Closed Bug 1900565 Opened 5 months ago Closed 5 months ago

The storage access check won't handle properly if the channel isn't associated with a browsing context

Categories

(Core :: Privacy: Anti-Tracking, defect, P2)

Product:
Core
Component:
Privacy: Anti-Tracking
Type:
defect

Tracking

()

Status:
RESOLVED FIXED
Milestone:
128 Branch
Tracking Flags:
Tracking Status
firefox128 --- fixed

People

(Reporter: timhuang, Assigned: timhuang)

References

(Blocks 1 open bug)

Details

Attachments

(1 file)

Bug 1900565 - Don't immediately return from the ShouldAllowAccessFor(nsIChannel) if the channel doesn't have target browsing context. r?bvandersloot!
48 bytes, text/x-phabricator-request
Details | Review

In some cases, the channel won't have a target browsing context, such as the channel for loading a script for remote workers. The storage access check cannot correctly handle this case, so there will be no partitioning for such channels.

The patch modifies the ShouldAllowAccessFor(nsIChannel) to handle the
channels that don't have target browsing context. For example, the
channel for loading shared worker scripts won't have a associated
browsing context. In this case, the ShouldAllowAccessFor() should still
work but just ignore the checks that require the browsing context.

Assignee: nobody → tihuang
Status: NEW → ASSIGNED
Pushed by tihuang@mozilla.com: https://hg.mozilla.org/integration/autoland/rev/f0760609c946 Don't immediately return from the ShouldAllowAccessFor(nsIChannel) if the channel doesn't have target browsing context. r=bvandersloot

https://hg.mozilla.org/mozilla-central/rev/f0760609c946

Status: ASSIGNED → RESOLVED
Closed: 5 months ago
status-firefox128: --- → fixed
Resolution: --- → FIXED
Target Milestone: --- → 128 Branch
You need to log in before you can comment on or make changes to this bug.

Attachment

General

Creator:
Created:
Updated:
Size: