GPC headers should be properly protected
Categories
(Core :: Privacy: Anti-Tracking, enhancement)
Tracking
()
Tracking | Status | |
---|---|---|
firefox120 | --- | fixed |
People
(Reporter: mixedpuppy, Assigned: bvandersloot)
References
Details
Attachments
(1 file)
GCP was added, and then exposed to extensions. Some questions in Bug 1735372 and from Rachel led me to look into this a bit.
I think that GCP headers should be a part of the singleton logic in httpchannel. From what I read in the bugs, the intention is that only one header should ever be set. Additionally, it seems under certain circumstances that the header should not be modified if the browser has added it.
Rather than expecting addons to work correctly with that, we should just add the right protections.
-
Ensure the header is a singleton in https://searchfox.org/mozilla-central/rev/0f3e259c24e52932387318ac503bfad3c82baa44/netwerk/protocol/http/nsHttpHeaderArray.h#213 or made non-mergable here https://searchfox.org/mozilla-central/rev/0f3e259c24e52932387318ac503bfad3c82baa44/netwerk/protocol/http/nsHttpHeaderArray.h#279
-
If we want to disallow modification of the header, that should be some new logic added in setHeader here https://searchfox.org/mozilla-central/rev/0f3e259c24e52932387318ac503bfad3c82baa44/netwerk/protocol/http/nsHttpHeaderArray.cpp#53-65 and here https://searchfox.org/mozilla-central/rev/0f3e259c24e52932387318ac503bfad3c82baa44/netwerk/protocol/http/nsHttpHeaderArray.cpp#75-84
Updated•3 years ago
|
Assignee | ||
Updated•1 year ago
|
Assignee | ||
Comment 1•1 year ago
|
||
I'll be jumping in with a patch that solves (1) here.
I don't know if it is worth it to solve (2) though. It may make sense to allow an extension to manage the removal (maybe for single-site exceptions), treating the extension as part of the User Agent. We don't have similar protections for other forbidden headers (even Fetch Metadata), so I think this is probably fine. I'm not 100% on the boundary of the extension threat model though.
Assignee | ||
Comment 2•1 year ago
|
||
Updated•1 year ago
|
Pushed by bvandersloot@mozilla.com: https://hg.mozilla.org/integration/autoland/rev/f44564303c49 GPC header should be a singleton - r=jewilde,necko-reviewers,valentin
Comment 4•11 months ago
|
||
bugherder |
Description
•