[tbb-bugs] #16429 [Tor Browser]: Isolate blob URLs in Worker contexts

Tor Bug Tracker & Wiki blackhole at torproject.org
Tue Jul 14 00:30:49 UTC 2015

#16429: Isolate blob URLs in Worker contexts
     Reporter:  gk       |      Owner:  tbb-team
         Type:           |     Status:  needs_review
  enhancement            |  Milestone:
     Priority:  normal   |    Version:
    Component:  Tor      |   Keywords:  ff38-esr, tbb-linkability,
  Browser                |  TorBrowserTeam201507R
   Resolution:           |  Parent ID:
Actual Points:           |
       Points:           |

Comment (by mikeperry):

 Some issues:

 1. In URL::RevokeObjectURL(), you can have a null pointer deref if window
 is null, since you try to obtain the document before checking window.
 1. We probably should have some error checking in your GetFirstPartyHost()
 functions, if nothing else to differentiate between the case where
 isolation is disabled (NS_OK, but empty isolation URI) and failure
 (NS_FAILED(rv), with empty isolation URI). The returned host should
 probably also represent these two cases as different special string keys?
 1. I found a meta-bug (https://bugzilla.mozilla.org/show_bug.cgi?id=60697)
 where Mozilla was trying to remove static global uses of nsCOMPtr. I'm
 wondering if this is limited to static initialization or if we should be
 using something other than nsCOMPtr for gThirdPartyUtilService. The bug
 has been dormant for years, though...

Ticket URL: <https://trac.torproject.org/projects/tor/ticket/16429#comment:6>
Tor Bug Tracker & Wiki <https://trac.torproject.org/>
The Tor Project: anonymity online

More information about the tbb-bugs mailing list