[tbb-bugs] #16429 [Tor Browser]: Isolate blob URLs in Worker contexts
Tor Bug Tracker & Wiki
blackhole at torproject.org
Tue Jul 14 19:59:32 UTC 2015
#16429: Isolate blob URLs in Worker contexts
-------------------------+-------------------------------------------------
Reporter: gk | Owner: tbb-team
Type: | Status: needs_review
enhancement | Milestone:
Priority: normal | Version:
Component: Tor | Keywords: ff38-esr, tbb-linkability,
Browser | TorBrowserTeam201507R
Resolution: | Parent ID:
Actual Points: |
Points: |
-------------------------+-------------------------------------------------
Comment (by arthuredelstein):
Replying to [comment:6 mikeperry]:
> Some issues:
>
> 1. In URL::RevokeObjectURL(), you can have a null pointer deref if
window is null, since you try to obtain the document before checking
window.
> 1. We probably should have some error checking in your
GetFirstPartyHost() functions, if nothing else to differentiate between
the case where isolation is disabled (NS_OK, but empty isolation URI) and
failure (NS_FAILED(rv), with empty isolation URI). The returned host
should probably also represent these two cases as different special string
keys?
> 1. I found a meta-bug
(https://bugzilla.mozilla.org/show_bug.cgi?id=60697) where Mozilla was
trying to remove static global uses of nsCOMPtr. I'm wondering if this is
limited to static initialization or if we should be using something other
than nsCOMPtr for gThirdPartyUtilService. The bug has been dormant for
years, though...
These are all good points. I've attempted to fix them. The new version is
here:
https://github.com/arthuredelstein/tor-browser/commits/16429+8
--
Ticket URL: <https://trac.torproject.org/projects/tor/ticket/16429#comment:7>
Tor Bug Tracker & Wiki <https://trac.torproject.org/>
The Tor Project: anonymity online
More information about the tbb-bugs
mailing list