Clear-Site-Data: "cache": Use principal with correct originAttributes
Categories
(Toolkit :: Data Sanitization, defect, P2)
Tracking
()
People
(Reporter: manuel, Unassigned)
References
(Blocks 1 open bug)
Details
(Keywords: priv-triaged)
Attachments
(1 file)
Currently we pass a principal that has unpartitioned originAttributes. This leads to clearing the wrong cache entries. Identify how to pass a principal with the correct originAttributes or modify the originAttributes in the clearOrigin cache function.
|
||
Comment 1•2 days ago
|
||
setting a severity since this is a defect
|
Reporter | |
Comment 2•1 day ago
|
||
- clear-site-cache.html wpts: https://pernos.co/debug/ypokdkBHKNZiArOxR2d0XA/index.html
- test_cache2_clear_with_principal.js: https://pernos.co/debug/jF5BhnwQN0X2k7lcRvMkkg/index.html
|
|
Reporter | |
Comment 3•1 day ago
|
||
Note from talking to Tim yesterday: The originAttributes seem correct. However, we also pass the origin to CacheStorageService::ClearOriginInternal and that is likely not honored correctly.
|
|
Reporter | |
Comment 4•7 hours ago
|
||
- clear-site-cache.html with first oa fix and debug prints: https://pernos.co/debug/ctXxUO4DZbfrUa60HCjTXw/index.html
|
|
Reporter | |
Comment 5•2 hours ago
|
||
This patch contains basically three fixes and could be split up into
three commits if preferred.
Fix 1: The originAttributes coming from predictor code didn't adjust
OriginAttributes for networking state. Therefore, both unpartitioned and
partitioned cache entries were written. This was fixed on the caller
side. It might make sense to do this on the callee side.
Fix 2: The originAttributes coming from Clear-Site-Data: "cache" code
didn't adjust the OriginAttributes for clearing for networking state.
Fix 3: The partitionKey PopulateTopLevelInfoFromURI didn't include the
port in some cases.
Description
•