Oxide

Prevent access to BrowserContextDelegate off the IO thread

Bug #1470187 reported by Chris Coulson on 2015-06-30

This bug affects 1 person

Affects		Status	Importance	Assigned to	Milestone
	Oxide	Triaged	Medium	Unassigned

Bug Description

Currently it's possible to call BrowserContext::GetDelegate() on any thread, but BrowserContextDelegate has methods whose implementations in qt/ are just plain unsafe to call on anything other than the IO thread (it looks like this applies to pretty much all of them).

I noticed this whilst looking at https://code.launchpad.net/~justinmcp/oxide/pepper-flash/+merge/234058 - it calls BrowserContextDelegate::CanAccessStorage on the UI thread, which is not safe.

We should prevent usage of BrowserContextDelegate off the IO thread.

For an alternative to BrowserContextDelegate::CanAccessStorage on the UI thread - this will depend on content settings as opposed to delegating storage access checks to an embedder provided worker script on the IO thread.

As an interim, we should make BrowserContextIOData::CanAccessCookies not delegate to BrowserContextDelegate - this is sufficient for checking whether a particular storage access attempt is ok, according to the current cookie policy. However, it won't be possible to have more fine-grained storage access checks off the IO thread until we have content settings.

See original description

Chris Coulson (chrisccoulson) on 2015-06-30

Changed in oxide:
importance:	Undecided → Medium
status:	New → Triaged
description:	updated
description:	updated
description:	updated

Chris Coulson (chrisccoulson) on 2015-06-30

description:

updated

Report a bug

This report contains Public information

Everyone can see this information.

You are

Subscribing...

Edit bug mail

Other bug subscribers

Remote bug watches

Bug watches keep track of this bug in other bug trackers.