Closed
Bug 1486185
Opened 6 years ago
Closed 6 years ago
Make the Disable Protection button in the control centre UI work for the reject tracker cookie behavior
Categories
(Core :: DOM: Security, enhancement, P1)
Core
DOM: Security
Tracking
()
RESOLVED
FIXED
mozilla63
| Tracking | Status | |
|---|---|---|
| firefox63 | --- | fixed |
People
(Reporter: ehsan.akhgari, Assigned: ehsan.akhgari)
References
Details
(Whiteboard: [domsecurity-active])
Attachments
(2 files)
|
6.12 KB,
patch
|
baku
:
review+
|
Details | Diff | Splinter Review |
|
11.89 KB,
patch
|
baku
:
review+
|
Details | Diff | Splinter Review |
No description provided.
|
Assignee | |
Comment 1•6 years ago
|
||
Attachment #9003969 -
Flags: review?(amarchesini)
|
|
Assignee | |
Comment 2•6 years ago
|
||
Attachment #9003970 -
Flags: review?(amarchesini)
|
||
Updated•6 years ago
|
Attachment #9003970 -
Flags: review?(amarchesini) → review+
|
|
||
Updated•6 years ago
|
Attachment #9003969 -
Flags: review?(amarchesini) → review+
Pushed by eakhgari@mozilla.com: https://hg.mozilla.org/integration/mozilla-inbound/rev/83388bace8ff Part 1: Make the Disable Protection button in the control centre UI work for the reject tracker cookie behavior; r=baku https://hg.mozilla.org/integration/mozilla-inbound/rev/fc7618dd27c9 Part 2: Ensure that anti-tracking tests are run in a mode where blocking is active but the top-level site is white-listed for content blocking; r=baku
|
||
Comment 4•6 years ago
|
||
Backed out 2 changesets (bug 1486185)for build bustages on Logging.h CLOSED TREE Backout revision https://hg.mozilla.org/integration/mozilla-inbound/rev/028c9eeaf27e553883ada6ef5f591917a2bc4524 Failed push: https://treeherder.mozilla.org/#/jobs?repo=mozilla-inbound&revision=fc7618dd27c9812296e00fe7f5c91f32ce5b222e&filter-resultStatus=testfailed&filter-resultStatus=busted&filter-resultStatus=exception&filter-classifiedState=unclassified Failure log:https://treeherder.mozilla.org/logviewer.html#?job_id=196092536&repo=mozilla-inbound
Flags: needinfo?(ehsan)
|
||
Comment 5•6 years ago
|
||
Please also take a look at this failure on your push: https://treeherder.mozilla.org/logviewer.html#?job_id=196094880&repo=mozilla-inbound&lineNumber=1522
|
|
||
Comment 6•6 years ago
|
||
:Ehsan Akhgari The TV failures just turned into tier 1 browser chrome failures with https://treeherder.mozilla.org/logviewer.html#?job_id=196094888&repo=mozilla-inbound so please consider this when looking at these issues.
Pushed by eakhgari@mozilla.com: https://hg.mozilla.org/integration/mozilla-inbound/rev/27b7d1d053fb Part 1: Make the Disable Protection button in the control centre UI work for the reject tracker cookie behavior; r=baku https://hg.mozilla.org/integration/mozilla-inbound/rev/8e9cb8f36114 Part 2: Ensure that anti-tracking tests are run in a mode where blocking is active but the top-level site is white-listed for content blocking; r=baku
|
|
Assignee | |
Updated•6 years ago
|
Flags: needinfo?(ehsan)
|
||
Updated•6 years ago
|
Priority: -- → P1
Whiteboard: [domsecurity-active]
|
||
Comment 8•6 years ago
|
||
| bugherder | ||
https://hg.mozilla.org/mozilla-central/rev/27b7d1d053fb https://hg.mozilla.org/mozilla-central/rev/8e9cb8f36114
Status: NEW → RESOLVED
Closed: 6 years ago
status-firefox63:
--- → fixed
Resolution: --- → FIXED
Target Milestone: --- → mozilla63
|
||
Comment 9•6 years ago
|
||
This is a follow-up to a discussion I had with Ehsan about why this is needed at all since channel classifications are supposed to take the Disable Protection button into account already. I reverted https://hg.mozilla.org/mozilla-central/rev/27b7d1d053fb and rebuilt central, then I ran the tests and only one test failed: $ ./mach test toolkit/components/antitracking ... mochitest-browser ~~~~~~~~~~~~~~~~~ Ran 103 checks (3 tests, 100 subtests) Expected results: 98 Unexpected results: 4 subtest: 4 (4 fail) Unexpected Results ------------------ toolkit/components/antitracking/test/browser/browser_blockingCookies.js FAIL Some cookies for me - false == true - Stack trace: resource://testing-common/content-task.js line 59 > eval:msg:19 FAIL Some cookies for me - false == true - Stack trace: resource://testing-common/content-task.js line 59 > eval:msg:19 FAIL We should have cookies - false == true - Stack trace: resource://testing-common/content-task.js line 59 > eval:msg:19 FAIL Some Cookies for me - false == true - Stack trace: resource://testing-common/content-task.js line 59 > eval:msg:19 I re-ran that test with logging enabled: $ export MOZ_LOG="nsChannelClassifier:3" $ ./mach test toolkit/components/antitracking/test/browser/browser_blockingCookies.js ... 0:14.85 INFO Starting blocking cookieBehavior (1) and blocking contentBlocking with allow list test Set/Get Cookies 0:14.94 INFO Creating a new tab ... 0:15.39 INFO Creating a 3rd party content ... 0:15.48 INFO Console message: [JavaScript Warning: "Request to access cookie or storage on “https://tracking.example.org/browser/toolkit/components/antitracking/test/browser/3rdParty.html” was blocked because we are blocking all third-party storage access requests and content blocking is enabled." {file: "resource://testing-common/content-task.js line 59 > eval" line: 32}] 0:15.48 GECKO(1024) [Parent 1024: Main Thread]: I/nsChannelClassifier nsChannelClassifier[0x7f719d61db00]: User override on channel[0x7f719fc21050] (https://tracking.example.org/browser/toolkit/components/antitracking/test/browser/3rdParty.html) 0:15.48 GECKO(1024) [Parent 1024: Main Thread]: I/nsChannelClassifier nsChannelClassifier[0x7f719d61db00]: Classifying principal https://tracking.example.org/browser/toolkit/components/antitracking/test/browser/3rdParty.html on channel[0x7f719fc21050] ... 0:15.55 INFO Sending code to the 3rd party content 0:15.60 PASS No cookies for me - true == true - 0:15.60 INFO Console message: [JavaScript Warning: "Request to access cookie or storage on “https://tracking.example.org/browser/toolkit/components/antitracking/test/browser/3rdParty.html” was blocked because we are blocking all third-party storage access requests and content blocking is enabled." {file: "https://tracking.example.org/browser/toolkit/components/antitracking/test/browser/3rdParty.html line 23 > eval" line: 2}] 0:15.60 GECKO(1024) [Parent 1024: Main Thread]: I/nsChannelClassifier nsChannelClassifier[0x7f719d644cc0]: User override on channel[0x7f71a4e22050] (https://tracking.example.org/browser/toolkit/components/antitracking/test/browser/server.sjs) 0:15.60 GECKO(1024) [Parent 1024: Main Thread]: I/nsChannelClassifier nsChannelClassifier[0x7f719d644cc0]: Classifying principal https://tracking.example.org/browser/toolkit/components/antitracking/test/browser/server.sjs on channel[0x7f71a4e22050] 0:15.63 INFO Console message: [JavaScript Warning: "Request to access cookie or storage on “https://tracking.example.org/browser/toolkit/components/antitracking/test/browser/server.sjs” was blocked because we are blocking all third-party storage access requests and content blocking is enabled." {file: "http://example.net/browser/toolkit/components/antitracking/test/browser/page.html" line: 0}] 0:15.65 PASS We should not have cookies - true == true - 0:15.65 FAIL Some cookies for me - false == true - Stack trace: resource://testing-common/content-task.js line 59 > eval:msg:19 0:15.65 FAIL Some cookies for me - false == true - Stack trace: resource://testing-common/content-task.js line 59 > eval:msg:19 0:15.65 INFO Console message: [JavaScript Warning: "Request to access cookie or storage on “https://tracking.example.org/browser/toolkit/components/antitracking/test/browser/3rdParty.html” was blocked because we are blocking all third-party storage access requests and content blocking is enabled." {file: "https://tracking.example.org/browser/toolkit/components/antitracking/test/browser/3rdParty.html line 23 > eval" line: 8}] 0:15.65 INFO Console message: [JavaScript Warning: "Request to access cookie or storage on “https://tracking.example.org/browser/toolkit/components/antitracking/test/browser/3rdParty.html” was blocked because we are blocking all third-party storage access requests and content blocking is enabled." {file: "https://tracking.example.org/browser/toolkit/components/antitracking/test/browser/3rdParty.html line 23 > eval" line: 9}] 0:15.65 INFO Console message: [JavaScript Warning: "Request to access cookie or storage on “https://tracking.example.org/browser/toolkit/components/antitracking/test/browser/3rdParty.html” was blocked because we are blocking all third-party storage access requests and content blocking is enabled." {file: "https://tracking.example.org/browser/toolkit/components/antitracking/test/browser/3rdParty.html line 23 > eval" line: 10}] 0:15.65 GECKO(1024) [Parent 1024: Main Thread]: I/nsChannelClassifier nsChannelClassifier[0x7f719d61b840]: User override on channel[0x7f71a4e0e050] (https://tracking.example.org/browser/toolkit/components/antitracking/test/browser/server.sjs) 0:15.65 GECKO(1024) [Parent 1024: Main Thread]: I/nsChannelClassifier nsChannelClassifier[0x7f719d61b840]: Classifying principal https://tracking.example.org/browser/toolkit/components/antitracking/test/browser/server.sjs on channel[0x7f71a4e0e050] 0:15.70 INFO Console message: [JavaScript Warning: "Request to access cookie or storage on “https://tracking.example.org/browser/toolkit/components/antitracking/test/browser/server.sjs” was blocked because we are blocking all third-party storage access requests and content blocking is enabled." {file: "http://example.net/browser/toolkit/components/antitracking/test/browser/page.html" line: 0}] 0:15.70 FAIL We should have cookies - false == true - Stack trace: resource://testing-common/content-task.js line 59 > eval:msg:19 0:15.70 INFO Console message: [JavaScript Warning: "Request to access cookie or storage on “https://tracking.example.org/browser/toolkit/components/antitracking/test/browser/3rdParty.html” was blocked because we are blocking all third-party storage access requests and content blocking is enabled." {file: "https://tracking.example.org/browser/toolkit/components/antitracking/test/browser/3rdParty.html line 23 > eval" line: 16}] 0:15.71 FAIL Some Cookies for me - false == true - Stack trace: resource://testing-common/content-task.js line 59 > eval:msg:19 From there, I can see that: - the user override is correctly identified during channel classification - the only test failure is the case where third-party cookies are disabled entirely: network.cookie.cookieBehavior == 1 (dontAcceptForeign). It makes sense that we need to check the user overrides directly because even though the channel is not classified as a tracker (due to the override), it's still third-party and this value of cookieBehavior will block all third-party cookies. In other words, this bug is needed but badly named because this is fixing the case where ALL third-party cookies are rejected. The case where only 3rd-party TRACKING cookies are rejected was already working fine without this patch.
|
|
Assignee | |
Comment 10•6 years ago
|
||
Thanks a lot for the thorough analysis, this makes perfect sense now and explains very well why fastblock wasn't affected by this.
You need to log in
before you can comment on or make changes to this bug.
Description
•