Security/FirstPartyIsolation
From MozillaWiki
< Security
Contents
- 1 First Party Isolation - P1 (Target as Fx53 Aurora - 2017/1/23)
- 2 First Party Isolation - P2 (Target as Fx54 Aurora - 2017/3/6 ESR 52.0)
- 3 First Party Isolation - P3~P5
- 4 First Party Isolation - QA Bugs
- 5 First Party Isolation - Target as Fx53 Nightly
- 6 First Party Isolation - QA Bugs Fixed
- 7 First Party Isolation - FIXED
First Party Isolation - P1 (Target as Fx53 Aurora - 2017/1/23)
No results.
0 Total; 0 Open (0%); 0 Resolved (0%); 0 Verified (0%);
First Party Isolation - P2 (Target as Fx54 Aurora - 2017/3/6 ESR 52.0)
ID | Summary | Assigned to | Depends on | Whiteboard |
---|---|---|---|---|
1676104 | Make WebRequest and GeckoWebExecutor First-Party aware | [tor 40171] [geckoview:2023?] |
1 Total; 1 Open (100%); 0 Resolved (0%); 0 Verified (0%);
First Party Isolation - P3~P5
ID | Summary | Priority | Assigned to | Depends on | Whiteboard |
---|---|---|---|---|---|
1315205 | [META] QA bugs of First Party Isolation | P3 | 1316019, 1319728, 1319761, 1319839, 1336458, 1363952, 1379706, 1459620, 1629062, 1637760, 1662096, 1309800, 1309816, 1313627, 1315907, 1316536, 1317231, 1319756, 1319767, 1319773, 1336439, 1336440, 1336441, 1336442, 1336460, 1336461, 1336462, 1336463, 1336464, 1336465, 1336466, 1384657, 1459518, 1460428, 1475124, 1592260, 1647829, 1656719 | [tor][domsecurity-meta] | |
1321158 | Investigate if window.open() inheriting firstPartyDomain resolves breakage | P5 | [tor][domsecurity-backlog1] | ||
1337868 | Add Origin Attribute connection isolation tests for HTTP2, TLS, and WebSockets | P3 | [OA-testing][tor-testing][domsecurity-backlog1] | ||
1357346 | [META] QA bugs of First Party Isolation on Fennec | P3 | 1319728, 1363952, 1376766, 1376767, 1378150, 1378775, 1378815, 1379140, 1379141, 1319756, 1360142, 1360145, 1376769 | [tor][domsecurity-meta] | |
1371651 | about:cache does not show entries when `privacy.firstparty.isolate` is set to `true` | P3 | [tor 22451][necko-backlog][dfpi-ok] | ||
1398414 | Key :visited per origin (first-party-isolation / partitioning for :visited). | P3 | [tor] | ||
1475811 | Entering URLs in address bar violates FPI | P5 | Pier Angelo Vendrame | [tor 26353][dfpi-ok] | |
1495204 | [pdf.js] Lots of errors "system principal mismatch" with privacy.firstparty.isolate=true | P5 | [tor][pdfjs-network] | ||
1556212 | Per-Domain Cookie Permissions are broken with FPI enabled | P3 | [domsecurity-backlog1] | ||
1583891 | about:debugging should show origin attributes for dFPI and FPI | P3 | Fatih Kilic | [dfpi-ok] | |
1628783 | Make FPI affect keying of docgroup | P5 | [domsecurity-backlog1] | ||
1630869 | Consider changing the key of FPI to site (i.e., include the URL scheme) | P3 | [domsecurity-backlog1] |
12 Total; 12 Open (100%); 0 Resolved (0%); 0 Verified (0%);
First Party Isolation - QA Bugs
10 Total; 10 Open (100%); 0 Resolved (0%); 0 Verified (0%);
First Party Isolation - Target as Fx53 Nightly
ID | Summary | Assigned to | Depends on | Whiteboard |
---|---|---|---|---|
1115712 | make DataStorage for HPKP and HSTS enumerable via xpcom | Jonathan Hao (inactive) [:jhao] | 775370 | [psm-assigned] |
