Closed Bug 1535049 Opened 6 years ago Closed 6 years ago

Use the Search Submission URL list to block homepages set by hijacking

Categories

(Firefox :: New Tab Page, enhancement, P2)

Product:
Firefox
Component:
New Tab Page
Type:
enhancement
Points:
8

Tracking

()

Status:
RESOLVED FIXED
Milestone:
Firefox 70
Iteration:
70.2 - Jul 22 - Aug 4
Tracking Flags:
Tracking Status
firefox70 --- fixed

People

(Reporter: nanj, Assigned: standard8)

References

(Blocks 1 open bug)

Details

User Story

Requirements:

- Block any attempt to set the homepage to one that matches the (new) home page ignore list from the hijack-blocklists.
- If on startup, the saved preference for the homepage is a blocked URL, then reset it to use the default homepage instead.
  - Note, this will probably cause the wrong homepage to be used for the window(s) created on startup until Firefox is restarted.
- We will attempt to reset the homepage preference if it is invalid when the ignore list is updated. 
- We will record event telemetry ("homepage.preference.ignore") when the preference is reset or blocked from being set. The value parameter will be
  - `saved_reset` for when a saved preference is reset (e.g. initial load of the ignore list after startup, or ignore list update received).
  - `set_blocked_extension` for a WebExtension trying to set the preference to an ignored value via `chrome_settings_overrides`
  - `set_blocked` if something else tries to set the preference to an ignored value (e.g. the user via preferences, though we don't expect this to be a common case).

Attachments

(5 files)

Bug 1535049 - Separate out search ignore lists into their own module. r?daleharvey
47 bytes, text/x-phabricator-request
Details | Review
Bug 1535049 - If the homepage is referenced in the ignore list, reset it soon after startup or when the ignore list is updated. r=daleharvey
47 bytes, text/x-phabricator-request
Details | Review
Bug 1535049 - Disallow setting homepages to ignored urls. r?daleharvey!,mixedpuppy!
47 bytes, text/x-phabricator-request
Details | Review
Bug 1535049 - Add telemetry for the homepage ignore actions. r?daleharvey!,mixedpuppy!,chutten!
47 bytes, text/x-phabricator-request
Details | Review
HomepageDataCollectionReview.md
2.51 KB, text/plain
bmiroglio
: data-review+
Details
No description provided.
Iteration: --- → 68.1 - Mar 18 - 31
Priority: -- → P1
Blocks: 1492953
Severity: normal → enhancement
Iteration: 68.1 - Mar 18 - 31 → ---
Priority: P1 → P3

Goal to get this in 68. The bug dependencies on this should be fixed in time. Thanks!

Priority: P3 → P1
Iteration: --- → 68.3 - Apr 15 - 28
Priority: P1 → P2

Adding user story based on discussions I've had.

Group: mozilla-employee-confidential
User Story: (updated)
Summary: Integrate AS homepage hijackers blocklist into the Search one → Use the Search Submission URL list to block homepages set by hijacking
Component: Activity Streams: Newtab → New Tab Page
Assignee: nobody → standard8
Status: NEW → ASSIGNED

Can you put in a PI request so QA knows to plan to test this once it lands? Thanks!

Flags: needinfo?(standard8)

(In reply to Liz Henry (:lizzard) (use needinfo) from comment #3)

Can you put in a PI request so QA knows to plan to test this once it lands? Thanks!

This is already covered in PI-105.

Flags: needinfo?(standard8)
Iteration: 68.3 - Apr 15 - 28 → 70.2 - Jul 22 - Aug 4
Points: --- → 8

Note, although the submission url and home page blocklists are likely to be the same, we decided to have separate lists for the time being, in case there does need to be a difference for some reason that we haven't thought of yet.

User Story: (updated)

I'm updating the user story to reflect what we've actually implemented. It was slightly easier to handle the value of the existing homepage preference with the ignore list when the ignore list gets loaded - though there's a slight compromise on the home page not being reset for the windows opened at the start of that session. Doing so, would cause extra disk and maybe network activity which would block startup.

User Story: (updated)

This separates out the search ignore list handling into its own module in preparation for use elsewhere as well.

The search ignore list unit tests still largely interact with RemoteSettings to remain as integration tests.

Hey Mark,

We need this to go through to the data steward review process since we are adding telemetry. Would you be able to create a public bug describing the added collection by responding to these questions and flagging me for data-review?

