Bug 1409045 Expose a websites.firstPartyIsolate pref that Web Extensions can toggle r=aswan
authorTom Ritter <tom@mozilla.com>
Mon, 16 Oct 2017 15:58:21 -0500
changeset 386801 0f6d8491f80a95f1cc5325c34667d1a277653276
parent 386800 21c6744ea8ed865706c910b53dac9339a7499df3
child 386802 b6ac85aab3252734b6b0cbc5886b14b00872decc
push id96311
push userarchaeopteryx@coole-files.de
push dateWed, 18 Oct 2017 09:52:02 +0000
treeherdermozilla-inbound@a8a1e8cc1980 [default view] [failures only]
perfherder[talos] [build metrics] [platform microbench] (compared to previous push)
reviewersaswan
bugs1409045
milestone58.0a1
first release with
nightly linux32
nightly linux64
nightly mac
nightly win32
nightly win64
last release without
nightly linux32
nightly linux64
nightly mac
nightly win32
nightly win64
Bug 1409045 Expose a websites.firstPartyIsolate pref that Web Extensions can toggle r=aswan MozReview-Commit-ID: 6T8A42spaaX
toolkit/components/extensions/ext-privacy.js
toolkit/components/extensions/schemas/privacy.json
toolkit/components/extensions/test/xpcshell/test_ext_privacy.js
--- a/toolkit/components/extensions/ext-privacy.js
+++ b/toolkit/components/extensions/ext-privacy.js
@@ -143,16 +143,26 @@ ExtensionPreferencesManager.addSetting("
     "privacy.resistFingerprinting",
   ],
 
   setCallback(value) {
     return {[this.prefNames[0]]: value};
   },
 });
 
+ExtensionPreferencesManager.addSetting("websites.firstPartyIsolate", {
+  prefNames: [
+    "privacy.firstparty.isolate",
+  ],
+
+  setCallback(value) {
+    return {[this.prefNames[0]]: value};
+  },
+});
+
 ExtensionPreferencesManager.addSetting("websites.trackingProtectionMode", {
   prefNames: [
     "privacy.trackingprotection.enabled",
     "privacy.trackingprotection.pbmode.enabled",
   ],
 
   setCallback(value) {
     // Default to private browsing.
@@ -236,16 +246,21 @@ this.privacy = class extends ExtensionAP
             () => {
               return Preferences.get("network.http.sendRefererHeader") !== 0;
             }),
           resistFingerprinting: getPrivacyAPI(extension,
             "websites.resistFingerprinting",
             () => {
               return Preferences.get("privacy.resistFingerprinting");
             }),
+          firstPartyIsolate: getPrivacyAPI(extension,
+            "websites.firstPartyIsolate",
+            () => {
+              return Preferences.get("privacy.firstparty.isolate");
+            }),
           trackingProtectionMode: getPrivacyAPI(extension,
             "websites.trackingProtectionMode",
             () => {
               if (Preferences.get("privacy.trackingprotection.enabled")) {
                 return "always";
               } else if (
                   Preferences.get("privacy.trackingprotection.pbmode.enabled")) {
                 return "private_browsing";
--- a/toolkit/components/extensions/schemas/privacy.json
+++ b/toolkit/components/extensions/schemas/privacy.json
@@ -84,16 +84,20 @@
       "referrersEnabled": {
         "$ref": "types.Setting",
         "description": "If enabled, the browser sends <code>referer</code> headers with your requests. Yes, the name of this preference doesn't match the misspelled header. No, we're not going to change it. The value of this preference is of type boolean, and the default value is <code>true</code>."
       },
       "resistFingerprinting": {
         "$ref": "types.Setting",
         "description": "If enabled, the browser attempts to appear similar to other users by reporting generic information to websites. This can prevent websites from uniquely identifying users. Examples of data that is spoofed include number of CPU cores, precision of JavaScript timers, the local timezone, and disabling features such as GamePad support, and the WebSpeech and Navigator APIs. The value of this preference is of type boolean, and the default value is <code>false</code>."
       },
+      "firstPartyIsolate": {
+        "$ref": "types.Setting",
+        "description": "If enabled, the browser will associate all data (including cookies, HSTS data, cached images, and more) for any third party domains with the domain in the address bar. This prevents third party trackers from using directly stored information to identify you across different websites, but may break websites where you login with a third party account (such as a Facebook or Google login.) The value of this preference is of type boolean, and the default value is <code>false</code>."
+      },
       "protectedContentEnabled": {
         "$ref": "types.Setting",
         "description": "<strong>Available on Windows and ChromeOS only</strong>: If enabled, the browser provides a unique ID to plugins in order to run protected content. The value of this preference is of type boolean, and the default value is <code>true</code>.",
         "unsupported": true
       },
       "trackingProtectionMode": {
         "$ref": "types.Setting",
         "description": "Allow users to specify the mode for tracking protection. This setting's value is of type TrackingProtectionModeOption, defaulting to <code>private_browsing_only</code>."
--- a/toolkit/components/extensions/test/xpcshell/test_ext_privacy.js
+++ b/toolkit/components/extensions/test/xpcshell/test_ext_privacy.js
@@ -233,16 +233,19 @@ add_task(async function test_privacy_oth
       "signon.rememberSignons": true,
     },
     "websites.referrersEnabled": {
       "network.http.sendRefererHeader": 2,
     },
     "websites.resistFingerprinting": {
       "privacy.resistFingerprinting": true,
     },
+    "websites.firstPartyIsolate": {
+      "privacy.firstparty.isolate": true,
+    },
   };
 
   async function background() {
     browser.test.onMessage.addListener(async (msg, ...args) => {
       let data = args[0];
       // The second argument is the end of the api name,
       // e.g., "network.webRTCIPHandlingPolicy".
       let apiObj = args[1].split(".").reduce((o, i) => o[i], browser.privacy);
@@ -346,16 +349,25 @@ add_task(async function test_privacy_oth
     {
       "privacy.resistFingerprinting": false,
     });
   await testSetting("websites.resistFingerprinting", true,
     {
       "privacy.resistFingerprinting": true,
     });
 
+  await testSetting("websites.firstPartyIsolate", false,
+    {
+      "privacy.firstparty.isolate": false,
+    });
+  await testSetting("websites.firstPartyIsolate", true,
+    {
+      "privacy.firstparty.isolate": true,
+    });
+
   await testSetting("websites.trackingProtectionMode", "always", {
     "privacy.trackingprotection.enabled": true,
     "privacy.trackingprotection.pbmode.enabled": true,
   });
   await testSetting("websites.trackingProtectionMode", "never", {
     "privacy.trackingprotection.enabled": false,
     "privacy.trackingprotection.pbmode.enabled": false,
   });