Closed Bug 1033872 Opened 10 years ago Closed 10 years ago

split off api.accounts.firefox.com

Categories

(Core :: Security: PSM, defect)

x86_64
Linux
defect
Not set
normal

Tracking

()

RESOLVED FIXED
mozilla33

People

(Reporter: mmc, Assigned: mmc)

References

Details

Attachments

(1 file)

According to ckarlof, this domain is used for syncing in background soon after startup and probably more prone to captive portal violations. If violations are mostly on api.accounts.firefox.com, then that's ok.
Assignee: nobody → mmc
Status: NEW → ASSIGNED
Attachment #8449906 - Flags: review?(dkeeler)
Comment on attachment 8449906 [details] [diff] [review]
Split off api.accounts.firefox.com into a separate pinset (

Review of attachment 8449906 [details] [diff] [review]:
-----------------------------------------------------------------

::: security/manager/boot/src/StaticHPKPins.h
@@ +710,5 @@
>    { "addons.mozilla.net", true, false, true, 2, &kPinset_mozilla },
>    { "addons.mozilla.org", true, false, true, 1, &kPinset_mozilla },
>    { "admin.google.com", true, false, false, -1, &kPinset_google_root_pems },
>    { "android.com", true, false, false, -1, &kPinset_google_root_pems },
> +  { "api.accounts.firefox.com", true, true, false, 5, &kPinset_mozilla_fxa },

Should mIsMoz be true for this? (and accounts.firefox.com)
I guess it doesn't matter for hosts that actually have telemetry ids?
Attachment #8449906 - Flags: review?(dkeeler) → review+
> Should mIsMoz be true for this? (and accounts.firefox.com)
> I guess it doesn't matter for hosts that actually have telemetry ids?

mIsMoz is pinset_name == "mozilla" which isn't true for these 2. Either way, for hosts that have ids we exclude them from the mozilla/non-mozilla volume and rate telemetry counts -- they only appear in the per-host counts.
https://hg.mozilla.org/mozilla-central/rev/7c0af1873a74
Status: ASSIGNED → RESOLVED
Closed: 10 years ago
Resolution: --- → FIXED
Target Milestone: --- → mozilla33
You need to log in before you can comment on or make changes to this bug.