Open Bug 1763089 Opened 3 years ago Updated 3 years ago

Investigate rotating the client_id of Glean.js on websites periodically

Tracking

(Not tracked)

Status:

NEW

People

(Reporter: brizental, Unassigned)

References

Details

(Whiteboard: [glean-js])

Beatriz Rizental [:brizental]

Reporter

Description

•

3 years ago

Discussion around such a feature came up during the security review meeting on Glean.js for websites.

The client_id is a user lifetime metric that never expires and can be easily accessed by other scripts on the page. We should consider rotating it periodically to avoid other scripts from using it as well.

Beatriz Rizental [:brizental]

Reporter

Updated

•

3 years ago

Component: Glean.js → Glean: SDK

Whiteboard: [telemetry:glean-js:m?] → [glean-sdk:backlog][glean-js]

Beatriz Rizental [:brizental]

Reporter

Updated

•

3 years ago

Whiteboard: [glean-sdk:backlog][glean-js] → [glean-sdk:m?][glean-js]

Jan-Erik Rediger [:janerik]

Updated

•

3 years ago

Whiteboard: [glean-sdk:m?][glean-js] → [glean-js]

You need to log in before you can comment on or make changes to this bug.

Bugzilla

Investigate rotating the client_id of Glean.js on websites periodically

Categories

(Data Platform and Tools :: Glean: SDK, enhancement, P4)

Tracking

(Not tracked)

People

(Reporter: brizental, Unassigned)

References

Details

(Whiteboard: [glean-js])

Crash Data

Security

(public)

User Story

Description

Updated

Updated

Updated