Closed Bug 1930501 Opened 1 year ago Closed 4 months ago

Implement bfcache clearing for `Clear-Site-Data: cache`-header

Categories

(Toolkit :: Data Sanitization, enhancement, P2)

Product:
Toolkit
Component:
Data Sanitization
Type:
enhancement

Tracking

()

Status:
RESOLVED FIXED
Milestone:
141 Branch
Tracking Flags:
Tracking Status
relnote-firefox --- 141+
firefox141 --- fixed

People

(Reporter: manuel, Assigned: manuel)

References

(Blocks 1 open bug)

Details

(Keywords: dev-doc-complete, priv-triaged)

Attachments

(1 file)

Bug 1930501 - Implement bfcache clearing for `Clear-Site-Data: "cache"`-header r=#anti-tracking,smaug
48 bytes, text/x-phabricator-request
Details | Review
No description provided.
See Also: → 1942286
Attachment #9474811 - Attachment description: WIP: Bug 1930501 - Implement bfcache clearing for `Clear-Site-Data: "cache"`-header → WIP: Bug 1930501 - Implement bfcache clearing for `Clear-Site-Data: "cache"`-header r=#anti-tracking
Attachment #9474811 - Attachment description: WIP: Bug 1930501 - Implement bfcache clearing for `Clear-Site-Data: "cache"`-header r=#anti-tracking → Bug 1930501 - Implement bfcache clearing for `Clear-Site-Data: "cache"`-header r=#anti-tracking
Attachment #9474811 - Attachment description: Bug 1930501 - Implement bfcache clearing for `Clear-Site-Data: "cache"`-header r=#anti-tracking → WIP: Bug 1930501 - Implement bfcache clearing for `Clear-Site-Data: "cache"`-header r=#anti-tracking
Attachment #9474811 - Attachment description: WIP: Bug 1930501 - Implement bfcache clearing for `Clear-Site-Data: "cache"`-header r=#anti-tracking → WIP: Bug 1930501 - Implement bfcache clearing for `Clear-Site-Data: "cache"`-header r=#anti-tracking,smaug
Blocks: 1959472
Blocks: 1959477
Attachment #9474811 - Attachment description: WIP: Bug 1930501 - Implement bfcache clearing for `Clear-Site-Data: "cache"`-header r=#anti-tracking,smaug → Bug 1930501 - Implement bfcache clearing for `Clear-Site-Data: "cache"`-header r=#anti-tracking,smaug
See Also: → 1966658

Comment on attachment 9474811 [details]
Bug 1930501 - Implement bfcache clearing for Clear-Site-Data: "cache"-header r=#anti-tracking,smaug

Revision D243176 was moved to bug 1967474. Setting attachment 9474811 [details] to obsolete.

Attachment #9474811 - Attachment is obsolete: true
Attachment #9474811 - Attachment is obsolete: false
Pushed by mbucher@mozilla.com: https://hg.mozilla.org/integration/autoland/rev/54690808a80d Implement bfcache clearing for `Clear-Site-Data: "cache"`-header r=smaug,timhuang

With this change we'll be clearing the bfcache with the clear-site-data: cache directive. Might be good to add the cache to the list in https://developer.mozilla.org/en-US/docs/Web/HTTP/Reference/Headers/Clear-Site-Data#cache

Also this patch somewhat introduces partitioning for bfcache due to exposing it to web content somehow. It could potentially be added to https://developer.mozilla.org/en-US/docs/Web/Privacy/Guides/State_Partitioning#network_partitioning

Keywords: dev-doc-needed
Created web-platform-tests PR https://github.com/web-platform-tests/wpt/pull/52831 for changes under testing/web-platform/tests
Pushed by imoraru@mozilla.com: https://hg.mozilla.org/integration/autoland/rev/fb6df3918f14 Revert "Bug 1930501 - Implement bfcache clearing for `Clear-Site-Data: "cache"`-header r=smaug,timhuang" for causing bc failures on browser_cookiePermission.js.

Revert for causing bc failures on browser_cookiePermission.js. and for causing multiple failures.

Flags: needinfo?(manuel)
Upstream PR merged by moz-wptsync-bot
Pushed by mbucher@mozilla.com: https://github.com/mozilla-firefox/firefox/commit/0203d8d57228 https://hg.mozilla.org/integration/autoland/rev/9cfd289176fd Implement bfcache clearing for `Clear-Site-Data: "cache"`-header r=smaug,timhuang
Pushed by csabou@mozilla.com: https://github.com/mozilla-firefox/firefox/commit/9e3fbae366fa https://hg.mozilla.org/integration/autoland/rev/625988823050 Revert "Bug 1930501 - Implement bfcache clearing for `Clear-Site-Data: "cache"`-header r=smaug,timhuang" for causing BfCached related wpt failures.

