privacytests.org icon indicating copy to clipboard operation
privacytests.org copied to clipboard
verified publisher icon privacytests

Test leaks allowed by browsers for SSOs

Open arthuredelstein opened this issue 2 years ago • 4 comments

https://twitter.com/GrapheneOS/status/1728685777717170585

arthuredelstein avatar Nov 26 '23 08:11 arthuredelstein

I think he refers to CookieSettings::MitigationsEnabledFor3pcdInternal() (net::features::kTpcdSupportSettings and net::features::kTpcdMetadataGrants see https://source.chromium.org/chromium/chromium/src/+/main:components/tpcd/README.md) but currently (v119) it is off by default in chromium. don't know in chrome if it is active by default.

uazo avatar Nov 26 '23 10:11 uazo

It's referring to what Brave and Firefox are doing for their cookie partitioning.

thestinger avatar Nov 26 '23 20:11 thestinger

I would add that in v120 there is a new flag kTpcdHeuristicsGrants disabled by default, but can be activated by finch in chrome

explainer: https://github.com/amaliev/3pcd-exemption-heuristics/blob/main/explainer.md bugid: https://bugs.chromium.org/p/chromium/issues/detail?id=1484324

uazo avatar Dec 05 '23 12:12 uazo

and I would also add https://developer.chrome.com/origintrials/#/view_trial/3315212275698106369

uazo avatar Dec 06 '23 08:12 uazo