The "storage access granted" console log for requestStorageAccess is incorrect
Categories
(Core :: Privacy: Anti-Tracking, defect, P3)
Tracking
()
| Tracking | Status | |
|---|---|---|
| firefox80 | --- | fixed |
People
(Reporter: englehardt, Assigned: timhuang, NeedInfo)
Details
Attachments
(1 file)
STR:
- In a fresh profile go to https://senglehardt.com/test/dfpi/storage_access_api.html
- Open the console
- In the
englehardt-tracker.comiframe click "requestStorageAccess()".
ER: You see the console log Storage access granted for origin “https://englehardt-tracker.com” on “https://senglehardt.com”.
AR: You see the console log Storage access granted for origin “https://englehardt-tracker.com” on “https://englehardt-tracker.com”.
This log results from the call to ReportUnblockingToConsole within CompleteAllowAccessFor. According to the comments at the top of CompleteAllowAccessFor, "aParentContext is the browsing context of the document that calls this API" for requestStorageAccess. Instead of logging aParentContext we need to retrieve the top parent context.
Note that the actual storage access permission seems to be granted to the correct origin, so this is just a logging issue. You can test across two versions of the top-level page:
|
Reporter | |
Updated•5 years ago
|
|
Assignee | |
Updated•5 years ago
|
|
|
Assignee | |
Comment 1•5 years ago
|
||
|
||
Comment 3•5 years ago
|
||
| bugherder | ||
|
||
Updated•5 years ago
|
|
||
Comment 4•5 years ago
|
||
I’ve reproduced the issue with Fx 79.0a1 (2020-06-26) on Windows 10. I can see the correct message with Fx 81.0a1 (2020-08-09) on Windows 10 and Ubuntu 18.04. But I can see the console message only on Nightly builds. I am not able to trigger any message on Beta. Can I confirm the fix on Beta somehow?
Description
•