Closed Bug 1778325 Opened 2 years ago Closed 2 years ago

Allow Windows SSO in iframes

Tracking

()

Status:

RESOLVED FIXED

Milestone:

105 Branch

Tracking Flags:

Tracking

Status

firefox-esr102

---

fixed

firefox104

---

fixed

firefox105

---

fixed

People

(Reporter: mkaply, Assigned: mkaply)

Details

(Whiteboard: [necko-triaged])

Attachments

(1 file)

Bug 1778325 - Allow WindowsSSO in iframes. r?dragana 2 years ago Mike Kaply [:mkaply] 48 bytes, text/x-phabricator-request	diannaS : approval-mozilla-beta+ RyanVM : approval-mozilla-esr102+	Details \| Review

Mike Kaply [:mkaply]

Assignee

Description

•

2 years ago

Right now we only attach Microsoft cookie headers to top level documents.

Microsoft has usecases that use iframes that require auth as well.

I can't find any specific reason we did top level documents (that was my patch).

To recreate,

Go to

https://www.w3schools.com/tags/tryit.asp?filename=tryhtml_iframe

and use https://login.microsoftonline.com

Dragana Damjanovic [:dragana]

Comment 1

•

2 years ago

Please let me know if this should have a higher priority?

Severity: -- → N/A

Priority: -- → P3

Whiteboard: [necko-triaged]

Mike Kaply [:mkaply]

Assignee

Comment 2

•

2 years ago

Sorry, I should have said something.

This does need a higher priority, it's a reported problem on the Microsoft side from their customers.

I was planning to fix.

I think it's just a matter of adding SUBDOCUMENT to that if check.

Mike Kaply [:mkaply]

Assignee

Comment 3

•

2 years ago

Attached file Bug 1778325 - Allow WindowsSSO in iframes. r?dragana — Details

Phabricator Automation

Updated

•

2 years ago

Assignee: nobody → mozilla

Status: NEW → ASSIGNED

Pulsebot

Comment 4

•

2 years ago

Pushed by mozilla@kaply.com:
https://hg.mozilla.org/integration/autoland/rev/b238bd6a073b
Allow WindowsSSO in iframes. r=dragana,necko-reviewers

Cosmin Sabou [:CosminS]

Comment 5

•

2 years ago

bugherder

https://hg.mozilla.org/mozilla-central/rev/b238bd6a073b

Status: ASSIGNED → RESOLVED

Closed: 2 years ago

status-firefox105: --- → fixed

Resolution: --- → FIXED

Target Milestone: --- → 105 Branch

Mike Kaply [:mkaply]

Assignee

Comment 6

•

2 years ago

Comment on attachment 9284715 [details]
Bug 1778325 - Allow WindowsSSO in iframes. r?dragana

ESR Uplift Approval Request

If this is not a sec:{high,crit} bug, please state case for ESR consideration: Mainly enterprise features around Windows SSO
User impact if declined: Some Microsoft apps can't authenticate
Fix Landed on Version: 105
Risk to taking this patch: Low
Why is the change risky/not risky? (and alternatives if risky): Impacts preffed off feature, just adds new entry to if statement.

Beta/Release Uplift Approval Request

User impact if declined: Mainly enterprise features around Windows SSO
Is this code covered by automated tests?: No
Has the fix been verified in Nightly?: Yes
Needs manual test from QE?: No
If yes, steps to reproduce: Tested by Microsoft
List of other uplifts needed: None
Risk to taking this patch: Low
Why is the change risky/not risky? (and alternatives if risky): Impacts preffed off feature, just adds new entry to if statement.
String changes made/needed:
Is Android affected?: No

Attachment #9284715 - Flags: approval-mozilla-esr91?

Attachment #9284715 - Flags: approval-mozilla-esr102?

Attachment #9284715 - Flags: approval-mozilla-beta?

Mike Kaply [:mkaply]

•

2 years ago

Flags: qe-verify+

Brindusa Tot, Desktop QA

Updated

•

2 years ago

QA Whiteboard: [qa-triaged]

Brindusa Tot, Desktop QA

Comment 11

•

2 years ago

removing the qe-verify+ flag, as we cannot verify this. Microsoft already tested this.

QA Whiteboard: [qa-triaged]

Flags: qe-verify+

Mike Kaply [:mkaply]

Assignee

Comment 12

•

2 years ago

Just to close the loop, I had sent Microsoft a link to a try build with the fix and they emailed that it was definitely fixed.

You need to log in before you can comment on or make changes to this bug.