Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Add weatherzone.com.au to yellowlist #1543

Merged
merged 1 commit into from
Aug 2, 2017
Merged

Add weatherzone.com.au to yellowlist #1543

merged 1 commit into from
Aug 2, 2017

Conversation

ghostwords
Copy link
Member

@ghostwords ghostwords commented Aug 1, 2017
edited
Loading

To unbreak weather-related images on the following websites:

Privacy Badger debugging info (instructions):

**** ACTION_MAP for weatherzone

www.weatherzone.com.au {
  "userAction": "",
  "dnt": false,
  "heuristicAction": "block",
  "nextUpdateTime": 1501904291446
}

weatherzone.com.au {
  "userAction": "",
  "dnt": false,
  "heuristicAction": "block",
  "nextUpdateTime": 0
}

**** SNITCH_MAP for weatherzone

weatherzone.com.au [
  "bluemts.com.au",
  "hawkesburyaustralia.com.au",
  "experiencesydneyaustralia.com"
]

The tracking that Privacy Badger sees comes from AWS "sticky sessions" load balancer cookies (the cookie info comes from Chrome's cookie details screen found under Settings > Advanced > Content settings > Cookies > Search cookies; here is the direct URL to the Cookies screen: chrome://settings/content/cookies):

Name: AWSELB
Content: B91D09251A9AEDA4A6E0B5D8E22294B3...7CAD2DC5BB63CA01BE7F37EA
Domain: www.weatherzone.com.au
Path: /
Send for: Any kind of connection
Accessible to script: Yes
Created: Tuesday, August 1, 2017 at 11:36:22 AM
Expires: Tuesday, August 1, 2017 at 12:36:22 PM

These cookies have a short expiration date (one hour). Should we treat them differently? This is related to session cookies, which came up in #1539.
@ghostwords ghostwords added the yellowlist Domains on this list are allowed but with restrictions: no referrer headers or cookies/localStorage label Aug 1, 2017
@misterHippo misterHippo mentioned this pull request Aug 2, 2017
Open
@cowlicks
Copy link
Contributor

cowlicks commented Aug 2, 2017

I think the proper fix here is to include some calculation of the cookie duration in the heuristic. If their intent was to track, they would be setting longer expiration periods.

However this should be merged as a stopgap, with a follow up issue to remove it.
@cowlicks cowlicks mentioned this pull request Aug 2, 2017
Open
@cowlicks cowlicks merged commit 084a609 into master Aug 2, 2017
@ghostwords ghostwords deleted the ylist-weatherzone branch August 2, 2017 15:44
@andresbase andresbase added this to the W30-31 milestone Aug 2, 2017
@eenblam eenblam mentioned this pull request Aug 15, 2017
Closed
@ghostwords ghostwords mentioned this pull request Aug 18, 2017
Closed
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
yellowlist Domains on this list are allowed but with restrictions: no referrer headers or cookies/localStorage
3 participants
@ghostwords @cowlicks @andresbase