Tracking cookies are not disabled from the doorhanger
Categories
(Firefox for Android Graveyard :: General, defect, P2)
Tracking
(firefox-esr60 unaffected, firefox-esr6869+ verified, firefox68 unaffected, firefox69 verified, firefox70 verified)
| Tracking | Status | |
|---|---|---|
| firefox-esr60 | --- | unaffected |
| firefox-esr68 | 69+ | verified |
| firefox68 | --- | unaffected |
| firefox69 | --- | verified |
| firefox70 | --- | verified |
People
(Reporter: eliza.balazs, Assigned: ehsan.akhgari)
References
Details
(Whiteboard: [fennec68.1])
Attachments
(2 files)
|
47 bytes,
text/x-phabricator-request
|
Details | Review | |
|
47 bytes,
text/x-phabricator-request
|
RyanVM
:
approval-mozilla-beta+
RyanVM
:
approval-mozilla-esr68+
|
Details | Review |
Environment:
Device: OnePlus 5T (Android 9);
Build: ESR 68.1b2;
Precondition:
Have Tracking Protection set to "Enabled"
Have Cookies set to "Enabled, excluding tracking cookies"
Steps to reproduce:
- Launch Fennec and go to https://senglehardt.com/test/cookie_restrictions/simple_iframe.html
- Tap the shield icon and choose "Disable protection" from the doorhanger
- Observe the information about the Tracking Cookies
Expected result:
A value for the disabled Tracking Cookie
"Your current non-HTTPOnly cookies are:
testPageCookie="
is displayed.
Actual result:
The value for the disabled Tracking Cookie is missing, so this is not disabled.
Note:
- On Desktop the Tracking Cookies are disabled.
|
||
Comment 1•6 years ago
|
||
The “Disable protection” button on Fennec’s site permissions door hanger should disable both ETP and standard TP for the site. The current implementation only disables regular TP.
Andrei, is this bug in the Fennec front-end code or in the Gecko Android shared with GeckoView?
We should fix this bug before shipping Fennec ETP. If a user needed to disable Tracking Protection to make a site work, they would have to disable ETP for all sites (in the Fennec settings) if the "Disable protection" button doesn't disable both ETP and standard TP.
|
|
||
Comment 2•6 years ago
|
||
The site permissions door hanger's "Enable protection" button should restore the site to the user's current settings for standard TP and ETP. "Disable protection" should make sure both standard TP and ETP are disabled for the site, but "Enable protection" might re-enable only standard TP, only ETP, both, or neither.
|
||
Comment 3•6 years ago
•
|
||
Should probably update the gdoc as well with these new specs.
|
|
||
Comment 4•6 years ago
|
||
(In reply to Andrei Lazar from comment #3)
Should probably update the gdoc as well with these new specs.
I see that the doc already says:
The “Disable protection” button on Fennec’s site permissions door hanger should disable both ETP and standard TP for the site.
I will update the doc to describe how the door hanger's "Enable protection" button should work (copying comment 2 from above).
https://docs.google.com/document/d/1YV-BECjbWviACyr4BRfMSiwP1mahbUAr2as5GyBYh3I/edit
|
|
||
Comment 5•6 years ago
•
|
||
I'm lowering the priority from P1 to P2. We might not be able to fix this bug in Fennec 68 without a lot of work. Fenix has the same problem because GV does not yet support site exceptions for TP (bug 1557009).
|
||
Comment 6•6 years ago
|
||
Bugbug thinks this bug is a regression, but please revert this change in case of error.
|
|
||
Comment 7•6 years ago
|
||
:andrei.a.lazar, since this bug is a regression, could you fill (if possible) the regressed_by field?
For more information, please visit auto_nag documentation.
|
|
||
Comment 8•6 years ago
|
||
This is not a regression, it was not implemented in the first time.
|
||
Comment 9•6 years ago
|
||
ETP is scheduled to be enabled by default for Fennec 68.1, so setting the tracking flag accordingly.
|
Assignee | |
Comment 10•6 years ago
|
||
It looks like we have a pref that isn't set on mobile, which is preventing the content blocking allow list from being respected for ETP interventions (e.g. when ETP decides to block cookies from a third-party tracker). I have a patch which I believe should fix the bug.
|
|
Assignee | |
Comment 11•6 years ago
|
||
|
|
Assignee | |
Comment 12•6 years ago
|
||
I confirmed myself that this patch indeed fixes the bug.
|
|
Assignee | |
Comment 13•6 years ago
|
||
|
|
Assignee | |
Comment 14•6 years ago
|
||
Comment on attachment 9082347 [details]
Bug 1566836 - Respect the Content Blocking allow list for ETP interventions on all platforms;
Beta/Release Uplift Approval Request
- User impact if declined: See comment 0.
