Figure out how dFPI works with clear-site-data
Categories
(Core :: Privacy: Anti-Tracking, task, P2)
Tracking
()
People
(Reporter: johannh, Unassigned)
References
(Blocks 2 open bugs, )
Details
We need to ensure that dFPI works fine with the clear-site-data header .
Two things we identified so far:
- [baku] We need to clean up partitioned storages when the storage permission is granted.
- [johannh] Should a first party be able to clear its partitioned third parties? It might sense to raise that against the spec.
|
||
Updated•5 years ago
|
|
||
Comment 1•5 years ago
|
||
- Cleaning up partitioned storage is bug 1628313 now.
- If you deleted partitioned third-parties that would give active third-parties a bit of information. I think it should only affect the caches/storage that are in "scope".
|
|
||
Updated•5 years ago
|
|
|
||
Updated•5 years ago
|
|
|
||
Comment 2•5 years ago
|
||
Per https://github.com/privacycg/storage-partitioning/issues/11#issuecomment-696122025 "cookies" and "storage" should use the StoragePrincipal and we should strongly consider removing "cache". Will file a separate bug on that.
|
||
Comment 3•4 years ago
•
|
||
Looks like we don't use the storage principal currently. Instead we clear the storage for the (triggering?) principal derived from the channel: https://searchfox.org/mozilla-central/rev/a0ccd492719b1ad2106f6456549be62a76f45acb/toolkit/components/clearsitedata/ClearSiteData.cpp#161,212
Some quick tests with setting and clearing cookies via the header confirmed this.
|
|
||
Comment 4•4 years ago
|
||
We discussed closing this bug on the basis that this was only about figuring out what to do which per comment 2 we have. I would be okay with keeping this open until we actually implement that though.
|
Reporter | |
Comment 5•4 years ago
|
||
I think we can close this now, follow-ups are bug 1688665 and bug 1671182 which we will prioritize soon as part of our dFPI work.
Description
•