Closed Bug 1692891 Opened 3 years ago Closed 2 years ago

privacy.firstparty.isolate.use_site is causing crash when trying to open view-source: in specific page

Categories

(Core :: DOM: Service Workers, defect, P2)

Product:
Core
Component:
DOM: Service Workers
Type:
defect

Tracking

()

Status:
RESOLVED WORKSFORME

People

(Reporter: tustamido, Unassigned)

References

Details

Attachments

(1 file)

crashlog.txt
13.05 KB, text/plain
Details
Attached file crashlog.txt

Fx is crashing when I try to view-source (Ctrl+U) of specific page. After extensive testing to isolate the cause, including testing in a fresh new profile, safe-mode and using newest Nightly, I found out the crash happens when I have these two prefs:
privacy.firstparty.isolate = true
privacy.firstparty.isolate.use_site = true

I don't think I should share the URL here cause it's a personal page from social network (Instagram). I can say it's a IGTV post (URL starting with https://www.instagram.com/tv/) from a private profile (another reason for not being able to share it here).

This is the only private profile I follow that has IGTV posts and it has this single post, so I don't know how specific this bug is, but I can say that I tried to view-source: from a public IGTV post and it doesn't crashed.

MozCrashReason: MOZ_RELEASE_ASSERT(ClientMatchPrincipalInfo(mClientInfo.PrincipalInfo(), aServiceWorker.PrincipalInfo()))

I'll attach the full crashlog.

If you need any other information, just ask me.

The Bugbug bot thinks this bug should belong to the 'Core::Networking' component, and is moving the bug to that component. Please revert this change in case you think the bot is wrong.

Component: Untriaged → Networking
Product: Firefox → Core

I just noticed that view-source: doesn't reuse cookies. Knowing that the URL is restricted, the source (response) displayed by view-source: is different from when I load the page in a tab (logged in).

So, out of curiosity, I installed an extension to modify headers, forcing sending auth cookie to every Instagram URL, including the ones loaded by view-source:. This way, Firefox doesn't crashed!

But I insist the bug is caused by FPI use_site, cause if it's disabled, view-source: doesn't crash regardless of whether auth cookie is sent or not.

Can you go to about:crashes and send me a link to one of the crashes?

Flags: needinfo?(tustamido)

The crash is in Service Worker's code

Component: Networking → DOM: Service Workers
Severity: -- → S3
Priority: -- → P2

I just tried it again and it didn't crash. I'll close this one, something may have fixed it.

Status: UNCONFIRMED → RESOLVED
Closed: 2 years ago
Resolution: --- → WORKSFORME
You need to log in before you can comment on or make changes to this bug.

Attachment

General

Creator:
Created:
Updated:
Size: