|
In more detail: For the original FirefoxOS security model, sicking and jlebar rototilled all the security checks in the codebase to switch from comparing origins to comparing (origin, appId, isInMozBrowser) tuples. Later on, for the eventually-abandoned FirefoxOS New Security Model (NSec), we needed to pass around a signed package id instead. So the options on the table were to rototill the codebase again, or to do something out of band with the cookie service (sicking's proposal). When I found out about this I wasn't particularly happy with either option, and used my sec module ownership to insert myself into the discussion, and push for a more general approach (i.e. OriginAttributes). Sicking was initially kind of peeved about this, because they were on a deadline, but eventually came around. So we did one more pass of the rototiller to switch everything from appId+mozBrowser to the general and extensible mechanism. Years later, FirefoxOS is no more, but OriginAttributes are still used to implement Private Browsing, Containers, and First-Party Isolation. Here's to general/reusable solutions! |