Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Prevent cross-protcol embedding #70

Closed
Gozala opened this issue Aug 15, 2018 · 3 comments
Closed

Prevent cross-protcol embedding #70

Gozala opened this issue Aug 15, 2018 · 3 comments

Comments

@Gozala
Copy link
Contributor

Gozala commented Aug 15, 2018

As side effect of #69 now custom protocols are able to embed images and other resources from http(s). Here is an exchange on IRC with a relevant pointers:

1:13 PM Irakli Gozalishvili bz: btw that combination of flags also allows loading embedding http content is it possible to prevent that ?
1:13 PM B<•bz> You want your protocol to not be able to load http:?
1:15 PM G Irakli Gozalishvili bz: I don’t want to disallow links to http but I do not want to allow embedding images or other things that would touch network
1:15 PM or at least have some way to control that
1:15 PM B<•bz> Use CSP?
1:16 PM G Irakli Gozalishvili bz: You mean through headers ?
1:16 PM B<•bz> or
1:16 PM or some other mechanism, if we have something else...
1:17 PM G Irakli Gozalishvili bz: It needs to be default, not opt-in, and headers isn’t viable as far as I can tell as channel from custom protocol isn’t nsIHTTPChannel
1:18 PM G Irakli Gozalishvili I think if scheme isn’t http(s) channel is never queried to nsIHttpChannel
1:18 PM <•bz> might need backend work...
1:18 PM You could also implement a content policy, of course
1:18 PM to get the same effect
1:19 PM G Irakli Gozalishvili bz: can you provide more context or pointers, I’m not sure how would I do that
1:19 PM referring to implementing content policy
1:19 PM B<•bz> https://searchfox.org/mozilla-central/source/dom/base/nsIContentPolicy.idl
1:20 PM https://developer.mozilla.org/en-US/docs/Archive/Mozilla/nsIContentPolicy may have some examples of how to hook it up
1:20 PM Then you get notified when loads happen
1:20 PM and can decide whether to allow or not
1:20 PM B<•bz> based on what's being loaded and by whom and so forth
@lidel
Copy link
Contributor

lidel commented Aug 15, 2018

@Gozala just to be sure I got the context right: is this due to reasons mentioned in #52 (comment)?

@Gozala Gozala mentioned this issue Aug 18, 2018
Closed
@Gozala
Copy link
Contributor Author

Gozala commented Aug 7, 2019

@Gozala just to be sure I got the context right: is this due to reasons mentioned in #52 (comment)?

Pretty much, but more generally allowing cross protocol embedding raises whole range of privacy concerns and questions & I do not believe we have definitive answers so I think it's best for now to focus efforts on enabling protocols in isolation from each other & once there only after start start dealing with cross-protocol concerns.

@Gozala
Copy link
Contributor Author

Gozala commented Aug 7, 2019

Migrate to https://bugzilla.mozilla.org/show_bug.cgi?id=1572226

@Gozala Gozala closed this as completed Aug 7, 2019
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
2 participants
@Gozala @lidel