1695050 - Make the CookieBehavior to be able to set for Private Browsing Mode

Status: RESOLVED FIXED

(Core :: Privacy: Anti-Tracking, task, P2)

Description

[Tim Huang[:timhuang]]

Currently, Private Browsing Mode shares the setting of CookieBehavior with the regular browsing mode. We are going to provide a separate pref to control the CookieBehavior for the Private Browsing Mode.

Comment 1

[Tim Huang[:timhuang]]

Attachment: Bug 1695050 - Part 1: Add a pref for controlling the cookieBehavior for Private Brwosing Mode. r?dimi!

Comment 2

[Tim Huang[:timhuang]]

Attachment: Bug 1695050 - Part 2: Modify CookieJarSettings::Create() to be able to creat cookieJarSettings according to the browsing mode. r?dimi!

This patch adds a new function
CookieJarSettings::CreateForPrivateBrowsing() which should be used for
private browsing window to get the cookieJarSettings. It will get the
cookieBehavior from the pref 'network.cookie.cookieBehavior.pbmode' to
create the cookieJarSettings.

Depends on D109044

Comment 3

[Tim Huang[:timhuang]]

Attachment: Bug 1695050 - Part 3: Update current test cases and add a new test case. r?dimi!

This patch updates the pref for existing content blocking tests. And it
also adds a new test to verify that the cookieBehavior in regular
windowa and private window are both correct.

Depends on D109045

Comment 4

[Tim Huang[:timhuang]]

Attachment: Bug 1695050 - Part 4: Update the call-sites of CookieJarSettings::Create() for ServiceWorker and Worker. r?asuth!

This patch makes the service worker to use
CookieJarSettings::CreateForPrivateBrowsing() to create
CookieJarSettings for private browsing window.

Depends on D109046

Comment 5

[Tim Huang[:timhuang]]

Attachment: Bug 1695050 - Part 5: Update the call-sites of CookieJarSettings::Create() for Necko. r?dimi

This patch makes two changes to Necko. First, the loadInfo will use the
CookieJarSettings::CreateForPrivateBrowsing() to create the
cookieJarSettings if the loadInfo is for a private channel. Second, it
updates nsHttpChannel::ReEvaluateReferrerAfterTrackingStatusIsKnown() to
use this function if the channel is private.

Depends on D109047

Comment 6

[Tim Huang[:timhuang]]

Attachment: Bug 1695050 - Part 6: Update the call-site of CookieJarSettings::Create() for Document. r?dimi!

This patch modifies the Document::CookieJarSettings() to use the
function when creating the cookieJarSettings for documents in the
private browsing window.

Depends on D109048

Comment 7

[Tim Huang[:timhuang]]

Attachment: Bug 1695050 - Part 7: Update the call-site of CookieJarSettings::Create() for ReferrerInfo. r?ckerschb!

This patch modifies ReferrerInfo::GetDefaultReferrerPolicy() to use this
function in the private browsing window.

Depends on D109049

Comment 8

[Tim Huang[:timhuang]]

Attachment: Bug 1695050 - Part 8: Update the call-site of CookieJarSettings::Create() for WebBrowserPersist. r?smaug!

This patch makes the nsWebBrowserPersist to use this function to create
the cookieJarSettings if it is not present when the target is in the
private mode.

Depends on D109050

Comment 9

[Tim Huang[:timhuang]]

Attachment: Bug 1695050 - Part 9: Update the call-site of CookieJarSettings::Create() for WebExecutorSupport. r?esawin

The WebExecutorSupport::CreateStreamLoader() would need the
cookieJarSettings. This patch makes it to use the function to get the
cookieJarSettings for the request from the private mode.

Depends on D109051

Comment 10

[Tim Huang[:timhuang]]

Attachment: Bug 1695050 - Part 10: Updates the call-sites of CookieJarSettings::Create() for StorageAccess. r?dimi!

This patch makes the StoraeAccess.cpp to use the function to get the
cookieJarSettings for private browsing mode.

Depends on D109052

Comment 11

[Tim Huang[:timhuang]]

Attachment: Bug 1695050 - Part 11: Update the call-sites of CookieJarSettings::Create() for Fetch and XHR. r?smaug!

Depends on D109053

Comment 12

[Dylan Roeh (:droeh) (he/him)]

Tim, is there a plan to expose network.cookie.cookieBehavior.pbmode in the UI? That will determine whether or not we need any GV-specific code for this right now.

Comment 13

[Johann Hofmann [:johannh]]

Thanks for raising this Dylan, we will expose the pref through the Standard mode labels showing the new default value, so there might be a need to update the labels in Fenix as well, depending on the value of this pref. What's the best way to surface that to your team?

