Closed
Bug 1480923
Opened 6 years ago
Closed 6 years ago
Remove the checks for 3rd-party storage restrictions from the channel classifier
Categories
(Toolkit :: Safe Browsing, enhancement, P2)
Toolkit
Safe Browsing
Tracking
()
RESOLVED
FIXED
mozilla63
| Tracking | Status | |
|---|---|---|
| firefox63 | --- | fixed |
People
(Reporter: francois, Assigned: ehsan.akhgari)
References
Details
Attachments
(2 files, 1 obsolete file)
|
3.31 KB,
patch
|
francois
:
review+
|
Details | Diff | Splinter Review |
|
3.50 KB,
patch
|
francois
:
review+
|
Details | Diff | Splinter Review |
Once bug 1476715 has landed, all of the users of tracking annotations will be responsible for checking whether loads are first-party or third-party. We should simplify the logic in the channel classifier by removing all of the checks for StaticPrefs::privacy_restrict3rdpartystorage_enabled() or AntiTrackingCommon::ShouldActivate(). This will mean that the 3rd-party storage restrictions, like network.http.tailing.enabled and privacy.trackingprotection.lower_network_priority will be gated by privacy.trackingprotection.annotate_channels.
|
Assignee | |
Comment 1•6 years ago
|
||
Can you please explain more about what the existing checks need to be replaced with? Simply removing the checks doesn't work, because of the logic in nsChannelClassifier::ShouldEnableTrackingProtectionInternal(). That logic currently ensures that we never annotate first-party channels under any circumstances, which is the reason why we need those pref checks.
Flags: needinfo?(francois)
|
Reporter | |
Comment 2•6 years ago
|
||
(In reply to :Ehsan Akhgari from comment #1) > Can you please explain more about what the existing checks need to be > replaced with? > > Simply removing the checks doesn't work, because of the logic in > nsChannelClassifier::ShouldEnableTrackingProtectionInternal(). That logic > currently ensures that we never annotate first-party channels under any > circumstances, which is the reason why we need those pref checks. Now that bug 1476715 has landed, we can remove the centralized third-party check from ShouldEnableTrackingProtection() when aAnnotationsOnly==true since that third-party check has been distributed across all of the current users. This means that the default cookie restrictions annotations are no longer special.
Flags: needinfo?(francois)
|
|
Assignee | |
Updated•6 years ago
|
Assignee: nobody → ehsan
|
|
Assignee | |
Comment 3•6 years ago
|
||
Attachment #8999245 -
Flags: review?(francois)
|
|
Assignee | |
Comment 4•6 years ago
|
||
Attachment #8999246 -
Flags: review?(francois)
|
|
Reporter | |
Updated•6 years ago
|
Attachment #8999246 -
Flags: review?(francois) → review+
|
|
Reporter | |
Comment 5•6 years ago
|
||
Comment on attachment 8999245 [details] [diff] [review] Part 1: Remove the centralized third-party checks from nsChannelClassifier::ShouldEnableTrackingProtectionInternal Review of attachment 8999245 [details] [diff] [review]: ----------------------------------------------------------------- Bug 1476715 only added third-party checks to the consumers of tracking annotations. So if we take the check out entirely, we break tracking _protection_. Something else I just realized about https://hg.mozilla.org/mozilla-central/rev/cb8a7a9f4a73: we're only checking for third-party _channels_, not third-party windows. Therefore we've probably re-introduced bug 1108017. Sadly we never landed a test to go with Monica's patch so that's probably why we didn't notice.
Attachment #8999245 -
Flags: review?(francois) → review-
|
|
Assignee | |
Comment 6•6 years ago
|
||
(In reply to François Marier [:francois] from comment #5) > Comment on attachment 8999245 [details] [diff] [review] > Part 1: Remove the centralized third-party checks from > nsChannelClassifier::ShouldEnableTrackingProtectionInternal > > Review of attachment 8999245 [details] [diff] [review]: > ----------------------------------------------------------------- > > Bug 1476715 only added third-party checks to the consumers of tracking > annotations. So if we take the check out entirely, we break tracking > _protection_. I see. > Something else I just realized about > https://hg.mozilla.org/mozilla-central/rev/cb8a7a9f4a73: we're only checking > for third-party _channels_, not third-party windows. Therefore we've > probably re-introduced bug 1108017. Sadly we never landed a test to go with > Monica's patch so that's probably why we didn't notice. Can you please file a separate regression bug for that? That should probably be tracked for the 63 release as a regression...
|
|
Assignee | |
Comment 7•6 years ago
|
||
Attachment #8999306 -
Flags: review?(francois)
|
|
Assignee | |
Updated•6 years ago
|
Attachment #8999245 -
Attachment is obsolete: true
|
|
Reporter | |
Comment 8•6 years ago
|
||
(In reply to :Ehsan Akhgari from comment #6) > Can you please file a separate regression bug for that? That should > probably be tracked for the 63 release as a regression... I just filed bug 1482950 for it.
|
|
Reporter | |
Updated•6 years ago
|
Attachment #8999306 -
Flags: review?(francois) → review+
Pushed by eakhgari@mozilla.com: https://hg.mozilla.org/integration/mozilla-inbound/rev/ecdc01374747 Part 1: Remove the centralized third-party checks from nsChannelClassifier::ShouldEnableTrackingProtectionInternal in annotation-only mode; r=francois https://hg.mozilla.org/integration/mozilla-inbound/rev/174bb3e3138c Part 2: Remove the checks for the restrict3rdpartystorage pref from the channel classifier and only rely on the annotate_channels pref; r=francois
|
||
Comment 10•6 years ago
|
||
| bugherder | ||
https://hg.mozilla.org/mozilla-central/rev/ecdc01374747 https://hg.mozilla.org/mozilla-central/rev/174bb3e3138c
Status: NEW → RESOLVED
Closed: 6 years ago
status-firefox63:
--- → fixed
Resolution: --- → FIXED
Target Milestone: --- → mozilla63
You need to log in
before you can comment on or make changes to this bug.
Description
•