1863280 - Showing the suspicious fingerpinter's origin on the fingerprinter subpanel of the protections panel

Status: VERIFIED FIXED

(Firefox :: Protections UI, task)

Description

[Tim Huang[:timhuang]]

Showing the origin of the detected suspicious fingerprinters on the fingerprinter subpanel. We only show this if the fingerprinting protection is enabled for the given context.

Comment 1

[BugBot [:suhaib / :marco/ :calixte]]

The Bugbug bot thinks this bug should belong to the 'Core::Privacy: Anti-Tracking' component, and is moving the bug to that component. Please correct in case you think the bot is wrong.

Comment 2

[Tim Huang[:timhuang]]

Attachment: Bug 1863280 - Part 1: Implements nsRFPService::CheckSuspiciousFingerprintingActivity(). r?tjr!

This patch introduces a helper function
nsRFPService::CheckSuspiciousFingerprintingActivity. This helper
function checks suspicious fingerprinting activities from given content
blocking origin logs.

Comment 3

[Tim Huang[:timhuang]]

Attachment: Bug 1863280 - Part 2: Adding STATE_BLOCKED_SUSPICIOUS_FINGERPRINTING to ContentBlockingLog. r?pbz!

To record whether we have detected suspicious fingerprinting activities
to the ContentBlockingLog, we introduce a new ContentBlockingLog event
called STATE_BLOCKED_SUSPICIOUS_FINGERPRINTING.

Whenever a fingerprinting content blocking event gets recorded under an
origin, we check if this origin is conducting suspicious fingerprinting
activites. Then, we store this fact under the origin entry and notify
the STATE_BLOCKED_SUSPICIOUS_FINGERPRINTING event to indicate that there
is a suspicous fingerprinitng activity happening.

I need to move ContentBlockingLog::RecordLogInternal() from header to
cpp file to avoid include file dependency issue.

Depends on D193453

Comment 4

[Tim Huang[:timhuang]]

Attachment: Bug 1863280 - Part 3: Implements a new fingerprinting protection category for the protection panel. r?pbz

This patch implements a new protection category that recognizes the
STATE_BLOCKED_SUSPICIOUS_FINGERPRINTING event. So, we can show the
suspicious fingerprinting on the fingerprinting category and suspicious
fingerprinting origin on the fingerprinting subpanel.

Depends on D193454

Comment 5

[Tim Huang[:timhuang]]

Attachment: Bug 1863280 - Part 4: Add tests. r?pbz!

This patch addes tests to verify that suspicious fingerprinter gets
properly shown on protection panel.

Depends on D193455

Comment 6

[Pulsebot]

Pushed by tihuang@mozilla.com:
https://hg.mozilla.org/integration/autoland/rev/0a411bc00520
Part 1: Implements nsRFPService::CheckSuspiciousFingerprintingActivity(). r=tjr
https://hg.mozilla.org/integration/autoland/rev/c2ce0e56e0aa
Part 2: Adding STATE_BLOCKED_SUSPICIOUS_FINGERPRINTING to ContentBlockingLog. r=pbz,anti-tracking-reviewers
https://hg.mozilla.org/integration/autoland/rev/c863194a7ffb
Part 3: Implements a new fingerprinting protection category for the protection panel. r=pbz
https://hg.mozilla.org/integration/autoland/rev/90c9708e314f
Part 4: Add tests. r=pbz

Comment 7

[Cristian Tuns]

https://hg.mozilla.org/mozilla-central/rev/0a411bc00520
https://hg.mozilla.org/mozilla-central/rev/c2ce0e56e0aa
https://hg.mozilla.org/mozilla-central/rev/c863194a7ffb
https://hg.mozilla.org/mozilla-central/rev/90c9708e314f

Comment 8

[Ciprian Georgiu, Desktop QA]

We've conducted spot checks on Win 11, macOS 11 and mac 12 under Beta 121 to verify if the fingerprinter category appears correctly in the ETP panel. Additionally, we've looked into displaying the suspected fingerprinter's origin in the subpanel of the protections panel.

While we've encountered a few failed tests, upon discussion with the engineering team, it appears that these results were expected (refer to the notes section in the document). No new issues were found and all the results are available here.