Re-enable probe for certificate error pages
Categories
(Firefox :: Security, defect)
Tracking
()
People
(Reporter: RT, Assigned: johannh)
References
(Blocks 1 open bug)
Details
Attachments
(3 files, 1 obsolete file)
3.34 KB,
text/plain
|
chutten
:
data-review+
|
Details |
47 bytes,
text/x-phabricator-request
|
Details | Review | |
14.63 KB,
patch
|
RyanVM
:
approval-mozilla-beta+
|
Details | Diff | Splinter Review |
Re-enable probe created on bug 1484255 and then disabled on bug 1578239.
Reporter | ||
Comment 1•4 years ago
|
||
Hi Chris, can you please help review this request?
Assignee | ||
Comment 2•4 years ago
|
||
Prathiksha, would you have time to pick this up? It's just restoring the code from https://phabricator.services.mozilla.com/D46115 but we need to ensure it's compatible with the latest refactorings.
Thanks!
Comment 3•4 years ago
|
||
Comment on attachment 9140390 [details] renewal_request.md For future requests please set the `data-review` flag to `?` and specify the steward you'd like to assign this review to (from the list on [the wiki](https://wiki.mozilla.org/Firefox/Data_Collection)). That way the Data Review will enter our workflow in an expected manner. Unfortunately this is `data-revew -`. For making an expiring probe permanent, please fill out the full form. This short form can only be used to renew probes for a further six months. (It has no provision for asking who will be responsible for the permanent collection over time). Also, it is a best practice to ensure permanent collections are covered by regression tests to ensure later code changes do not interfere with the collection in a way that might go unnoticed. TelemetryTestUtils.jsm is a useful resource in writing such tests.
Reporter | ||
Comment 4•4 years ago
|
||
Thanks for the details, here is now the full form.
Updated•4 years ago
|
Comment 5•4 years ago
|
||
Comment on attachment 9140991 [details] Full form DATA COLLECTION REVIEW RESPONSE: Is there or will there be documentation that describes the schema for the ultimate data set available publicly, complete and accurate? Yes. This collection is Telemetry so is documented in its definitions file [Events.yaml](https://hg.mozilla.org/mozilla-central/file/tip/toolkit/components/telemetry/Events.yaml) and the [Probe Dictionary](https://telemetry.mozilla.org/probe-dictionary/). Is there a control mechanism that allows the user to turn the data collection on and off? Yes. This collection is Telemetry so can be controlled through Firefox's Preferences. If the request is for permanent data collection, is there someone who will monitor the data over time? Yes, Romain Testard is responsible. Using the category system of data types on the Mozilla wiki, what collection type of data do the requested measurements fall under? Category 2, Interaction. Is the data collection request for default-on or default-off? Default on for all channels. Does the instrumentation include the addition of any new identifiers? No. Is the data collection covered by the existing Firefox privacy notice? Yes. Does there need to be a check-in in the future to determine whether to renew the data? No. This collection is permanent. --- Result: datareview+
Reporter | ||
Comment 6•4 years ago
|
||
Hello, any chance this could be part of 76 so we can get early view of intermediate cert impact on cert error page displays?
Assignee | ||
Comment 7•4 years ago
|
||
Updated•4 years ago
|
Pushed by jhofmann@mozilla.com: https://hg.mozilla.org/integration/autoland/rev/f757556c4e2c Re-enable event telemetry probes for certificate error pages. r=nhnt11
Comment 10•4 years ago
|
||
bugherder |
Assignee | ||
Comment 11•4 years ago
|
||
[Tracking Requested - why for this release]:
Ryan, this is the telemetry probe I mentioned on Friday. We would like to get it onto the 76 RC if that’s possible. I’ll do the uplift request in a moment.
Thank you!
Assignee | ||
Comment 12•4 years ago
|
||
Comment on attachment 9143322 [details]
Bug 1629826 - Re-enable event telemetry probes for certificate error pages. r=nhnt11
Beta/Release Uplift Approval Request
- User impact if declined: This probe should hopefully have no user impact whatsoever but rather help us a lot in determining whether we were able to fix a number of certificate errors (which we are assuming are a driver for user churn).
- Is this code covered by automated tests?: Yes
- Has the fix been verified in Nightly?: No
- Needs manual test from QE?: Yes
- If yes, steps to reproduce: Visit a cert error page (see https://badssl.com) and interact with it. This should spawn a number of telemetry events in about:telemetry (for both loading and clicking on certain elements on the page).
Also, ideally none of the above mentioned pages should break in functionality.
- List of other uplifts needed: None
- Risk to taking this patch: Low
- Why is the change risky/not risky? (and alternatives if risky): This is restoring an old patch that we had in release for a while. The code is well understood and not very complicated. It should not affect any functionality, just add telemetry. We have tests. Any breakage should be limited to certificate error pages (which is arguably not a great place to break).
- String changes made/needed: None
Assignee | ||
Updated•4 years ago
|
Updated•4 years ago
|
Comment 13•4 years ago
|
||
I have reproduced this issue using Firefox 77.0a1 (2020.04.14) on Win 8.1 x64.
I can confirm this issue is fixed, I verified using Firefox 77.0a1 latest nightly on Win 8.1 x64, macOS 10.15 and Ubuntu 18.04 x64, visiting cert error page (https://badssl.com/) clicking on expired certificate or wrong.host certificate generate in about:telemetry a number of telemetry events (see attachement: ). I ran some smoke tests to see that it doesn't affect any functionality.
Comment 14•4 years ago
|
||
Comment on attachment 9143322 [details]
Bug 1629826 - Re-enable event telemetry probes for certificate error pages. r=nhnt11
This doesn't graft cleanly. Please attach a rebased patch and re-request approval.
Assignee | ||
Comment 15•4 years ago
•
|
||
Beta/Release Uplift Approval Request
- User impact if declined: This probe should hopefully have no user impact whatsoever but rather help us a lot in determining whether we were able to fix a number of certificate errors (which we are assuming are a driver for user churn).
- Is this code covered by automated tests?: Yes
- Has the fix been verified in Nightly?: No
- Needs manual test from QE?: Yes
- If yes, steps to reproduce: Visit a cert error page (see https://badssl.com) and interact with it. This should spawn a number of telemetry events in about:telemetry (for both loading and clicking on certain elements on the page).
Also, ideally none of the above mentioned pages should break in functionality.
- List of other uplifts needed: None
- Risk to taking this patch: Low
- Why is the change risky/not risky? (and alternatives if risky): This is restoring an old patch that we had in release for a while. The code is well understood and not very complicated. It should not affect any functionality, just add telemetry. We have tests. Any breakage should be limited to certificate error pages (which is arguably not a great place to break).
- String changes made/needed: None
Comment 16•4 years ago
|
||
Comment on attachment 9143652 [details] [diff] [review] Patch for beta Re-enables Telemetry to help us better understand what cert errors users are hitting. Approved for 76.0rc1.
Comment 17•4 years ago
|
||
bugherder uplift |
Updated•4 years ago
|
Comment 18•4 years ago
|
||
This is also verified as fixed on 76.0 (20200427162639) under macOS 10.15, Ubuntu 18.04 x64 and Windows 10 x64.
Description
•