Closed Bug 1672649 Opened 4 years ago Closed 4 years ago

Storage permission restriction doesn't sync for cookie blocking and dFPI

Categories

(Core :: Privacy: Anti-Tracking, defect, P2)

Product:
Core
Component:
Privacy: Anti-Tracking
Type:
defect

Tracking

()

Status:
RESOLVED FIXED
Milestone:
84 Branch
Tracking Flags:
Tracking Status
firefox84 --- fixed

People

(Reporter: dlee, Assigned: timhuang)

References

Details

Attachments

(4 files)

Bug 1672649 - Part 1: Make the storage access works on nested iframes. r?dimi
47 bytes, text/x-phabricator-request
Details | Review
Bug 1672649 - Part 2: Notify the observer when there is user-interaction or storage access permission added. r?dimi
47 bytes, text/x-phabricator-request
Details | Review
Bug 1672649 - Part 3: Modify the test framework to test the nested iframes. r?dimi
47 bytes, text/x-phabricator-request
Details | Review
Bug 1672649 - Part 4: Remove unnecessary support function 'AntiTrackingUtils::IsFirstLevelSubContext()'. r?dimi
47 bytes, text/x-phabricator-request
Details | Review

There are two cases we don't sync the behavior of cookie blocking and dFPI

  1. Permission propagation
  2. API to check storage permission

In cookie blocking, we only grant permission for first-level iframes, however, this restriction doesn't apply to dFPI. We should fix the discrepancy between cookie blocking and dFPI.

Assignee: nobody → tihuang
Status: NEW → ASSIGNED

We need to report when permission is added in order to wait it
explicitly. These will be put be hind a pref
'privacy.antitracking.testing' and should be only used for testing.

Depends on D94978

In this bug, we are going to align the behavior between cookie blocking and the dFPI. We will relax the storage accees restriction of cookie blocking and make it can work in nested iframes. So, both cookie blocking and dFPI can get storage access in nested iframe after this bug.

Attachment #9184238 - Attachment description: Bug 1672649 - Part 2: Notify the oberser when there is user-interaction or storage access permission added. r?dimi → Bug 1672649 - Part 2: Notify the observer when there is user-interaction or storage access permission added. r?dimi
Pushed by tihuang@mozilla.com:
https://hg.mozilla.org/integration/autoland/rev/ba16bd0b5610
Part 1: Make the storage access works on nested iframes. r=dimi
https://hg.mozilla.org/integration/autoland/rev/936fe00d93b5
Part 2: Notify the observer when there is user-interaction or storage access permission added. r=dimi
https://hg.mozilla.org/integration/autoland/rev/e4350f6d0c3c
Part 3: Modify the test framework to test the nested iframes. r=dimi
https://hg.mozilla.org/integration/autoland/rev/4c943005f6f4
Part 4: Remove unnecessary support function 'AntiTrackingUtils::IsFirstLevelSubContext()'. r=dimi
You need to log in before you can comment on or make changes to this bug.

Attachment

General

Creator:
Created:
Updated:
Size: