Open Bug 1955078 Opened 10 months ago Updated 3 months ago

Re-opening about:credits does not redirect

Categories

(Core :: DOM: Security, defect, P2)

Product:
Core
Component:
DOM: Security
Type:
defect

Tracking

()

Tracking Flags:
Tracking Status
firefox-esr140 --- affected
firefox143 --- wontfix
firefox144 --- wontfix
firefox145 --- fix-optional

People

(Reporter: beth, Unassigned)

References

(Regression)

Details

(Keywords: regression)

STR

  1. Open about:credits
  2. Close the tab
  3. Re-open the tab via cmd+shift+tab / ctrl+shift+tab

ER

The tab should re-open https://www.mozilla.org/credits/

AR

The tab re-opens about:credits and does not redirect to https://www.mozilla.org/credits/

Component: DOM: Navigation → Session Restore
Product: Core → Firefox

This is pretty strange. It also happens if you try to reopen a tab via the app menu > History > recently closed tabs.

:farre, is there a reason you don't think this is a navigational issue and is instead a session restore issue? :)

Severity: -- → S3
Flags: needinfo?(afarre)
Priority: -- → P2

Yeah, sorry for not giving an explanation. This has usually been an issue about either the final tabstate update not being enough, and that a call to TabStateFlusher.flush() is needed.

But the strange thing is that even if I wait for the buffer to time out it reproduces. And I can't really get it to reproduce with other about pages. Not even about:rights which should be very similar, insofar that it is an https and has the same flags.

If you wan't I can try to find some time to look at what TabStateCache.sys.mjs actually has saved at this point, because that should give an indication of what's going on.

Flags: needinfo?(afarre) → needinfo?(sclements)

(In reply to Andreas Farre [:farre] from comment #2)

If you wan't I can try to find some time to look at what TabStateCache.sys.mjs actually has saved at this point, because that should give an indication of what's going on.

It would be good to find out what's causing this, if you're able to look into that. :)

Flags: needinfo?(sclements) → needinfo?(afarre)

This is actually findable with mozregression.

Olli, do you have an idea of what's going on here?

Flags: needinfo?(afarre) → needinfo?(smaug)
Component: Session Restore → DOM: Security
Product: Firefox → Core

Hmm, that is the kind of case bug 1905843 is trying to prevent.
Is it overly strict in this case? thinking

Flags: needinfo?(smaug)
Duplicate of this bug: 1963585

There's a warning that indicates an early return in nsHttpChannel::AsyncOpen due to nsContentSecurityManager::CheckForIncoherentResultPrincipal

Keywords: regression
Regressed by: CVE-2024-9392

Set release status flags based on info from the regressing bug 1905843

status-firefox143: --- → affected
status-firefox144: --- → affected
status-firefox145: --- → affected
status-firefox-esr140: --- → affected
You need to log in before you can comment on or make changes to this bug.