Potentially insecure sharing of event loops between differing schemes #20887
Labels
A-constellation
Involves the constellation
Comments
gterzian
changed the title
gterzian
changed the title
6 tasks
|
@asajeffrey You probably have thoughts on this. |
|
Yes, there is possibly more sharing than necessary here, if we want to isolate http://example.com/ from https://example.com/. This makes a difference once we're using process isolation to protect against Spectre. There's a question about whether the security gain of protecting https from http is worth the overhead. I was planning on thinking about this when we're doing process isolation. |
|
Ok, thanks for the info, I will not try to change this for now... |
bors-servo
pushed a commit
that referenced
this issue
Jun 6, 2018
[WIP] Implement Window.open and related infrastructure <!-- Please describe your changes on the following line: --> Implement https://html.spec.whatwg.org/multipage/window-object.html#window-open-steps and related infra... --- <!-- Thank you for contributing to Servo! Please replace each `[ ]` by `[X]` when the step is complete, and replace `__` with appropriate data: --> - [ ] `./mach build -d` does not report any errors - [ ] `./mach build-geckolib` does not report any errors - [ ] `./mach test-tidy` does not report any errors - [ ] These changes fix #20673 fix #13241 fix #20887 fix #20713 (github issue number if applicable). <!-- Either: --> - [ ] There are tests for these changes OR - [ ] These changes do not require tests because _____ <!-- Also, please make sure that "Allow edits from maintainers" checkbox is checked, so that we can help you if you get stuck somewhere along the way.--> <!-- Pull requests that do not address these steps are welcome, but they will require additional verification as part of the review process. --> <!-- Reviewable:start --> --- This change is [<img src="https://reviewable.io/review_button.svg" height="34" align="absmiddle" alt="Reviewable"/>](https://reviewable.io/reviews/servo/servo/20678) <!-- Reviewable:end -->
bors-servo
pushed a commit
that referenced
this issue
Jun 6, 2018
[WIP] Implement Window.open and related infrastructure <!-- Please describe your changes on the following line: --> Implement https://html.spec.whatwg.org/multipage/window-object.html#window-open-steps and related infra... --- <!-- Thank you for contributing to Servo! Please replace each `[ ]` by `[X]` when the step is complete, and replace `__` with appropriate data: --> - [ ] `./mach build -d` does not report any errors - [ ] `./mach build-geckolib` does not report any errors - [ ] `./mach test-tidy` does not report any errors - [ ] These changes fix #20673 fix #13241 fix #20887 fix #20713 (github issue number if applicable). <!-- Either: --> - [ ] There are tests for these changes OR - [ ] These changes do not require tests because _____ <!-- Also, please make sure that "Allow edits from maintainers" checkbox is checked, so that we can help you if you get stuck somewhere along the way.--> <!-- Pull requests that do not address these steps are welcome, but they will require additional verification as part of the review process. --> <!-- Reviewable:start --> --- This change is [<img src="https://reviewable.io/review_button.svg" height="34" align="absmiddle" alt="Reviewable"/>](https://reviewable.io/reviews/servo/servo/20678) <!-- Reviewable:end -->
bors-servo
pushed a commit
that referenced
this issue
Jun 6, 2018
[WIP] Implement Window.open and related infrastructure <!-- Please describe your changes on the following line: --> Implement https://html.spec.whatwg.org/multipage/window-object.html#window-open-steps and related infra... --- <!-- Thank you for contributing to Servo! Please replace each `[ ]` by `[X]` when the step is complete, and replace `__` with appropriate data: --> - [ ] `./mach build -d` does not report any errors - [ ] `./mach build-geckolib` does not report any errors - [ ] `./mach test-tidy` does not report any errors - [ ] These changes fix #20673 fix #13241 fix #20887 fix #20713 (github issue number if applicable). <!-- Either: --> - [ ] There are tests for these changes OR - [ ] These changes do not require tests because _____ <!-- Also, please make sure that "Allow edits from maintainers" checkbox is checked, so that we can help you if you get stuck somewhere along the way.--> <!-- Pull requests that do not address these steps are welcome, but they will require additional verification as part of the review process. --> <!-- Reviewable:start --> --- This change is [<img src="https://reviewable.io/review_button.svg" height="34" align="absmiddle" alt="Reviewable"/>](https://reviewable.io/reviews/servo/servo/20678) <!-- Reviewable:end -->
bors-servo
pushed a commit
that referenced
this issue
Jun 7, 2018
[WIP] Implement Window.open and related infrastructure <!-- Please describe your changes on the following line: --> Implement https://html.spec.whatwg.org/multipage/window-object.html#window-open-steps and related infra... --- <!-- Thank you for contributing to Servo! Please replace each `[ ]` by `[X]` when the step is complete, and replace `__` with appropriate data: --> - [ ] `./mach build -d` does not report any errors - [ ] `./mach build-geckolib` does not report any errors - [ ] `./mach test-tidy` does not report any errors - [ ] These changes fix #20673 fix #13241 fix #20887 fix #20713 (github issue number if applicable). <!-- Either: --> - [ ] There are tests for these changes OR - [ ] These changes do not require tests because _____ <!-- Also, please make sure that "Allow edits from maintainers" checkbox is checked, so that we can help you if you get stuck somewhere along the way.--> <!-- Pull requests that do not address these steps are welcome, but they will require additional verification as part of the review process. --> <!-- Reviewable:start --> --- This change is [<img src="https://reviewable.io/review_button.svg" height="34" align="absmiddle" alt="Reviewable"/>](https://reviewable.io/reviews/servo/servo/20678) <!-- Reviewable:end -->
bors-servo
pushed a commit
that referenced
this issue
Jul 19, 2018
