-
-
Notifications
You must be signed in to change notification settings - Fork 3k
-
-
Notifications
You must be signed in to change notification settings - Fork 3k
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Potentially insecure sharing of event loops between differing schemes #20887
Comments
@asajeffrey You probably have thoughts on this. |
Yes, there is possibly more sharing than necessary here, if we want to isolate http://example.com/ from https://example.com/. This makes a difference once we're using process isolation to protect against Spectre. There's a question about whether the security gain of protecting https from http is worth the overhead. I was planning on thinking about this when we're doing process isolation. |
Ok, thanks for the info, I will not try to change this for now... |
[WIP] Implement Window.open and related infrastructure <!-- Please describe your changes on the following line: --> Implement https://html.spec.whatwg.org/multipage/window-object.html#window-open-steps and related infra... --- <!-- Thank you for contributing to Servo! Please replace each `[ ]` by `[X]` when the step is complete, and replace `__` with appropriate data: --> - [ ] `./mach build -d` does not report any errors - [ ] `./mach build-geckolib` does not report any errors - [ ] `./mach test-tidy` does not report any errors - [ ] These changes fix #20673 fix #13241 fix #20887 fix #20713 (github issue number if applicable). <!-- Either: --> - [ ] There are tests for these changes OR - [ ] These changes do not require tests because _____ <!-- Also, please make sure that "Allow edits from maintainers" checkbox is checked, so that we can help you if you get stuck somewhere along the way.--> <!-- Pull requests that do not address these steps are welcome, but they will require additional verification as part of the review process. --> <!-- Reviewable:start --> --- This change is [<img src="https://reviewable.io/review_button.svg" height="34" align="absmiddle" alt="Reviewable"/>](https://reviewable.io/reviews/servo/servo/20678) <!-- Reviewable:end -->
[WIP] Implement Window.open and related infrastructure <!-- Please describe your changes on the following line: --> Implement https://html.spec.whatwg.org/multipage/window-object.html#window-open-steps and related infra... --- <!-- Thank you for contributing to Servo! Please replace each `[ ]` by `[X]` when the step is complete, and replace `__` with appropriate data: --> - [ ] `./mach build -d` does not report any errors - [ ] `./mach build-geckolib` does not report any errors - [ ] `./mach test-tidy` does not report any errors - [ ] These changes fix #20673 fix #13241 fix #20887 fix #20713 (github issue number if applicable). <!-- Either: --> - [ ] There are tests for these changes OR - [ ] These changes do not require tests because _____ <!-- Also, please make sure that "Allow edits from maintainers" checkbox is checked, so that we can help you if you get stuck somewhere along the way.--> <!-- Pull requests that do not address these steps are welcome, but they will require additional verification as part of the review process. --> <!-- Reviewable:start --> --- This change is [<img src="https://reviewable.io/review_button.svg" height="34" align="absmiddle" alt="Reviewable"/>](https://reviewable.io/reviews/servo/servo/20678) <!-- Reviewable:end -->
[WIP] Implement Window.open and related infrastructure <!-- Please describe your changes on the following line: --> Implement https://html.spec.whatwg.org/multipage/window-object.html#window-open-steps and related infra... --- <!-- Thank you for contributing to Servo! Please replace each `[ ]` by `[X]` when the step is complete, and replace `__` with appropriate data: --> - [ ] `./mach build -d` does not report any errors - [ ] `./mach build-geckolib` does not report any errors - [ ] `./mach test-tidy` does not report any errors - [ ] These changes fix #20673 fix #13241 fix #20887 fix #20713 (github issue number if applicable). <!-- Either: --> - [ ] There are tests for these changes OR - [ ] These changes do not require tests because _____ <!-- Also, please make sure that "Allow edits from maintainers" checkbox is checked, so that we can help you if you get stuck somewhere along the way.--> <!-- Pull requests that do not address these steps are welcome, but they will require additional verification as part of the review process. --> <!-- Reviewable:start --> --- This change is [<img src="https://reviewable.io/review_button.svg" height="34" align="absmiddle" alt="Reviewable"/>](https://reviewable.io/reviews/servo/servo/20678) <!-- Reviewable:end -->
[WIP] Implement Window.open and related infrastructure <!-- Please describe your changes on the following line: --> Implement https://html.spec.whatwg.org/multipage/window-object.html#window-open-steps and related infra... --- <!-- Thank you for contributing to Servo! Please replace each `[ ]` by `[X]` when the step is complete, and replace `__` with appropriate data: --> - [ ] `./mach build -d` does not report any errors - [ ] `./mach build-geckolib` does not report any errors - [ ] `./mach test-tidy` does not report any errors - [ ] These changes fix #20673 fix #13241 fix #20887 fix #20713 (github issue number if applicable). <!-- Either: --> - [ ] There are tests for these changes OR - [ ] These changes do not require tests because _____ <!-- Also, please make sure that "Allow edits from maintainers" checkbox is checked, so that we can help you if you get stuck somewhere along the way.--> <!-- Pull requests that do not address these steps are welcome, but they will require additional verification as part of the review process. --> <!-- Reviewable:start --> --- This change is [<img src="https://reviewable.io/review_button.svg" height="34" align="absmiddle" alt="Reviewable"/>](https://reviewable.io/reviews/servo/servo/20678) <!-- Reviewable:end -->
