Lightrun Answers was designed to reduce the constant googling that comes with debugging 3rd party libraries. It collects links to all the places you might be looking at while hunting down a tough bug.
And, if you’re still stuck at the end, we’re happy to hop on a call to see how we can help out.
some dFPI questions
See original GitHub issueHi Thomas. Thanks for your work on ETP and Smart Blocking. I have a few questions if you have time, as it’s not clear to me, there’s a lot of moving parts to ETP
Also, TIA
Arkenfox has used FPI for the last four+ years and it’s worked brilliantly (except for some cross-domain login flows where we suggested a secondary browser/profile). But moving forward, maintaining two code paths in Firefox is not feasible, and FPI is going to break things sooner or later, and using dFPI comes with benefits and tighter integration (e.g. with sanitizing), so the time has come … we are moving to ETP Strict
I’m using these terms (correct me if it’s wrong)
- “Shims”: the code you substitute (
extensions.webcompat.enable_shims) <- we’re enforcing this as true - “SmartBlock”: the heuristics you use that allows clicking a FB widget to relax partyness (
privacy.antitracking.enableWebcompat?)- which involves shims?
The questions I have are
- is dFPI totally strict (ignoring heuristics like clicking a facebook widget)
- see [1]
- what does
privacy.antitracking.enableWebcompat=falsedo exactly- see [2]
- what happens to dFPI when a user adds a site exception for ETP?
- i.e to un-break a site they toggle the ETP switch from the urlbar shield
- I assume no state partitioning is applied (for web site data, not network partitioning) for all parties on that eTLD+1
- I understand that this is limited to that eLTD+1 and that same parties elsewhere are still keyed (unless also excepted)
[1]
https://phabricator.services.mozilla.com/D123663
-
To improve web compatibility, Enhanced Tracking Protection makes automated exceptions for certain websites and features. Disabling this option is not recommended, as it can cause websites to break
- are these exceptions what is meant by skiplists?
- where are skiplists in searchfox?
- is this different to SmartBlock heuristics and/or shims?
I get that dFPI is not FPI, and that’s fine given our users and threat model. We just want to make sure we are correct in our documentation
[2] and also see [1] re: privacy.antitracking.enableWebcompat
https://bugzilla.mozilla.org/show_bug.cgi?id=1683165 https://phabricator.services.mozilla.com/D123614
-
Controls the anti-tracking webcompat features. This includes:
- All URL-Classifier and state partitioning skip lists (prefs and remote settings)
- Storage access heuristics (opener, redirect, etc.)
- StorageAccessAPI automatic grants (skips the prompt)
- Allowing specific tracking channels on user opt-in (e.g. facebook login shim).
So … privacy.antitracking.enableWebcompat = false
- disable all automated anti-tracking webcompat heuristics and skiplists 1683165
- toggle web compatibility features of ETP off 1742841
I cannot work out if setting this pref (privacy.antitracking.enableWebcompat) to false hardens or relaxes state partitioning. I’ve gone back and forth and read it both ways, and others have different opinions as well. I can’t imagine why Mozilla would want to add a switch for hardening (which has been mentioned as something down the track for Tor Browser) but rather one that relaxes (for dev testing), but if you turn off the skip lists, heuristics etc then the default is to isolate? So color me confused
here’s the relevant prefs with 2702 to be added
/*** [SECTION 2700]: ETP (ENHANCED TRACKING PROTECTION) ***/
/* 2701: enable ETP Strict Mode [FF86+]
* [NOTE] ETP Strict Mode enables Total Cookie Protection (TCP)
* [1] https://blog.mozilla.org/security/2021/02/23/total-cookie-protection/
* [SETTING] to add site exceptions: Urlbar>ETP Shield
* [SETTING] to manage site exceptions: Options>Privacy & Security>Enhanced Tracking Protection>Manage Exceptions ***/
user_pref("browser.contentblocking.category", "strict");
/* 2702: disable SmartBlock heuristics [FF93+]
* [SETUP-HARDEN]
* [1] https://blog.mozilla.org/security/2021/07/13/smartblock-v2/ ***/
// user_pref("privacy.antitracking.enableWebcompat", false);
