Open Bug 1797376 Opened 2 years ago Updated 2 years ago

browsingData.remove with hostnames parameter behaves inconsistently/broken for ports and IPv6 addresses

Categories

(WebExtensions :: General, defect, P3)

defect

Tracking

(Not tracked)

People

(Reporter: robwu, Unassigned)

References

(Blocks 1 open bug)

Details

The browsingData.remove* methods have a "hostnames" parameter. The name and documentation suggests that a host name should be passed. The browsing_data.json schema refers to the hostname format, whose implementation only accepts the input if it is the same as new URL(...).host.

While often equal, a "host" is NOT the same as "host name". The two main differences are:

  1. "host" may include a port ("host" = "hostname:port")
  2. IPv6 addresses are wrapped in brackets in the public URL and extension APIs. Most of Firefox's internals expect IPv6 addresses without brackets.

To add to the confusion, "host name" and "domain" are often used interchangeably. But when "domain" is used, ambiguity over what a "domain" matches occurs: exact equality vs subdomain overlap vs superdomain overlap.

With the above definitions of "host name", "host (with port)" and "domain" in mind, let's review how the browsingData.remove API implementation handlers the hostnames parameter:

As you can see, all three meanings of "host"/"host name"/"domain" are used interchangeably.

Note for completeness: clearing by "hostname" is not implemented for the following types:

DataTypeSet lists more:

  • fileSystems - not present in the schema, documented as unsupported.
  • pluginData - no-op in Firefox, so lack of support doesn't matter.
  • serverBoundCertificates - although existent in the schema, there is no implementation (and also documented as unsupported in the BCD).

Work-arounds for extension developers

Extensions can resolve the ambiguity of "host name" vs "host (without port)", by adding or removing the port, and calling the API twice, with and without port when relevant.

Due to the bracket notation, browsingData.remove will fail at deleting cookies for IPv6 addresses. The work-around is to use the cookies API instead of the browsingData API.

Next steps

  • Rename or remove the inaccurately-named hostname format. If removed, "format": "hostname" can be removed from the browsing_data.json schema in favor of validation in the ext-browsingData implementation itself.
  • Decide on whether to update the implementation to match the documented behavior and API name.
    • If we treat the input as documented, i.e. drop support for the port parameter, then extensions need a different way to remove data for a specific "host + port".
    • "host + port" is still ambiguous, because data is typically keyed by an origin, which includes a scheme. I strongly recommend the implementation of origins (bug 1632796), which is unambiguous.
  • If support for the current behavior is kept (host + port), then a way of removing by IPv6 addresses is needed.
Severity: -- → S3
Priority: -- → P3
You need to log in before you can comment on or make changes to this bug.