Closed
Bug 1670244
Opened 4 years ago
Closed 4 years ago
Perform IPC based Principal vetting in ContentParent to ensure we never load a document with a codebase principal in the wrong type of webIsolated process
Categories
(Core :: DOM: Security, task, P2)
Core
DOM: Security
Tracking
()
RESOLVED
FIXED
89 Branch
| Tracking | Status | |
|---|---|---|
| firefox89 | --- | fixed |
People
(Reporter: ckerschb, Assigned: ckerschb)
References
(Depends on 1 open bug, Blocks 2 open bugs)
Details
(Whiteboard: [domsecurity-active])
Attachments
(1 file, 1 obsolete file)
|
(deleted),
text/x-phabricator-request
|
Details |
Let's start by adding a function to the ContentParent which allows to vet the principal for document loads.
|
Assignee | |
Comment 1•4 years ago
|
||
Let's see where we stand with this one:
https://treeherder.mozilla.org/#/jobs?repo=try&revision=4af6fa13a0b50fa384d8e2689a5e6cf482b1d1d5
|
|
Assignee | |
Comment 2•4 years ago
|
||
|
|
Assignee | |
Comment 3•4 years ago
|
||
|
|
Assignee | |
Updated•4 years ago
|
Summary: Perform IPC based Principal vetting in ContentParent → Perform IPC based Principal vetting in ContentParent to ensure we never load a document with a codebase principal in the wrong type of webIsolated process
|
|
Assignee | |
Comment 5•4 years ago
|
||
|
||
Updated•4 years ago
|
Attachment #9182635 -
Attachment is obsolete: true
Pushed by mozilla@christophkerschbaumer.com:
https://hg.mozilla.org/integration/autoland/rev/37b9e5af6540
Ensure we never load a document with a codebase principal in the wrong type of webIsolated process r=nika
|
||
Comment 7•4 years ago
|
||
Backed out changeset 37b9e5af6540 (Bug 1670244) for causing android xpcshell crashes in test_ext_file_access.js
Backout link: https://hg.mozilla.org/integration/autoland/rev/ea0a9a1ae2509e7afbb63ed64fb3841a73cd49f8
Push with failures, failure log.
(Update): Looks to have also caused bc failures in ContentParent.cpp
Flags: needinfo?(ckerschb)
Pushed by mozilla@christophkerschbaumer.com:
https://hg.mozilla.org/integration/autoland/rev/a0594679fd0e
Ensure we never load a document with a codebase principal in the wrong type of webIsolated process r=nika
|
||
Comment 10•4 years ago
|
||
| bugherder | ||
Status: ASSIGNED → RESOLVED
Closed: 4 years ago
status-firefox89:
--- → fixed
Resolution: --- → FIXED
Target Milestone: --- → 89 Branch
You need to log in
before you can comment on or make changes to this bug.
Description
•