Implement Window.open and related infrastructure <!-- Please describe your changes on the following line: --> Implement https://html.spec.whatwg.org/multipage/window-object.html#window-open-steps and related infra... --- <!-- Thank you for contributing to Servo! Please replace each `[ ]` by `[X]` when the step is complete, and replace `__` with appropriate data: --> - [ ] `./mach build -d` does not report any errors - [ ] `./mach build-geckolib` does not report any errors - [ ] `./mach test-tidy` does not report any errors - [ ] These changes fix #20673 fix #13241 fix #20887 fix #20713 (github issue number if applicable). <!-- Either: --> - [ ] There are tests for these changes OR - [ ] These changes do not require tests because _____ <!-- Also, please make sure that "Allow edits from maintainers" checkbox is checked, so that we can help you if you get stuck somewhere along the way.--> <!-- Pull requests that do not address these steps are welcome, but they will require additional verification as part of the review process. --> <!-- Reviewable:start --> --- This change is [<img src="https://reviewable.io/review_button.svg" height="34" align="absmiddle" alt="Reviewable"/>](https://reviewable.io/reviews/servo/servo/20678) <!-- Reviewable:end -->
bors-servo
pushed a commit
that referenced
this issue
Aug 10, 2018
Implement Window.open and related infrastructure <!-- Please describe your changes on the following line: --> Implement https://html.spec.whatwg.org/multipage/window-object.html#window-open-steps and related infra... --- <!-- Thank you for contributing to Servo! Please replace each `[ ]` by `[X]` when the step is complete, and replace `__` with appropriate data: --> - [ ] `./mach build -d` does not report any errors - [ ] `./mach build-geckolib` does not report any errors - [ ] `./mach test-tidy` does not report any errors - [ ] These changes fix #20673 fix #13241 fix #20887 fix #20713 (github issue number if applicable). <!-- Either: --> - [ ] There are tests for these changes OR - [ ] These changes do not require tests because _____ <!-- Also, please make sure that "Allow edits from maintainers" checkbox is checked, so that we can help you if you get stuck somewhere along the way.--> <!-- Pull requests that do not address these steps are welcome, but they will require additional verification as part of the review process. --> <!-- Reviewable:start --> --- This change is [<img src="https://reviewable.io/review_button.svg" height="34" align="absmiddle" alt="Reviewable"/>](https://reviewable.io/reviews/servo/servo/20678) <!-- Reviewable:end -->
bors-servo
pushed a commit
that referenced
this issue
Aug 10, 2018
Implement Window.open and related infrastructure <!-- Please describe your changes on the following line: --> Implement https://html.spec.whatwg.org/multipage/window-object.html#window-open-steps and related infra... --- <!-- Thank you for contributing to Servo! Please replace each `[ ]` by `[X]` when the step is complete, and replace `__` with appropriate data: --> - [ ] `./mach build -d` does not report any errors - [ ] `./mach build-geckolib` does not report any errors - [ ] `./mach test-tidy` does not report any errors - [ ] These changes fix #20673 fix #13241 fix #20887 fix #20713 (github issue number if applicable). <!-- Either: --> - [ ] There are tests for these changes OR - [ ] These changes do not require tests because _____ <!-- Also, please make sure that "Allow edits from maintainers" checkbox is checked, so that we can help you if you get stuck somewhere along the way.--> <!-- Pull requests that do not address these steps are welcome, but they will require additional verification as part of the review process. --> <!-- Reviewable:start --> --- This change is [<img src="https://reviewable.io/review_button.svg" height="34" align="absmiddle" alt="Reviewable"/>](https://reviewable.io/reviews/servo/servo/20678) <!-- Reviewable:end -->
bors-servo
pushed a commit
that referenced
this issue
Aug 10, 2018
Implement Window.open and related infrastructure <!-- Please describe your changes on the following line: --> Implement https://html.spec.whatwg.org/multipage/window-object.html#window-open-steps and related infra... --- <!-- Thank you for contributing to Servo! Please replace each `[ ]` by `[X]` when the step is complete, and replace `__` with appropriate data: --> - [ ] `./mach build -d` does not report any errors - [ ] `./mach build-geckolib` does not report any errors - [ ] `./mach test-tidy` does not report any errors - [ ] These changes fix #20673 fix #13241 fix #20887 fix #20713 (github issue number if applicable). <!-- Either: --> - [ ] There are tests for these changes OR - [ ] These changes do not require tests because _____ <!-- Also, please make sure that "Allow edits from maintainers" checkbox is checked, so that we can help you if you get stuck somewhere along the way.--> <!-- Pull requests that do not address these steps are welcome, but they will require additional verification as part of the review process. --> <!-- Reviewable:start --> --- This change is [<img src="https://reviewable.io/review_button.svg" height="34" align="absmiddle" alt="Reviewable"/>](https://reviewable.io/reviews/servo/servo/20678) <!-- Reviewable:end -->
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
In the context of #same-origin-domain and how this relate to the browsing context forming a #unit-of-related-similar-origin-browsing-contexts and being able to share an event loop:
I think our current implementation of
Constellation.event_loopsmight be potentially insecure.The spec mentions
[a browsing context that] has an active document with an origin that, through appropriate manipulation of the document.domain attribute, could be made to be same origin-domain with other members of the group[of directly reachable browsing contexts].I'm reading this as basically implying that not only the host should be equal, but also the scheme.
So perhaps the current
HashMap<Host, Weak<EventLoop>>should use a new kind of key and look more likeHashMap<SchemeHost, Weak<EventLoop>>whereSchemeHostwould be a new struct looking something like:This is perhaps something that only comes into play with auxiliary browsing contexts, and I'm probably going to end up addressing this as part of #20678, yet I thought it was worthwhile discussing it separately...
The text was updated successfully, but these errors were encountered: