Closed Bug 670166 Opened 13 years ago Closed 11 years ago

User preference to prevent cross-domain cookie-based tracking

Categories

(Firefox :: Settings UI, enhancement)

Product:
Firefox
Component:
Settings UI
Platform:
x86
Linux
Type:
enhancement
Priority:
Not set
Severity:
normal

Tracking

()

Status:
RESOLVED DUPLICATE of bug 818340

People

(Reporter: bruant.d, Unassigned)

Details

_tl;dr_
Add a preference for users to opt-out of cross-domain cookies


__The problem__
One problem of generated by cookies is cross-domain tracking.
When first loading a resource from tracking.com (example name. I don't know if the domain is actually used and I don't care) (inserted image, visiting tracking.com itself, etc.), tracking.com can set a cookie. Later requests to tracking.com will send this cookie, regardless of whether you visit tracking.com or any other site. Some website store in the cookie an identifier used to identify from which user the requests come from. Combined with the Referer (sic) HTTP header, not only tracking.com can identify a person, but also a browsing behavior in the tracking.com domain (which I consider acceptable) AND any other website embedding a tracking.com (which is an issue).
This is very well explained and visualized by http://collusion.toolness.org/

__The basic idea__
If I'm visiting a website from a particular origin, do NOT send cookies to other domains.
This has several limitations of course.

__Limitations__
* In some cases, the cookies could be useful anyways, so Firefox should not impose to not send the cookies, hence the idea of a user preference option.
* Some requests should always send cookies. iframes, for instance, since their content is very likely to depend on cookies. Not sending cookies could break the browing experience.
* I don't know what to think of cross-domain XHR.

__Technical details__
* If not sending the Cookie header to a tracking domain, this one is likely to send the cookie again. I think that the best thing is to ignore this new cookie and keep the previous one.
* Same-origin cookies should NOT be affected by this bug.

__How could the preference be presented to the user?__
I see two ways to set the preference.
* Block all cross-domain cookies except a user-provided white list
* Block no cross-domain cookies except a user-provided black list (default and empty black list by default for the sake of not breaking the web)
Both approaches could be provided to the user.

One good thing later down the road would be to allow users sharing their lists.
Maybe following the model used in AdBlock?
Maybe through a Sync-like mechanism?

With such a user preference, users will have a way to protect themselves from tracking. Something I hope more efficient than the Do-Not-Track header which is respected at the discretion of the server.

_Warning_
Fixing this bug may affect worldwide economy
I wished to set this bug in both the Preferences and Networking components, but I don't know how to do.

Also, bug 397082 is related and points to the following add-on: https://addons.mozilla.org/fr/firefox/addon/refcontrol/
(In reply to comment #2)
> Third party cookies can already be blocked.
> https://support.mozilla.com/en-US/kb/Options%20window%20-
> %20Privacy%20panel#w_use-custom-settings-for-history
Interesting. Thanks.
However it does not cover what I said. (Or the wording needs to be changed)

"Accept third-party cookies:
If selected, Firefox will accept cookies from http://site2.com when you are visiting http://site1.com. For more information, see Third party cookies. "
=> My understanding is that if I have visited http://site2.com, requests to site2 from site1 (like an embedded image) will send site2 cookies which, with the referer will allow site2 to track me while I browse site1 (as long as there is something doing a request to site2).
For this bug, I'm not concern of accepting cookies, but rather sending them.
Severity: normal → enhancement
Regarding iframes, this option could allow to disable the referer header (but keep cookies to not break the user experience)
Status: NEW → RESOLVED
Closed: 11 years ago
Resolution: --- → DUPLICATE
You need to log in before you can comment on or make changes to this bug.