Closed Bug 1742141 Opened 3 years ago Closed 11 months ago

GPC headers should be properly protected

Categories

(Core :: Privacy: Anti-Tracking, enhancement)

enhancement

Tracking

()

RESOLVED FIXED
120 Branch
Tracking Status
firefox120 --- fixed

People

(Reporter: mixedpuppy, Assigned: bvandersloot)

References

Details

Attachments

(1 file)

GCP was added, and then exposed to extensions. Some questions in Bug 1735372 and from Rachel led me to look into this a bit.

I think that GCP headers should be a part of the singleton logic in httpchannel. From what I read in the bugs, the intention is that only one header should ever be set. Additionally, it seems under certain circumstances that the header should not be modified if the browser has added it.

Rather than expecting addons to work correctly with that, we should just add the right protections.

  1. Ensure the header is a singleton in https://searchfox.org/mozilla-central/rev/0f3e259c24e52932387318ac503bfad3c82baa44/netwerk/protocol/http/nsHttpHeaderArray.h#213 or made non-mergable here https://searchfox.org/mozilla-central/rev/0f3e259c24e52932387318ac503bfad3c82baa44/netwerk/protocol/http/nsHttpHeaderArray.h#279

  2. If we want to disallow modification of the header, that should be some new logic added in setHeader here https://searchfox.org/mozilla-central/rev/0f3e259c24e52932387318ac503bfad3c82baa44/netwerk/protocol/http/nsHttpHeaderArray.cpp#53-65 and here https://searchfox.org/mozilla-central/rev/0f3e259c24e52932387318ac503bfad3c82baa44/netwerk/protocol/http/nsHttpHeaderArray.cpp#75-84

Summary: GCP headers should be properly protected → GPC headers should be properly protected

I'll be jumping in with a patch that solves (1) here.

I don't know if it is worth it to solve (2) though. It may make sense to allow an extension to manage the removal (maybe for single-site exceptions), treating the extension as part of the User Agent. We don't have similar protections for other forbidden headers (even Fetch Metadata), so I think this is probably fine. I'm not 100% on the boundary of the extension threat model though.

Assignee: nobody → bvandersloot
Status: NEW → ASSIGNED
Pushed by bvandersloot@mozilla.com:
https://hg.mozilla.org/integration/autoland/rev/f44564303c49
GPC header should be a singleton - r=jewilde,necko-reviewers,valentin
Status: ASSIGNED → RESOLVED
Closed: 11 months ago
Resolution: --- → FIXED
Target Milestone: --- → 120 Branch
You need to log in before you can comment on or make changes to this bug.

Attachment

General

Created:
Updated:
Size: