Closed Bug 1639195 Opened 5 years ago Closed 5 years ago

Make BrowserChild::RecvLoadURL() to use the correct triggering principal

Categories

(Core :: DOM: Security, task, P1)

Product:
Core
Component:
DOM: Security
Type:
task

Tracking

()

Status:
RESOLVED FIXED
Milestone:
mozilla78
Tracking Flags:
Tracking Status
firefox78 --- fixed

People

(Reporter: timhuang, Assigned: timhuang)

References

(Blocks 1 open bug)

Details

(Whiteboard: [domsecurity-active])

Attachments

(2 files)

Bug 1639195 - Part 1: Make BrowserChild::RecvLoadURL() to use the correct triggering princpal. r?ckerschb!
47 bytes, text/x-phabricator-request
Details | Review
Bug 1639195 - Part 2: Add a test. r?ckerschb!
47 bytes, text/x-phabricator-request
Details | Review

We would always use the system principal as the triggering principal in BrowserChild::RecvLoadURL(). This is incorrect in the case where navigating one iframe in the same origin in Fission. We should use a correct triggering principal.

This patch makes the triggering princpal to be propagated to the
BrowserChild when calling LoadURL in nsFrameLoader. And use it as the
triggering principal for loading instead of the system principal.

Depends on D75965

Pushed by tihuang@mozilla.com: https://hg.mozilla.org/integration/autoland/rev/5cf6e62ea26b Part 1: Make BrowserChild::RecvLoadURL() to use the correct triggering princpal. r=ckerschb,mattwoodrow https://hg.mozilla.org/integration/autoland/rev/55ff7a761ebb Part 2: Add a test. r=ckerschb

https://hg.mozilla.org/mozilla-central/rev/5cf6e62ea26b
https://hg.mozilla.org/mozilla-central/rev/55ff7a761ebb

Status: ASSIGNED → RESOLVED
Closed: 5 years ago
status-firefox78: --- → fixed
Resolution: --- → FIXED
Target Milestone: --- → mozilla78
No longer blocks: 1639200
You need to log in before you can comment on or make changes to this bug.

Attachment

General

Creator:
Created:
Updated:
Size: