Security/Contextual Identity Project/Tracking
Origin Attributes - all P1s for Nightly 49
To implement containers for the Contextual Identity, we are adding a new Origin Attribute called "usercontext". However security checks in gecko sometimes use the URL or other properties instead of a proper Origin check. So the first step then is to fix up all the places in Gecko where we should be using an Origin. These bugs are tagged with a whiteboard tag of [oa* (i.e. [oa], [oa-testing] etc).
Active Bugs
Bugs which are assigned and being worked on.
No results.
0 Total; 0 Open (0%); 0 Resolved (0%); 0 Verified (0%);
Assigned, but not started
These bugs have an owner, but their status is 'NEW' indicating that they are not being worked on yet.
ID | Whiteboard | Summary | Status | Assigned to | Priority |
---|---|---|---|---|---|
1273058 | [userContextId][OA] | mContentViewer should be null when setting origin attributes on docshell | NEW | Andrea Marchesini [:baku] | P3 |
1 Total; 1 Open (100%); 0 Resolved (0%); 0 Verified (0%);
Backlog (all unowned)
Bugs looking for an owner.
ID | Whiteboard | Summary | Status | Assigned to | Priority |
---|---|---|---|---|---|
1283320 | [userContextId][domsecurity-backlog2][OA] | Make History aware of userContextId | NEW | P3 | |
1284985 | [userContextId][domsecurity-backlog3][OA] | cookies being loaded from about:newtab should use a privatebrowsing mode value >1 in the OriginAttributes instead of a temp userContextId | NEW | P3 | |
1300706 | [OA][domsecurity-backlog1] | firstPartyDomain shouldn't be propagated to mozbrowser frame | NEW | P3 | |
1319184 | [OA] | remove the IsInPrivateBrowsing boolean from the GetFavicon related code in DocShell | NEW | P3 | |
1321646 | [OA] | Figure out why the nsDocShell::CopyFavicon assert fails and fix it | NEW | P3 | |
1329572 | [OA][domsecurity-backlog3] | Consider making origin attributes become a XPCOM object | NEW | P3 |
6 Total; 6 Open (100%); 0 Resolved (0%); 0 Verified (0%);
Testing Bugs
Origin Testing bugs are tagged with [oa-testing]
ID | Whiteboard | Summary | Status | Assigned to | Priority |
---|---|---|---|---|---|
1257456 | [OA-testing] | tests for restore into existing tab with correct userContextId | NEW | P3 | |
1264152 | btpp-active[OA-testing][tor-testing][domsecurity-backlog1] | Create a tag for OriginAttribute mochitests | NEW | P3 | |
1271873 | [OA-testing][domsecurity-backlog2] | Add a test case to ensure that Sandbox handles userContextId correctly | NEW | P3 | |
1314449 | [necko-would-take][tor-testing][meta] | Create testing framework for proxy-bypass tests for Firefox | NEW | P5 | |
1314793 | [tor-mobile][tor-testing] | Creating Testing Framework for Proxy Bypasses for Firefox Android | REOPENED | P5 | |
1337868 | [OA-testing][tor-testing][domsecurity-backlog1] | Add Origin Attribute connection isolation tests for HTTP2, TLS, and WebSockets | NEW | P3 | |
1365623 | [necko-would-take][tor-testing] | Create a proxy bypass test for SourceMap | NEW | P5 |
7 Total; 7 Open (100%); 0 Resolved (0%); 0 Verified (0%);
https://bugzilla.mozilla.org/buglist.cgi?query_based_on=usercontextid%20and%20oa&status_whiteboard_type=anywordssubstr&query_format=advanced&status_whiteboard=[TOR%2C[oa-testing&known_name=usercontextid%20and%20oa
Containers Specific Bugs
All bugs for the Contextual Identity projects which are NOT part of origin attributes fix-ups. These bugs are tagged in the whiteboard with [userContextId].
Active Containers Bugs
Bugs which are assigned and being worked on.
ID | Whiteboard | Summary | Status | Assigned to | Priority |
---|---|---|---|---|---|
1331595 | [userContextId] | The new tab button's container menu should allow middle/accel-click to create new related tabs with the desired container | ASSIGNED | Kestrel | P3 |
1 Total; 1 Open (100%); 0 Resolved (0%); 0 Verified (0%);
Assigned, but not started, container bugs
These bugs have an owner, but their status is 'NEW' indicating that they are not being worked on yet.
ID | Whiteboard | Summary | Status | Assigned to | Priority |
---|---|---|---|---|---|
1320378 | [userContextId][domsecurity-backlog] | warning users when removing containers that aren't currently being used | NEW | Danny Colin [:sdk] | P3 |
1 Total; 1 Open (100%); 0 Resolved (0%); 0 Verified (0%);
Backlog (all unowned) container bugs
Bugs looking for an owner.
50 Total; 50 Open (100%); 0 Resolved (0%); 0 Verified (0%);