- Is this code covered by automated tests?: No
- Has the fix been verified in Nightly?: No
- Needs manual test from QE?: Yes
- If yes, steps to reproduce: See comment 0.
- List of other uplifts needed: None.
- Risk to taking this patch: Low
- Why is the change risky/not risky? (and alternatives if risky): The code that gets enabled by this pref has been shipped to users on desktop...
- String changes made/needed: None.
ESR Uplift Approval Request
- If this is not a sec:{high,crit} bug, please state case for ESR consideration: See comment 0. This is required for ETP on Fennec.
- User impact if declined: See comment 0.
- Fix Landed on Version: Nightly
- Risk to taking this patch: Low
- Why is the change risky/not risky? (and alternatives if risky): See above.
- String or UUID changes made by this patch: None
|
|
Assignee | |
Updated•6 years ago
|
|
||
Comment 15•6 years ago
|
||
|
|
Assignee | |
Comment 16•6 years ago
|
||
Dylan, this bug would break GV based apps using the content blocking allow list as well.
|
|
||
Comment 17•6 years ago
|
||
| bugherder | ||
|
Reporter | |
Comment 18•6 years ago
|
||
Hi!
I tested this on Nightly 70.0a1 (2019-08-02) with OnePlus 5T (Android 9) and the issue is fixed.
I will mark this as verified on Firefox 70. Thanks!
|
|
||
Comment 19•6 years ago
|
||
Comment on attachment 9082347 [details]
Bug 1566836 - Respect the Content Blocking allow list for ETP interventions on all platforms;
Fix for ETP due to ship in 68.1. Approved for Fennec 68.1b5. Note that this needs the rebased patch rather than a graft from m-c.
|
|
||
Comment 20•6 years ago
|
||
This patch fail to apply:
Hunk #1 FAILED at 1565
1 out of 1 hunks FAILED -- saving rejects to file browser/app/profile/firefox.js.rej
patching file modules/libpref/init/StaticPrefList.h
Hunk #1 FAILED at 723
1 out of 1 hunks FAILED -- saving rejects to file modules/libpref/init/StaticPrefList.h.rej
Thank you.
|
|
||
Comment 21•6 years ago
|
||
| bugherder uplift | ||
Backed out https://hg.mozilla.org/releases/mozilla-beta/rev/a0a695337bed3db31edaa1a38d36ab4828d46385 for containing both Bug 1570434 and Bug 1566836:
https://hg.mozilla.org/releases/mozilla-beta/rev/a0a695337bed3db31edaa1a38d36ab4828d46385
Relanded: https://hg.mozilla.org/releases/mozilla-beta/rev/507c6138ec8e
|
|
||
Updated•6 years ago
|
|
|
||
Comment 22•6 years ago
|
||
(In reply to Sebastian Hengst [:aryx] (needinfo on intermittent or backout) from comment #21)
Relanded: https://hg.mozilla.org/releases/mozilla-beta/rev/507c6138ec8e
Aryx, are you landing patches to ESR? We still need to uplift this fix to mozilla-esr68 for Fennec ESR 68.1.
|
|
||
Comment 23•6 years ago
|
||
| bugherder uplift | ||
|
|
||
Updated•6 years ago
|
|
|
Reporter | |
Comment 24•6 years ago
|
||
Hi! Verified as fixed on Beta 69.0b11 with OnePlus 5T (Android 9), Motorola Nexus 6 (Android 7.1.1).
I will mark this as verified on Firefox 69. Thanks!
|
|
Reporter | |
Comment 25•6 years ago
|
||
Hello! Verified as fixed on ESR 68.1b5 with Nexus 9 (Android 7.1.1; tablet), Samsung Galaxy S8 (Android 9).
I will mark this as verified on Firefox esr68. Thanks!
|
||
Updated•5 years ago
|
Description
•