Enable DOM Storage and isolate it to url bar domain

DOM storage is currently disabled in TBB. We should be isolating it to url bar domain. See mozIThirdPartyUtil and #5742 (closed) for useful APIs.

added component::firefox patch issues owner::mikeperry priority::high resolution::fixed status::closed tbb-bounty tbb-linkability type::enhancement labels

Trac:
Summary: Isolate DOM Storage to url bar domain to Enable DOM Storage and isolate it to url bar domain

Trac:
Keywords: tbb-linkability deleted, tbb-linkability tbb-bounty added

We need this for https://read.amazon.com. See #7289 (moved).

Trac:
6564-dom-storage.patch

Firefox patch to isolate DOM storage to URL bar domain

In addition to applying the attached patch to the browser, the following line was removed from build-scripts/config/prefs.js:

user_pref("dom.storage.enabled", false);

In the future, we plan to disable DOM storage for most URL bar (first party) URLs that lack a host component, e.g., data: and javascript: URLs. We will probably allow DOM storage for chrome: and resource: URLs.

This is patch is deployed in TBB-stable. However, see child ticket for the follow-on work wrt NULL host URLs and other firstparty edge cases.

Trac:
Resolution: N/A to fixed
Status: new to closed

Not sure if the unhelpful log output is caused by this code or from code of the related #5742 (closed), but I'll document here due to a hunch:

When navigating https://www.ddg.gg/ (or any other site), the browser console (Shift-Ctrl-J) is logging:

getFirstPartyURI failed for http://ocsp.digicert.com/: 0x80070057
getFirstPartyURI failed for https://duckduckgo.com/favicon.ico: 0x80070057
getFirstPartyURI failed for https://duckduckgo.com/favicon.ico#-moz-resolution=16,16: 0x80070057

...which may indicate a missing conditional expression in either nsGlobalWindow.cpp or ThirdPartyUtils from #5742 (closed)?

Trac:
Username: michael

Trac:
Username: michael
Cc: N/A to michael

Replying to michael:

Not sure if the unhelpful log output is caused by this code or from code of the related #5742 (closed), but I'll document here due to a hunch:

When navigating https://www.ddg.gg/ (or any other site), the browser console (Shift-Ctrl-J) is logging:

{{{ getFirstPartyURI failed for http://ocsp.digicert.com/: 0x80070057 getFirstPartyURI failed for https://duckduckgo.com/favicon.ico: 0x80070057 getFirstPartyURI failed for https://duckduckgo.com/favicon.ico#-moz-resolution=16,16: 0x80070057 }}}

...which may indicate a missing conditional expression in either nsGlobalWindow.cpp or ThirdPartyUtils from #5742 (closed)?

This is a known issue and it should be fixed as part of #13670 (moved).

Replying to myself:

When navigating https://www.ddg.gg/ (or any other site), the browser console (Shift-Ctrl-J) is logging:

{{{ getFirstPartyURI failed for http://ocsp.digicert.com/: 0x80070057 getFirstPartyURI failed for https://duckduckgo.com/favicon.ico: 0x80070057 getFirstPartyURI failed for https://duckduckgo.com/favicon.ico#-moz-resolution=16,16: 0x80070057 }}}

That's misplaced and belongs in #13670 (moved), please ignore.

Trac:
Username: michael

closed

mentioned in issue #7006 (closed)

mentioned in issue #7289 (moved)

mentioned in issue #8156 (moved)

mentioned in issue #8292 (moved)

mentioned in issue #10819 (closed)

mentioned in issue #12620 (moved)

mentioned in issue #12620 (moved)

mentioned in issue #16577 (moved)

mentioned in issue tpo/applications/tor-browser#7289 (closed)

mentioned in issue tpo/applications/tor-browser#16577 (moved)

mentioned in issue tpo/applications/tor-browser-bundle-testsuite#40050