Open Bug 1688665 Opened 1 year ago Updated 2 months ago

QuotaCleaner deleteByPrincipal over-clears sessionStorage and legacy localStorage

Categories

(Toolkit :: Data Sanitization, defect, P2)

defect

Tracking

()

ASSIGNED

People

(Reporter: pbz, Assigned: pbz)

References

(Blocks 1 open bug)

Details

Attachments

(2 files)

QuotaCleaner#deleteByPrincipal over-clears sessionStorage and legacy localStorage.

It only passes a host here:
https://searchfox.org/mozilla-central/rev/4dac9993b609fccc87e82682614faf2a44cda306/toolkit/components/cleardata/ClearDataService.jsm#473,480
This means that the StorageObserver will clear all localStorage and sessionStorage for a host, without taking origin attributes into account:
https://searchfox.org/mozilla-central/rev/4dac9993b609fccc87e82682614faf2a44cda306/dom/storage/StorageObserver.cpp#294,316

Looking at the interface, it seems that the legacy implementation does not support clearing by full origin: https://searchfox.org/mozilla-central/rev/4dac9993b609fccc87e82682614faf2a44cda306/dom/storage/PBackgroundStorage.ipdl#51

See Also: → 1688221
Blocks: 1550317
Severity: -- → S3
Priority: -- → P3
Summary: QuotaCleaner deleteByPrincipal only clears by host when legacy storage is enabled → QuotaCleaner deleteByPrincipal over-clears sessionStorage and legacy localStorage
Priority: P3 → P2
Blocks: dfpi-hq
Assignee: nobody → pbz
Status: NEW → ASSIGNED

This patch introduces two new observer notifications for clearing sessionStorage and legacy localStorage
by principal / exact origin. This is a requirement for the Clear-Site-Data header which allows sites to clear
storages. For privacy reasons, it's important that a site can only clear the exact storage scope it has access to.
nsIClearDataService will call observer notifications to clear by principal, which are consumed by the
StorageObserver. StorageObserver will forward these messages to SessionStorageManager and LocalStorageManager.

No longer blocks: dfpi-hq
You need to log in before you can comment on or make changes to this bug.