Comment 14

[Tim Huang[:timhuang]]

To add to this, we will not add a specific UI that will expose this pref to users, but only strings changes like what Johann mentioned above. And we will update the logic of ContentBlocking pref controller for ETP custom mode to ensure regular mode and pb mode will use the same CookieBehavior setting. I believe this part won't affect GV because there is no custom mode in GV. Do I understand it correctly?

Comment 15

[Dylan Roeh (:droeh) (he/him)]

(In reply to Tim Huang[:timhuang] from comment #14)

To add to this, we will not add a specific UI that will expose this pref to users, but only strings changes like what Johann mentioned above. And we will update the logic of ContentBlocking pref controller for ETP custom mode to ensure regular mode and pb mode will use the same CookieBehavior setting. I believe this part won't affect GV because there is no custom mode in GV. Do I understand it correctly?

There is actually a custom mode in Fenix, so it sounds like we'll need a bit more than string changes here.

(In reply to Johann Hofmann [:johannh] from comment #13)

Thanks for raising this Dylan, we will expose the pref through the Standard mode labels showing the new default value, so there might be a need to update the labels in Fenix as well, depending on the value of this pref. What's the best way to surface that to your team?

The best place to discuss is probably the Mobile Privacy & Security meeting -- and happily, we have one scheduled tomorrow. I'll make sure this gets on the agenda, and it looks like you're already on the invite list as an optional attendee (Tim, I can invite you as well if you'd like). Let me know if that sounds good.

Comment 16

[Johann Hofmann [:johannh]]

Thanks Dylan, let's do that

Comment 17

[Johann Hofmann [:johannh]]

We will slightly adjust the Fenix privacy preferences for this change, the same way that desktop will adjust in bug 1698845. Arturo and Dylan are taking care of that (thank you!).

Comment 18

[Pulsebot]

Pushed by tihuang@mozilla.com:
https://hg.mozilla.org/integration/autoland/rev/59cda3c92f48
Part 1: Add a pref for controlling the cookieBehavior for Private Brwosing Mode. r=dimi,droeh
https://hg.mozilla.org/integration/autoland/rev/201f0d5fabd6
Part 2: Modify CookieJarSettings::Create() to be able to creat cookieJarSettings according to the browsing mode. r=dimi,preferences-reviewers
https://hg.mozilla.org/integration/autoland/rev/2c746f95236c
Part 3: Update current test cases and add a new test case. r=dimi
https://hg.mozilla.org/integration/autoland/rev/fd4e2d13a749
Part 4: Update the call-sites of CookieJarSettings::Create() for ServiceWorker and Worker. r=asuth
https://hg.mozilla.org/integration/autoland/rev/6e1a1d6a17aa
Part 5: Update the call-sites of CookieJarSettings::Create() for Necko. r=dimi,necko-reviewers,valentin
https://hg.mozilla.org/integration/autoland/rev/b9126a85e2b6
Part 6: Update the call-site of CookieJarSettings::Create() for Document. r=dimi
https://hg.mozilla.org/integration/autoland/rev/b3e24bec0318
Part 7: Update the call-site of  CookieJarSettings::Create() for ReferrerInfo. r=ckerschb
https://hg.mozilla.org/integration/autoland/rev/ad8f1d20bcf5
Part 8: Update the call-site of CookieJarSettings::Create() for WebBrowserPersist. r=smaug
https://hg.mozilla.org/integration/autoland/rev/964aae74959d
Part 9: Update the call-site of CookieJarSettings::Create() for WebExecutorSupport. r=esawin
https://hg.mozilla.org/integration/autoland/rev/1d853acaddcd
Part 10: Updates the call-sites of  CookieJarSettings::Create() for StorageAccess. r=dimi
https://hg.mozilla.org/integration/autoland/rev/3f59f1f2aa57
Part 11: Update the call-sites of CookieJarSettings::Create() for Fetch and XHR. r=smaug

Comment 19

[Natalia Csoregi [:nataliaCs]]

https://hg.mozilla.org/mozilla-central/rev/59cda3c92f48
https://hg.mozilla.org/mozilla-central/rev/201f0d5fabd6
https://hg.mozilla.org/mozilla-central/rev/2c746f95236c
https://hg.mozilla.org/mozilla-central/rev/fd4e2d13a749
https://hg.mozilla.org/mozilla-central/rev/6e1a1d6a17aa
https://hg.mozilla.org/mozilla-central/rev/b9126a85e2b6
https://hg.mozilla.org/mozilla-central/rev/b3e24bec0318
https://hg.mozilla.org/mozilla-central/rev/ad8f1d20bcf5
https://hg.mozilla.org/mozilla-central/rev/964aae74959d
https://hg.mozilla.org/mozilla-central/rev/1d853acaddcd
https://hg.mozilla.org/mozilla-central/rev/3f59f1f2aa57