==Description==
Individuals behave differently in the world when they are in different context. The way they act at work may differ from how they act with their family. Similarly, users have different contexts when they browser browse the web. They may not want to leak their social network context with their work context. The goal of this project is to allow users to separate these different contexts while browsing the web on Firefox. Each context will have its own cookie jar that local state which is segregated separated from the state of other contexts.
[[File:Containers-side-by-side.png|900px|frameless]]
==Benefit for usersBenefits and Use Cases==
At an abstract level, the features seeks to give users more control over their local state (including cookies, localStorage, indexedDB, etc). The current level of control is very coarse, essentially providing an "all or nothing" solution to state management; users can clear everything or accept everything. Cookies can be managed with the Cookie manager, but all other state has no graphical interface for management (see Bug 1147820).
The containers project inserts a user-controlled key into storage, which allows users to decide which state to use when interacting with a site. They can choose to send the state from their personal context or work context, and they can choose to create a new, short-lived state to browse in a certain context for a few days until a task is completed. The goal of the project is to create a very customizable experience while including a few suggested uses for users who may not want as much control.
<br />
[[File:Multiple-Browsers.png|600px|frameless]]
<br />
Users currently have to open multiple browsers to achieve the properties provided by the Containers project.
<br />
* It allows user to log into any sites that doesn’t support multiple logins. Similar to how the Google account switcher works, but for any account on the web.
** Problem: It's ridiculous that you have to open multiple profiles or private windows just to sign into different accounts on the same web site.
** Problem: Just use two different browsers. Firefox is my main browser and I have Chrome for when I need to log onto a different account.
** Story: I'm a university student and my year is divided into 15 groups. Each group has got their common Gmail account to use as forum/place to upload our presentations etc. I either have to log in and log out every time I want to change class, or use another browser.
** Story: There are many reasons why users would choose to have more than one eBay account. For example, users who like to buy and sell may want separate accounts for each activity. Other users who maintain businesses on eBay may prefer to manage separate accounts for different product lines. Whether you have one account or more, eBay expects users to manage each of their accounts effectively in order to meet the highest buyer and seller standards.
* It’s tracking protection by any other means
** I need to be logged into Facebook because that's how I communicate with friends and family but I don't want Facebook to track me all over the web through the Like buttons.
* It isolates sites and makes CSRF (one-click attack) impossible.
** If a user opens their online banking site in a container, an attacker won't be able to exploit a CSRF vulnerability on the bank website by tricking them into clicking a link on Facebook because when the user clicks that link and navigates to facebook.com they won't have a session with Facebook.
==Benefit # Users can log into multiple accounts on the same site, even when the site does not natively support concurrent sessions.#* Several examples include:#** A user may wants to manage their work and personal Gmail accounts side-by-side in the same window.#** A user has a Facebook or eBay account for developers==their business and one for their personal life.#* Current solutions:#** Users open multiple browsers (this takes users away from Firefox).#** A user opens one account in Private Browsing mode (this has a limit of 2 accounts, and forces one to be ephemeral).# Provides protection against tracking while still providing access to services#* A user wants to log into Facebook and keep the site open while they browse the web, but doesn't want Facebook buttons to track them across sites.#* A user wants to use Gmail but doesn't want their google searches linked to their Google account.# Users can control an advertiser's ability to track them.#* A user wants to shop for items, but doesn't want retargeting ads to follow them around during the browsing they do for work. If the user does their shopping in the shopping context and switches to the work context while at work they will not send the same set of cookies to advertisers.# Users can create short-lived contexts for a specific task, and discard them once the task is complete.#* A user may want to do research for a vacation. They can create a vacation container which keeps their TripAdvisor account logged in and has advertisements related to travel. The user can keep this context for the few weeks leading up to the vacation and can discard it after.# Isolates a site's credentials to a container, helping prevent CSRF, clickjacking, or other attacks which rely on the presence of ambient credentials.#* A user has an their online banking sites open in the banking container. An attacker attempts to exploit a CSRF by tricking the user into clicking a link on Facebook (open in the Home container). The CSRF is sent without the bank's credentials and the attack fails.
* A Containers also provides benefits for developers. For example, a web developer can easily test their website by being logged in as different users at the same time.** For example, they They can test a learning management system (e.g. Moodle) by having three containers: teacher, student, admin.** User Story: I work at a technology company which primarily focuses on our website. Being able to view the site with a fresh set of cookies this easily is awesome. We use incognito mode currently, but that has the limitation of each tab/window sharing one set of incognito cookies.
==Site-specific Containers==
