Open Bug 1742926 Opened 2 years ago Updated 2 years ago

Enforce COOP, even when COOP+sandbox leads to an error page.

Categories

(Core :: DOM: Navigation, defect, P3)

defect

Tracking

()

People

(Reporter: ahemery, Unassigned)

References

(Blocks 1 open bug)

Details

Steps to reproduce:

As discussed in https://github.com/whatwg/html/issues/7345, an opener that remains on a popup that error'd because of COOP+sandbox can lead to guessing URLs cross-origin using history length.

Instead, the spec changes in https://github.com/whatwg/html/pull/7364 to enforce COOP, even when we'll fail afterwards, severing the opener.

The Bugbug bot thinks this bug should belong to the 'Core::Security: Process Sandboxing' component, and is moving the bug to that component. Please revert this change in case you think the bot is wrong.

Component: Untriaged → Security: Process Sandboxing
Product: Firefox → Core
Blocks: 1563480
Status: UNCONFIRMED → NEW
Component: Security: Process Sandboxing → DOM: Navigation
Ever confirmed: true

Marking S3 due to being an upcoming feature rather than breakage in an existing feature. annevk, please increment the severity if this is wrong.

Severity: -- → S3
Priority: -- → P3
You need to log in before you can comment on or make changes to this bug.