Closed Bug 1475189 Opened 6 years ago Closed 6 years ago

Block storage access in tracking sub-resources when not in iframes

Tracking

()

Status:

RESOLVED FIXED

Milestone:

mozilla63

Tracking Flags:

Tracking

Status

firefox63

---

fixed

People

(Reporter: baku, Assigned: baku)

References

(Blocks 2 open bugs)

Details

(Whiteboard: [domsecurity-active])

Attachments

(3 files)

part 1 - subresources 6 years ago Andrea Marchesini [:baku] (deleted), patch	ehsan.akhgari : review+	Details \| Diff \| Splinter Review
part 2 - tests 6 years ago Andrea Marchesini [:baku] (deleted), patch	ehsan.akhgari : review+	Details \| Diff \| Splinter Review
part 3 - images 6 years ago Andrea Marchesini [:baku] (deleted), patch	ehsan.akhgari : review+	Details \| Diff \| Splinter Review

Andrea Marchesini [:baku]

Assignee

Description

•

6 years ago

The current code blocks storage access only for 3rd party tracking resources in iframe. We should apply the same logic to any URL loaded by the top-level window, such as scripts, images and so on, if they are marked as tracking resources.

Andrea Marchesini [:baku]

Assignee

Comment 1

•

6 years ago

Attached patch part 1 - subresources (deleted) — Details — Splinter Review

Attachment #8991564 - Flags: review?(ehsan)

Andrea Marchesini [:baku]

Assignee

Comment 2

•

6 years ago

Attached patch part 2 - tests (deleted) — Details — Splinter Review

Attachment #8991565 - Flags: review?(ehsan)

Christoph Kerschbaumer [:ckerschb]

Updated

•

6 years ago

Status: NEW → ASSIGNED

Priority: -- → P2

Whiteboard: [domsecurity-active]

Andrea Marchesini [:baku]

Assignee

Comment 3

•

6 years ago

Attached patch part 3 - images (deleted) — Details — Splinter Review

This is the last patch.

Attachment #8991594 - Flags: review?(ehsan)

(no longer active)

Updated

•

6 years ago

Attachment #8991564 - Flags: review?(ehsan) → review+

(no longer active)

Updated

•

6 years ago

Attachment #8991594 - Flags: review?(ehsan) → review+

(no longer active)

Updated

•

6 years ago

Attachment #8991565 - Flags: review?(ehsan) → review+

Pulsebot

Comment 4

•

6 years ago

Pushed by amarchesini@mozilla.com: https://hg.mozilla.org/integration/mozilla-inbound/rev/36b513077735 Block storage access in tracking sub-resources when not in iframes - part 1 - tests, r=ehsan https://hg.mozilla.org/integration/mozilla-inbound/rev/aedfdb400cc1 Block storage access in tracking sub-resources when not in iframes - part 2 - subresources, r=ehsan https://hg.mozilla.org/integration/mozilla-inbound/rev/bbca8d90968e Block storage access in tracking sub-resources when not in iframes - part 3 - image cache, r=ehsan

Noemi Erli[:noemi_erli]

Comment 5

•

6 years ago

bugherder

https://hg.mozilla.org/mozilla-central/rev/36b513077735 https://hg.mozilla.org/mozilla-central/rev/aedfdb400cc1 https://hg.mozilla.org/mozilla-central/rev/bbca8d90968e

Status: ASSIGNED → RESOLVED

Closed: 6 years ago

status-firefox63: --- → fixed

Resolution: --- → FIXED

Target Milestone: --- → mozilla63

Masayuki Nakano [:masayuki] (he/him)(JST, +0900)

Updated

•

6 years ago

Depends on: 1483765

(no longer active)

Updated

•

6 years ago

No longer depends on: 1483765

You need to log in before you can comment on or make changes to this bug.

Bugzilla

Quick Search

Block storage access in tracking sub-resources when not in iframes

Categories

(Core :: DOM: Security, enhancement, P2)

Tracking

()

People

(Reporter: baku, Assigned: baku)

References

(Blocks 2 open bugs)

Details

(Whiteboard: [domsecurity-active])

Crash Data

Security

(public)

User Story

Attachments

(3 files)

Description

Comment 1

Comment 2

Updated

Comment 3

Updated

Updated

Updated

Comment 4

Comment 5

Updated

Updated

Attachment

General

Description

File Name

Content Type