Add a privileged non-document requestStorageAccess API for Shims
Categories
(Core :: Privacy: Anti-Tracking, enhancement, P1)
Tracking
()
Tracking | Status | |
---|---|---|
firefox95 | --- | fixed |
People
(Reporter: johannh, Assigned: timhuang)
References
(Blocks 3 open bugs)
Details
Attachments
(10 files, 4 obsolete files)
48 bytes,
text/x-phabricator-request
|
Details | Review | |
48 bytes,
text/x-phabricator-request
|
Details | Review | |
48 bytes,
text/x-phabricator-request
|
Details | Review | |
48 bytes,
text/x-phabricator-request
|
Details | Review | |
48 bytes,
text/x-phabricator-request
|
Details | Review | |
48 bytes,
text/x-phabricator-request
|
Details | Review | |
48 bytes,
text/x-phabricator-request
|
Details | Review | |
48 bytes,
text/x-phabricator-request
|
Details | Review | |
48 bytes,
text/x-phabricator-request
|
Details | Review | |
48 bytes,
text/x-phabricator-request
|
Details | Review |
As a way of mitigating some of the breakage we've seen with dFPI without compromising on user privacy or giving websites unfair advantages, we want to write shims that call the Storage Access API on behalf of a website. To avoid some of the complexity of creating a third-party iframe and modifying the site's UI, we'd like to create a new API only accessible to privileged WebExtensions. The function signature could look something like this:
document.requestStorageAccessForOrigin(String origin) -> Promise
where origin
would be the origin of the third party, which would then request access for the top-level BC of document
. In the regular web-exposed rSA, document
belongs to the third-party iframe. We don't want that here since this API is expected to be most frequently called outside of the correct iframe.
Note that this is just a hand-wavy suggestion from me, there might be reasons for the API to e.g. not live on the document or have another shape. It shouldn't really matter as long as we meet the requirements outlined here :)
Besides this special signature, this API should still enforce the same requirements such as user interaction and the automatic grant for up to 5 first-party origins before prompting.
Assignee | ||
Updated•3 years ago
|
Assignee | ||
Comment 1•3 years ago
|
||
To differentiate the privilege API calls, we need to add a new grant
reason for it.
Assignee | ||
Comment 2•3 years ago
|
||
Depends on D123799
Assignee | ||
Comment 3•3 years ago
|
||
We add a ContentBlocking::CheckTrackerForPrincipal() which checks
whether a principal belongs to a tracker.
Depends on D123800
Assignee | ||
Comment 4•3 years ago
|
||
Depends on D123801
Assignee | ||
Comment 5•3 years ago
|
||
To differentiate the privilege API calls, we need to add a new grant
reason for it.
Assignee | ||
Comment 6•3 years ago
|
||
Depends on D123803
Assignee | ||
Comment 7•3 years ago
|
||
We add a ContentBlocking::CheckTrackerForPrincipal() which checks
whether a principal belongs to a tracker.
Depends on D123804
Assignee | ||
Comment 8•3 years ago
|
||
Depends on D123805
Assignee | ||
Comment 9•3 years ago
|
||
Depends on D123806
Assignee | ||
Comment 10•3 years ago
|
||
Depends on D123807
Assignee | ||
Comment 11•3 years ago
|
||
Depends on D123808
Assignee | ||
Comment 12•3 years ago
|
||
Depends on D123809
Assignee | ||
Comment 13•3 years ago
|
||
Depends on D123810
Updated•3 years ago
|
Updated•3 years ago
|
Updated•3 years ago
|
Updated•3 years ago
|
Updated•3 years ago
|
Updated•3 years ago
|
Updated•3 years ago
|
Updated•3 years ago
|
Updated•3 years ago
|
Updated•3 years ago
|
Updated•3 years ago
|
Updated•3 years ago
|
Updated•3 years ago
|
Updated•3 years ago
|
Assignee | ||
Comment 14•3 years ago
|
||
This patch changes the way how we decide to expose the privilege SSA to
document interface. We will expose the interface for system principal
and the content script of the webcompat extension only.
Depends on D123811
Comment 15•3 years ago
|
||
Comment 16•3 years ago
|
||
bugherder |
https://hg.mozilla.org/mozilla-central/rev/6aad4b4f5657
https://hg.mozilla.org/mozilla-central/rev/aa49afe2bc68
https://hg.mozilla.org/mozilla-central/rev/4ae2f9a20a08
https://hg.mozilla.org/mozilla-central/rev/339baf19d3c6
https://hg.mozilla.org/mozilla-central/rev/4676337166a2
https://hg.mozilla.org/mozilla-central/rev/2231210a2556
https://hg.mozilla.org/mozilla-central/rev/a0dd38e4d95e
https://hg.mozilla.org/mozilla-central/rev/85856ecdc954
https://hg.mozilla.org/mozilla-central/rev/a46e077a1ab9
https://hg.mozilla.org/mozilla-central/rev/569bb2f56d66
Description
•