MozillaWiki

Security/Contextual Identity Project/Containers: Difference between revisions

Page Discussion

Security/Contextual Identity Project/Containers (view source)

Revision as of 06:08, 17 August 2022

92 bytes added ,  17 August 2022
m
→‎Add-ons: Correct typo
(Updating to match most recent implementation details)
m (→‎Add-ons: Correct typo)
 
(23 intermediate revisions by 7 users not shown)
Line 1: Line 1:
'''''lightweight persistent profiles that isolate sites from one another'''''
'''''lightweight persistent contexts that isolate sites from one another'''''
{{warning|This is just a draft proposal of how [[Security/Contextual Identity Project|contextual identities]] might be implemented in Firefox}}
 
[[File:Containers.png|200px|thumb|right|Mock-up of what this might look like]]
<b>Containers is now available as a Mozilla created Firefox extension [https://addons.mozilla.org/en-US/firefox/addon/multi-account-containers/ here].  The extension has added features for improved user experience, beyond what is available in Firefox itself.</b>


==Description==
==Description==
Line 11: Line 11:
==How to Use Containers==
==How to Use Containers==


The containers feature can be enabled in Nightly by going to `about:config` and setting the `privacy.userContext.enabled` pref to true. Once enabled, containers will integrate seamlessly into your current browsing experience.  You will have the option to open entirely new browsing contexts, which will have their browser storage (such as cookies or localStorage) separated from other containers. Your normal tabs, which we consider to exist in the ''default container'', will still look and act as you'd expect them to before enabling containers.
The containers feature is enabled in Firefox Nightly 50 by default with the about:config pref `privacy.userContext.enabled` set to true. When enabled, containers will integrate seamlessly into your current browsing experience.  You will have the option to open entirely new browsing contexts, which will have their browser storage (such as cookies or localStorage) separated from other containers. Your normal tabs, which we consider to exist in the ''default container'', will still look and act as you'd expect them to before enabling containers.


Container tabs operate just as you would expect a normal tab to, except for the fact that the sites you visit will have access to a separate slice of the browser's storage. This means your site preferences, logged in sessions, and advertising tracking data won't carry over to the new container. Likewise, any browsing you do within the new container will not affect the preferences, logged in sessions, or tracking data of your other containers.
Container tabs operate just as you would expect a normal tab to, except for the fact that the sites you visit will have access to a separate slice of the browser's storage. This means your site preferences, logged in sessions, and advertising tracking data won't carry over to the new container. Likewise, any browsing you do within the new container will not affect the preferences, logged in sessions, or tracking data of your other containers.
Line 21: Line 21:
In the OS menu bar, click "File" -> "New Container Tab". From here you can choose from one of the four pre-defined containers (Home, Work, Banking, and Shopping). After choosing one of these, you will see a new tab from that container appear in the tab strip.  
In the OS menu bar, click "File" -> "New Container Tab". From here you can choose from one of the four pre-defined containers (Home, Work, Banking, and Shopping). After choosing one of these, you will see a new tab from that container appear in the tab strip.  


===Hamburger Menu===
[[File:Conatiners-file-menu.jpg|700px|frameless]]
 
To access the hamburger menu, you must restart your browser after setting `privacy.userContext.enabled` to true. Once this is done, click the hamburger menu (three horizontal bars on the right hand side of the browser), and then click "Customize". From here, you'll find the "Open Container Tab" icon under the "Additional Tools and Features" section of the icons.
 
You can drag this icon to the right side of the URL bar.
 
Alternatively, you can place the icon in the dropdown hamburger menu.


===Open links in new tabs and containers===
===Open links in new tabs and containers===


It's possible to open links in a new and/or different container. Right click on any link, select "Open link in New Container Tab", and then select the desired container tab.
It's possible to open links in a new and/or different container. Right click on any link, select "Open link in New Container Tab", and then select the desired container tab.
[[File:Containers-right-click-menu.png|700px|frameless]]


Holding the "Control" key on Windows or Linux (or the "Command" key on Mac) while clicking a link will open it in a new tab. The new tab will open within the same container as the previous tab. This includes both the default container and in any of the predefined containers.  
Holding the "Control" key on Windows or Linux (or the "Command" key on Mac) while clicking a link will open it in a new tab. The new tab will open within the same container as the previous tab. This includes both the default container and in any of the predefined containers.  
Line 67: Line 63:


[[File:Containers-start-page.png|900px|frameless]]
[[File:Containers-start-page.png|900px|frameless]]
<i>(Note that the description text in the above image has not yet been implemented.)</i>


