#1766 Implement 3rd party cookie isolation per 1st party site

Open
opened 9 maanden geleden by Moonchild · 0 comments

To protect users from cross-site cookie tracking, there are several mitigating methods that have been developed by various browsers. Tor browser has “First-Party-Isolation”, Firefox adopted a variation of that as “Total Cookie Isolation”.

I’m not sure if either is portable, but it should be simple enough to implement something ourselves from scratch too, since all it will really need is storing an extra field per cookie to indicate which 1st party eTLD+1 it was set as part of, and checking that field when extracting cookies from the cookie jar again. That doesn’t have to be particularly difficult nor does it need to touch many parts of the browser/platform code.

To protect users from cross-site cookie tracking, there are several mitigating methods that have been developed by various browsers. Tor browser has "First-Party-Isolation", Firefox adopted a variation of that as "Total Cookie Isolation". I'm not sure if either is portable, but it should be simple enough to implement something ourselves from scratch too, since all it will really need is storing an extra field per cookie to indicate which 1st party eTLD+1 it was set as part of, and checking that field when extracting cookies from the cookie jar again. That doesn't have to be particularly difficult nor does it need to touch many parts of the browser/platform code.
Moonchild voegde het
App: Toolkit
label 9 maanden geleden toe
Moonchild voegde het
C: Networking
label 9 maanden geleden toe
Moonchild voegde het
Enhancement
label 9 maanden geleden toe
Moonchild voegde het
Privacy
label 9 maanden geleden toe
Deze repo is gearchiveerd. U kunt niet reageren op problemen.
Geen mijlpaal
Niet toegewezen
1 deelnemers
Vervaldatum

Geen vervaldatum ingesteld.

Afhankelijkheden

Deze kwestie heeft momenteel geen afhankelijkheden.

Laden…
Er is nog geen inhoud.