Bug 1409045 Expose a websites.firstPartyIsolate pref that Web Extensions can toggle r?aswan,bsilverberg
MozReview-Commit-ID: 6T8A42spaaX
--- a/toolkit/components/extensions/ext-privacy.js
+++ b/toolkit/components/extensions/ext-privacy.js
@@ -143,16 +143,26 @@ ExtensionPreferencesManager.addSetting("
"privacy.resistFingerprinting",
],
setCallback(value) {
return {[this.prefNames[0]]: value};
},
});
+ExtensionPreferencesManager.addSetting("websites.firstPartyIsolate", {
+ prefNames: [
+ "privacy.firstparty.isolate",
+ ],
+
+ setCallback(value) {
+ return {[this.prefNames[0]]: value};
+ },
+});
+
ExtensionPreferencesManager.addSetting("websites.trackingProtectionMode", {
prefNames: [
"privacy.trackingprotection.enabled",
"privacy.trackingprotection.pbmode.enabled",
],
setCallback(value) {
// Default to private browsing.
@@ -236,16 +246,21 @@ this.privacy = class extends ExtensionAP
() => {
return Preferences.get("network.http.sendRefererHeader") !== 0;
}),
resistFingerprinting: getPrivacyAPI(extension,
"websites.resistFingerprinting",
() => {
return Preferences.get("privacy.resistFingerprinting");
}),
+ firstPartyIsolate: getPrivacyAPI(extension,
+ "websites.firstPartyIsolate",
+ () => {
+ return Preferences.get("privacy.firstparty.isolate");
+ }),
trackingProtectionMode: getPrivacyAPI(extension,
"websites.trackingProtectionMode",
() => {
if (Preferences.get("privacy.trackingprotection.enabled")) {
return "always";
} else if (
Preferences.get("privacy.trackingprotection.pbmode.enabled")) {
return "private_browsing";
--- a/toolkit/components/extensions/schemas/privacy.json
+++ b/toolkit/components/extensions/schemas/privacy.json
@@ -84,16 +84,20 @@
"referrersEnabled": {
"$ref": "types.Setting",
"description": "If enabled, the browser sends <code>referer</code> headers with your requests. Yes, the name of this preference doesn't match the misspelled header. No, we're not going to change it. The value of this preference is of type boolean, and the default value is <code>true</code>."
},
"resistFingerprinting": {
"$ref": "types.Setting",
"description": "If enabled, the browser attempts to appear similar to other users by reporting generic information to websites. This can prevent websites from uniquely identifying users. Examples of data that is spoofed include number of CPU cores, precision of JavaScript timers, the local timezone, and disabling features such as GamePad support, and the WebSpeech and Navigator APIs. The value of this preference is of type boolean, and the default value is <code>false</code>."
},
+ "firstPartyIsolate": {
+ "$ref": "types.Setting",
+ "description": "If enabled, the browser will associate all data (including cookies, HSTS data, cached images, and more) for any third party domains with the domain in the address bar. This prevents third party trackers from using directly stored information to identify you across different websites, but may break websites where you login with a third party account (such as a Facebook or Google login.) The value of this preference is of type boolean, and the default value is <code>false</code>."
+ },
"protectedContentEnabled": {
"$ref": "types.Setting",
"description": "<strong>Available on Windows and ChromeOS only</strong>: If enabled, the browser provides a unique ID to plugins in order to run protected content. The value of this preference is of type boolean, and the default value is <code>true</code>.",
"unsupported": true
},
"trackingProtectionMode": {
"$ref": "types.Setting",
"description": "Allow users to specify the mode for tracking protection. This setting's value is of type TrackingProtectionModeOption, defaulting to <code>private_browsing_only</code>."
--- a/toolkit/components/extensions/test/xpcshell/test_ext_privacy.js
+++ b/toolkit/components/extensions/test/xpcshell/test_ext_privacy.js
@@ -233,16 +233,19 @@ add_task(async function test_privacy_oth
"signon.rememberSignons": true,
},
"websites.referrersEnabled": {
"network.http.sendRefererHeader": 2,
},
"websites.resistFingerprinting": {
"privacy.resistFingerprinting": true,
},
+ "websites.firstPartyIsolate": {
+ "privacy.firstparty.isolate": true,
+ },
};
async function background() {
browser.test.onMessage.addListener(async (msg, ...args) => {
let data = args[0];
// The second argument is the end of the api name,
// e.g., "network.webRTCIPHandlingPolicy".
let apiObj = args[1].split(".").reduce((o, i) => o[i], browser.privacy);
@@ -346,16 +349,25 @@ add_task(async function test_privacy_oth
{
"privacy.resistFingerprinting": false,
});
await testSetting("websites.resistFingerprinting", true,
{
"privacy.resistFingerprinting": true,
});
+ await testSetting("websites.firstPartyIsolate", false,
+ {
+ "privacy.firstparty.isolate": false,
+ });
+ await testSetting("websites.firstPartyIsolate", true,
+ {
+ "privacy.firstparty.isolate": true,
+ });
+
await testSetting("websites.trackingProtectionMode", "always", {
"privacy.trackingprotection.enabled": true,
"privacy.trackingprotection.pbmode.enabled": true,
});
await testSetting("websites.trackingProtectionMode", "never", {
"privacy.trackingprotection.enabled": false,
"privacy.trackingprotection.pbmode.enabled": false,
});