  1. What questions will you answer with this data?

  2. Why does Mozilla need to answer these questions? Are there benefits for users? Do we need this information to address product or business requirements?

  3. What alternative methods did you consider to answer these questions? Why were they not sufficient?

  4. Can current instrumentation answer these questions?

  5. List all proposed measurements and indicate the category of data collection for each measurement, using the Firefox data collection categories on the Mozilla wiki.

  6. How long will this data be collected? Choose one of the following:

  7. What populations will you measure?

  8. If this data collection is default on, what is the opt-out mechanism for users?

  9. Please provide a general description of how you will analyze this data.

  10. Where do you intend to share the results of your analysis?

  11. Is there a third-party tool (i.e. not Telemetry) that you are proposing to use for this data collection?

Flags: needinfo?(standard8)

Mike Connor & I have agreed there's no need for this to be private. Will add the data review in a bit once patches are updated.

Group: mozilla-employee-confidential
Flags: needinfo?(standard8)
Attachment #9082999 - Flags: data-review?(bmiroglio)
Attachment #9082563 - Attachment description: Bug 1535049 - Disallow setting homepages to ignored urls. r?daleharvey,mixedpuppy → Bug 1535049 - Disallow setting homepages to ignored urls. r?daleharvey!,r?mixedpuppy!
Attachment #9082564 - Attachment description: Bug 1535049 - Add telemetry for the homepage ignore actions. r?daleharvey → Bug 1535049 - Add telemetry for the homepage ignore actions. r?daleharvey!,r?mixedpuppy!,r?chutten!
Comment on attachment 9082999 [details] HomepageDataCollectionReview.md 1) Is there or will there be **documentation** that describes the schema for the ultimate data set in a public, complete, and accurate way? Yes, this will be represented in the event telemetry spec: https://searchfox.org/mozilla-central/source/toolkit/components/telemetry/Events.yaml 2) Is there a control mechanism that allows the user to turn the data collection on and off? (Note, for data collection not needed for security purposes, Mozilla provides such a control mechanism) Provide details as to the control mechanism available. Yes, this can be turned off by disabling Telemetry in the Firefox preferences pane. 3) If the request is for permanent data collection, is there someone who will monitor the data over time? :standard8, along with Ryan Harter, Mike Connor and the fx-search team 4) Using the **[category system of data types](https://wiki.mozilla.org/Firefox/Data_Collection)** on the Mozilla wiki, what collection type of data do the requested measurements fall under? Category 2, Interaction Data. 5) Is the data collection request for default-on or default-off? Default-on 6) Does the instrumentation include the addition of **any *new* identifiers** (whether anonymous or otherwise; e.g., username, random IDs, etc. See the appendix for more details)? No 7) Is the data collection covered by the existing Firefox privacy notice? Yes 8) Does there need to be a check-in in the future to determine whether to renew the data? (Yes/No) (If yes, set a todo reminder or file a bug if appropriate)** No 9) Does the data collection use a third-party collection tool? **If yes, escalate to legal.** No data-review r+
Attachment #9082999 - Flags: data-review?(bmiroglio) → data-review+
Attachment #9082563 - Attachment description: Bug 1535049 - Disallow setting homepages to ignored urls. r?daleharvey!,r?mixedpuppy! → Bug 1535049 - Disallow setting homepages to ignored urls. r?daleharvey!,mixedpuppy!
Attachment #9082564 - Attachment description: Bug 1535049 - Add telemetry for the homepage ignore actions. r?daleharvey!,r?mixedpuppy!,r?chutten! → Bug 1535049 - Add telemetry for the homepage ignore actions. r?daleharvey!,mixedpuppy!,chutten!
Pushed by mbanner@mozilla.com: https://hg.mozilla.org/integration/autoland/rev/38b134c75aaf Separate out search ignore lists into their own module. r=daleharvey https://hg.mozilla.org/integration/autoland/rev/68d8d2bf9570 If the homepage is referenced in the ignore list, reset it soon after startup or when the ignore list is updated. r=daleharvey https://hg.mozilla.org/integration/autoland/rev/eb1eff2ef485 Disallow setting homepages to ignored urls. r=daleharvey,mixedpuppy https://hg.mozilla.org/integration/autoland/rev/e966b7945f69 Add telemetry for the homepage ignore actions. r=daleharvey,chutten,mixedpuppy
Regressions: 1574445
Blocks: 1578381
Regressions: 1585972
You need to log in before you can comment on or make changes to this bug.

Attachment

General

Creator:
Created:
Updated:
Size: