-
-
Notifications
You must be signed in to change notification settings - Fork 381
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Fix cookie tracker detection #1259
Conversation
@pde @cooperq @cowlicks So this was a Privacy Badger bug! Header names are case-insensitive, and cookie tracking detection code wasn't normalizing header names: f0a0fb9. Meaning Privacy Badger doesn't detect cookie tracking whenever the Cookie/Set-Cookie header is lowercase, which seems to happen consistently for this test in Firefox. |
TODOs:
|
Yikes! It would be good to understand how strict browsers are with accepting |
Apparently http header field names are supposed to be case-insensitive. https://www.w3.org/Protocols/rfc2616/rfc2616-sec4.html#sec4.2 |
It seems like header handling changed in Firefox somewhere between versions 52.0a2 and 52.0.1. A fresh install of Privacy Badger from AMO starts blocking after three newspaper sites on 52.0a2, but not on 52.0.1. Note that you have to manually clear Badger's storage if you reuse the profile, as uninstalling Firefox extensions doesn't perform proper cleanup. Might be easier to use a new profile for each test. |
Fixes #1245.