Extend the expiration time of the storage access permission that is given from the redirect heuristic
Categories
(Core :: Privacy: Anti-Tracking, task, P2)
Tracking
()
Tracking | Status | |
---|---|---|
firefox101 | --- | fixed |
People
(Reporter: timhuang, Assigned: timhuang)
References
Details
Attachments
(2 files)
The redirect heuristics was designed for the federated login scenario, such as SSO. It gives storage access permission for 15 minutes so that the login process can be successful. This may be enough for making the login successful, however, any operations between the login provider and the login site after the expiration time of the short-term storage access permission won't be successful because the storage is partitioned again. Like, the renewal of the login token could fail because of this.
Also, we give the full expiration time to other window open heuristics. So, keeping the expiration time of the redirect heuristic short doesn't really give us privacy benefits. Therefore, we should extend the expiration time as same as other heuristics.
Assignee | ||
Updated•2 years ago
|
Assignee | ||
Comment 1•2 years ago
|
||
This patch extends the expiration time of the storage access permission
given by the redirect heuristic to 30 days. This matches to the
expiration time of the permission given by other heuristics.
Comment 2•2 years ago
|
||
(In reply to Tim Huang[:timhuang] from comment #0)
Also, we give the full expiration time to other window open heuristics. So, keeping the expiration time of the redirect heuristic short doesn't really give us privacy benefits. Therefore, we should extend the expiration time as same as other heuristics.
The direction of the window open heuristic is different though. The opener site in the window open heuristic is granting storage access to the opened window's origin in the opener. In the redirect heuristic, the site doing the redirecting is getting storage access under the destination page.
This difference makes sense because both pages require user interaction within the last 10 minutes, so for an SSO-in-window-redirect situation you have to trigger on redirect from the SSO back to the page.
Were there abuse use cases drawn up when the heuristics were developed? I think this difference means that they are significant.
I'm not opposed to making this change. I just want to be thorough.
Comment 3•2 years ago
|
||
Talked this over out of band.
The user interaction requirement of this heuristic is significant enough that I am comfortable allowing a longer grant here.
Pushed by tihuang@mozilla.com: https://hg.mozilla.org/integration/autoland/rev/92e64531995a Extend the expiration time of the storage access permission given by the redirect heuristic. r=anti-tracking-reviewers,bvandersloot
Comment 5•2 years ago
|
||
Backed out for causing mochitest failures on browser_contentBlockingTelemetry.js
- Backout link
- Push with failures
- Failure Log
- Failure line: TEST-UNEXPECTED-FAIL | toolkit/components/antitracking/test/browser/browser_contentBlockingTelemetry.js | unexpected counts should be zero for STORAGE_ACCESS_REMAINING_DAYS at index 29 - 1 == 0 - JS frame :: resource://testing-common/TelemetryTestUtils.jsm :: assertHistogram :: line 302
Assignee | ||
Updated•2 years ago
|
Assignee | ||
Comment 6•2 years ago
|
||
In the test, we check if record to the correct bucket for the remaining
expired time of the storage access permission. The expected values were
using static value, which will have problem if we change the expired
time via the prefs.
We change to calculate the expected expired time directly from the pref
so this test can work even we change the pref value.
Depends on D142431
Pushed by tihuang@mozilla.com: https://hg.mozilla.org/integration/autoland/rev/b543d49116b0 Extend the expiration time of the storage access permission given by the redirect heuristic. r=anti-tracking-reviewers,bvandersloot https://hg.mozilla.org/integration/autoland/rev/af56f3b0e695 Calculate the expected expired days directly from the pref in the test browser_contentBlockingTelemetry.js. r=anti-tracking-reviewers,pbz
Comment 8•2 years ago
|
||
bugherder |
https://hg.mozilla.org/mozilla-central/rev/b543d49116b0
https://hg.mozilla.org/mozilla-central/rev/af56f3b0e695
Comment 9•2 years ago
|
||
Description
•