Implement COEP: credentialless
Categories
(Core :: DOM: Core & HTML, enhancement)
Tracking
()
| Tracking | Status | |
|---|---|---|
| firefox104 | --- | fixed |
People
(Reporter: arthursonzogni, Assigned: sefeng)
References
(Depends on 3 open bugs, Blocks 3 open bugs, Regressed 1 open bug)
Details
Attachments
(4 files)
User Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.82 Safari/537.36
Steps to reproduce:
Explainer:
https://github.com/WICG/credentiallessness
Filling implementation bug, in order to land spec PR:
Warning. Before implementing COEP:credentialless, you should evaluate the security guarantees hold. In particular, this may be dependant on:
- Private Network Request
- ORB
Actual results:
N/A This is a feature request. Not a bug.
Expected results:
N/A This is a feature request. Not a bug.
|
||
Updated•3 years ago
|
|
||
Updated•3 years ago
|
|
|
||
Updated•3 years ago
|
|
Assignee | |
Updated•3 years ago
|
|
|
Assignee | |
Comment 1•3 years ago
|
||
Added bug 1652926 as a dependency due to reporting-navigation.https.window.js test requires that.
|
|
Assignee | |
Comment 2•3 years ago
|
||
Spec: https://html.spec.whatwg.org/multipage/#coep:coep-credentialless
Credentialless is a new cross-origin embedder policy which allows us
to not enforcing CORP when loading cross-origin resources while
providing SharedArrayBuffer.
There are two main things involved here:
- Fetching cross-origin no-CORS resources omits credentials
- This is done by applying
LOAD_ANONYMOUSflag to the request
- This is done by applying
- Other requests sent with credentials require the server's explicit
permission through the CORS protocol or the CORS header- This is done by expanding
ProcessCrossOriginResourcePolicyHeader
function to apply the necessary checks.
- This is done by expanding
|
|
Assignee | |
Comment 3•3 years ago
|
||
Spec: https://fetch.spec.whatwg.org/#ref-for-cross-origin-resource-policy-internal-check
This purpose of this patch is just to implement the spec.
One noticeable thing I did in the patch is I made CacheResponse to
include the credentials mode of the initial request. Consider the
below scenario:
- Create a fetch request with a URL and a specific credential_mode, and put it into cache
- Call cache.match by using a URL, but without credential_mode
- cache.match() result should be filtered according to the initial request's credential_mode
When applying the response’s request-includes-credentials is true
check, the initial request's credential_mode is needed because
request-includes-credentials is judged by the credential_mode.
The rest of the changes are just normal spec alignments.
|
||
Updated•3 years ago
|
|
|
||
Comment 4•3 years ago
|
||
We did some analysis in the fall and settled on gating this on ORB but not PNA. Updating the dependencies to reflect that.
|
||
Comment 6•3 years ago
|
||
Backed out for wpt failures on embedding.tentative.https.window.html
Backout link: https://hg.mozilla.org/integration/autoland/rev/14532cf1f7121078abc709d9ad007f48e532cd24
Log link: https://treeherder.mozilla.org/logviewer?job_id=382043695&repo=autoland&lineNumber=2166
|
|
Assignee | |
Comment 7•3 years ago
|
||
Looks like with the COEP:credentialless implementation, some anonymous
iframe tests start to fail. I didn't investigate this because we don't
support anonymous iframe at the moment, so it's not worth to look into
it.
|
||
Comment 9•3 years ago
|
||
Backed out for causing COEP related failures on embedding.tentative.https.window.html.
[task 2022-06-22T18:08:26.427Z] 18:08:26 INFO - TEST-START | /html/anonymous-iframe/embedding.tentative.https.window.html?9-10
[task 2022-06-22T18:08:26.436Z] 18:08:26 INFO - Closing window 4973c4ff-e5a4-4e4d-adfe-8e06bde00472
[task 2022-06-22T18:08:26.448Z] 18:08:26 INFO - PID 7744 | [Child 2072, Main Thread] WARNING: '!CanHandleWith(aPresContext)', file /builds/worker/checkouts/gecko/dom/events/IMEStateManager.cpp:498
[task 2022-06-22T18:08:26.501Z] 18:08:26 INFO - PID 7744 | [Child 2072, Main Thread] WARNING: '!CanHandleWith(aPresContext)', file /builds/worker/checkouts/gecko/dom/events/IMEStateManager.cpp:498
[task 2022-06-22T18:08:26.678Z] 18:08:26 INFO - PID 7744 | [Child 2072, Main Thread] WARNING: '!CanHandleWith(aPresContext)', file /builds/worker/checkouts/gecko/dom/events/IMEStateManager.cpp:498
[task 2022-06-22T18:08:26.743Z] 18:08:26 INFO - PID 7744 | [Child 2072, Main Thread] WARNING: '!CanHandleWith(aPresContext)', file /builds/worker/checkouts/gecko/dom/events/IMEStateManager.cpp:498
[task 2022-06-22T18:08:26.816Z] 18:08:26 INFO - PID 7744 | [Child 2072, Main Thread] WARNING: '!CanHandleWith(aPresContext)', file /builds/worker/checkouts/gecko/dom/events/IMEStateManager.cpp:498
[task 2022-06-22T18:08:26.842Z] 18:08:26 INFO - PID 7744 | [Parent 7028, Main Thread] WARNING: 'aOwner->IsDiscarded()', file /builds/worker/workspace/obj-build/dist/include/mozilla/dom/SyncedContextInlines.h:95
[task 2022-06-22T18:08:26.853Z] 18:08:26 INFO - PID 7744 | [Parent 7028, Main Thread] WARNING: 'aOwner->IsDiscarded()', file /builds/worker/workspace/obj-build/dist/include/mozilla/dom/SyncedContextInlines.h:95
[task 2022-06-22T18:08:26.978Z] 18:08:26 INFO - PID 7744 | 1655921306992 Marionette WARN Ignoring event 'pageshow' because document has an invalid readyState of 'uninitialized'.
