Intent to prototype: Bounce Tracking Mitigations

1,423 views
Skip to first unread message

Paul Zühlcke

unread,
May 6, 2024, 11:08:11 AMMay 6
to dev-pl...@mozilla.org

Summary:

Browser tracking protections, such as third-party cookie restrictions, can be bypassed using bounce tracking which uses short-lived top level redirects to persist first-party state. Gecko already ships Cookie Purging to mitigate this. We intend to prototype Bounce Tracking Protection - a new standardised variant of Cookie Purging that uses heuristics to detect bounce trackers, rather than relying on tracker lists.


We plan to enable the feature in Firefox Nightly by the end of the week. Please let me know if you have questions or concerns. You can also find us in #anti-tracking on Matrix.


Bug: Bug 1839915 [meta], Bug 1895222 - Enable in Nightly


Specification (draft): https://privacycg.github.io/nav-tracking-mitigations/#bounce-tracking-mitigations


Platform coverage: Firefox Desktop, Android (Fenix)


Preferences:

Enable the feature: privacy.bounceTrackingProtection.enabled = true
Enable tracker data purging: privacy.bounceTrackingProtection.enableDryRunMode = false


DevTools bugs:


Link to standards-positions discussion: https://mozilla.github.io/standards-positions/#bounce-tracking-mitigations


Other browsers:


web-platform-tests: Not implemented yet, blocked on https://github.com/web-platform-tests/wpt/issues/17489. The feature has Gecko tests.

Reply all
Reply to author
Forward
0 new messages