Only propagate storage access during self-initiated, same-origin navigation
Categories
(Core :: Privacy: Anti-Tracking, enhancement, P2)
Tracking
()
Tracking | Status | |
---|---|---|
firefox118 | --- | fixed |
People
(Reporter: bvandersloot, Assigned: bvandersloot)
References
(Blocks 1 open bug)
Details
Attachments
(6 files, 1 obsolete file)
Bug 1835907, part 1 - Add has storage access bit and triggering window id to the LoadInfo - r=smaug!
48 bytes,
text/x-phabricator-request
|
Details | Review | |
48 bytes,
text/x-phabricator-request
|
Details | Review | |
48 bytes,
text/x-phabricator-request
|
Details | Review | |
48 bytes,
text/x-phabricator-request
|
Details | Review | |
48 bytes,
text/x-phabricator-request
|
Details | Review | |
48 bytes,
text/x-phabricator-request
|
Details | Review |
See the changes in https://github.com/privacycg/storage-access/pull/141.
Particularly the flag to the source snapshot params used during create navigation params by fetching, and the conditional copy of sourceDocument's relevant settings object's flag over to the new environment that will be created
Assignee | ||
Updated•1 year ago
|
Assignee | ||
Comment 1•1 year ago
|
||
Note: this means that we should not always initially set hasStorageAccess to true
if the permission is set.
Assignee | ||
Comment 2•1 year ago
|
||
Assignee | ||
Comment 3•1 year ago
|
||
Depends on D184821
Assignee | ||
Comment 4•1 year ago
|
||
Depends on D184822
Assignee | ||
Comment 5•1 year ago
|
||
Because the Document's Channel's LoadInfo is no longer being set to reflect the storage-access permission, we need to test if the permission is set before we ask the user about it.
Currently I opted for an IPC (and one we already have) in Fission. We could cut this out with an extra bit on the document, but I don't think this is performance-critical since it only happens on prompt-able requestStorageAccess calls.
Depends on D184823
Assignee | ||
Comment 6•1 year ago
|
||
This probably should have been done earlier, but became obvious with uses of Document::HasStorageAccessPermissionGrated in this stack.
Depends on D184824
Assignee | ||
Comment 7•1 year ago
|
||
Depends on D184825
Assignee | ||
Comment 8•1 year ago
|
||
Now that iframes don't automatically get "storage access" when the permission is allowed, we need to call requestStorageAccess in the iframes that use that access. This test makes that change.
In xorigin tests, the test gets the storage access in the test's iframe then creates a new iframe to run the tests in. I just added calls to the storage access API in that second iframe.
Depends on D184826
Updated•1 year ago
|
Updated•1 year ago
|
Updated•1 year ago
|
Updated•1 year ago
|
Updated•1 year ago
|
Updated•1 year ago
|
Updated•1 year ago
|
Updated•1 year ago
|
Comment 10•1 year ago
•
|
||
Backed out for causing multiple failures.
Failure logs:
- devtools/client/netmonitor/test/browser_net_http3_request_details.js - https://treeherder.mozilla.org/logviewer?job_id=425947260&repo=autoland
- devtools/client/netmonitor/test/browser_net_headers_sorted.js - https://treeherder.mozilla.org/logviewer?job_id=425942845&repo=autoland
- dom/security/test/sec-fetch/test_iframe_history_manipulation.html - https://treeherder.mozilla.org/logviewer?job_id=425943810&repo=autoland
- toolkit/components/antitracking/bouncetrackingprotection/test/browser/browser_bouncetracking_simple.js - https://treeherder.mozilla.org/logviewer?job_id=425945971&repo=autoland
- toolkit/mozapps/extensions/test/xpinstall/browser_required_useractivation.js - https://treeherder.mozilla.org/logviewer?job_id=425949356&repo=autoland
Backout link: https://hg.mozilla.org/integration/autoland/rev/7454614ef39046960ee75b81928128e9a77aa0e2
Assignee | ||
Comment 11•1 year ago
|
||
Found the issue: I was injecting a user interaction into the loadinfo by accident. This is resolved, so I'm going to push again once static analysis and a fresh try run finishes.
Comment 12•1 year ago
|
||
Comment 13•1 year ago
|
||
bugherder |
https://hg.mozilla.org/mozilla-central/rev/e6a83f1b7940
https://hg.mozilla.org/mozilla-central/rev/51e533c3d812
https://hg.mozilla.org/mozilla-central/rev/f543a9922f2e
https://hg.mozilla.org/mozilla-central/rev/bd2d6d649e2e
https://hg.mozilla.org/mozilla-central/rev/6f1909eb87de
https://hg.mozilla.org/mozilla-central/rev/6d987539c7b6
Description
•