Closed Bug 729706 Opened 8 years ago Closed 8 years ago

Ensure worker XHRs inherit load context of page in private mode

Categories

(Core :: DOM: Core & HTML, defect)

x86
macOS
defect
Not set

Tracking

()

RESOLVED WORKSFORME

People

(Reporter: jdm, Unassigned)

References

Details

This came up in the security review and should be investigated.
Component: DOM: Core & HTML → DOM
Josh, can you clarify what constitutes "load context" here? Loads happening from worker-xhr as well as importScripts inside workers (importScripts allows dynamic loading of script files).

Before starting any loads, we check the load against the principal of the page.

Every load is also added to the page's LoadGroup.

Is anything else needed?
In this case, we care that the nsILoadContext of the channel is the same as the one you would get from a non-worker XHR.
How does one get from a nsIChannel to a nsILoadContext? I've never heard of associating nsILoadContext directly with nsIChannels at all.
NS_QueryNotificationCallbacks on an nsIChannel gets you an nsILoadContext.
That goes through the loadgroup, so yeah, that should be fine
Thanks!
Status: NEW → RESOLVED
Closed: 8 years ago
Resolution: --- → WORKSFORME
Duplicate of this bug: 740832
Component: DOM → DOM: Core & HTML
You need to log in before you can comment on or make changes to this bug.