Privacy/Anti-Tracking/Interventions: Difference between revisions
< Privacy | Anti-Tracking
Jump to navigation
Jump to search
Englehardt (talk | contribs) (Add a note about testing on release.) |
(Fix collection access request template, and information about testing on Stage with Release) |
||
| (2 intermediate revisions by 2 users not shown) | |||
| Line 3: | Line 3: | ||
Since we already have a Remote Settings collection, getting access boils down to the following steps: | Since we already have a Remote Settings collection, getting access boils down to the following steps: | ||
* Setup the [https://mana.mozilla.org/wiki/display/IT/Mozilla+VPN Mozilla VPN] | * Setup the [https://mana.mozilla.org/wiki/display/IT/Mozilla+VPN Mozilla VPN] | ||
* Request access to the url-classifier-skip-urls collection using [https://bugzilla.mozilla.org/enter_bug.cgi?bug_ignored=0&bug_severity=--&bug_status=NEW&bug_type=task&cc=mathieu%40mozilla.com&cc=sven%40mozilla.com&cf_fx_iteration=---&cf_fx_points=---&cf_status_firefox93=---&cf_status_firefox94=---&cf_status_firefox95=---&cf_status_firefox_esr78=---&cf_status_firefox_esr91=---&cf_tracking_firefox93=---&cf_tracking_firefox94=---&cf_tracking_firefox95=---&cf_tracking_firefox_esr78=---&cf_tracking_firefox_esr91=---&cf_tracking_firefox_relnote=---&cf_tracking_firefox_sumo=---&comment=Please%20add%20%3Cldap%3E%40mozilla.com%20as%20a%20reviewer%20to%20these%20groups%3A%0D%0A%0D%0A%3Ccollection-name%3E%20-editors%0D%0A%3Ccollection-name%3E%20-reviewers&component=Server%3A%20Remote%20Settings&contenttypemethod=list&contenttypeselection=text%2Fplain&defined_groups=1&filed_via=standard_form&flag_type-37=X&flag_type-607=X&flag_type-708=X&flag_type-721=X&flag_type-737=X&flag_type-748=X&flag_type-787=X&flag_type-800=X&flag_type-803=X&flag_type-846=X&flag_type-864=X&flag_type-936=X&flag_type-945=X&flag_type-947=X&form_name=enter_bug&groups=mozilla-employee-confidential&maketemplate=Remember%20values%20as%20bookmarkable%20template&op_sys=Unspecified&priority=--&product=Cloud%20Services&rep_platform=Unspecified&short_desc=Add%20%3Cldap%3E%40mozilla.com%20as%20an%20editor%2Freviewer%20for%20the%20collection%20%3Cname%3E%20&target_milestone=---&version=unspecified this Bugzilla template] | |||
For a more comprehensive guide, including how to create your own collection, see https://remote-settings.readthedocs.io/en/latest/getting-started.html. | For a more comprehensive guide, including how to create your own collection, see https://remote-settings.readthedocs.io/en/latest/getting-started.html. | ||
| Line 17: | Line 17: | ||
'''Please test interventions on stage before pushing to production.''' You can use the [https://github.com/mozilla/remote-settings-devtools Remote Settings DevTools] to switch between them in your browser (see also the [https://remote-settings.readthedocs.io/en/latest/getting-started.html Remote Settings documentation]). | '''Please test interventions on stage before pushing to production.''' You can use the [https://github.com/mozilla/remote-settings-devtools Remote Settings DevTools] to switch between them in your browser (see also the [https://remote-settings.readthedocs.io/en/latest/getting-started.html Remote Settings documentation]). | ||
Note that | Note that since [https://bugzilla.mozilla.org/show_bug.cgi?id=1598562 Bug 1598562], changing to the Stage server on Firefox Release clients requires the environment variable XPCSHELL_TEST_PROFILE_DIR=1 to be set for the change to be taken into account. Interventions that are [https://remote-settings.readthedocs.io/en/latest/target-filters.html filtered] only to Release users will have to test on the Prod server by adding an additional filter restricting the skiplist record to a [https://remote-settings.readthedocs.io/en/latest/target-filters.html#preferenceExists custom preference] that you've manually added to your test browser. | ||
=== Tracking Interventions === | === Tracking Interventions === | ||
| Line 27: | Line 27: | ||
* Turn on the Mozilla VPN | * Turn on the Mozilla VPN | ||
* Visit the stage or production admin interface (see above) | * Visit the stage or production admin interface (see above) | ||
* | * Find the ''url-classifier-skip-urls'' or ''partitioning-exempt-urls'' collection. ''url-classifier-skip-urls'' is used to allowlist resources blocked by tracking protection, while ''partitioning-exempt-urls'' excludes specific origin combinations from dFPI/TCP. | ||
