Stop treating moz-safe-about:srcdoc as a real content principal
Categories
(Core :: Security: CAPS, enhancement)
Tracking
()
| Tracking | Status | |
|---|---|---|
| firefox154 | --- | fixed |
People
(Reporter: nika, Assigned: nika)
References
(Blocks 1 open bug)
Details
Attachments
(2 files)
We already have a carve-out to not treat moz-safe-about:blank as a real content principal, and we should probably expand this to also not treat moz-safe-about:srcdoc as a real content principal.
| Assignee | ||
Comment 1•1 month ago
|
||
There was already a carveout to not treat moz-safe-about:blank as a principal,
this expands it to the other URI which gets a moz-safe-about inner URI, which
is moz-safe-about:srcdoc. Like about:blank, about:srcdoc doesn't actually have
a meaningful principal, so we should never create a moz-safe-about:srcdoc
content principal.
Comment 4•1 month ago
|
||
Backed out for causing xpc failures @ test_upgradeFromPersistentStorageDirectory
Backout link: https://hg.mozilla.org/integration/autoland/rev/fae19d2443cb2a4f71f55c1b1bc1b44dfc9ae5e8
| Assignee | ||
Comment 5•1 month ago
|
||
Strange - I thought I checked the try pushes and wasn't running into issues...
Looks like the change to prevent any moz-safe-about: URIs from being principal origins broke some old migration code. Prior to bug 1438367, we had MAKE_LINKABLE set on about:home, which at the time gave it a moz-safe-about:home principal. That has been gone for a long time (8 years), but the old migration code path still appears to be being tested for storage, and explicitly tests migrating this invalid principal.
I'm not sure if we should be putting much effort into fixing the migration of broken indexeddb storage from a 9 year old browser, and I'm also not sure that we put any effort to use the moz-safe-about:home storage if we did migrate (my guess is that it is effectively ignored and new storage is re-built, but I haven't checked).
I think we can probably just drop this test?
Updated•1 month ago
|
| Assignee | ||
Comment 6•1 month ago
|
||
The upgrade migration tests in this patch fail after the changes in part 1.
This appears to be because they attempt to perform migrations on the
moz-safe-about+home origin scheme in the profile directory, which no longer
parses as an origin.
This patch updates quota/OriginParser to treat all moz-safe-about origins as
"obsolete". I believe that this should be safe to do now, as the changes in the
previous part block the creation of moz-safe-about: principals. In specific,
the moz-safe-about:home origin appears to have not been used for 8 years since
bug 1438367.
In addition to the parser & test changes, some other references to
moz-safe-about:home have also been removed.
Comment 8•18 days ago
|
||
| bugherder | ||
https://hg.mozilla.org/mozilla-central/rev/d06855d71258
https://hg.mozilla.org/mozilla-central/rev/570f5193bb26
Description
•