Containers don't work in permanent private mode
Categories
(Core :: DOM: Security, defect, P5)
Tracking
()
| Tracking | Status | |
|---|---|---|
| firefox57 | --- | fix-optional |
People
(Reporter: jkt, Unassigned)
References
(Blocks 1 open bug)
Details
(Whiteboard: [userContextId][domsecurity-backlog])
Attachments
(1 file, 3 obsolete files)
|
||
Comment 1•9 years ago
|
||
|
||
Comment 2•9 years ago
|
||
|
Reporter | |
Comment 3•9 years ago
|
||
|
|
Reporter | |
Comment 4•9 years ago
|
||
| Comment hidden (mozreview-request) |
|
|
Reporter | |
Comment 6•9 years ago
|
||
|
|
||
Updated•9 years ago
|
| Comment hidden (mozreview-request) |
|
|
Reporter | |
Updated•8 years ago
|
|
|
Reporter | |
Updated•8 years ago
|
|
|
Reporter | |
Comment 8•8 years ago
|
||
|
||
Comment 9•8 years ago
|
||
|
||
Updated•8 years ago
|
|
|
Reporter | |
Comment 11•7 years ago
|
||
|
||
Updated•7 years ago
|
|
|
Reporter | |
Comment 12•7 years ago
|
||
|
|
||
Updated•7 years ago
|
|
|
Reporter | |
Comment 13•7 years ago
|
||
|
|
||
Comment 14•7 years ago
|
||
|
|
Reporter | |
Comment 16•5 years ago
|
||
Sorry I can't remember exactly, I think I was looking for sharing functionality but I'm not sure how or where.
Anyway I'm unlikely to be picking this up.
|
||
Updated•3 years ago
|
|
||
Comment 18•3 years ago
|
||
The severity field for this bug is relatively low, S3. However, the bug has 3 duplicates.
:freddy, could you consider increasing the bug severity?
For more information, please visit auto_nag documentation.
|
||
Comment 19•3 years ago
|
||
The last needinfo from me was triggered in error by recent activity on the bug. I'm clearing the needinfo since this is a very old bug and I don't know if it's still relevant.
|
||
Comment 20•3 years ago
|
||
Yeah, for those who got emails...do we actually want private tabs to be isolated? I'm not sure that makes sense. It seems that containers in themselves being per-tab is already confusing to some people. I don't think we should add another dimension to it and lean towards closing this.
|
|
||
Comment 21•3 years ago
|
||
(In reply to Frederik Braun [:freddy] from comment #20)
Yeah, for those who got emails...do we actually want private tabs to be isolated? I'm not sure that makes sense. It seems that containers in themselves being per-tab is already confusing to some people. I don't think we should add another dimension to it and lean towards closing this.
I agree with this for individual private windows ie "temporary" private browinsg.
However, I think the question is about permanent private browsing mode. It seems like some people use this to avoid storing data to disk (so starting with a clean slate every time Firefox starts), and it seems reasonable to still want to be able to separate things in that mode while not saving data to disk.
|
||
Comment 23•3 years ago
|
||
Tor Browser is private browsing mode by default for disk-avoidance. It would be nice if containers also worked there since using containers to log into multiple accounts simultaneously is still a nice feature to have (even w/ private browsing mode enabled).
|
||
Comment 24•3 years ago
|
||
(In reply to Richard Pospesel (Tor Browser Dev) from comment #23)
Tor Browser is private browsing mode by default for disk-avoidance. It would be nice if containers also worked there since using containers to log into multiple accounts simultaneously is still a nice feature to have (even w/ private browsing mode enabled).
It's not just a nice feature to e.g. use multiple accounts on the same website within the same browser instance but also a requirement for privacy. This is because permanent private browsing mode even with RFP enabled can't automize against all forms of tracking - there is still discipline required from the user. 2 cases that come into my mind to reflect this:
-
Fixed links (e.g. mostly common via bookmarks) are a good potential source of tracking. Their nature with complex parameters that are hardly transparent to an user (e.g. YouTube video ID's) make it often impossible to tell if part of the URL is being used to secretly identify the user at some point. This can carry a lot of information despite all the isolation RFP does here and is very tedious to prevent on the user-side. Also too old bookmarks whose URL has already been updated (but the old URL still works) provide a bit of extra entropy to the website.
-
If websites cooperate they can simply circumvent RFP's privacy-isolation (correct me if something updated in the past and I'm wrong here) since simple forwarding to each other's site is sufficient to cross-identify the user between 2 different services (e.g. 2 different logged in accounts). This also requires discipline of the user since disabling any form of automatic forwarding (and also any form of manual forwarding to avoid edge-cases) would break pretty much basically the entire web. This is the case where actually the tab-containers discussed here are required (as well as user-discipline) to avoid this. If the user is logged into 2 different services and they are both in 2 different tab-contexts those services can forward to each-other as much as they want but they would never be able to cross-track the user then.
|
|
||
Comment 25•3 years ago
|
||
Edit: With RFP's privacy-isolation I was also keeping in mind other forms of isolation Firefox currently provides (e.g. state partitioning for Cookies) - just to be a bit more clear here and unfortunately I can't edit my previous post to correct this.
|
||
Comment 26•1 year ago
|
||
I know this issue got quite a bit stale but I wanted to bump it anew. I still really would like to see this bug resolved as I still would like to have a permanent private mode enabled while also being able to be logged in with, e.g. several Microsoft accounts, especially in the context of the Mozilla Connect post 1.
What caught my eye in the Mozilla Connect post was the work on tab groups. My thought was that hopefully each group could have its own container. Sadly, there were no more details on that (I am also not entirely sure where to properly suggest something like this). I really would like to see that and it feels like that this bug could also potentially affect users that are also going to use a permanent private mode.
|
||
Comment 27•4 months ago
|
||
Hello.
I was researching for this issue because I realised recently that the multi-account containers don't work in private window (Did they ever?). I want to point out something more about this.
Agreeing by some of the things said before, and also deepening in the topics brought for the latest comments, It can be useful to have containers in private mode because something like what Facebook Container https://addons.mozilla.org/es-ES/firefox/addon/facebook-container/ does.
Actually you can't use Facebook Container in private mode for this reason, and with that you can't do for what It's for: trying to isolate any Facebook related page from everything else in the browser, what even in a private window could be useful as a other layer of isolation from them.
Even there is others like Google Container (Not official from Mozilla), but even if there are not cookies or sessions from the normal mode in private mode, If you have manually set a container with a bunch of websites that you like to isolate in that specific container for privacy reasons, It could be interesting to allow it happens too in private mode for the same reasons in that context, as it isolates those websites and whatever are adding or tracking from the others open until the private window is closed and everything is gone.
I don't know if it makes sense my point.
Thanks in advance.
Description
•