Add a fingerprinting feature to the URL classifier

RESOLVED FIXED in Firefox 66

Status

()

enhancement
P1
normal
RESOLVED FIXED
7 months ago
7 months ago

People

(Reporter: englehardt, Assigned: baku)

Tracking

(Blocks 1 bug)

unspecified
mozilla66
Points:
---
Dependency tree / graph

Firefox Tracking Flags

(firefox66 fixed)

Details

Attachments

(1 attachment, 2 obsolete attachments)

We should add a feature to the URL classifier that consumes the fingerprinting categorized list from shavar and cancels the channel.
No longer blocks: 1511436, 1513046
Depends on: 1511436, 1513046
Posted patch feature_fingerprinting.patch (obsolete) — Splinter Review
Note that this patch cancels the channel using 'tracking-protection' error. So far, it's OK, but we need to use a different error when we know what the UI will look like.
Assignee: nobody → amarchesini
Attachment #9031808 - Flags: review?(dlee)
Posted patch patch (obsolete) — Splinter Review
Attachment #9031808 - Attachment is obsolete: true
Attachment #9031808 - Flags: review?(dlee)
Attachment #9031813 - Flags: review?(dlee)
Component: Tracking Protection → Safe Browsing
Product: Firefox → Toolkit
Status: NEW → ASSIGNED
Priority: -- → P1
Attachment #9031813 - Attachment is obsolete: true
Attachment #9031813 - Flags: review?(dlee)
Attachment #9034538 - Flags: review?(dlee)
Comment on attachment 9034538 [details] [diff] [review]
feature_fingerprinting.patch

Review of attachment 9034538 [details] [diff] [review]:
-----------------------------------------------------------------

Looks good!

::: modules/libpref/init/StaticPrefList.h
@@ +1776,5 @@
>  )
>  
> +// Block 3rd party fingerprinting resources.
> +VARCACHE_PREF(
> +  "privacy.fingerprinting.enabled",

Do you think we should use?
privacy.trackingprotection.fingerprinting.enabled
privacy.trackingprotection.cryptomining.enabled

I think we should check with johann to see if he has any concern.

::: toolkit/components/url-classifier/tests/mochitest/test_fingerprinting.html
@@ +38,5 @@
> +    [ "urlclassifier.features.fingerprinting.blacklistTables", "" ],
> +    [ "urlclassifier.features.fingerprinting.whitelistTables", "" ],
> +    [ "privacy.trackingprotection.enabled", false ],
> +    [ "privacy.trackingprotection.annotate_channels", false ],
> +    [ "privacy.fingerprinting.enabled", true ],

Can you help check if we can use
[ "urlclassifier.features.fingerprinting.blacklistTables", "test-track-simple" ],
with url trackertest.org...

I feel safer if we really look into the tables, thanks!
Attachment #9034538 - Flags: review?(dlee) → review+
Pushed by amarchesini@mozilla.com:
https://hg.mozilla.org/integration/mozilla-inbound/rev/76f3be6b25e1
Fingerprinting url-classifier feature, r=dimi
Pushed by amarchesini@mozilla.com:
https://hg.mozilla.org/integration/mozilla-inbound/rev/a11f752f828c
Fingerprinting url-classifier feature, r=dimi
Flags: needinfo?(amarchesini)
Status: ASSIGNED → RESOLVED
Closed: 7 months ago
Resolution: --- → FIXED
Target Milestone: --- → mozilla66
You need to log in before you can comment on or make changes to this bug.