Closed Bug 1557346 Opened 4 months ago Closed 2 months ago

Experiment limit `referer` header length

Categories

(Core :: DOM: Security, enhancement)

enhancement
Not set

Tracking

()

RESOLVED FIXED
mozilla70
Tracking Status
firefox70 --- fixed

People

(Reporter: tnguyen, Assigned: tnguyen)

References

Details

(Keywords: dev-doc-needed, site-compat, Whiteboard: [domsecurity-active])

Attachments

(1 file)

Chrome shipped referrer size limitation to 4k now but ideally, we should bring it down to 2k. I am going to create a pref here and choose referrer limitation then we could do more experiments.

Assignee: nobody → tnguyen
Status: NEW → ASSIGNED
Type: defect → enhancement
Whiteboard: [domsecurity-active]

The percentiles look like:

  • 25.00% 27.53
  • 50.00% 44.76
  • 75.00% 79.71
  • 95.00% 263.3
  • 99.00% 986.5
  • 99.50% 1232
  • 99.90% 1956
  • 99.99% 4162

And Chrome decided to use 4k

Depends on: 1557294
Blocks: 1536058

We probably ought to mention this in the docs once implemented.

Keywords: dev-doc-needed
Pushed by tnguyen@mozilla.com:
https://hg.mozilla.org/integration/autoland/rev/9ba600ae3c02
Limit referer header length r=ckerschb

Backed out changeset 9ba600ae3c02 (bug 1557346) for eslint failure at netwerk/test/unit/test_referrer.js on a CLOSED TREE.

Backout link: https://hg.mozilla.org/integration/autoland/rev/450801fafd10d18e6fce669408c551593b2028a7

**Push with failures:**https://treeherder.mozilla.org/#/jobs?repo=autoland&group_state=expanded&resultStatus=testfailed%2Cbusted%2Cexception&revision=9ba600ae3c02a21a273596f2c98a2c47b0ee7c6e&selectedJob=255495683

Log link: https://treeherder.mozilla.org/logviewer.html#/jobs?job_id=255495683&repo=autoland&lineNumber=232

Log snippet: [task 2019-07-09T14:51:19.253Z] eslint installed successfully!
[task 2019-07-09T14:51:19.253Z]
[task 2019-07-09T14:51:19.253Z] NOTE: Your local eslint binary is at /builds/worker/checkouts/gecko/node_modules/.bin/eslint
[task 2019-07-09T14:51:19.253Z]
[task 2019-07-09T15:12:48.647Z] TEST-UNEXPECTED-ERROR | /builds/worker/checkouts/gecko/netwerk/test/unit/test_referrer.js:220:16 | Replace getTestReferrer(server_uri,?referer_uri),?"http://foo.example.com/" with ?????getTestReferrer(server_uri,?referer_uri),?????"http://foo.example.com/"??? (prettier/prettier)
[taskcluster 2019-07-09 15:12:49.045Z] === Task Finished ===
[taskcluster 2019-07-09 15:12:49.802Z] Unsuccessful task run with exit code: 1 completed in 1496.032 seconds

Flags: needinfo?(tnguyen)

I forgot rebasing with our codebase. Updated

Flags: needinfo?(tnguyen)
Pushed by tnguyen@mozilla.com:
https://hg.mozilla.org/integration/autoland/rev/5fb0a623158e
Limit referer header length r=ckerschb
Status: ASSIGNED → RESOLVED
Closed: 2 months ago
Resolution: --- → FIXED
Target Milestone: --- → mozilla70
You need to log in before you can comment on or make changes to this bug.