Consider using separate attribute to store first-party domain for dFPI
Categories
(Core :: Privacy: Anti-Tracking, enhancement, P1)
Tracking
()
Tracking | Status | |
---|---|---|
firefox79 | --- | fixed |
People
(Reporter: xeonchen, Assigned: xeonchen)
References
(Blocks 1 open bug)
Details
Attachments
(5 files)
mFirstPartyDomain
was introduced by first-party isolation (FPI), and dynamic first-party isolation (dFPI) reuses this attribute. This may be problematic especially when both mode are enabled (see bug 1631676).
Adding another attribute for dFPI seems reasonable and is quite cheap, we should probably consider doing this.
Comment 1•4 years ago
|
||
I think we already settled that FPI and dFPI should be mutually exclusive, right? I.e., if you enable one, the other is disabled.
Then in bug 1637516 we'd like to move the keying from top-level registrable domain to site. If we did that on top of mFirstPartyDomain
it would contain a different value based on which of FPI or dFPI is enabled. That probably works, but starts getting confusing. (Migrating FPI to site is being considered as well, but is much more complicated as it already shipped.)
Also, dFPI will be impacted by follow-up projects to Fission eventually where there is a desire to hide values from processes the process would not otherwise have access to, i.e., the top-level site (when its referrer policy is "no-referrer"). We don't have to tackle that now, but that would also impact this key and not having it impact FPI in addition would probably make that easier.
Then in discussions we've considered adding even more keying for non-storage state, though that would likely require another attribute whichever way we go.
Assignee | ||
Updated•4 years ago
|
Updated•4 years ago
|
Assignee | ||
Updated•4 years ago
|
Assignee | ||
Comment 2•4 years ago
|
||
Assignee | ||
Comment 3•4 years ago
|
||
Depends on D77914
Assignee | ||
Comment 4•4 years ago
|
||
Depends on D77915
Assignee | ||
Comment 5•4 years ago
|
||
Depends on D77916
Assignee | ||
Comment 6•4 years ago
|
||
Depends on D77917
Comment 8•4 years ago
|
||
bugherder |
https://hg.mozilla.org/mozilla-central/rev/42f2bdd06a95
https://hg.mozilla.org/mozilla-central/rev/9a58e5805c83
https://hg.mozilla.org/mozilla-central/rev/bd311336daa7
https://hg.mozilla.org/mozilla-central/rev/64399b8f0d7c
https://hg.mozilla.org/mozilla-central/rev/f318f0c9b8f3
Updated•3 years ago
|
Description
•