Closed Bug 1652275 Opened 1 year ago Closed 1 year ago

Workers cause crash inside cross-origin iframe

Categories

(Core :: Privacy: Anti-Tracking, defect)

80 Branch
defect

Tracking

()

VERIFIED FIXED
mozilla80
Tracking Status
firefox80 --- verified

People

(Reporter: arthur, Assigned: xeonchen)

References

(Blocks 1 open bug)

Details

Attachments

(1 file)

Steps to reproduce:

  1. Ensure network.cookie.cookieBehavior is set to 5.
  2. Navigate to: https://arthuredelstein.github.io/swdemo/first.html
  3. Now navigate in a second tab to: https://arthuredelstein.net/swdemo/second.html

Second tab crashes at https://hg.mozilla.org/mozilla-central/file/576f33282a0838c87ffadd52a8271726d86f85a1/dom/clients/manager/ClientSource.cpp#l215

== More details: ==
The first page creates a ServiceWorker using
let registration = await navigator.serviceWorker.register('serviceWorker.js');

The second page has a cross-origin iframe, also from arthuredelstein.github.io, that creates a SharedWorker.

Demo source code at https://github.com/arthuredelstein/swdemo

(Crash does not happen when network.cookie.cookieBehavior = 4)

Flags: needinfo?(xeonchen)
Assignee: nobody → xeonchen
Flags: needinfo?(xeonchen)
Pushed by xeonchen@gmail.com:
https://hg.mozilla.org/integration/autoland/rev/8e5c9bb77337
consider partitioning case in the assertion; r=baku
Status: NEW → RESOLVED
Closed: 1 year ago
Resolution: --- → FIXED
Target Milestone: --- → mozilla80
Flags: qe-verify+

Reproduced the issue using Firefox 80.0a1 (20200711215253) on Windows 10x64.
The issue is verified fixed with Firefox 80.0b8 (20200813191622) on Windows 10x64, macOS 10.12 and Ubuntu 18.04.

Status: RESOLVED → VERIFIED
Flags: qe-verify+
You need to log in before you can comment on or make changes to this bug.