Alexei

We've been getting a number of related complaints lately regarding not being able to authenticate through your cable provider to watch the Olympics. I think they all have to do...

Looks like `auth.adobe.com` subdomains are part of [Adobe Primetime](http://tve.helpdocsonline.com/white-paper)'s [SAML](https://stackoverflow.com/questions/2837553/saml-vs-federated-login-with-oauth) SSO authentication, which may be a distinct problem from OAuth authentication. Initial solution ideas: - OAuth logins: Since there are...

This happens on SoundCloud, for example: ``` fqdn: soundcloud.com block: secure.quantserve.com,dpm.demdex.net,5352434.fls.doubleclick.net,5485101.fls.doubleclick.net cookieblock: www.facebook.com,apis.google.com,staticxx.facebook.com noaction: style.sndcdn.com,a-v2.sndcdn.com,www.gstatic.com,www.googletagmanager.com,ssl.google-analytics.com,connect.facebook.net,vt.myvisualiq.net,tapestry.tapad.com,t.myvisualiq.net,sb.scorecardresearch.com,idsync.rlcdn.com,bcp.crwdcntrl.net,ssl.gstatic.com version: 2018.4.23 message: Login modal dialog buttons don't work. ``` ``` fqdn: soundcloud.com block: 5352434.fls.doubleclick.net,5485101.fls.doubleclick.net,googleads.g.doubleclick.net,securepubads.g.doubleclick.net,www.google.ca,sb.scorecardresearch.com,ad.doubleclick.net,cm.g.doubleclick.net,ads.yahoo.com...

We should look into Ghostery's workarounds: >We currently have multiple different heuristics for allowing third-party cookies in limited cases: >... >Redirect-based. When domain a issues a first-party redirect to domain...

Brave seems to [allow `accounts.google.com` by default](https://github.com/brave/brave-core/pull/3784/files#diff-9981585c3d9184fc54b96697c59d2028R207-R212). [Wiki doc](https://github.com/brave/brave-browser/wiki/Allow-Google-login---Third-Parties-and-Extensions): >When ["Allow Google Login in extensions and third party sites"] is enabled: > >1. It adds a third-party cookie exception for...

>In addition, Total Cookie Protection makes a limited exception for cross-site cookies when they are needed for non-tracking purposes, such as those used by popular third-party login providers. Only when...

Sounds like this may be caused somehow by Privacy Badger's [Google link tracking protection](https://www.eff.org/deeplinks/2018/10/privacy-badger-now-fights-more-sneaky-google-tracking) (as that protection is [only active on google.com domains](https://github.com/EFForg/privacybadger/blob/40ff7546941da2e355c1a03f8a0303232c9b70fc/src/manifest.json#L71-L77)). @ablanathtanalba Could you take a look?

How many of our Firefox users are on Firefox 66 and above? Looking at [Firefox usage stats on AMO](https://addons.mozilla.org/en-US/firefox/addon/privacy-badger17/statistics/usage/applications/?last=30), I estimate ~8% of our users on Firefox will run into...

About 3% of that 8% comes from Firefox ESR version 60. Most (?) ESR 60 users will migrate to Firefox 68 at the end of October, if I understand https://wiki.mozilla.org/Release_Management/Calendar...

Updating `onBeforeRequest()` to listen to all URLs (instead of just http/https URLs) breaks not recording tab data for extension pages (#2451). Should be fixed by 516820704daecd51ee3bf9091a7a2741032ae58f Edit: Hmm, doesn't this...