Allow WebExtensions to bypass tracking protection for XHR/fetch
Categories
(WebExtensions :: General, enhancement)
Tracking
(Not tracked)
People
(Reporter: evilpie, Unassigned)
References
Details
Attachments
(1 obsolete file)
I know this is a very contentious issue. However please do consider that the current approach for tracking protection makes it impossible for us to implement Livemarks in a sane manner. I really don't understand this desire for keeping this feature that randomly breaks extensions enabled.
Please see https://bugzilla.mozilla.org/show_bug.cgi?id=1502987#c3 for a description of our problem.
I implemented a very targeted fix that allows XHR/fetch to bypass tracking protection for URLs the extension has access to.
I would like to point out that it's possible to bypass tracking protection by hacking your own Cookie header: https://github.com/evilpie/livemarks/commit/ff996813a6601e0585c5c24d176badc3940ac30e. I am however rejecting this approach as too well hacky. And we really don't want all users to have to accept a new permission that we really shouldn't have to use anyway.
Reporter | ||
Comment 1•5 years ago
|
||
Comment 2•5 years ago
|
||
Bug 1308640 has some historical discussion on the relation between extension permissions and tracking protection (of which you are probably aware).
How about the iframe case (bug 1376611)?
I'll bring this up at the next triage meeting.
Reporter | ||
Comment 3•5 years ago
|
||
Too clarify, fixing Bug 1502987 would also be a possible solution. Personally I would like to avoid having to ask for explicit permissions. This patch is most likely also a lot simpler than what we Bug 1502987 requires.
Comment 5•5 years ago
|
||
:mixedpuppy, :rpl, :zombie and I discussed this, and our discussion can be summarized as follows:
We'd like consistent behavior. This means:
- There should be one rule that applies to all kinds of requests (not just fetch/xhr, but also images, documents, etc.)
- Extensions are supposed to represent the interest of users, and host permissions allow them to modify requests anyway. So any request that is obviously triggered by an extension should not be subjected to tracking protection. I.e. if topLevelPrincipal == triggeringPrincipal, and those principals are moz-extension principals belonging to an extension that has (non-explicit) host permissions for the requested URL, then tracking protection should not apply.
Shane is going to discuss this further with Philipp.
Updated•5 years ago
|
Reporter | ||
Comment 6•5 years ago
|
||
So how do we continue here? It would be trivial to update my patch to allow all kinds of WebExtension loads to bypass tracking protection. I guess we want to test a select number of things? (Testing every possible fetch in a browser sounds exhausting)
Updated•5 years ago
|
Comment 7•5 years ago
|
||
This will be resolved by bug 1629436.
Note: only for requests from extension pages, not from content scripts.
Updated•4 years ago
|
Description
•