Open Bug 1490479 Opened 6 years ago Updated 2 years ago

Presentation IPC Methods accept Origin and Principal from Content Process

Categories

(Core :: DOM: Core & HTML, enhancement, P5)

Product:
Core
Component:
DOM: Core & HTML
Type:
enhancement

Tracking

()

Project Flags:
Fission Milestone Future

People

(Reporter: tjr, Unassigned)

References

(Depends on 1 open bug, Blocks 1 open bug)

Details

In https://searchfox.org/mozilla-central/source/dom/presentation/ipc/PPresentation.ipdl a Content Process can send a StartSessionRequest with an arbitrary origin and principal.

While tracing this code, I couldn't figure out where or how these fields get used; but my concern is that a rogue content process could provide fraudulent values for them (a system principal, or another origin) and either bypass permission prompts or trick a user into accepting a permission prompt.

If these values are used; they should be validated to ensure they have permissible values given the origin of the Content Process.  If they aren't used; maybe they could just be removed.
Depends on: fission-ipc-map
We don't ship the Presentation API AFAIK.
Priority: -- → P3
Component: DOM → DOM: Core & HTML

This bug is not a Fission MVP blocker.

Fission Milestone: --- → Future
Priority: P3 → P5
Severity: normal → S3
You need to log in before you can comment on or make changes to this bug.