Open
Bug 1353489
Opened 7 years ago
Updated 2 years ago
pass if-none-match header to requestHeaders to be able to prevent E-Tag tracking
Categories
(WebExtensions :: Request Handling, defect, P3)
Tracking
(Not tracked)
UNCONFIRMED
People
(Reporter: xlu3coa2wri, Unassigned)
References
Details
(Whiteboard: triaged)
User Agent: Mozilla/5.0 (Windows NT 6.1; Win64; x64; rv:52.0) Gecko/20100101 Firefox/52.0 Build ID: 20170323105023 Steps to reproduce: Addons who try to protect against E-Tag tracking using webRequest.onBeforeSendHeaders should be able to remove, or at least detect the if-none-match header. Actual results: Currently the header is not represented in the details.requestHeaders array.
Component: Untriaged → WebExtensions: Request Handling
Product: Firefox → Toolkit
Another solution would be to add an option to the upcoming privacy api (https://bugzilla.mozilla.org/show_bug.cgi?id=1312802) which allows the developer to disable sending etags, but simply passing through all headers to the webRequest details api seems fairly straightforward to me. I generally wonder why these headers are excluded for developers.
Comment 2•7 years ago
|
||
re-writing description, likely file as nightly bug
Flags: needinfo?(kmaglione+bmo)
Updated•7 years ago
|
Whiteboard: investigating
Updated•7 years ago
|
Summary: Webextensions pass if-none-match header to requestHeaders to be able to prevent E-Tag tracking → pass if-none-match header to requestHeaders to be able to prevent E-Tag tracking
Updated•7 years ago
|
Comment 3•7 years ago
|
||
(In reply to miby from comment #1) > I generally wonder why these headers are excluded for developers. They are not excluded. Requests in Firefox have different characteristics than Chrome. Bug 1368527 would likely address this, but leaving open for the specific header request to be verified.
Depends on: 1368527
Comment 4•6 years ago
|
||
Request timing was fixed for 57, does this issue still affect you?
Flags: needinfo?(xlu3coa2wri)
Updated•6 years ago
|
Product: Toolkit → WebExtensions
Updated•5 years ago
|
Flags: needinfo?(xlu3coa2wri)
Updated•2 years ago
|
Severity: normal → S3
You need to log in
before you can comment on or make changes to this bug.
Description
•