* If you are '''skiplisting a resource blocking feature''' you need to skiplist the corresponding annotation feature so the blocked resource isn't shown as blocked in the UI (see [https://bugzilla.mozilla.org/show_bug.cgi?id=1590591#c13 Bug 1590591]). For example, if you are skiplisting the ''fingerprinting-protection'' feature you should also skiplist the same pattern under the ''fingerprinting-annotation'' feature. The same is true for ''tracking-protection'' and ''tracking-annotation'', ''socialtracking-protection'' and ''socialtracking-annotation'', and ''cryptomining-protection'' and ''cryptomining-annotation''. | * For ''url-classifier-skip-urls'': If you are '''skiplisting a resource blocking feature''' you need to skiplist the corresponding annotation feature so the blocked resource isn't shown as blocked in the UI (see [https://bugzilla.mozilla.org/show_bug.cgi?id=1590591#c13 Bug 1590591]). For example, if you are skiplisting the ''fingerprinting-protection'' feature you should also skiplist the same pattern under the ''fingerprinting-annotation'' feature. The same is true for ''tracking-protection'' and ''tracking-annotation'', ''socialtracking-protection'' and ''socialtracking-annotation'', and ''cryptomining-protection'' and ''cryptomining-annotation''. | ||
* File a bug describing your intervention, using [https://bugzilla.mozilla.org/enter_bug.cgi?assigned_to=nobody%40mozilla.org&blocked=1537702&bug_ignored=0&bug_severity=normal&bug_status=NEW&bug_type=task&cf_fission_milestone=---&cf_fx_iteration=---&cf_fx_points=---&cf_status_firefox73=---&cf_status_firefox74=---&cf_status_firefox75=---&cf_status_firefox_esr68=---&cf_status_thunderbird_esr60=---&cf_status_thunderbird_esr68=---&cf_tracking_firefox73=---&cf_tracking_firefox74=---&cf_tracking_firefox75=---&cf_tracking_firefox_esr68=---&cf_tracking_firefox_relnote=---&cf_tracking_thunderbird_esr60=---&cf_tracking_thunderbird_esr68=---&cf_webcompat_priority=---&comment=%2A%2ABreakage%20bug%20for%20which%20this%20skiplist%20entry%20is%20being%20added%20%28also%20add%20in%20%22Depends%20on%22%29%3A%2A%2A%0D%0A%0D%0A%2A%2ATracking%20protection%20feature%28s%29%20to%20be%20skiplisted%3A%2A%2A%0D%0A%0D%0A%2A%2APattern%20to%20be%20skiplisted%3A%2A%2A%0D%0A%0D%0A%2A%2ATimeline%20of%20intervention%20%28See%20%5Bour%20timeline%20policy%5D%28https%3A%2F%2Fgithub.com%2Fmozilla-services%2Fshavar-prod-lists%23temporary-exceptions%29%29%3A%2A%2A%0D%0A%0D%0A%2A%2APlanned%20steps%20to%20resolve%20intervention%20%28e.g.%2C%20outreach%2C%20technical%20fixes%2C%20policy%20fixes%29%3A%2A%2A&component=Privacy%3A%20Anti-Tracking&contenttypemethod=list&contenttypeselection=text%2Fplain&defined_groups=1&filed_via=standard_form&flag_type-203=X&flag_type-37=X&flag_type-41=X&flag_type-607=X&flag_type-721=X&flag_type-737=X&flag_type-787=X&flag_type-799=X&flag_type-800=X&flag_type-803=X&flag_type-835=X&flag_type-846=X&flag_type-855=X&flag_type-863=X&flag_type-864=X&flag_type-930=X&flag_type-936=X&flag_type-937=X&flag_type-941=X&form_name=enter_bug&maketemplate=Remember%20values%20as%20bookmarkable%20template&op_sys=Unspecified&priority=--&product=Core&rep_platform=Unspecified&short_desc=Revert%20%5Bfeature-name%5D%20skiplist%20intervention%20for%20%5Bsite-name%5D&target_milestone=---&version=unspecified this template]. Be sure to substitute ''[feature-name]'' and ''[site-name]'' in the bug title, and provide information for all items in the template's description. | * File a bug describing your intervention, using [https://bugzilla.mozilla.org/enter_bug.cgi?assigned_to=nobody%40mozilla.org&blocked=1537702&bug_ignored=0&bug_severity=normal&bug_status=NEW&bug_type=task&cf_fission_milestone=---&cf_fx_iteration=---&cf_fx_points=---&cf_status_firefox73=---&cf_status_firefox74=---&cf_status_firefox75=---&cf_status_firefox_esr68=---&cf_status_thunderbird_esr60=---&cf_status_thunderbird_esr68=---&cf_tracking_firefox73=---&cf_tracking_firefox74=---&cf_tracking_firefox75=---&cf_tracking_firefox_esr68=---&cf_tracking_firefox_relnote=---&cf_tracking_thunderbird_esr60=---&cf_tracking_thunderbird_esr68=---&cf_webcompat_priority=---&comment=%2A%2ABreakage%20bug%20for%20which%20this%20skiplist%20entry%20is%20being%20added%20%28also%20add%20in%20%22Depends%20on%22%29%3A%2A%2A%0D%0A%0D%0A%2A%2ATracking%20protection%20feature%28s%29%20to%20be%20skiplisted%3A%2A%2A%0D%0A%0D%0A%2A%2APattern%20to%20be%20skiplisted%3A%2A%2A%0D%0A%0D%0A%2A%2ATimeline%20of%20intervention%20%28See%20%5Bour%20timeline%20policy%5D%28https%3A%2F%2Fgithub.com%2Fmozilla-services%2Fshavar-prod-lists%23temporary-exceptions%29%29%3A%2A%2A%0D%0A%0D%0A%2A%2APlanned%20steps%20to%20resolve%20intervention%20%28e.g.