#1766 Implement 3rd party cookie isolation per 1st party site

Відкрито
9 місяці тому відкрито Moonchild · 0 коментарів
Moonchild прокоментував(ла) 9 місяці тому

To protect users from cross-site cookie tracking, there are several mitigating methods that have been developed by various browsers. Tor browser has “First-Party-Isolation”, Firefox adopted a variation of that as “Total Cookie Isolation”.

I’m not sure if either is portable, but it should be simple enough to implement something ourselves from scratch too, since all it will really need is storing an extra field per cookie to indicate which 1st party eTLD+1 it was set as part of, and checking that field when extracting cookies from the cookie jar again. That doesn’t have to be particularly difficult nor does it need to touch many parts of the browser/platform code.

To protect users from cross-site cookie tracking, there are several mitigating methods that have been developed by various browsers. Tor browser has "First-Party-Isolation", Firefox adopted a variation of that as "Total Cookie Isolation". I'm not sure if either is portable, but it should be simple enough to implement something ourselves from scratch too, since all it will really need is storing an extra field per cookie to indicate which 1st party eTLD+1 it was set as part of, and checking that field when extracting cookies from the cookie jar again. That doesn't have to be particularly difficult nor does it need to touch many parts of the browser/platform code.
Moonchild added the
App: Toolkit
label 9 місяці тому
Moonchild added the
C: Networking
label 9 місяці тому
Moonchild added the
Enhancement
label 9 місяці тому
Moonchild added the
Privacy
label 9 місяці тому
Це архівний репозитарій. Ви не можете коментувати запити.
Етап відсутній
Немає виконавеця
1 учасників
Дата завершення

Термін виконання не встановлений.

Залежності

Ця проблема в даний час не має залежностей.

Завантаження…
Тут ще немає жодного змісту.