Re: Intent to migrate the permissions database to use origins instead of host names

I tried to get some folks internally to look at this, and so far nobody has said that they oppose landing the changes as is very strongly so unless there is no strong objections, I am going to ask Michael to submit his work for landing tomorrow. Cheers, Ehsan On Wed, Jul 1, 2015 at 2:54 AM,

Re: Intent to migrate the permissions database to use origins instead of host names

The patches I am working on already use Bobby Holley's OriginAttributes, in fact we use the origin attribute on the nsIPrincipal, and only expose an nsIPrincipal from the API. Internally, we use the origin attribute for serialization, but to external consumers of the API, all that is available

Re: Intent to migrate the permissions database to use origins instead of host names

On Tue, Jun 30, 2015 at 3:55 PM, Martin Thomson m...@mozilla.com wrote: I wonder, has the subject of double-keying been raised in this context? It comes up frequently in this context. And when I say double-keying, I mean forming a key from the tuple of the requesting principal and the top

Re: Intent to migrate the permissions database to use origins instead of host names

On Tue, Jun 30, 2015 at 4:16 PM, Ehsan Akhgari ehsan.akhg...@gmail.com wrote: On 2015-06-30 6:04 PM, Jonas Sicking wrote: There are actually one downside with this change. It means that if a user denies access to https://website.com to use cookies, then http://website.com will still have

Re: Intent to migrate the permissions database to use origins instead of host names

On Tue, Jun 30, 2015 at 5:50 PM, Jonas Sicking jo...@sicking.cc wrote: On Tue, Jun 30, 2015 at 4:16 PM, Ehsan Akhgari ehsan.akhg...@gmail.com wrote: On 2015-06-30 6:04 PM, Jonas Sicking wrote: There are actually one downside with this change. It means that if a user denies access to

Re: Intent to migrate the permissions database to use origins instead of host names

On Tue, Jun 30, 2015 at 4:18 PM, Ehsan Akhgari ehsan.akhg...@gmail.com wrote: I personally am not sure if that is a sound idea for all permission types. It's probably the right thing for geolocation, but not for cookies. As I understand it, the key for permission manager is a simple string.

Re: Intent to migrate the permissions database to use origins instead of host names

On 2015-06-30 6:55 PM, Martin Thomson wrote: I wonder, has the subject of double-keying been raised in this context? It comes up frequently in this context. And when I say double-keying, I mean forming a key from the tuple of the requesting principal and the top level browsing context principal