%2C%20outreach%2C%20technical%20fixes%2C%20policy%20fixes%29%3A%2A%2A&component=Privacy%3A%20Anti-Tracking&contenttypemethod=list&contenttypeselection=text%2Fplain&defined_groups=1&filed_via=standard_form&flag_type-203=X&flag_type-37=X&flag_type-41=X&flag_type-607=X&flag_type-721=X&flag_type-737=X&flag_type-787=X&flag_type-799=X&flag_type-800=X&flag_type-803=X&flag_type-835=X&flag_type-846=X&flag_type-855=X&flag_type-863=X&flag_type-864=X&flag_type-930=X&flag_type-936=X&flag_type-937=X&flag_type-941=X&form_name=enter_bug&maketemplate=Remember%20values%20as%20bookmarkable%20template&op_sys=Unspecified&priority=--&product=Core&rep_platform=Unspecified&short_desc=Revert%20%5Bfeature-name%5D%20skiplist%20intervention%20for%20%5Bsite-name%5D&target_milestone=---&version=unspecified this template]. Be sure to substitute ''[feature-name]'' and ''[site-name]'' in the bug title, and provide information for all items in the template's description. | ||
You can also see an overview of interacting with remote settings collections in [https://remote-settings.readthedocs.io/en/latest/screencasts.html this screencast]. | You can also see an overview of interacting with remote settings collections in [https://remote-settings.readthedocs.io/en/latest/screencasts.html this screencast]. | ||
Latest revision as of 14:39, 27 October 2021
Getting access to the Remote Settings admin interface
Since we already have a Remote Settings collection, getting access boils down to the following steps:
- Setup the Mozilla VPN
- Request access to the url-classifier-skip-urls collection using this Bugzilla template
For a more comprehensive guide, including how to create your own collection, see https://remote-settings.readthedocs.io/en/latest/getting-started.html.
Admin Interface
Remote Settings provides a stage environment as well as a production environment:
- Stage: https://settings-writer.stage.mozaws.net/v1/admin/
- Production: https://settings-writer.prod.mozaws.net/v1/admin/
Please test interventions on stage before pushing to production. You can use the Remote Settings DevTools to switch between them in your browser (see also the Remote Settings documentation).
Note that since Bug 1598562, changing to the Stage server on Firefox Release clients requires the environment variable XPCSHELL_TEST_PROFILE_DIR=1 to be set for the change to be taken into account. Interventions that are filtered only to Release users will have to test on the Prod server by adding an additional filter restricting the skiplist record to a custom preference that you've manually added to your test browser.
Tracking Interventions
We have set up bug 1537702 to track active interventions. All interventions must have a corresponding bug that blocks this meta-bug.
Steps to create a new Intervention
- Turn on the Mozilla VPN
- Visit the stage or production admin interface (see above)
- Find the url-classifier-skip-urls or partitioning-exempt-urls collection. url-classifier-skip-urls is used to allowlist resources blocked by tracking protection, while partitioning-exempt-urls excludes specific origin combinations from dFPI/TCP.
- For url-classifier-skip-urls: If you are skiplisting a resource blocking feature you need to skiplist the corresponding annotation feature so the blocked resource isn't shown as blocked in the UI (see Bug 1590591). For example, if you are skiplisting the fingerprinting-protection feature you should also skiplist the same pattern under the fingerprinting-annotation feature. The same is true for tracking-protection and tracking-annotation, socialtracking-protection and socialtracking-annotation, and cryptomining-protection and cryptomining-annotation.
- File a bug describing your intervention, using this template. Be sure to substitute [feature-name] and [site-name] in the bug title, and provide information for all items in the template's description.
You can also see an overview of interacting with remote settings collections in this screencast.
Removing your intervention
You should aim to fix the breakage that led to an intervention within your specified timeline. Once the fix lands you should wait until the fix ships to all channels (Nightly, Beta, and Release) before you remove the intervention. Be sure to consider whether the breakage impacts ESR users. If it does and you don't want the intervention to stick around for Nightly/Beta/Release users for the entire ESR cycle, you can issue an intervention that is scoped only to ESR users through Remote Settings filters.