Backed out for causing BfCached related wpt failures.

Push with failures

Failure log

Backout link

Bfcache cleaning is only implemented when ship (session history in parent) is enabled. I need to disable / accept failure other CI configurations (nofis / noship).

Flags: needinfo?(manuel)
Created web-platform-tests PR https://github.com/web-platform-tests/wpt/pull/53126 for changes under testing/web-platform/tests
Upstream PR merged by moz-wptsync-bot
Created web-platform-tests PR https://github.com/web-platform-tests/wpt/pull/53127 for changes under testing/web-platform/tests
Upstream PR merged by moz-wptsync-bot
Pushed by mbucher@mozilla.com: https://github.com/mozilla-firefox/firefox/commit/ccd10b84c405 https://hg.mozilla.org/integration/autoland/rev/fa43957d8b0b Implement bfcache clearing for `Clear-Site-Data: "cache"`-header r=smaug,timhuang

https://hg.mozilla.org/mozilla-central/rev/fa43957d8b0b

Status: NEW → RESOLVED
Closed: 4 months ago
status-firefox141: --- → fixed
Resolution: --- → FIXED
Target Milestone: --- → 141 Branch
Created web-platform-tests PR https://github.com/web-platform-tests/wpt/pull/53153 for changes under testing/web-platform/tests
Upstream PR merged by moz-wptsync-bot

Release Note Request (optional, but appreciated)
[Why is this notable]: This is noteworthy for two reasons:

  • Less potential privacy leaks on websites that use this header. E.g. If a bank sends this header on logout, the account balance won't be visible when using the back button after logout.
  • This exposes the bfcache programmatically to websites and therefore introduced a partitioning concept for it

Potentially too technical and more approriate for Firefox release notes for developers.
[Affects Firefox for Android]: Yes
[Suggested wording]: Firefox will now also clear the back-forward-cache when receiving the Clear-Site-Data: "cache" response header.
[Links (documentation, blog post, etc)]:

relnote-firefox: --- → ?

Note added to the Developer section of our Nightly 141 release notes. I am keeping the relnote flag open until we ship it to release, thanks.

See Also: → 1959626

FF141 docs work for this can be tracked in https://github.com/mdn/content/issues/40020

  1. Currently this is just a release note update and adding mention of the bfcache to the "cache" directive - see: https://github.com/mdn/content/pull/40033

  2. I didn't update compatibility data because as far as I can tell the interface has no expectation that a particular cache will be cleared, and we don't track any of the other kinds that might be (see compatibility data https://developer.mozilla.org/en-US/docs/Web/HTTP/Reference/Headers/Clear-Site-Data).

  3. YOu say:

    This exposes the bfcache programmatically to websites and therefore introduced a partitioning concept for it

    What difference does this make to a website (the partitioning concept)? I mean "what would/could a website do differently by knowing about this".
    I'm trying to work out whether it is useful for website developers to mention the partitioning thing in the developer release note.

Flags: needinfo?(manuel)
QA Whiteboard: [qa-triage-done-c142/b141]

(In reply to Hamish Willee from comment #23)

What difference does this make to a website (the partitioning concept)? I mean "what would/could a website do differently by knowing about this".
I'm trying to work out whether it is useful for website developers to mention the partitioning thing in the developer release note.

I mean non really, in the end. But the use-cases for this API are slim anyway. If you are embedded by a third party with an iframe, your bfcache (and other caches) are unaffected in first party (=unpartitioned) context.

So from a website perspective: if you have an enpoint like https://example.com/clear-all that always returns the header, your cache (including bfcache) would stay unaffected if this was embedded as an iframe from https://thirdparty.com for whatever reason.

The partitioning is mostly there to isolate sites from each other to prevent cross-site tracking users. The bfcache would be really hard to use (potentially impossible) for cross-site tracking. However, by also partitioning the bfcache, it is guaranteed to not introduce another cross-site tracking mechanism.

IMHO it the partitioning part isn't developer release note worthy, the bfcache part might.

Flags: needinfo?(manuel)
Keywords: dev-doc-neededdev-doc-complete

Added to our 141 final release notes.

relnote-firefox: ?141+
You need to log in before you can comment on or make changes to this bug.

Attachment

General

Creator:
Created:
Updated:
Size: