Open Bug 1970228 Opened 6 months ago Updated 3 months ago

Partitioning should begin at a scheme change

Tracking

()

Status:

NEW

People

(Reporter: bvandersloot, Unassigned)

Details

(Whiteboard: [privacy:priority_queue])

Attachments

(1 file)

WIP: Bug 1970228 - Partitioning should include scheme r?bvandersloot! 3 months ago Leo Liu [:leoliu] 48 bytes, text/x-phabricator-request		Details \| Review

Benjamin VanderSloot [:bvandersloot]

Reporter

Description

•

6 months ago

Our calculation of when something is "third party" doesn't include the scheme. But our partition keys do. This leads to a weird case where a secure-same-base-domain iframe inside of an insecure top level is not partitioned when it is in every other browser. I think this probably causes some WPT failures.

Here is a try of a rough cut of it.

https://treeherder.mozilla.org/jobs?repo=try&revision=da88ddaa6f071b59d750adda0186e60d0a189a75

See https://github.com/privacycg/storage-partitioning/issues/50 for discussion.

We don't want to accidentally make cookies schemeful at the same time though, so let's be careful.

Third partiness should probably be computed inside of the principal, rather than in a weird service hanging out.

Benjamin VanderSloot [:bvandersloot]

Reporter

Updated

•

6 months ago

Priority: P3 → P2

Leo Liu [:leoliu]

Comment 1

•

3 months ago

Attached file WIP: Bug 1970228 - Partitioning should include scheme r?bvandersloot! — Details

You need to log in before you can comment on or make changes to this bug.

Bugzilla

Partitioning should begin at a scheme change

Categories

(Core :: Privacy: Anti-Tracking, defect, P2)

Tracking

()

People

(Reporter: bvandersloot, Unassigned)

References

Details

(Whiteboard: [privacy:priority_queue])

Crash Data

Security

(public)

User Story

Attachments

(1 file)

Description

Updated

Comment 1

Attachment

General

Description

File Name

Content Type