From a065e04d529da1d847b5062a12c46d916408bf32 Mon Sep 17 00:00:00 2001 From: Peter Bengtsson Date: Tue, 8 Dec 2020 21:46:22 -0500 Subject: update based on https://github.com/mdn/yari/issues/2028 --- files/ru/mozilla/firefox/privacy/index.html | 9 - .../errors/cookieblockedforeign/index.html | 43 ---- .../errors/cookieblockedtracker/index.html | 38 --- .../storage_access_policy/errors/index.html | 24 -- .../privacy/storage_access_policy/index.html | 274 --------------------- .../firefox/privacy/tracking_protection/index.html | 43 ---- 6 files changed, 431 deletions(-) delete mode 100644 files/ru/mozilla/firefox/privacy/index.html delete mode 100644 files/ru/mozilla/firefox/privacy/storage_access_policy/errors/cookieblockedforeign/index.html delete mode 100644 files/ru/mozilla/firefox/privacy/storage_access_policy/errors/cookieblockedtracker/index.html delete mode 100644 files/ru/mozilla/firefox/privacy/storage_access_policy/errors/index.html delete mode 100644 files/ru/mozilla/firefox/privacy/storage_access_policy/index.html delete mode 100644 files/ru/mozilla/firefox/privacy/tracking_protection/index.html (limited to 'files/ru/mozilla/firefox/privacy') diff --git a/files/ru/mozilla/firefox/privacy/index.html b/files/ru/mozilla/firefox/privacy/index.html deleted file mode 100644 index c6a9e69b09..0000000000 --- a/files/ru/mozilla/firefox/privacy/index.html +++ /dev/null @@ -1,9 +0,0 @@ ---- -title: Privacy -slug: Mozilla/Firefox/Privacy -tags: - - NeedsTranslation - - TopicStub -translation_of: Mozilla/Firefox/Privacy ---- -
{{FirefoxSidebar}}

{{ ListSubpages () }}

diff --git a/files/ru/mozilla/firefox/privacy/storage_access_policy/errors/cookieblockedforeign/index.html b/files/ru/mozilla/firefox/privacy/storage_access_policy/errors/cookieblockedforeign/index.html deleted file mode 100644 index 8f0361fba6..0000000000 --- a/files/ru/mozilla/firefox/privacy/storage_access_policy/errors/cookieblockedforeign/index.html +++ /dev/null @@ -1,43 +0,0 @@ ---- -title: 'Заблокировано: Все сторонние запросы на доступ к хранилищу' -slug: Mozilla/Firefox/Privacy/Storage_access_policy/Errors/CookieBlockedForeign -tags: - - Куки - - Отслеживание - - Ошибки - - Хранилище - - политика доступа к хранилищу -translation_of: Mozilla/Firefox/Privacy/Storage_access_policy/Errors/CookieBlockedForeign ---- -
{{FirefoxSidebar}}
- -

Сообщение

- -

Firefox (англ.):

- -
CookieBlockedForeign=Request to access cookies or storage on “X” was blocked because we are blocking all third-party storage access requests and content blocking is enabled.
- -

Firefox:

- -
CookieBlockedForeign=Запрос на доступ к куке или хранилищу на «X» был заблокирован, в связи с тем, что пользователем заблокированы все сторонние запросы доступа к хранилищу, а также включена блокировка содержимого.
- -

Что не так?

- -

Запрос на доступ к куки-файлам или хранилищу был заблокирован, потому что он пришёл из третьей стороны (другого веб-сайта) и блокировка контента включена.

- -

Доступ может быть изменено или удалено так:

- - - -

If the resource that is being blocked doesn't need authentication, you can fix the warning message by adding a crossorigin="anonymous" attribute to the relevant element.

- -

See also

- - diff --git a/files/ru/mozilla/firefox/privacy/storage_access_policy/errors/cookieblockedtracker/index.html b/files/ru/mozilla/firefox/privacy/storage_access_policy/errors/cookieblockedtracker/index.html deleted file mode 100644 index 278e7454bc..0000000000 --- a/files/ru/mozilla/firefox/privacy/storage_access_policy/errors/cookieblockedtracker/index.html +++ /dev/null @@ -1,38 +0,0 @@ ---- -title: 'Заблокировано: запросы на доступ к хранилищу от трекеров' -slug: Mozilla/Firefox/Privacy/Storage_access_policy/Errors/CookieBlockedTracker -translation_of: Mozilla/Firefox/Privacy/Storage_access_policy/Errors/CookieBlockedTracker ---- -
{{FirefoxSidebar}}
- -

Сообщение

- -

Firefox:

- -
CookieBlockedTracker=Запрос на доступ к куке или хранилищу на  “X”  был заблокирован, в связи с тем, что он поступил от трекера, при включенной блокировке содержимого.
-
- -

Что пошло не так?

- -

Запрос на доступ к cookies или хранилищу был заблокирован, поскольку браузер определил его как поступающий от трекера, и блокировка контента включена.

- -

Разрешение может быть изменено или удалено:

- - - -

Если заблокированный ресурс не нуждается в аутентификации, вы можете исправить предупреждающее сообщение, добавив атрибут crossorigin="anonymous" к соответствующему элементу.

- -

Смотрите также

- - diff --git a/files/ru/mozilla/firefox/privacy/storage_access_policy/errors/index.html b/files/ru/mozilla/firefox/privacy/storage_access_policy/errors/index.html deleted file mode 100644 index a1e1f54a75..0000000000 --- a/files/ru/mozilla/firefox/privacy/storage_access_policy/errors/index.html +++ /dev/null @@ -1,24 +0,0 @@ ---- -title: Errors -slug: Mozilla/Firefox/Privacy/Storage_access_policy/Errors -tags: - - Cookies - - Errors - - NeedsTranslation - - Storage - - TopicStub - - storage access policy -translation_of: Mozilla/Firefox/Privacy/Storage_access_policy/Errors ---- -
{{FirefoxSidebar}}
- -

This page lists the errors that can be raised due to Firefox's anti-tracking functionality, governed by the Storage access policy. You can find further information about them by clicking on the links below:

- -

A request to access cookies or storage was blocked because

- - diff --git a/files/ru/mozilla/firefox/privacy/storage_access_policy/index.html b/files/ru/mozilla/firefox/privacy/storage_access_policy/index.html deleted file mode 100644 index 1fc385d6e7..0000000000 --- a/files/ru/mozilla/firefox/privacy/storage_access_policy/index.html +++ /dev/null @@ -1,274 +0,0 @@ ---- -title: 'Storage access policy: Block cookies from trackers' -slug: Mozilla/Firefox/Privacy/Storage_access_policy -tags: - - NeedsTranslation - - Privacy - - TopicStub - - storage access policy - - tracking protection -translation_of: Mozilla/Firefox/Privacy/Storage_access_policy ---- -
{{FirefoxSidebar}}
- -

Firefox includes a new storage access policy that blocks cookies and other site data from third-party tracking resources. This new policy is designed as an alternative to the current policies, which have been available in Firefox for many years. The new policy protects against cross-site tracking while minimizing the site breakage associated with traditional cookie blocking. This article explains how the new policy works and how you can test it.

- -

Testing in Firefox

- -

You can test how your website works under the new policy in Firefox version 63+. Those who want to test the absolute newest version of the policy can download Firefox Nightly, but note that Nightly may include versions of the policy that end up changing before they reach our Release users. You can enable it through the “Content Blocking” menu in the Control Center in Firefox:

- - - -

As this is an experimental policy, it will likely change as we discover site breakage and fix bugs. We’ll keep this page updated with the newest information.

- -

Report Broken Sites

- -

If you find a website broken as a result of this change, file a bug under the Tracking Protection component within the Firefox product on Bugzilla. Alternatively you can report a broken sites directly in Firefox by clicking "Report a Problem" in the Content Blocking section of the Control Center.

- -

diagram showing the report a problem button within the Content Blocking section of the Control Center

- -

Tracking protection explained

- -

How does Firefox determine which resources are tracking resources?

- -

Firefox uses the Tracking Protection list to determine which resources are tracking resources. The Tracking Protection list is maintained by Disconnect. When the list is applied in Firefox, we make two important changes:

- - - -

Firefox uses the built-in Tracking Protection URL classifier to determine which resources match the tracking protection list. Domains are matched against the list in accordance with the SafeBrowsing v4 specification. Specifically, we check the exact hostname of the resource against the list, as well as the last four hostnames formed by starting with the last five components and successively removing the leading component. Consider the following examples:

- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
Hostname on the listHostname of resourceMatched
example.comexample.comYes
example.coma.b.example.comYes
blah.example.comexample.comNo
a.b.example.comc.d.example.comNo
blah.example.comfoo.blah.example.comYes
- -

What does the storage access policy block?

- -

The storage access policy blocks resources identified as trackers from accessing their cookies and other site storage when they are loaded in a third-party context. This prevents those resources from retrieving tracking identifiers stored in cookies or site storage and using them to identify users across visits to multiple first parties. Specifically, Firefox does this by imposing the following restrictions:

- -

Cookies:

- - - -

DOM Storage:

- - - -

Messaging and Workers:

- - - -

DOM Cache:

- - - -

Browser caches:

- - - -

Network connections:

- - - -

What is not blocked by the policy?

- -
    -
  1. This policy does not currently restrict third-party storage access for resources that are not classified as tracking resources. We may choose to apply additional restrictions to third-party storage access in the future.
    2. -
  2. The restrictions applied by the policy will not prevent third-party scripts classified as tracking resources from accessing storage in the main context of the page. These scripts can continue to use storage scoped to the top-level origin.
    3. -
  3. Origins classified as trackers will have access to their own storage when they are loaded in a first-party context.
    4. -
  4. Cross-origin resources loaded from the same eTLD+1 as the top-level context will still have access to their storage.
    5. -
  5. Origins normally classified as trackers will not be blocked if the top-level page origin is determined to be from the same organization as them.
    6. -
- -

Storage access grants

- -

In order to improve web compatibility and permit third-party integrations that require storage access, Firefox will grant storage access scoped to the first party for a particular third-party origin as described in this section. Currently, Firefox includes some web compatibility heuristics that grant storage access to third-party resources classified as trackers when a user interacts with those third parties. We do this when we expect that not granting access would cause the web page to break. We also support an initial implementation of the Storage Access API, through which embedded {{htmlelement("iframe")}}s can request storage access by calling {{domxref("Document.requestStorageAccess()")}}. Although both of these approaches provide the same level of storage access, we recommend third parties switch to using the Storage Access API in order to guarantee their access to storage.

- -

Automatic storage access upon interaction

- -

In order to improve web compatibility, Firefox currently includes some heuristics to grant storage access automatically to third parties that receive user interaction. These heuristics are intended to allow some third-party integrations that are common on the web to continue to function. They are intended to be temporary and will be removed in a future version of Firefox. They should not be relied upon for current and future web development.

- -

Third-party storage access may be granted to resources that have been classified as tracking resources when a user gesture triggers a pop-up window that has opener access to the originating document. When that occurs, there are two possible ways a third-party origin can be granted access:

- - - -

Scope of storage access

- -

When storage access is granted, it is scoped to the origin of the opener document or subdomains of that origin. Access that is granted on the subdomain of an origin does not extend to the top-level origin. As an example, if a resource from tracker.example is granted storage access on foo.example.com, then tracker.example will be able to access its cookies on bar.foo.example.com but not example.com. Instead, if tracker.example were granted access on example.com it would be able to access its storage on bar.foo.example.com, foo.example.com, and example.com.

- -

When storage access is granted to tracker.example on example.com, all resources loaded from tracker.example on any top-level document loaded from example.com are immediately given storage access. This includes all resources loaded in the main context of the page, embedded <iframe>s, and resources loaded within embedded <iframe>s. Storage access is not extended to other resources loaded on example.com (e.g. other-tracker.example), nor to other first parties on which tracker.example is embedded (e.g. example.org).

- -

Storage access grants extend into the first level of nested contexts, but no further. This means that <iframe>s embedded in the main context of the page and loaded from a domain classified as a tracker will have full access to all storage locations accessible through JavaScript. Similarly, requests for resources loaded in <iframe>s embedded in the main context of the page will have access to HTTP cookies. However, further nested contexts, including but not limited to those from the origin classified as a tracker, will not be granted storage access.

- -

Consider the following embedding scenarios on a top-level page loaded from example.com on which tracker.example has been granted storage access.

- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
Embeddingtracker.example resource storage access
An image is loaded from tracker.example and embedded in the main context of example.com.HTTP: Yes
- JS: N/A
example.com embeds an <iframe> from example.org. That <iframe> goes on to load an image from tracker.example.HTTP: Yes
- JS: N/A
example.com embeds an <iframe> from example.org. That <iframe> goes on to embed an <iframe> from tracker.example.HTTP: Yes
- JS: No
example.com embeds an <iframe> from tracker.example.HTTP: Yes
- JS: Yes
example.com embeds an <iframe> from example.com (same origin). The nested <iframe> embeds an <iframe> from tracker.example.HTTP: Yes
- JS: No
- -

Storage access expiration

- -

The storage access grant expires after 30 days. Domains classified as tracking resources may be granted third-party storage access on multiple first parties, and the storage permission for each party expires independently. The above heuristics will also serve to extend the lifetime of a third-party storage permission on origins that have already been granted access.  Each time the heuristic is activated, or a success call to the Storage Access API is made, the pre-existing storage access expiration will be extended by 30 days, counting from the time the previous access was granted.

- -

Please note that in the future we expect to make changes to how long storage access will remain valid for.  As mentioned before, the way to know that you will be able to use storage as a third-party going forward will be using the Storage Access API.

- -

Debugging

- -

We encourage site owners to test their sites, particularly those that rely on third-party content integrations. We’ve added several new features to Firefox to make testing easier.

- -

Developer Tools notifications

- -

The Network Monitor in Firefox Developer Tools now includes an indicator for all resource requests that have been classified as tracking resources. This indicator is shown as a shield icon in the domain column. In the sample image below, trackertest.org is classified as a tracking resource, while the request to example.com is not.

- -

network requests in Firefox devtools indicating which ones are tracking resources with a small shield icon

- -

Adding custom domains to the Tracking Protection list

- -

Curious how things will work if a third-party domain on your site were classified as a tracker? We’ve added a preference that allows you to add custom domains to the Tracking Protection URL classifier. To do so:

- -
    -
  1. Type about:config in your address bar. If you are presented with a page that warns you "This may void your warranty!", click "I accept the risk!"
    2. -
  2. Right click on the next page and click "New" > "String".
    3. -
  3. For the preference name enter "urlclassifier.trackingAnnotationTable.testEntries".
    4. -
  4. For the preference value enter comma separated origins that you’d like to have classified as trackers. E.g. "example.net,example.org".
    5. -
- -
-

Warning: Be sure to remove these entries after you have finished testing.

-
- -

FAQ

- -

This cookie policy has the potential to lead to site breakage, but has been designed to allow common third-party integrations to continue to work while preventing cross-site tracking. In this section we describe the functionality you can expect in different integration scenarios.

- -

Will this storage access policy block ads from displaying on my website?

- -

No — this feature only restricts access to cookies and site data that can be used to track users across websites. Blocking tracking identifiers does not prevent the display of advertisements.

- -

I use a third-party analytics service that is classified as a tracker. Will I still receive analytics data?

- -

This depends on how the third-party analytics service is implemented. Third-party analytics providers will no longer be able to user their third-party storage to collect data. This means that providers using cookies which are scoped to their third-party domain, or local storage and other site data stored under their origin, will no longer have access to those identifiers across other websites.

- -

If these services are embedded into the main context of the page, they can continue to use first-party cookies and site storage to track users across page visits on that specific first-party domain.

- -

I use third-party services for social login, like, and share button integration. Will my users still be able to make use of these services?

- -

This depends on how the social integration is implemented. We expect that many of the popular social integrations will continue to function as they do under Firefox’s current cookie policy with some minor differences in the user experience.

- -

A social content provider that is classified as a tracker will not have access to their third-party cookies when the user first visits a new first party. Thus, the user may appear logged out to the service despite being logged in when they visit the provider’s website directly. Depending on the type of integration, the user may have to take some action to interact with the social content provider before the provider is given access to their cookies. For example:

- - - -

After these interactions, the provider will receive third-party storage access if they prompt the user in a way that is captured by the storage access activation heuristics described above. These providers should consider switching to explicitly request storage access through the Storage Access API as soon as possible. An initial implementation of this API is currently available in Nightly.

- -

 

- -

I use third-party pixels and other tools to measure the effectiveness of my ad campaigns. Will I still be able to measure the conversion rate of my ads?

- -

This depends on how the third party has implemented the measurement tool, but generally ad conversion measurement will be more difficult. Consider the following examples:

- -
    -
  1. You run an ad on a social media website that is seen several times by a user, but never clicked. That user later visits your website, which includes a conversion tracking tag from the same social media website. This type of conversion is often referred to as a “view-through conversion.” Since the social media website does not have access to their third-party storage, they will not recognize the user as the same user that saw the advertisements on their website and the conversion will not be tracked. We expect that most view-through conversion tracking techniques will no longer work, including those offered by display networks.
    2. -
  2. You run an ad on a display network or social media website that is clicked by a user. That user lands on your website, which includes a conversion tracking tag from the same website that displayed your ad. This type of conversion is often referred to as a “click-through conversion.” Since the social media site or display network will not have access to their third-party storage, they will not recognize the user as the same user that saw the advertisements on their website and the conversion will not be tracked. We expect that this version of click-through conversion will no longer work.
    3. -
  3. You run an ad that appears on a social media website. A user clicks on your advertisement and is taken to a landing page that contains a conversion tracking tag from the third-party network. On the social media website, the network annotates the advertisement landing page URL with a query parameter that signals that the visit was the result of a click on an advertisement. On your website, the display network’s tag checks the URL query parameters and saves any ad tracking parameters to first-party storage. If a user later completes a conversion event, the network’s tag checks first-party storage to determine which click (or clicks) was responsible for the visit. We expect that click-through conversion implemented in this way will continue to work.
    4. -
- -

 

- -

 

diff --git a/files/ru/mozilla/firefox/privacy/tracking_protection/index.html b/files/ru/mozilla/firefox/privacy/tracking_protection/index.html deleted file mode 100644 index c8124052d6..0000000000 --- a/files/ru/mozilla/firefox/privacy/tracking_protection/index.html +++ /dev/null @@ -1,43 +0,0 @@ ---- -title: Tracking Protection -slug: Mozilla/Firefox/Privacy/Tracking_Protection -tags: - - Отслеживание -translation_of: Mozilla/Firefox/Privacy/Tracking_Protection ---- -
{{FirefoxSidebar}}
- -

Что такое защита от отслеживания?

- -

Начиная с версии 42, Firefox Desktop и Firefox for Android включает в себя встроенную защиту от отслеживания. В приватном окне браузера (вкладки в Firefox for Android), Firefox будет блокировать содержимое, загружаемое с тех доменов, которые отслеживают запросы пользователей на сайтах.

- -

Некоторый заблокированный контент является частью макета страницы, и пользователи могут заметить проблемы с разметкой, когда Firefox заблокировал эти трекеры. Иногда пользователи вообще не замечают, если сетка страниц работает так, что другие элементы страницы скользят, чтобы заполнить дыры, оставленные заблокированными элементами.

- -

Когда Firefox блокирует содержимое, в Web-консоли появляется сообщение следующего типа:

- -
Ресурс на «https://some/url» был заблокирован, так как включена блокировка содержимого.
- -

Обратите внимание, что с Firefox для Android вы можете получить доступ к выводу консоли, используя удаленный отладчик.

- -

Пользовательский интерфейс Firefox укажет пользователям, когда контент был заблокирован, и позволит им разблокировать его для текущего сеанса, если они захотят. Пользователи также смогут полностью отключить защиту от слежения, если захотят.

- -

Каким образом Firefox выбирает содержимое для блокировки?

- -

Контент блокируется в зависимости от домена, с которого он должен быть загружен.

- -

Firefox включает в себя список сайтов, которые были идентифицированы как участвующие в перекрестном отслеживании пользователей. Когда защита от отслеживания активна, Firefox будет блокировать содержимое тех сайтов, которые находятся в списке

- -

Сайты которые отслеживают запросы пользователей чаще всего являются сторонними рекламными и аналитическими сайтами.

- -

Что это значит для вашего сайта?

- -

Очевидно, это означает, что при включенной защите от отслежения:

- - - -

То есть, если другие части вашего сайта зависят от загружаемых трекеров, то эти части также будут повреждены, когда включена защита от трекинга. Например, если ваш сайт содержит функцию обратного вызова, которая запускается при загрузке контента с сайта отслеживания, обратный вызов не будет выполнен.

- -

Но учтите, что зависимость от третьей стороны не является хорошей практикой, так как это означает, что ваш сайт может быть поврежден, если эта самая сторона работает медленно или вовсе недоступна, или если трекер заблокирован надстройкой.

-- cgit v1.2.3-54-g00ecf