Closed
Bug 1888500
Opened 6 months ago
Closed 5 months ago
Bounce Tracking Protection should only apply to http/https scheme
Categories
(Core :: Privacy: Anti-Tracking, defect, P2)
Core
Privacy: Anti-Tracking
Tracking
()
RESOLVED
FIXED
127 Branch
Tracking | Status | |
---|---|---|
firefox127 | --- | fixed |
People
(Reporter: pbz, Assigned: pbz)
References
(Blocks 1 open bug)
Details
Attachments
(2 files)
We currently record site hosts for any content principal. We should restrict it to only http/https schemes to avoid adding e.g. about: pages. That's both for user activation and bounce tracker candidates and BounceTrackingRecord.
Assignee | ||
Updated•6 months ago
|
Severity: -- → S3
Assignee | ||
Comment 1•6 months ago
|
||
Updated•6 months ago
|
Assignee: nobody → pbz
Status: NEW → ASSIGNED
Assignee | ||
Comment 2•6 months ago
|
||
Pushed by pzuhlcke@mozilla.com:
https://hg.mozilla.org/integration/autoland/rev/02d68d4511c7
Don't record bounce tracking data for non http(s) schemes or non content principals. r=bvandersloot,anti-tracking-reviewers
https://hg.mozilla.org/integration/autoland/rev/b85173dc6c16
Add a test to ensure we only record user activation for http(s) schemes. r=bvandersloot,anti-tracking-reviewers
Comment 4•6 months ago
•
|
||
Backed out for causing AddressSanitizer @ xpcom/base/nsISupportsImpl.cpp & bc failures @ toolkit/components/antitracking/bouncetrackingprotection/test/browser/<...>
Backout link: https://hg.mozilla.org/integration/autoland/rev/c80113ab4162029cc65655161b3466ba25380dea
Flags: needinfo?(pbz)
Pushed by pzuhlcke@mozilla.com:
https://hg.mozilla.org/integration/autoland/rev/336738f93085
Don't record bounce tracking data for non http(s) schemes or non content principals. r=bvandersloot,anti-tracking-reviewers
https://hg.mozilla.org/integration/autoland/rev/e400fe8e13ac
Add a test to ensure we only record user activation for http(s) schemes. r=bvandersloot,anti-tracking-reviewers
Assignee | ||
Updated•6 months ago
|
Flags: needinfo?(pbz)
Pushed by pzuhlcke@mozilla.com:
https://hg.mozilla.org/integration/autoland/rev/94a18c3b1eb4
Don't record bounce tracking data for non http(s) schemes or non content principals. r=bvandersloot,anti-tracking-reviewers
https://hg.mozilla.org/integration/autoland/rev/33ce1467f37a
Add a test to ensure we only record user activation for http(s) schemes. r=bvandersloot,anti-tracking-reviewers
https://hg.mozilla.org/mozilla-central/rev/94a18c3b1eb4
https://hg.mozilla.org/mozilla-central/rev/33ce1467f37a
Status: ASSIGNED → RESOLVED
Closed: 5 months ago
status-firefox127:
--- → fixed
Resolution: --- → FIXED
Target Milestone: --- → 127 Branch
You need to log in
before you can comment on or make changes to this bug.
Description
•