Open Bug 1943536 Opened 1 month ago Updated 5 days ago

Disable storage access heuristics for trackers

Tracking

()

Status:

ASSIGNED

People

(Reporter: timhuang, Assigned: timhuang)

References

(Blocks 1 open bug)

Details

Attachments

(5 files)

Bug 1943536 - Part 1: Fixing the name of the pref to exclude third-party trackers from SAA AutoGrants. r?#anti-tracking 5 days ago Tim Huang[:timhuang] 48 bytes, text/x-phabricator-request		Details \| Review
Bug 1943536 - Part 2: Exclude the openerWithUserInteraction heuristic from first-party tracking windows. r?bvandersloot! 5 days ago Tim Huang[:timhuang] 48 bytes, text/x-phabricator-request		Details \| Review
Bug 1943536 - Part 3: Exclude first-party trackers from the Navigation heuristic. r?bvandersloot! 5 days ago Tim Huang[:timhuang] 48 bytes, text/x-phabricator-request		Details \| Review
Bug 1943536 - Part 4: Exclude third-party trackers from triggering the opener heuristics. r?bvandersloot! 5 days ago Tim Huang[:timhuang] 48 bytes, text/x-phabricator-request		Details \| Review
Bug 1943536 - Part 5: Add tests. r?bvandersloot! 5 days ago Tim Huang[:timhuang] 48 bytes, text/x-phabricator-request		Details \| Review

Tim Huang[:timhuang]

Assignee

Description

•

1 month ago

•

Edited

Introduce a pref to control storage access heuristics for third-party trackers.

Tim Huang[:timhuang]

Assignee

Updated

•

6 days ago

Assignee: nobody → tihuang

Status: NEW → ASSIGNED

Tim Huang[:timhuang]

Assignee

Comment 1

•

5 days ago

Attached file Bug 1943536 - Part 1: Fixing the name of the pref to exclude third-party trackers from SAA AutoGrants. r?#anti-tracking — Details

We used a wrong name for the pref that controls SAA AutoGrants for
third-party trackers. This patch fixes this by introducing a pref with a
properly. We will keep the pref that controls SAA heuristics for
third-party trackers.

Tim Huang[:timhuang]

Assignee

Comment 2

•

5 days ago

Attached file Bug 1943536 - Part 2: Exclude the openerWithUserInteraction heuristic from first-party tracking windows. r?bvandersloot! — Details

Currently, we only allow openerWithUserInteraction heuristic for
trackering windows, which doesn't match the MDN article of SAA
heuristics.

In addition, we want to remove the opener heuristic in the future and
move to use the openerWithUserInteraction instead.

In this patch, we change the heuristic to allow it for non-tracking
windows and put it behind the pref.

Depends on D238940

Tim Huang[:timhuang]

Assignee

Comment 3

•

5 days ago

Attached file Bug 1943536 - Part 3: Exclude first-party trackers from the Navigation heuristic. r?bvandersloot! — Details

Depends on D238941

Tim Huang[:timhuang]

Assignee

Comment 4

•

5 days ago

Attached file Bug 1943536 - Part 4: Exclude third-party trackers from triggering the opener heuristics. r?bvandersloot! — Details

We excludes third-party trackers to trigger the opener heuristic.

First, we don't allow a third-party tracking window to trigger the
heuristic. Second, we don't trigger opener heuristic if the opened URL
is a tracking URL.

Depends on D238942

Tim Huang[:timhuang]

Assignee

Comment 5

•

5 days ago

Attached file Bug 1943536 - Part 5: Add tests. r?bvandersloot! — Details

The patch adds tests to ensure third-party trackers cannot trigger
opener and openerWithUserInteraction heuristics. The test for navigation
heuristic is covered by browser_storageAccessWithDynamicFpi.js

Depends on D238943

You need to log in before you can comment on or make changes to this bug.

Bugzilla

Disable storage access heuristics for trackers

Categories

(Core :: Privacy: Anti-Tracking, task)

Tracking

()

People

(Reporter: timhuang, Assigned: timhuang)

References

(Blocks 1 open bug)

Details

Crash Data

Security

(public)

User Story

Attachments

(5 files)

Description

Updated

Comment 1

Comment 2

Comment 3

Comment 4

Comment 5

Attachment

General

Description

File Name

Content Type