1260931 | Add 1st party isolation pref and OriginAttribute. | Yoshi Cheng-Hao Huang [:allstars.chh][:allstarschh][:yoshi] | 1264231, 1291652, 1300182, 1301274, 1301768, 1301778, 1470156 | [tor], [domsecurity-active][ETA 9/12][tor 13742] |
1264562 | Isolate OCSP cache by first party domain. (Tor 13670.2) | Jonathan Hao (inactive) [:jhao] | 1289319, 1313491 | [tor][tor-testing][OA-testing][domsecurity-active][ETA 11/7] |
1264571 | Add a test case of isolating Broadcast Channels for first party. (Tor 16300) | Tim Huang[:timhuang] | 1260931 | [tor-testing][domsecurity-active][ETA 10/10] |
1264577 | Tests for first-party isolation of cache (Tor 13749) | Tim Huang[:timhuang] | 1289319, 1304219, 1315579 | [tor-testing][OA-testing][domsecurity-backlog1][ETA 10/10] |
1264595 | test isolation by mediaSource URI by first party domain (Tor 15703) | Jonathan Hao (inactive) [:jhao] | 1289319 | [tor-testing][OA-testing][domsecurity-backlog1] |
1268726 | isolate shared worker by first party domain (Tor 15564) | Dave Huseby [:huseby] | [tor][domsecurity-active][ETA 10/10][OA] | |
1270680 | image cache should respect originAttributes | Jonathan Hao (inactive) [:jhao] | 1279519, 1280948 | [OA][userContextId][domsecurity-active][tor] |
1277803 | Make the loading of favicon through the XUL:image uses the correct originAttributes | Tim Huang[:timhuang] | 1310092, 1311237, 1319908, 1351084 | [OA][userContextId][domsecurity-active][tor][tor 13670.1] |
1289319 | Add a test framework for the first party isolation tests. | Tim Huang[:timhuang] | [tor-testing][OA-testing][domsecurity-active] | |
1294866 | Make the loading of favicon during SessionRestore use the correct originAttributes | Tim Huang[:timhuang] | [OA][domsecurity-active] | |
1301523 | Add a test that checks HTTP auth is isolated by first party domain (Tor 13900) | Jonathan Hao (inactive) [:jhao] | 1308679 | [tor-testing][OA-testing][necko-next] |
1304219 | Ensure link rel=preconnect requests are isolated by origin attributes (Tor 16998) | Tim Huang[:timhuang] | 1316683 | [tor-testing][necko-backlog][OA-testing] |
1312541 | Test first-party isolation of cookies | Arthur Edelstein [:arthur] | [tor][domsecurity-active] | |
1312794 | Annotate OCSP requests by first party domain. (Tor 13670.2) | Jonathan Hao (inactive) [:jhao] | 1264562 | [tor][domsecurity-active] |
1312954 | Making the network predictor obey originAttributes and updating SpeculativeConnect() to SpeculativeConnect2(). | Tim Huang[:timhuang] | 1304219, 1441445 | [tor] [domsecurity-active][OA] |
1315723 | Intermittent browser/components/originattributes/test/browser/browser_cache.js | Test timed out - | Tim Huang[:timhuang] | [domsecurity-intermittent][tor][OA] | |
1316283 | Isolate SSL session cache by origin attributes | Jonathan Hao (inactive) [:jhao] | 1315143 | [OA][tor] |
1317927 | Media caching needs to use origin attributes | Andrea Marchesini [:baku] | [OA][tor][domsecurity-active] | |
1334690 | Isolate AlternateService mappings by Origin Attributes | Jonathan Hao (inactive) [:jhao] | [tor][necko-would-take][OA] | |
1334693 | Investigate and isolate SPDY/HTTP2 state by first-party domain when privacy.firstparty.isolate = true | Jonathan Hao (inactive) [:jhao] | 1337868, 1334690, 1337893 | [tor][necko-would-take][OA] |
1473247 | Making the firstPartyDomain honors IP addresses | Tim Huang[:timhuang] | [domsecurity-active] |
22 Total; 22 Open (100%); 0 Resolved (0%); 0 Verified (0%);
First Party Isolation - QA Bugs Fixed
27 Total; 0 Open (0%); 25 Resolved (92.59%); 2 Verified (7.41%);
First Party Isolation - FIXED
ID | Summary | Priority | Assigned to | Depends on | Whiteboard |
---|---|---|---|---|---|
444222 | window.name can be used as an XSS attack vector | P2 | Tim Huang[:timhuang] | 454850, 1665502 | [tor][tor-standalone][tor 16620][domsecurity-backlog1] , [wptsync upstream] |
1115712 | make DataStorage for HPKP and HSTS enumerable via xpcom | P1 | Jonathan Hao (inactive) [:jhao] | 775370 | [psm-assigned] |
1260931 | Add 1st party isolation pref and OriginAttribute. | P1 | Yoshi Cheng-Hao Huang [:allstars.chh][:allstarschh][:yoshi] | 1264231, 1291652, 1300182, 1301274, 1301768, 1301778, 1470156 | [tor], [domsecurity-active][ETA 9/12][tor 13742] |
1264562 | Isolate OCSP cache by first party domain. (Tor 13670.2) | P1 | Jonathan Hao (inactive) [:jhao] | 1289319, 1313491 | [tor][tor-testing][OA-testing][domsecurity-active][ETA 11/7] |
1264567 | Tests for first party isolation of localStorage (Tor 13749.1) | P2 | Jonathan Hao (inactive) [:jhao] | 1289319 | [tor-testing][OA-testing][domsecurity-active][ETA 10/10] |
1264571 | Add a test case of isolating Broadcast Channels for first party. (Tor 16300) | P1 | Tim Huang[:timhuang] | 1260931 | [tor-testing][domsecurity-active][ETA 10/10] |
1264572 | Test the Isolate the Image Cache per url bar domain (Tor 13749.2) | P2 | Dave Huseby [:huseby] | 1289319, 1304432 | [tor-testing][OA-testing][domsecurity-backlog1][ETA 10/10] |
1264573 | Regression tests for blob URL isolation (Tor 15502) | P2 | Jonathan Hao (inactive) [:jhao] | 1289319 | [tor-testing][OA-testing][domsecurity-backlog1][ETA 11/7] |
1264577 | Tests for first-party isolation of cache (Tor 13749) | P1 | Tim Huang[:timhuang] | 1289319, 1304219, 1315579 | [tor-testing][OA-testing][domsecurity-backlog1][ETA 10/10] |
1264593 | test Isolation on SharedWorker by first party domain (Tor 15564) | P2 | Tim Huang[:timhuang] | 1305223, 1268726, 1289319, 1302566, 1335678 | [tor-testing][OA-testing][domsecurity-active][ETA 10/10] |
1264595 | test isolation by mediaSource URI by first party domain (Tor 15703) | P1 | Jonathan Hao (inactive) [:jhao] | 1289319 | [tor-testing][OA-testing][domsecurity-backlog1] |
1268726 | isolate shared worker by first party domain (Tor 15564) | P1 | Dave Huseby [:huseby] | [tor][domsecurity-active][ETA 10/10][OA] | |
1270680 | image cache should respect originAttributes | P1 | Jonathan Hao (inactive) [:jhao] | 1279519, 1280948 | [OA][userContextId][domsecurity-active][tor] |
1274020 | Add a test to show that the DOM Cache is separated by origin attributes | P2 | Jonathan Hao (inactive) [:jhao] | 1195930 | [OA-testing][usercontextId][domsecurity-active][tor-testing] |
1277803 | Make the loading of favicon through the XUL:image uses the correct originAttributes | P1 | Tim Huang[:timhuang] | 1310092, 1311237, 1319908, 1351084 | [OA][userContextId][domsecurity-active][tor][tor 13670.1] |
1282655 | Add a test case to test whether site permissions are universal or isolated for each type of OriginAttribute | P2 | Jonathan Hao (inactive) [:jhao] | [OA-testing][userContextId][domsecurity-backlog2][tor-testing] | |
1289319 | Add a test framework for the first party isolation tests. | P1 | Tim Huang[:timhuang] | [tor-testing][OA-testing][domsecurity-active] | |
1290529 | clear HSTS and HPKP for subdomains as well when bug 1115712 is fixed | -- | Jonathan Hao (inactive) [:jhao] | 1115712 | |
1294866 | Make the loading of favicon during SessionRestore use the correct originAttributes | P1 | Tim Huang[:timhuang] | [OA][domsecurity-active] | |
1300182 | Intermittent browser/components/originattributes/test/browser/browser_firstPartyIsolation.js | "KO" == "OK" - | P3 | Yoshi Cheng-Hao Huang [:allstars.chh][:allstarschh][:yoshi] | [domsecurity-intermittent][tor] | |
1300671 | Set firstPartyDomain for about: pages | P2 | Yoshi Cheng-Hao Huang [:allstars.chh][:allstarschh][:yoshi] | 1260931 | [tor][domsecurity-active] |
1301406 | The cookies of the top-level page are not keyed with firstPartyDomain when first party isolation is turned on in e10s mode. | P3 | Yoshi Cheng-Hao Huang [:allstars.chh][:allstarschh][:yoshi] | [tor][domsecurity-backlog1] | |
1301523 | Add a test that checks HTTP auth is isolated by first party domain (Tor 13900) | P1 | Jonathan Hao (inactive) [:jhao] | 1308679 | [tor-testing][OA-testing][necko-next] |
1301617 | test for firstParty and userContextId documents with nsIPermissionManager | P3 | Jonathan Hao (inactive) [:jhao] | [OA-testing][domsecurity-backlog1][tor-testing] | |
1301649 | nits for firstPartyDomain in bug 1260931 | P2 | Yoshi Cheng-Hao Huang [:allstars.chh][:allstarschh][:yoshi] | 1260931 | [tor], [domsecurity-backlog2] |
1303062 | Turn on first party isolation tests | P3 | Jonathan Hao (inactive) [:jhao] | [tor-testing][domsecurity-active] | |
1304219 | Ensure link rel=preconnect requests are isolated by origin attributes (Tor 16998) | P1 | Tim Huang[:timhuang] | 1316683 | [tor-testing][necko-backlog][OA-testing] |
1311237 | Intermittent browser/components/originattributes/test/browser/browser_favicon_firstParty.js | The favicon image should be loaded through network. - Got http-on-examine-cached-response, expected http-on-examine-response, Test timed out, Found a tab | P2 | Tim Huang[:timhuang] | [OA][domsecurity-intermittent][tor] | |
1312541 | Test first-party isolation of cookies | P1 | Arthur Edelstein [:arthur] | [tor][domsecurity-active] | |
1312794 | Annotate OCSP requests by first party domain. (Tor 13670.2) | P1 | Jonathan Hao (inactive) [:jhao] | 1264562 | [tor][domsecurity-active] |
1312954 | Making the network predictor obey originAttributes and updating SpeculativeConnect() to SpeculativeConnect2(). | P1 | Tim Huang[:timhuang] | 1304219, 1441445 | [tor] [domsecurity-active][OA] |
1315602 | Remove the assertion of FirstPartyDomain should be empty in HTTP redirect | -- | Yoshi Cheng-Hao Huang [:allstars.chh][:allstarschh][:yoshi] | [tor][domsecurity-active] | |
1315723 | Intermittent browser/components/originattributes/test/browser/browser_cache.js | Test timed out - | P1 | Tim Huang[:timhuang] | [domsecurity-intermittent][tor][OA] | |
1315927 | ignore firstPartyDomain and userContextId in PermissionStatus | P2 | Yoshi Cheng-Hao Huang [:allstars.chh][:allstarschh][:yoshi] | [tor][domsecurity-active] | |
1316283 | Isolate SSL session cache by origin attributes | P1 | Jonathan Hao (inactive) [:jhao] | 1315143 | [OA][tor] |
1317927 | Media caching needs to use origin attributes | P1 | Andrea Marchesini [:baku] | [OA][tor][domsecurity-active] | |
1323644 | Isolate the HSTS and HPKP cache by first party domain. | P2 | Jonathan Hao (inactive) [:jhao] | 1290529, 1336867, 1342178 | [tor][tor 17965][necko-would-take][OA] |
1330467 | When "privacy.firstparty.isolate" is true, double-key permissions to origin + firstPartyDomain | P2 | Gary Chen [:xeonchen] | [tor 21569][domsecurity-backlog2] | |
1334468 | Crash in mozilla::OriginAttributes::CreateSuffix when entering ',s."' in url bar with privacy.firstparty.isolate=true | -- | Jonathan Hao (inactive) [:jhao] | 1337629 | |
1334485 | Tracking using intermediate CA caching | P3 | [psm-backlog][tor] | ||
1334690 | Isolate AlternateService mappings by Origin Attributes | P1 | Jonathan Hao (inactive) [:jhao] | [tor][necko-would-take][OA] | |
1334693 | Investigate and isolate SPDY/HTTP2 state by first-party domain when privacy.firstparty.isolate = true | P1 | Jonathan Hao (inactive) [:jhao] | 1337868, 1334690, 1337893 | [tor][necko-would-take][OA] |
1336867 | Remove unsafeProcessHeader and isSecureHost in nsISiteSecurityService | -- | Jonathan Hao (inactive) [:jhao] | 1345612 | |
1337629 | Add more restrictions to the host parser | -- | Valentin Gosu [:valentin] (he/him) | 1355487 | [necko-active] |
1340949 | The Sync "Manage Account" link doesn't work properly with First-Party Isolation | P3 | 1323853 | ||
1344170 | set firstPartyDomain for blob: URI | P2 | Yoshi Cheng-Hao Huang [:allstars.chh][:allstarschh][:yoshi] | [tor][domsecurity-active] | |
1376971 | Isolate Page Info media previews to content first party | P3 | Yoshi Cheng-Hao Huang [:allstars.chh][:allstarschh][:yoshi] | 1403365, 1405195, 1407498 | [tor][tor 22327][OA][userContextId][domsecurity-backlog1] |
1376973 | The favicon of tabs dropdown list does not honor originAttributes. | P2 | Tim Huang[:timhuang] | [tor][tor 22452][OA][userContextId][domsecurity-active] | |
1381197 | browser.cookies fails to get/remove cookies by domain/url when privacy.firstparty.isolate = true | P3 | Chung-Sheng Fu [:cfu] | [OA] | |
1384657 | Pocket doesn't work with privacy.firstparty.isolate set to true | P3 | :Gijs (he/him) | [tor][dfpi-ok] | |
1473247 | Making the firstPartyDomain honors IP addresses | P1 | Tim Huang[:timhuang] | [domsecurity-active] | |
1492607 | Prevent postMessage communication across first-party when restrict_opener_access = true | P3 | Tim Huang[:timhuang] | [domsecurity-backlog1] | |
1494327 | Allow Popups For This Site is not keyed by OriginAttributes | P3 | 1330467, 1422056 | [tor] | |
1506693 | PDFJS range-based requests violate FPI | -- | morgan (Tor Project) | [tor 26540] | |
1508355 | Add a test to make sure "Save Page As" respect First-Party Isolation | P5 | Tim Huang[:timhuang] | [tor 22343] | |
1542309 | firstPartyDomain not set on top-level domain URLs | P2 | Alex Catarineu (Tor Browser dev) | [tor 24622][domsecurity-active] |
56 Total; 56 Open (100%); 0 Resolved (0%); 0 Verified (0%);
No results.
0 Total; 0 Open (0%); 0 Resolved (0%); 0 Verified (0%);