/* 2710: enable state partitioning of service workers [FF96+] ***/
user_pref("privacy.partition.serviceWorkers", true);
/*** [SECTION 6000]: DON'T TOUCH ***/
/* 6008: enforce no First Party Isolation [FF51+]
* [WARNING] Replaced with network partitioning (FF85+) and TCP (2701),
* and enabling FPI disables those. FPI is no longer maintained ***/
user_pref("privacy.firstparty.isolate", false); // [DEFAULT: false]
/* 6009: enforce SmartBlock shims [FF81+]
* In FF96+ these are listed in about:compat
* [1] https://blog.mozilla.org/security/2021/03/23/introducing-smartblock/ ***/
user_pref("extensions.webcompat.enable_shims", true); // [DEFAULT: true]
/*** [SECTION 7000]: DON'T BOTHER ***/
/* 7016: customize ETP settings
* [WHY] Arkenfox only supports strict (2701) which sets these at runtime ***/
// user_pref("network.cookie.cookieBehavior", 5);
// user_pref("network.http.referer.disallowCrossSiteRelaxingDefault", true);
// user_pref("privacy.partition.network_state.ocsp_cache", true);
// user_pref("privacy.trackingprotection.enabled", true);
// user_pref("privacy.trackingprotection.socialtracking.enabled", true);
// user_pref("privacy.trackingprotection.cryptomining.enabled", true); // [DEFAULT: true]
// user_pref("privacy.trackingprotection.fingerprinting.enabled", true); // [DEFAULT: true]
Issue Analytics
- State:
- Created 2 years ago
- Comments:6 (1 by maintainers)
Top Results From Across the Web
Top Related Medium Post
Top Related StackOverflow Question
Troubleshoot Live Code
Top Related Reddit Thread
Top Related Hackernoon Post
Top Related Tweet
Top Related Dev.to Post
Top Related Hashnode Post
Not quite, dFPI is basically meant to help the transition to the strictest FPI model on the web we can manage, and right now that means having heuristics to prevent the worst site breakage full FPI causes (so more users can have better protection sooner). The specifics of the heuristics aren’t my specialty, but my understanding is that they essentially involve letting sites share access to web storage if a user interacts with a page in certain ways, for a limited time.
Another thing dFPI will help us do is push sites to use a consent-based model when they need to share cookies, by asking the user with a prompt for permission to do so while they interact with the page. So the sooner we can enable dFPI for everyone the better, as far as I’m concerned.
It’s meant to disable such extra heuristics, so that users who want the strictest settings possible at the cost of site breakage can still have them (whether they use FPI or dFPI). I don’t know the details of how it works for dFPI or other ETP sub-features, but in SmartBlock’s case it disables the Facebook login helper without disabling the entire Facebook shim.
Speaking of SmartBlock, it is separate from dFPI. It does have some fixes for dFPI, which are temporary measures while websites become compatible with dFPI. But mostly SmartBlock shims are there to act as replacements for trackers which are blocked by the content blocker. They act just enough like the blocked trackers to prevent known site breakage, without the tracking. So if the content blocker doesn’t kick in, SmartBlock does nothing.
The content blocker is active in private browsing mode by default, as well as strict mode ETP (and custom mode, as configured). The list of shims can be seen in
about:compat. Disabling shims via the pref will disable all shims listed there, including the content blocker and dFPI related ones.My understanding is that disabling ETP with the shield icon for a site disables all ETP protections, including FPI/dFPI and the content blocker (so SmartBlock won’t kick in). @Trikolon, could you confirm (and maybe check the other questions above and correct anything I may have gotten wrong)?
(As an aside, this is why I’m experimenting with SmartBlock as a way to let users allow certain trackers through on just certain sites, without having to toggle ETP off entirely on the site, and not having to mess around with learning which trackers are needed for what).
Hope that helps clear some things up; I’ll try to find time to re-read your post ASAP, since I’ve likely missed a few questions.
@wisniewskit Indeed, I forgot to mention
("network.cookie.cookieBehavior.pbmode", 5)for pb mode. 😃Thank you for your answer!