Closed Bug 1575095 Opened 5 years ago Closed 4 years ago

`Response`s provided by service workers must respect COOP/COEP

Categories

(Core :: DOM: Service Workers, enhancement, P1)

Product:
Core
Component:
DOM: Service Workers
Type:
enhancement

Tracking

()

Status:
RESOLVED FIXED
Milestone:
mozilla78
Tracking Flags:
Tracking Status
firefox78 --- fixed

People

(Reporter: perry, Assigned: edenchuang)

References

Details

Attachments

(2 files, 1 obsolete file)

Bug 1575095 - P1 Move CrossOriginXXXHeaders checking into HttpBaseChannel and apply CrossOriginXXXHeaders in InterceptedHttpChannel.
(deleted), text/x-phabricator-request
Details
Bug 1575095 - P2 Apply COOP switch with InterceptedHttpChannel in DocumentLoadListener
(deleted), text/x-phabricator-request
Details
No description provided.
Priority: -- → P2

Move ProcessCrossOriginResourcePolicyHeader into the base class of
InterceptedHttpChannel and nsHttpChannel, HttpBaseChannel.

Assignee: perry → ytausky
Assignee: ytausky → perry

I am working on it. Take it from Perry.

Assignee: perry → echuang
Priority: P2 → P1
Severity: normal → S3
No longer blocks: 1532287
Depends on: 1532287
Blocks: 1631748

The problem here is that responses emitted from service worker do not apply COOP/COEP properly and therefore might not end up being isolated even though they should be.

Blocks: 1601594
Attachment #9151420 - Attachment is obsolete: true
Attachment #9110709 - Attachment description: Bug 1575095 - InterceptedHttpChannel should account for CORP in a COEP context r?asuth,valentin → Bug 1575095 - P1 Move CrossOriginXXXHeaders checking into HttpBaseChannel and apply CrossOriginXXXHeaders in InterceptedHttpChannel.

This bug is for supporting COEP, CORP, and COOP checking on the response from SW.

nsHttpChannel::ProcessCrossOriginEmbedderPolicy(), nsHttpChannel::ProcessCrossOriginResourcePolicy() and nsHttpChannel::ComputeCrossOriginOpenerPolicyMismatch() should be also applied on InterceptedHttpChannel, such that response from SW could be applied with COEP, CORP, COOP checking.

When the response with COOP mismatch, that means the loading needs to be performed in the other process.
Currently, DocumentLoadListener determines if the loading should be switched to another process in MaybeTriggerProcessSwitching(), and nsHttpChannel::HasCrossOriginOpenerPolicyMismatch() is used for COOP mismatch switching. That means there would be at least two things need to do

  1. InterceptedHttpChannel needs also to provide HasCrossOriginOpenerPolicyMismatch() which likes nsHttpChannel did.
  2. DocumentLoadListener only works with nsHttpChannel, it needs to be supported with InterceptedHttpChannel.
Pushed by dluca@mozilla.com:
https://hg.mozilla.org/integration/autoland/rev/bb01a66dd630
P1 Move CrossOriginXXXHeaders checking into HttpBaseChannel and apply CrossOriginXXXHeaders in InterceptedHttpChannel. r=valentin
https://hg.mozilla.org/integration/autoland/rev/bf67f9734e0d
P2 Apply COOP switch with InterceptedHttpChannel in DocumentLoadListener r=necko-reviewers,valentin,mattwoodrow

https://hg.mozilla.org/mozilla-central/rev/bb01a66dd630
https://hg.mozilla.org/mozilla-central/rev/bf67f9734e0d

Status: NEW → RESOLVED
Closed: 4 years ago
status-firefox78: --- → fixed
Resolution: --- → FIXED
Target Milestone: --- → mozilla78
Regressions: 1645715
You need to log in before you can comment on or make changes to this bug.

Attachment

General

Creator:
Created:
Updated:
Size: