Open Bug 1780894 Opened 2 years ago Updated 2 years ago

Consider using Site as granularity for user granted/revoked origin controls

Tracking

(Not tracked)

Status:

NEW

People

(Reporter: zombie, Unassigned)

References

(Blocks 1 open bug)

Details

(Whiteboard: [addons-jira])

Tomislav Jovanovic :zombie

Reporter

Description

•

2 years ago

When the user is on www.example.com and decides to grant a permission to an extension for the "current website", granting access to eTLD+1 would probably match their expectation more often than granting it for the specific host.

Tomislav Jovanovic :zombie

Reporter

Comment 1

•

2 years ago

Related to this, Rob says in bug 1745821 comment 1:

Note: for the cookies extension API, it is necessary that granting access to the "tab" grants access to the eTLD+1 domain. Otherwise extensions will be unable to access its cookies.
Check: https://searchfox.org/mozilla-central/rev/855b2af753bc01bf27fc1b9f2d0184a0a440773d/toolkit/components/extensions/parent/ext-cookies.js#427-430
Impl of matchesCookie: https://searchfox.org/mozilla-central/rev/855b2af753bc01bf27fc1b9f2d0184a0a440773d/toolkit/components/extensions/MatchPattern.cpp#419-445

Whiteboard: [addons-jira]

Jira Integration Bot

Updated

•

2 years ago

See Also: → https://mozilla-hub.atlassian.net/browse/WEBEXT-601

Tomislav Jovanovic :zombie

Reporter

Updated

•

2 years ago

Severity: -- → N/A

Priority: -- → P3

You need to log in before you can comment on or make changes to this bug.

Bugzilla

Quick Search

Consider using Site as granularity for user granted/revoked origin controls

Categories

(WebExtensions :: General, enhancement, P3)

Tracking

(Not tracked)

People

(Reporter: zombie, Unassigned)

References

(Blocks 1 open bug)

Details

(Whiteboard: [addons-jira])

Crash Data

Security

(public)

User Story

Description

Comment 1

Updated

Updated