The set of included containers is:
The set of included containers is:
Line 92: Line 90:
* Any other areas supported by originAttributes [https://bugzilla.mozilla.org/show_bug.cgi?id=1179985 Bug 1179985]
* Any other areas supported by originAttributes [https://bugzilla.mozilla.org/show_bug.cgi?id=1179985 Bug 1179985]


Not separated by Containers:
Not separated by Containers (Yet):
* History
* History - [https://bugzilla.mozilla.org/show_bug.cgi?id=1283320 Bug 1283320]
* Bookmarks
* Bookmarks - [https://bugzilla.mozilla.org/show_bug.cgi?id=1213290 Bug 1213290]
* Security Exceptions for Invalid TLS Certificates [https://bugzilla.mozilla.org/show_bug.cgi?id=1249348 Bug 1249348]
 
Not separated by Containers (On Purpose):
* Saved Passwords
* Saved Passwords
* Saved Search and Form data
* Saved Search and Form data
* HSTS Flags
* HSTS Flags - (Supported by OA: [https://bugzilla.mozilla.org/show_bug.cgi?id=1253006 Bug 1253006])
* OCSP Responses
* OCSP Responses - (OA Supported: [https://bugzilla.mozilla.org/show_bug.cgi?id=1264562 Bug 1264562])
* Security Exceptions for Invalid TLS Certificates


You can find more information on the implementation of the project by looking through the Contextual Identity / Containers meta-bug, [https://bugzilla.mozilla.org/show_bug.cgi?id=1191418 Bug 1191418].
You can find more information on the implementation of the project by looking through the Contextual Identity / Containers meta-bug, [https://bugzilla.mozilla.org/show_bug.cgi?id=1191418 Bug 1191418].
Line 120: Line 120:
==Making containers look different==
==Making containers look different==


[[File:Containers-comparison.png|900px|frameless]]
[[File:Containers-tabs-stacked.png|900px|frameless]]


Each container has several visual indicators:
Each container has several visual indicators:
Line 159: Line 159:
* Some sites may require that the user interact with multiple top-level origins during a session, or may require cookies from multiple origins.
* Some sites may require that the user interact with multiple top-level origins during a session, or may require cookies from multiple origins.


==Related work==
==Add-ons==
<span style="color:#ff0000"> [As of 17th August 2022, all of the following add-ons appear to be no longer available or supported. Information has been retained for historical interest only.] </span>


* Firefox add-ons:
* Firefox add-ons:
** [https://addons.mozilla.org/en-US/firefox/addon/switchy/ Switchy]
** [https://bugzilla.mozilla.org/show_bug.cgi?id=sessionperwindow "One session per window"]
** [https://github.com/bakulf/priv8 Priv8]
** [https://addons.mozilla.org/en-US/firefox/addon/priv8/ Priv8]
** [https://addons.mozilla.org/en-US/firefox/addon/multifox/ Multifox]
** [https://addons.mozilla.org/en-GB/firefox/addon/private-tab/ Private Tab]
** [https://addons.mozilla.org/en-US/firefox/addon/cookieswap/ CookieSwap]
** Cookies
** ProfileSwitcher
*** [https://addons.mozilla.org/en-US/firefox/addon/cookieswap/ CookieSwap]
** Profilist
*** [https://addons.mozilla.org/en-US/firefox/addon/multifox/ Multifox] (abandoned)
* Chrome extensions:
** Profile managment
** [https://chrome.google.com/webstore/detail/swap-my-cookies/dffhipnliikkblkhpjapbecpmoilcama Swap-my-cookies]
*** [https://addons.mozilla.org/en-US/firefox/addon/profilist/ Profilist]
* Related Projects:
*** [https://addons.mozilla.org/en-US/firefox/addon/profileswitcher/ ProfileSwitcher]
** [https://www.qubes-os.org/ Qubes OS] security by compartmentalization
*** [https://addons.mozilla.org/en-US/firefox/addon/switchy/ Switchy]
** [http://www.walkernews.net/2013/07/15/noframemerging-inprivate-unique-ie10-browsing-session/ IE10 Browsing Sessions]
** [http://www.collinjackson.com/research/papers/appisolation.pdf App Isolation: Get the Security of Multiple Browsers with Just One] (Chromium prototype)
** [https://bugzilla.mozilla.org/show_bug.cgi?id=sessionperwindow "One session per window" feature request] on Bugzilla
SpikeUK1
Account confirmers, Anti-spam team, Bureaucrats, canmove, Confirmed users, Interface administrators, Module owners and peers, smwadministrator, smwcurator, Administrators, MozillaWiki team, Widget editors
8,315

edits

Retrieved from "https://wiki.mozilla.org/Special:MobileDiff/1136864...1243648"