gecko-dev

Ehsan Akhgari 1ca91dd7ab Bug 1603969 - Part 1: Remove the concept of granted origins from the anti-tracking backend; r=baku Granted origins cause a third-party tracker browsing context to not get full first-party storage access after successfully calling the storage access API or a heuristic granting ephemeral access. For example, after https://tracker.example calls the storage access API successfully in the third-party context, they embed https://other-tracker.example, and that load fails because of ETP restrictions. Here what happens is that https://other-tracker.example is mistakenly considered the granted origin, and because such a permission doesn't exist, access is denied. Differential Revision: https://phabricator.services.mozilla.com/D57493 --HG-- extra : moz-landing-system : lando	2019-12-19 02:56:52 +00:00
..
necko.properties	Bug 1603969 - Part 1: Remove the concept of granted origins from the anti-tracking backend; r=baku	2019-12-19 02:56:52 +00:00

Ehsan Akhgari 1ca91dd7ab Bug 1603969 - Part 1: Remove the concept of granted origins from the anti-tracking backend; r=baku

Granted origins cause a third-party tracker browsing context to not get
full first-party storage access after successfully calling the storage
access API or a heuristic granting ephemeral access.

For example, after https://tracker.example calls the storage access API
successfully in the third-party context, they embed
https://other-tracker.example, and that load fails because of ETP
restrictions.  Here what happens is that https://other-tracker.example
is mistakenly considered the granted origin, and because such a
permission doesn't exist, access is denied.

Differential Revision: https://phabricator.services.mozilla.com/D57493

--HG--
extra : moz-landing-system : lando

2019-12-19 02:56:52 +00:00

necko.properties

Bug 1603969 - Part 1: Remove the concept of granted origins from the anti-tracking backend; r=baku

2019-12-19 02:56:52 +00:00