Target Milestone: --- → mozilla78
You need to log in before you can comment on or make changes to this bug.