Open Bug 1590107 Opened 2 years ago Updated 5 days ago

[meta] Top-level site partitioning

Categories

(Core :: Privacy: Anti-Tracking, defect, P3)

defect

Tracking

()

People

(Reporter: annevk, Unassigned)

References

(Depends on 18 open bugs, Blocks 2 open bugs)

Details

(Keywords: meta, Whiteboard: [necko-triaged])

This is a tracking issue for all our top-level origin partitioning work.

Any communication channel between top-level A and A embedded inside top-level B is of interest, except for cookies and storage APIs ("site data"), which will be handled by StoragePrincipal (please file bugs for those too if you find bits that aren't governed by that).

Top-level partitioning does partitioning on two keys (top-level and context) unconditionally and requestStorageAccess() (StoragePrincipal) has no effect on it.

Depends on: 1590109
Summary: Top-level origin partitioning → [meta] Top-level origin partitioning

Nhi, I guess this is P2. Please correct me if I am wrong.
Could you also find an owner for this? Thanks.

Flags: needinfo?(nhnguyen)
Priority: -- → P2
Whiteboard: [necko-triaged]
Flags: needinfo?(nhnguyen)
Depends on: 1594004
Duplicate of this bug: 231852
Blocks: 231852
Depends on: 1599469
See Also: → 1612652
Depends on: 444222
Duplicate of this bug: dfpi-isolation-needed
Blocks: DynamicFirstPartyIsolation
No longer blocks: 231852
Depends on: 231852

Although when we can use origin we should, generally we target site (as defined by https://html.spec.whatwg.org/#site) as that is approximately what FPI uses (modulo bug 1630869) and what Chrome and Safari seem to be targeting.

Summary: [meta] Top-level origin partitioning → [meta] Top-level site partitioning
No longer depends on: 1590109
Depends on: 1447011
Depends on: 1633293
Depends on: 1634079
Depends on: 1634080
Depends on: 1635193
Depends on: 1635828

Moving this into the anti-tracking component since the scope is broader.

Component: Networking → Privacy: Anti-Tracking
Priority: P2 → P3
Depends on: 1639154
Depends on: 1639247
Depends on: 1589685
Depends on: 1639807
Depends on: 1639833
Depends on: 1642667
Depends on: 1643288
Depends on: 1645987
Depends on: 1646047
Depends on: 1646136
Depends on: 1646640
Depends on: 1646644
Depends on: 1647732
Depends on: 1649673
Depends on: 1652061
Depends on: 1652794
Depends on: 1652951
Depends on: 1658878
Depends on: 1664255
Depends on: 1667348
Depends on: 1670617
Depends on: 1673921
Depends on: 1680771
Depends on: 1685089
Depends on: 1686111
Depends on: 1684004

according to this site
https://www.ghacks.net/2020/12/20/firefox-85-will-improve-privacy-with-network-partitioning-feature/

"...Performance may be impacted as it is no longer possible to share resources, e.g. the same font...."

what if a user doesn't care about that new feature? is there an option to disable network partitioning? Eg. i don't mind the tracking stuff around the internet, i want to be able to disable the feature without losing other major functionality of the browser.

You could flip privacy.partition.network_state in about:config, but this is not necessarily a supported configuration long term. Note that we have performed performance studies and the impact of this is negligible.

No longer depends on: 1536058

Yes, turning off privacy.partition.network_state and network.http.rcwn.enabled improves cache efficiency.
Especially for us who prefer cache over network, because of slow or expensive internet.
Also extensions like Save Page WE and SingleFIle will save pages much faster with such options turned off.
Hope you won't remove such configurations in about:config in long term.
see bug 1687569

Depends on: 1695682
Depends on: 1713748
Depends on: 1716818
Depends on: dFPI-SW
You need to log in before you can comment on or make changes to this bug.