[tbb-bugs] #16429 [Tor Browser]: Isolate blob URLs in Worker contexts

Tor Bug Tracker & Wiki blackhole at torproject.org
Tue Jul 14 19:59:32 UTC 2015

#16429: Isolate blob URLs in Worker contexts
     Reporter:  gk       |      Owner:  tbb-team
         Type:           |     Status:  needs_review
  enhancement            |  Milestone:
     Priority:  normal   |    Version:
    Component:  Tor      |   Keywords:  ff38-esr, tbb-linkability,
  Browser                |  TorBrowserTeam201507R
   Resolution:           |  Parent ID:
Actual Points:           |
       Points:           |

Comment (by arthuredelstein):

 Replying to [comment:6 mikeperry]:
 > Some issues:
 > 1. In URL::RevokeObjectURL(), you can have a null pointer deref if
 window is null, since you try to obtain the document before checking
 > 1. We probably should have some error checking in your
 GetFirstPartyHost() functions, if nothing else to differentiate between
 the case where isolation is disabled (NS_OK, but empty isolation URI) and
 failure (NS_FAILED(rv), with empty isolation URI). The returned host
 should probably also represent these two cases as different special string
 > 1. I found a meta-bug
 (https://bugzilla.mozilla.org/show_bug.cgi?id=60697) where Mozilla was
 trying to remove static global uses of nsCOMPtr. I'm wondering if this is
 limited to static initialization or if we should be using something other
 than nsCOMPtr for gThirdPartyUtilService. The bug has been dormant for
 years, though...

 These are all good points. I've attempted to fix them. The new version is

Ticket URL: <https://trac.torproject.org/projects/tor/ticket/16429#comment:7>
Tor Bug Tracker & Wiki <https://trac.torproject.org/>
The Tor Project: anonymity online

More information about the tbb-bugs mailing list