Bug 1160368 - Part 2: Collect telemetry on how often first- and third-party cookies are set from HTTPS origins. r?jdm
This new COOKIE_SCHEME_HTTPS telemetry probe reports the same information as the COOKIE_SCHEME_SECURITY probe, but also categories cookies by whether they are set from an HTTP or HTTPS origin.
MozReview-Commit-ID: IWg8dycCzwq
--- a/netwerk/cookie/nsCookieService.cpp
+++ b/netwerk/cookie/nsCookieService.cpp
@@ -3480,16 +3480,34 @@ nsCookieService::SetCookieInternal(nsIUR
// 2 = secure and "http:"
// 3 = secure and "https:"
bool isHTTPS;
nsresult rv = aHostURI->SchemeIs("https", &isHTTPS);
if (NS_SUCCEEDED(rv)) {
Telemetry::Accumulate(Telemetry::COOKIE_SCHEME_SECURITY,
((cookieAttributes.isSecure)? 0x02 : 0x00) |
((isHTTPS)? 0x01 : 0x00));
+
+ // Collect telemetry on how often are first- and third-party cookies set
+ // from HTTPS origins:
+ //
+ // 0 (000) = first-party and "http:"
+ // 1 (001) = first-party and "http:" with bogus Secure cookie flag?!
+ // 2 (010) = first-party and "https:"
+ // 3 (011) = first-party and "https:" with Secure cookie flag
+ // 4 (100) = third-party and "http:"
+ // 5 (101) = third-party and "http:" with bogus Secure cookie flag?!
+ // 6 (110) = third-party and "https:"
+ // 7 (111) = third-party and "https:" with Secure cookie flag
+ bool isThirdParty = true;
+ mThirdPartyUtil->IsThirdPartyChannel(aChannel, aHostURI, &isThirdParty);
+ Telemetry::Accumulate(Telemetry::COOKIE_SCHEME_HTTPS,
+ (isThirdParty ? 0x04 : 0x00) |
+ (isHTTPS ? 0x02 : 0x00) |
+ (cookieAttributes.isSecure ? 0x01 : 0x00));
}
int64_t currentTimeInUsec = PR_Now();
// calculate expiry time of cookie.
cookieAttributes.isSession = GetExpiry(cookieAttributes, aServerTime,
currentTimeInUsec / PR_USEC_PER_SEC);
if (aStatus == STATUS_ACCEPT_SESSION) {
--- a/toolkit/components/telemetry/Histograms.json
+++ b/toolkit/components/telemetry/Histograms.json
@@ -10308,16 +10308,25 @@
"alert_emails": ["seceng-telemetry@mozilla.com"],
"bug_numbers": [976073, 1325909],
"expires_in_version": "60",
"kind": "enumerated",
"n_values": 10,
"releaseChannelCollection": "opt-out",
"description": "Strict Secure Cookies: 0=blocked secure cookie from http; 1=blocked shadowing secure cookie from http; 2=shadowing secure cookie from https; 3=evicted newer insecure cookie; 4=evicted oldest insecure cookie; 5=evicted secure cookie; 6=evicting secure cookie blocked; 7=blocked downgrading secure cookie from http; 8=downgraded secure cookie from https"
},
+ "COOKIE_SCHEME_HTTPS": {
+ "record_in_processes": ["main", "content"],
+ "alert_emails": ["seceng-telemetry@mozilla.com"],
+ "bug_numbers": [1160368],
+ "expires_in_version": "60",
+ "kind": "enumerated",
+ "n_values": 10,
+ "description": "How often are first- and third-party cookies set from HTTPS origins? 0=first/http, 1=first/http+secure?!, 2=first/https, 3=first/https+secure, 4=third/http, 5=third/http+secure?!, 6=third/https, 7=third/https+secure"
+ },
"NTLM_MODULE_USED_2": {
"record_in_processes": ["main", "content"],
"expires_in_version": "never",
"kind": "enumerated",
"n_values": 8,
"description": "The module used for the NTLM protocol (Windows_API, Kerberos, Samba_auth or Generic) and whether or not the authentication was used to connect to a proxy server. This data is collected only once per session (at first NTLM authentification) ; fixed version."
},
"FX_THUMBNAILS_BG_QUEUE_SIZE_ON_CAPTURE": {