Implement Window.open and related infrastructure <!-- Please describe your changes on the following line: --> Implement https://html.spec.whatwg.org/multipage/window-object.html#window-open-steps and related infra... --- <!-- Thank you for contributing to Servo! Please replace each `[ ]` by `[X]` when the step is complete, and replace `__` with appropriate data: --> - [ ] `./mach build -d` does not report any errors - [ ] `./mach build-geckolib` does not report any errors - [ ] `./mach test-tidy` does not report any errors - [ ] These changes fix #20673 fix #13241 fix #20887 fix #20713 (github issue number if applicable). <!-- Either: --> - [ ] There are tests for these changes OR - [ ] These changes do not require tests because _____ <!-- Also, please make sure that "Allow edits from maintainers" checkbox is checked, so that we can help you if you get stuck somewhere along the way.--> <!-- Pull requests that do not address these steps are welcome, but they will require additional verification as part of the review process. --> <!-- Reviewable:start --> --- This change is [<img src="https://reviewable.io/review_button.svg" height="34" align="absmiddle" alt="Reviewable"/>](https://reviewable.io/reviews/servo/servo/20678) <!-- Reviewable:end -->
Implement Window.open and related infrastructure <!-- Please describe your changes on the following line: --> Implement https://html.spec.whatwg.org/multipage/window-object.html#window-open-steps and related infra... --- <!-- Thank you for contributing to Servo! Please replace each `[ ]` by `[X]` when the step is complete, and replace `__` with appropriate data: --> - [ ] `./mach build -d` does not report any errors - [ ] `./mach build-geckolib` does not report any errors - [ ] `./mach test-tidy` does not report any errors - [ ] These changes fix #20673 fix #13241 fix #20887 fix #20713 (github issue number if applicable). <!-- Either: --> - [ ] There are tests for these changes OR - [ ] These changes do not require tests because _____ <!-- Also, please make sure that "Allow edits from maintainers" checkbox is checked, so that we can help you if you get stuck somewhere along the way.--> <!-- Pull requests that do not address these steps are welcome, but they will require additional verification as part of the review process. --> <!-- Reviewable:start --> --- This change is [<img src="https://reviewable.io/review_button.svg" height="34" align="absmiddle" alt="Reviewable"/>](https://reviewable.io/reviews/servo/servo/20678) <!-- Reviewable:end -->
Implement Window.open and related infrastructure <!-- Please describe your changes on the following line: --> Implement https://html.spec.whatwg.org/multipage/window-object.html#window-open-steps and related infra... --- <!-- Thank you for contributing to Servo! Please replace each `[ ]` by `[X]` when the step is complete, and replace `__` with appropriate data: --> - [ ] `./mach build -d` does not report any errors - [ ] `./mach build-geckolib` does not report any errors - [ ] `./mach test-tidy` does not report any errors - [ ] These changes fix #20673 fix #13241 fix #20887 fix #20713 (github issue number if applicable). <!-- Either: --> - [ ] There are tests for these changes OR - [ ] These changes do not require tests because _____ <!-- Also, please make sure that "Allow edits from maintainers" checkbox is checked, so that we can help you if you get stuck somewhere along the way.--> <!-- Pull requests that do not address these steps are welcome, but they will require additional verification as part of the review process. --> <!-- Reviewable:start --> --- This change is [<img src="https://reviewable.io/review_button.svg" height="34" align="absmiddle" alt="Reviewable"/>](https://reviewable.io/reviews/servo/servo/20678) <!-- Reviewable:end -->
Implement Window.open and related infrastructure <!-- Please describe your changes on the following line: --> Implement https://html.spec.whatwg.org/multipage/window-object.html#window-open-steps and related infra... --- <!-- Thank you for contributing to Servo! Please replace each `[ ]` by `[X]` when the step is complete, and replace `__` with appropriate data: --> - [ ] `./mach build -d` does not report any errors - [ ] `./mach build-geckolib` does not report any errors - [ ] `./mach test-tidy` does not report any errors - [ ] These changes fix #20673 fix #13241 fix #20887 fix #20713 (github issue number if applicable). <!-- Either: --> - [ ] There are tests for these changes OR - [ ] These changes do not require tests because _____ <!-- Also, please make sure that "Allow edits from maintainers" checkbox is checked, so that we can help you if you get stuck somewhere along the way.--> <!-- Pull requests that do not address these steps are welcome, but they will require additional verification as part of the review process. --> <!-- Reviewable:start --> --- This change is [<img src="https://reviewable.io/review_button.svg" height="34" align="absmiddle" alt="Reviewable"/>](https://reviewable.io/reviews/servo/servo/20678) <!-- Reviewable:end -->
In the context of #same-origin-domain and how this relate to the browsing context forming a #unit-of-related-similar-origin-browsing-contexts and being able to share an event loop:
I think our current implementation of
Constellation.event_loops
might be potentially insecure.The spec mentions
[a browsing context that] has an active document with an origin that, through appropriate manipulation of the document.domain attribute, could be made to be same origin-domain with other members of the group[of directly reachable browsing contexts]
.I'm reading this as basically implying that not only the host should be equal, but also the scheme.
So perhaps the current
HashMap<Host, Weak<EventLoop>>
should use a new kind of key and look more likeHashMap<SchemeHost, Weak<EventLoop>>
whereSchemeHost
would be a new struct looking something like:This is perhaps something that only comes into play with auxiliary browsing contexts, and I'm probably going to end up addressing this as part of #20678, yet I thought it was worthwhile discussing it separately...
The text was updated successfully, but these errors were encountered: