Skip to content

/ servo

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Potentially insecure sharing of event loops between differing schemes #20887

Closed
gterzian opened this issue May 31, 2018 · 3 comments
Closed

Potentially insecure sharing of event loops between differing schemes #20887

gterzian opened this issue May 31, 2018 · 3 comments
Labels
A-constellation

Comments

@gterzian
Copy link
Member

@gterzian gterzian commented May 31, 2018
edited

In the context of #same-origin-domain and how this relate to the browsing context forming a #unit-of-related-similar-origin-browsing-contexts and being able to share an event loop:

I think our current implementation of Constellation.event_loops might be potentially insecure.

The spec mentions [a browsing context that] has an active document with an origin that, through appropriate manipulation of the document.domain attribute, could be made to be same origin-domain with other members of the group[of directly reachable browsing contexts].

I'm reading this as basically implying that not only the host should be equal, but also the scheme.

So perhaps the current HashMap<Host, Weak<EventLoop>> should use a new kind of key and look more like HashMap<SchemeHost, Weak<EventLoop>> where SchemeHost would be a new struct looking something like:

struct SchemeHost {
    scheme: str
    host: str
}

This is perhaps something that only comes into play with auxiliary browsing contexts, and I'm probably going to end up addressing this as part of #20678, yet I thought it was worthwhile discussing it separately...
@gterzian gterzian changed the title Potentially insecure sharing of Event loops Potentially insecure sharing of Event loops between different schemes May 31, 2018
@gterzian gterzian changed the title Potentially insecure sharing of Event loops between different schemes Potentially insecure sharing of event loops between differing schemes May 31, 2018
@gterzian gterzian mentioned this issue May 31, 2018
Merged
0 of 6 tasks complete
@jdm
Copy link
Member

@jdm jdm commented May 31, 2018

@asajeffrey You probably have thoughts on this.
@jdm jdm added the A-constellation label May 31, 2018
@asajeffrey
Copy link
Member

@asajeffrey asajeffrey commented Jun 1, 2018

Yes, there is possibly more sharing than necessary here, if we want to isolate http://example.com/ from https://example.com/. This makes a difference once we're using process isolation to protect against Spectre. There's a question about whether the security gain of protecting https from http is worth the overhead. I was planning on thinking about this when we're doing process isolation.
@gterzian
Copy link
Member Author

@gterzian gterzian commented Jun 1, 2018

Ok, thanks for the info, I will not try to change this for now...
bors-servo added a commit that referenced this issue Jun 6, 2018
@bors-servo
Auto merge of #20678 - gterzian:improve_follow_hyperlinks, r=<try>
Verified
This commit was created on GitHub.com and signed with a verified signature using GitHub’s key.
GPG key ID: 4AEE18F83AFDEB23 Learn about signing commits
Loading status checks…
412148e 
[WIP] Implement Window.open and related infrastructure

<!-- Please describe your changes on the following line: -->

Implement https://html.spec.whatwg.org/multipage/window-object.html#window-open-steps and related infra...

---
<!-- Thank you for contributing to Servo! Please replace each `[ ]` by `[X]` when the step is complete, and replace `__` with appropriate data: -->
- [ ] `./mach build -d` does not report any errors
- [ ] `./mach build-geckolib` does not report any errors
- [ ] `./mach test-tidy` does not report any errors
- [ ] These changes fix  #20673 fix #13241 fix #20887 fix #20713 (github issue number if applicable).

<!-- Either: -->
- [ ] There are tests for these changes OR
- [ ] These changes do not require tests because _____

<!-- Also, please make sure that "Allow edits from maintainers" checkbox is checked, so that we can help you if you get stuck somewhere along the way.-->

<!-- Pull requests that do not address these steps are welcome, but they will require additional verification as part of the review process. -->

<!-- Reviewable:start -->
---
This change is [<img src="https://reviewable.io/review_button.svg" height="34" align="absmiddle" alt="Reviewable"/>](https://reviewable.io/reviews/servo/servo/20678)
<!-- Reviewable:end -->
bors-servo added a commit that referenced this issue Jun 6, 2018
@bors-servo
Auto merge of #20678 - gterzian:improve_follow_hyperlinks, r=<try>
Verified
This commit was created on GitHub.com and signed with a verified signature using GitHub’s key.
GPG key ID: 4AEE18F83AFDEB23 Learn about signing commits
Loading status checks…
ccaedd6 
[WIP] Implement Window.open and related infrastructure

<!-- Please describe your changes on the following line: -->

Implement https://html.spec.whatwg.org/multipage/window-object.html#window-open-steps and related infra...

---
<!-- Thank you for contributing to Servo! Please replace each `[ ]` by `[X]` when the step is complete, and replace `__` with appropriate data: -->
- [ ] `./mach build -d` does not report any errors
- [ ] `./mach build-geckolib` does not report any errors
- [ ] `./mach test-tidy` does not report any errors
- [ ] These changes fix  #20673 fix #13241 fix #20887 fix #20713 (github issue number if applicable).

<!-- Either: -->
- [ ] There are tests for these changes OR
- [ ] These changes do not require tests because _____

<!-- Also, please make sure that "Allow edits from maintainers" checkbox is checked, so that we can help you if you get stuck somewhere along the way.-->

<!-- Pull requests that do not address these steps are welcome, but they will require additional verification as part of the review process. -->

<!-- Reviewable:start -->
---
This change is [<img src="https://reviewable.io/review_button.svg" height="34" align="absmiddle" alt="Reviewable"/>](https://reviewable.io/reviews/servo/servo/20678)
<!-- Reviewable:end -->
bors-servo added a commit that referenced this issue Jun 6, 2018
@bors-servo
Auto merge of #20678 - gterzian:improve_follow_hyperlinks, r=<try>
Verified
This commit was created on GitHub.com and signed with a verified signature using GitHub’s key.
GPG key ID: 4AEE18F83AFDEB23 Learn about signing commits
Loading status checks…
31779c0 
[WIP] Implement Window.open and related infrastructure

<!-- Please describe your changes on the following line: -->

Implement https://html.spec.whatwg.org/multipage/window-object.html#window-open-steps and related infra...

---
<!-- Thank you for contributing to Servo! Please replace each `[ ]` by `[X]` when the step is complete, and replace `__` with appropriate data: -->
- [ ] `./mach build -d` does not report any errors
- [ ] `./mach build-geckolib` does not report any errors
- [ ] `./mach test-tidy` does not report any errors
- [ ] These changes fix  #20673 fix #13241 fix #20887 fix #20713 (github issue number if applicable).

<!-- Either: -->
- [ ] There are tests for these changes OR
- [ ] These changes do not require tests because _____

<!-- Also, please make sure that "Allow edits from maintainers" checkbox is checked, so that we can help you if you get stuck somewhere along the way.-->

<!-- Pull requests that do not address these steps are welcome, but they will require additional verification as part of the review process. -->

<!-- Reviewable:start -->
---
This change is [<img src="https://reviewable.io/review_button.svg" height="34" align="absmiddle" alt="Reviewable"/>](https://reviewable.io/reviews/servo/servo/20678)
<!-- Reviewable:end -->
bors-servo added a commit that referenced this issue Jun 7, 2018
@bors-servo
Auto merge of #20678 - gterzian:improve_follow_hyperlinks, r=<try>
Verified
This commit was created on GitHub.com and signed with a verified signature using GitHub’s key.
GPG key ID: 4AEE18F83AFDEB23 Learn about signing commits
Loading status checks…
c3c9490 
[WIP] Implement Window.open and related infrastructure

<!-- Please describe your changes on the following line: -->

Implement https://html.spec.whatwg.org/multipage/window-object.html#window-open-steps and related infra...

---
<!-- Thank you for contributing to Servo! Please replace each `[ ]` by `[X]` when the step is complete, and replace `__` with appropriate data: -->
- [ ] `./mach build -d` does not report any errors
- [ ] `./mach build-geckolib` does not report any errors
- [ ] `./mach test-tidy` does not report any errors
- [ ] These changes fix  #20673 fix #13241 fix #20887 fix #20713 (github issue number if applicable).

<!-- Either: -->
- [ ] There are tests for these changes OR
- [ ] These changes do not require tests because _____

<!-- Also, please make sure that "Allow edits from maintainers" checkbox is checked, so that we can help you if you get stuck somewhere along the way.-->

<!-- Pull requests that do not address these steps are welcome, but they will require additional verification as part of the review process. -->

<!-- Reviewable:start -->
---
This change is [<img src="https://reviewable.io/review_button.svg" height="34" align="absmiddle" alt="Reviewable"/>](https://reviewable.io/reviews/servo/servo/20678)
<!-- Reviewable:end -->
bors-servo added a commit that referenced this issue Jul 19, 2018
@bors-servo
Auto merge of #20678 - gterzian:improve_follow_hyperlinks, r=<try>
Verified
This commit was created on GitHub.com and signed with a verified signature using GitHub’s key.
GPG key ID: 4AEE18F83AFDEB23 Learn about signing commits
Loading status checks…
6730bf6 
Implement Window.open and related infrastructure

<!-- Please describe your changes on the following line: -->

Implement https://html.spec.whatwg.org/multipage/window-object.html#window-open-steps and related infra...

---
<!-- Thank you for contributing to Servo! Please replace each `[ ]` by `[X]` when the step is complete, and replace `__` with appropriate data: -->
- [ ] `./mach build -d` does not report any errors
- [ ] `./mach build-geckolib` does not report any errors
- [ ] `./mach test-tidy` does not report any errors
- [ ] These changes fix  #20673 fix #13241 fix #20887 fix #20713 (github issue number if applicable).

<!-- Either: -->
- [ ] There are tests for these changes OR
- [ ] These changes do not require tests because _____

<!-- Also, please make sure that "Allow edits from maintainers" checkbox is checked, so that we can help you if you get stuck somewhere along the way.-->

<!-- Pull requests that do not address these steps are welcome, but they will require additional verification as part of the review process. -->

<!-- Reviewable:start -->
---
This change is [<img src="https://reviewable.io/review_button.svg" height="34" align="absmiddle" alt="Reviewable"/>](https://reviewable.io/reviews/servo/servo/20678)
<!-- Reviewable:end -->
bors-servo added a commit that referenced this issue Aug 10, 2018
@bors-servo
Auto merge of #20678 - gterzian:improve_follow_hyperlinks, r=nox,jdm
Verified
This commit was created on GitHub.com and signed with a verified signature using GitHub’s key.
GPG key ID: 4AEE18F83AFDEB23 Learn about signing commits
Loading status checks…
2c09e0d 
Implement Window.open and related infrastructure

<!-- Please describe your changes on the following line: -->

Implement https://html.spec.whatwg.org/multipage/window-object.html#window-open-steps and related infra...

---
<!-- Thank you for contributing to Servo! Please replace each `[ ]` by `[X]` when the step is complete, and replace `__` with appropriate data: -->
- [ ] `./mach build -d` does not report any errors
- [ ] `./mach build-geckolib` does not report any errors
- [ ] `./mach test-tidy` does not report any errors
- [ ] These changes fix  #20673 fix #13241 fix #20887 fix #20713 (github issue number if applicable).

<!-- Either: -->
- [ ] There are tests for these changes OR
- [ ] These changes do not require tests because _____

<!-- Also, please make sure that "Allow edits from maintainers" checkbox is checked, so that we can help you if you get stuck somewhere along the way.-->

<!-- Pull requests that do not address these steps are welcome, but they will require additional verification as part of the review process. -->

<!-- Reviewable:start -->
---
This change is [<img src="https://reviewable.io/review_button.svg" height="34" align="absmiddle" alt="Reviewable"/>](https://reviewable.io/reviews/servo/servo/20678)
<!-- Reviewable:end -->
bors-servo added a commit that referenced this issue Aug 10, 2018
@bors-servo
Auto merge of #20678 - gterzian:improve_follow_hyperlinks, r=jdm
Verified
This commit was created on GitHub.com and signed with a verified signature using GitHub’s key.
GPG key ID: 4AEE18F83AFDEB23 Learn about signing commits
Loading status checks…
7d04e61 
Implement Window.open and related infrastructure

<!-- Please describe your changes on the following line: -->

Implement https://html.spec.whatwg.org/multipage/window-object.html#window-open-steps and related infra...

---
<!-- Thank you for contributing to Servo! Please replace each `[ ]` by `[X]` when the step is complete, and replace `__` with appropriate data: -->
- [ ] `./mach build -d` does not report any errors
- [ ] `./mach build-geckolib` does not report any errors
- [ ] `./mach test-tidy` does not report any errors
- [ ] These changes fix  #20673 fix #13241 fix #20887 fix #20713 (github issue number if applicable).

<!-- Either: -->
- [ ] There are tests for these changes OR
- [ ] These changes do not require tests because _____

<!-- Also, please make sure that "Allow edits from maintainers" checkbox is checked, so that we can help you if you get stuck somewhere along the way.-->

<!-- Pull requests that do not address these steps are welcome, but they will require additional verification as part of the review process. -->

<!-- Reviewable:start -->
---
This change is [<img src="https://reviewable.io/review_button.svg" height="34" align="absmiddle" alt="Reviewable"/>](https://reviewable.io/reviews/servo/servo/20678)
<!-- Reviewable:end -->
bors-servo added a commit that referenced this issue Aug 10, 2018
@bors-servo
Auto merge of #20678 - gterzian:improve_follow_hyperlinks, r=jdm
Verified
This commit was created on GitHub.com and signed with a verified signature using GitHub’s key.
GPG key ID: 4AEE18F83AFDEB23 Learn about signing commits
Loading status checks…
9c24c16 
Implement Window.open and related infrastructure

<!-- Please describe your changes on the following line: -->

Implement https://html.spec.whatwg.org/multipage/window-object.html#window-open-steps and related infra...

---
<!-- Thank you for contributing to Servo! Please replace each `[ ]` by `[X]` when the step is complete, and replace `__` with appropriate data: -->
- [ ] `./mach build -d` does not report any errors
- [ ] `./mach build-geckolib` does not report any errors
- [ ] `./mach test-tidy` does not report any errors
- [ ] These changes fix  #20673 fix #13241 fix #20887 fix #20713 (github issue number if applicable).

<!-- Either: -->
- [ ] There are tests for these changes OR
- [ ] These changes do not require tests because _____

<!-- Also, please make sure that "Allow edits from maintainers" checkbox is checked, so that we can help you if you get stuck somewhere along the way.-->

<!-- Pull requests that do not address these steps are welcome, but they will require additional verification as part of the review process. -->

<!-- Reviewable:start -->
---
This change is [<img src="https://reviewable.io/review_button.svg" height="34" align="absmiddle" alt="Reviewable"/>](https://reviewable.io/reviews/servo/servo/20678)
<!-- Reviewable:end -->
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
A-constellation
Projects
None yet
Milestone
No milestone
Linked pull requests

Successfully merging a pull request may close this issue.

Implement Window.open and related infrastructure
3 participants
@jdm @asajeffrey @gterzian
You can’t perform that action at this time.