Closed Bug 1731713 Opened 3 years ago Closed 2 years ago

[meta] Total Cookie Protection Rollout

Categories

(Core :: Privacy: Anti-Tracking, enhancement, P1)

Product:
Core
Component:
Privacy: Anti-Tracking
Version:
Firefox 103
Platform:
Desktop
All
Type:
enhancement

Tracking

()

Status:
RESOLVED FIXED
Milestone:
103 Branch
Tracking Flags:
Tracking Status
firefox94 --- affected

People

(Reporter: kkim, Unassigned)

References

(Depends on 2 open bugs, Blocks 1 open bug,
URL
)

Details

(Keywords: meta, privacy)

Staged rollout to message eligible release population upon Fx94 enrollment/onboarding with an opt-in invitation to enable Total Cookie Protection in Standard Browsing. If user accepts the invitation, a pref switch will be flipped to "on" to immediately commence stronger privacy protection from third-party cookie tracking.

Currently, TCP is only enabled in Private Browsing windows or Strict Mode for Release population. TCP is turned on by default in Standard Browsing for Nightly users.

By the end of the rollout program, TCP will be set as default to 100% of users.

DEPENDS ON:
https://bugzilla.mozilla.org/show_bug.cgi?id=1727384

REPLACES:
https://bugzilla.mozilla.org/show_bug.cgi?id=1728855
https://bugzilla.mozilla.org/show_bug.cgi?id=1728856

AS OF 9/20: Formally unlinking TCP opt-in messaging from Monochromatic Onboarding

Group: partner-confidential → mozilla-employee-confidential
Depends on: DynamicFirstPartyIsolation
Depends on: 1732271

What's the intended rollout behavior? Nimbus can rollout an opt-in message where we have the button set network.cookie.cookieBehavior user pref value to 5 if it's already 4. But with bug 1732271, it seems like it's not desirable to directly set the cookieBehavior pref?

Or is that extra pref specially for normandy to change a pref value (while nimbus doesn't need an extra pref)? If so, message targeting should look for users who have that special pref set, but the new behavior from bug 1732271 seems like it turns on TCP already, so there's no need for an opt-in?

Depends on: 1732471
Depends on: 1732732
Depends on: 1732772
Depends on: 1732773

Sounds like the desire is to show the spotlight modal on restart without conflicting with the major upgrade spotlight for users who have the current default cookie behavior (4 - this avoids showing the message to people who have custom behavior where changing the pref with bug 1732471 wouldn't actually change behavior). Rollout isn't locale-specific, so we'll need strings to land with bug 1732732. I believe the current spotlight template add in bug 1728420 will be sufficient.

Depends on: 1728420
Depends on: 1732799
Depends on: 1732974
Depends on: 1735841
Depends on: 1737134
Depends on: 1737565
Depends on: 1738206
Blocks: bugzy-epic
Group: mozilla-employee-confidential
Target Milestone: 94 Branch → 95 Branch
Version: Firefox 94 → Firefox 95
Keywords: meta
Summary: Total Cookie Protection can be enabled in Standard Browsing to release population via onboarding → [meta] Total Cookie Protection can be enabled in Standard Browsing to release population via onboarding
Summary: [meta] Total Cookie Protection can be enabled in Standard Browsing to release population via onboarding → [meta] Total Cookie Protection Rollout
Blocks: 1739619
No longer blocks: 1739619
Depends on: 1739619
Depends on: 1740064
Depends on: 1740232
Depends on: 1741204
Depends on: 1741597
Depends on: 1739666, 1741250
Depends on: 1749613
Depends on: 1765949
Depends on: 1766401
Depends on: 1766441
Depends on: 1767383
Depends on: 1767384
Depends on: 1767415
Depends on: 1767440
Depends on: 1767508
QA Whiteboard: [qa-triaged]
QA Whiteboard: [qa-triaged]
Depends on: 1768608
Depends on: 1768605
Depends on: 1769071
Depends on: 1774739
Depends on: 1775758
Depends on: 1776403
Depends on: 1776732
Depends on: 1776760
Depends on: 1776766
Severity: -- → N/A
Component: Messaging System → Privacy: Anti-Tracking
Product: Firefox → Core
Target Milestone: 95 Branch → 103 Branch
Version: Firefox 95 → Firefox 103
Depends on: 1778849

With https://senglehardt.com/test/dfpi/storage_access_api.html being broken does anyone has other sure ways of testing TCP?

We have a mozilla hosted test site and the same test can be found here. https://www.mozilla-anti-tracking.com/test/dfpi/storage_access_api.html

Status: NEW → RESOLVED
Closed: 2 years ago
Resolution: --- → FIXED
You need to log in before you can comment on or make changes to this bug.