[task 2022-06-22T18:08:27.003Z] 18:08:27 INFO - PID 7744 | [Parent 7028, Main Thread] WARNING: NS_ENSURE_SUCCESS(rv, rv) failed with result 0x80004005 (NS_ERROR_FAILURE): file /builds/worker/checkouts/gecko/dom/base/ThirdPartyUtil.cpp:421
[task 2022-06-22T18:08:27.031Z] 18:08:27 INFO - PID 7744 | 1655921307036 Marionette WARN Ignoring event 'pageshow' because document has an invalid readyState of 'uninitialized'.
[task 2022-06-22T18:08:27.038Z] 18:08:27 INFO - PID 7744 | [Parent 7028, Main Thread] WARNING: NS_ENSURE_SUCCESS(rv, rv) failed with result 0x80004005 (NS_ERROR_FAILURE): file /builds/worker/checkouts/gecko/dom/base/ThirdPartyUtil.cpp:421
[task 2022-06-22T18:08:27.833Z] 18:08:27 INFO - PID 7744 | ### XPCOM_MEM_BLOAT_LOG defined -- logging bloat/leaks to C:\Users\task_165591913118257\AppData\Local\Temp\tmp6x6ubnp9\runtests_leaks_5864_tab_pid2520.log
[task 2022-06-22T18:08:27.840Z] 18:08:27 INFO - PID 7744 | [2520, Main Thread] WARNING: XPCOM_MEM_BLOAT_LOG is set, disabling native allocations.: file /builds/worker/checkouts/gecko/tools/profiler/core/platform.cpp:339
[task 2022-06-22T18:08:41.556Z] 18:08:41 INFO - PID 7744 | [Child 2072, Main Thread] WARNING: IPC message 'PSessionStore::Msg_SessionStoreUpdate' discarded: actor cannot send: file /builds/worker/checkouts/gecko/ipc/glue/ProtocolUtils.cpp:509
[task 2022-06-22T18:08:46.516Z] 18:08:46 INFO - PID 7744 | [Child 8184, Main Thread] WARNING: '!CanHandleWith(aPresContext)', file /builds/worker/checkouts/gecko/dom/events/IMEStateManager.cpp:498
[task 2022-06-22T18:08:46.540Z] 18:08:46 INFO -
[task 2022-06-22T18:08:46.551Z] 18:08:46 INFO - TEST-UNEXPECTED-FAIL | /html/anonymous-iframe/embedding.tentative.https.window.html?9-10 | COOP:same-origin + COEP:credentialless embeds same-origin anonymous iframe - assert_equals: expected "load" but got "block"
[task 2022-06-22T18:08:46.551Z] 18:08:46 INFO - embeddingTest/<@https://web-platform.test:8443/html/anonymous-iframe/resources/embedding-test.js:70:18
[task 2022-06-22T18:08:46.552Z] 18:08:46 INFO - .
[task 2022-06-22T18:08:46.552Z] 18:08:46 INFO - TEST-OK | /html/anonymous-iframe/embedding.tentative.https.window.html?9-10 | took 20125ms
|
|
Assignee | |
Comment 10•3 years ago
|
||
When running the test against the Firefox ASAN builds, sometimes the
test fails because document.body is null. So we wrap the test method
into window.onload to fix that.
|
||
Comment 11•3 years ago
|
||
|
|
||
Comment 13•3 years ago
|
||
| bugherder | ||
https://hg.mozilla.org/mozilla-central/rev/0a6f568535df
https://hg.mozilla.org/mozilla-central/rev/923a9ea4733e
https://hg.mozilla.org/mozilla-central/rev/6a467758975a
https://hg.mozilla.org/mozilla-central/rev/6c46f6f471fb
Description
•