Storage inspector does not show isolated Parent Process resources (cookie/indexeddb) when dfpi is active
Categories
(DevTools :: Storage Inspector, defect)
Tracking
(Fission Milestone:MVP, firefox-esr78 unaffected, firefox90 wontfix, firefox91 wontfix, firefox92 verified, firefox93 verified)
Tracking | Status | |
---|---|---|
firefox-esr78 | --- | unaffected |
firefox90 | --- | wontfix |
firefox91 | --- | wontfix |
firefox92 | --- | verified |
firefox93 | --- | verified |
People
(Reporter: jdescottes, Assigned: pbz)
References
(Blocks 3 open bugs, Regression)
Details
(Keywords: regression, Whiteboard: dt-fission-m3-mvp)
Attachments
(1 file)
Dynamic First Party Isolation (Bug 1549587) isolates third-party storage by double keying the storage using the First-Party
origin attribute. When dfpi is active, the Storage Panel does not show isolated cookies with the exception of the first time they are set.
STR:
- In a fresh profile set
network.cookie.cookieBehavior = 5
- Visit https://senglehardt.com/test/dfpi/first_and_third.html. You'll see cookies, localstorage, session storage, and indexed db data written for three iframes from separate origins.
- Open the Storage Panel and note that all storage locations show the expected results.
- Refresh the page. No new storage is set. Instead, storage is read from all locations.
- Open the Storage Panel and switch between the origins listed under "Cookies". Note that
englehardt-tracker.com
is empty
ER:
- The storage panel displays the active storage area for all storage locations
AR:
- No cookies for the isolated origin (englehardt-tracker.com) when storage is only read during the page visit. This does not reproduce when the storage location is not isolated.
This was first fixed in Bug 1628936, but was regressed by Bug 1700904.
A test should be added this time to avoid future regressions.
Reporter | ||
Updated•3 years ago
|
Reporter | ||
Comment 1•3 years ago
|
||
This will be triaged during our next meeting, I am not restoring the need info because it would hide it from Bug 1628936 because it would hide from our triage query and also :ladybenko is off for now.
Comment 2•3 years ago
|
||
Set release status flags based on info from the regressing bug 1700904
Updated•3 years ago
|
Reporter | ||
Updated•3 years ago
|
Updated•3 years ago
|
Comment 4•3 years ago
|
||
The cookies are fetched with getCookiesFromHost
, at https://searchfox.org/mozilla-central/rev/699174544b058f13f02e7586b3c8fdbf438f084b/devtools/server/actors/storage.js#655-656,669-683.
getCookiesFromHost
looks up the cookies whose OriginAttributes are an exact match for the given OriginAttributes, by host
only, via storageActor.getWindowFromHost
. When I step through with a debugger I can see that the execution goes through https://searchfox.org/mozilla-central/rev/699174544b058f13f02e7586b3c8fdbf438f084b/devtools/server/actors/resources/utils/parent-process-storage.js#342,344
with partitionKey: ""
while it should have been non-empty for child frames.
Updated•3 years ago
|
Updated•3 years ago
|
Assignee | ||
Comment 5•3 years ago
|
||
We need to use documentStoragePrincipal rather than the regular document principal, because it
contains the partitionKey which is used to isolate storage of third-party resources.
Assignee | ||
Comment 6•3 years ago
|
||
Sorry, I've just realized :ladybenko was working on this in Bug 1710451.
It seems to be a simple fix now that we have access to the storage principal via WindowGlobalParent
. I'm working on a test.
Updated•3 years ago
|
Updated•3 years ago
|
Pushed by pzuhlcke@mozilla.com: https://hg.mozilla.org/integration/autoland/rev/c632cd1094b8 [devtools] Use WindowGlobalParent documentStoragePrincipal for storage access. r=nchevobbe
Comment 8•3 years ago
|
||
This bug is a soft blocker for Fission MVP. We'd like to fix it before our Release channel rollout, but we won't delay the rollout waiting for it.
Comment 9•3 years ago
|
||
bugherder |
Updated•3 years ago
|
Comment 10•3 years ago
|
||
Managed to reproduce the issue on macOS 10.15 using Nightly 2021-07-19.
Retested everything on Firefox 92.0b2 and Nightly 93.0a1 using the same os. The issue is not reproducing anymore.
Updated•3 years ago
|
Updated•3 years ago
|
Description
•