Open Bug 2044019 Opened 10 days ago Updated 1 day ago

Prevent Session Storage from storing session cookies unencrypted on disk

Tracking

()

Status:

ASSIGNED

People

(Reporter: simonf, Assigned: simonf)

References

(Blocks 1 open bug)

Details

Attachments

(1 file)

Bug 2044019: Encrypt session restore data r=bbeurdouche,gcp 1 day ago Simon Friedberger [:simonf] 48 bytes, text/x-phabricator-request		Details \| Review

Simon Friedberger [:simonf]

Assignee

Description

•

10 days ago

For Firefox Enterprise we need to make sure that session data is not stored unencrypted on disk. We want to acknowledge that this does not fit the Session Restore Team priorities as discussed in https://docs.google.com/document/d/1nRssNtwcNdgR4EuuArqZIGcGA_bwDq5mOvYEP2Dhh48/edit?tab=t.0#heading=h.meds78h209f8

As a workaround for the MVP an option to disable session restore altogether would address the security concerns.

See also Bug 2040395 for the console implementation.

Simon Friedberger [:simonf]

Assignee

Comment 1

•

1 day ago

Attached file Bug 2044019: Encrypt session restore data r=bbeurdouche,gcp — Details

Phabricator Automation

Updated

•

1 day ago

Assignee: nobody → sfriedberger

Status: NEW → ASSIGNED

You need to log in before you can comment on or make changes to this bug.

Bugzilla

Prevent Session Storage from storing session cookies unencrypted on disk

Categories

(Firefox :: Session Restore, task)

Tracking

()

People

(Reporter: simonf, Assigned: simonf)

References

(Blocks 1 open bug)

Details

Crash Data

Security

(public)

User Story

Attachments

(1 file)

Description

Comment 1

Updated

Attachment

General

Description

File Name

Content Type