[Webkit-unassigned] [Bug 195923] New: Resource Load Statistics: Clear non-cookie website data for sites that have been navigated to, with link decoration, by a prevalent resource

[bugzilla-daemon at webkit.org]

https://bugs.webkit.org/show_bug.cgi?id=195923

            Bug ID: 195923
           Summary: Resource Load Statistics: Clear non-cookie website
                    data for sites that have been navigated to, with link
                    decoration, by a prevalent resource
           Product: WebKit
           Version: WebKit Nightly Build
          Hardware: Unspecified
                OS: Unspecified
            Status: NEW
          Severity: Normal
          Priority: P2
         Component: WebKit Misc.
          Assignee: webkit-unassigned at lists.webkit.org
          Reporter: wilander at apple.com

Cross-site trackers abuse link query parameters to transport user identifiers and then store them in first-party storage space.

https://bugs.webkit.org/show_bug.cgi?id=189933 capped all persistent client-side cookies to seven days of storage.
https://bugs.webkit.org/show_bug.cgi?id=195196 capped persistent client-side cookies to one day of storage for navigations with link decoration from prevalent resources.
https://bugs.webkit.org/show_bug.cgi?id=195301 added logging of navigations with link decoration from prevalent resources.

We should clear out non-cookie website data for sites that have been navigated to, with link decoration, by a prevalent resource. This makes sure tracker scripts cannot force first-party sites to store cross-site tracking data transferred in such navigations.

-- 
You are receiving this mail because:
You are the assignee for the bug.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.webkit.org/pipermail/webkit-unassigned/attachments/20190319/6a4fc2c6/attachment-0001.html>