Privacy/Docs/How To Triage ETP-Strict Website Breakage: Difference between revisions
(Update the section of Identifying blocked URLs) |
(enable devtool panel) |
||
| Line 55: | Line 55: | ||
Normal | Normal | ||
./mach mozregression --launch $(date -d yesterday +%Y-%m-%d) --pref urlclassifier.trackingSkipURLs: | ./mach mozregression --launch $(date -d yesterday +%Y-%m-%d) --pref devtools.anti-tracking.enabled:true --pref urlclassifier.trackingSkipURLs: | ||
With ETP-Strict: | With ETP-Strict: | ||
./mach mozregression --launch $(date -d yesterday +%Y-%m-%d) --pref browser.contentblocking.category:strict --pref urlclassifier.trackingSkipURLs: | ./mach mozregression --launch $(date -d yesterday +%Y-%m-%d) --pref devtools.anti-tracking.enabled:true --pref browser.contentblocking.category:strict --pref urlclassifier.trackingSkipURLs: | ||
== Blocking the correct meta bug == | == Blocking the correct meta bug == | ||
Revision as of 13:59, 25 August 2025
Steps on how to triage Web Compatibility :: Privacy: Site Reports bugs.
Triage tools:
Triage helper Addon: Site Issue Triage (on Github)
about:config
Usually exceptions can be set via urlclassifier.trackingSkipURLs. However, sometimes the tracker is on other lists as well. Use about:url-classifier to see which exception list you need to put the tracking URL and enter the domain in one of these lists:
urlclassifier.features.cryptomining.skipURLsurlclassifier.features.emailtracking.skipURLsurlclassifier.features.fingerprinting.skipURLsurlclassifier.features.socialtracking.skipURLsurlclassifier.trackingSkipURLs
The content of the config variable needs to be a list of domains including subdomains: Example: *://*.example.com/*,*://example.com/*,*://sub.example.net/*
Identifying blocked URLs
Identifying the blocked URLs that cause the website to break. In ETP Strict and Private Browsing Mode, multiple third-party tracker resources may be blocked, as the URLClassifier classifies them. However, not every blocked domain could cause the website to break. We need to identify the exact blocked domains that are causing problems for the site.
First, we can use the following tools to know which domains are currently blocked.
- The network monitor panel in DevTools. Sort all network requests by transferred to see all blocked URLs.
- The protection panel, which can be opened by clicking the shield icon on the URL bar. Finding all blocked domains on the subpanel of the blocked tracking content.
Second, we use the [skipURLs prefs] to unblock and verify domains that cause the website to break.
Putting diagnosis into bug
After we identify the blocked URLs that cause the website to break, the diagnosis info needs to be updated in the bugs. Therefore, we can use this information to deploy Webcompat exceptions to resolve the issue. Following the steps to put the diagnosis into the bug.
- Add the whiteboard tag
[privacy-team:diagnosed]to make the bug as diagnosed. - Depending on the WebCompat Classification Criteria to add either
[exception-baseline]or[exception-convenience]to the whiteboard. - Add necessary URLs to unblock into the User Story as the format
trackers-blocked:xyz.com,*.abc.com. - Add classifier features into the User Story as the format
classifier-features:tracking-protection,emailtracking-protectionto indicate which features to unblock.
Test different cookie modes
- Check whether the bug is caused by TCP (Total Cookie Protection): By setting
network.cookie.cookieBehaviorto4 - Check whether it is caused by the soon-to-be-deprecated tracker-cookie-blocking:
network.cookie.cookieBehavior.trackerCookieBlockingtofalse.network.cookie.cookieBehaviorhas to be5
Shims breaking websites
Sometimes shims can cause breakage for websites. Go to the "Console" tab of devtools to see which shims are applied to a website. A yellow message such as Google Publisher Tags is being shimmed by Firefox. See https://bugzilla.mozilla.org/show_bug.cgi?id=1713685 for details. gets displayed.
Go to `about:compat` and disable all applied shims to see whether that unbreaks the website. Look whether there is a bug blocking Bug 1944600 already open. Otherwise open one yourself with Bug 1944600 as blocking bug and set your breakage bug as depending.
Running clear profiles
Normal
./mach mozregression --launch $(date -d yesterday +%Y-%m-%d) --pref devtools.anti-tracking.enabled:true --pref urlclassifier.trackingSkipURLs:
With ETP-Strict:
./mach mozregression --launch $(date -d yesterday +%Y-%m-%d) --pref devtools.anti-tracking.enabled:true --pref browser.contentblocking.category:strict --pref urlclassifier.trackingSkipURLs:
Blocking the correct meta bug
Block the correct meta bug or Bug 1101005 when no meta bug for the breakage exist. There is no hard rule, but when there are 3+ bugs with the same cause it is worth considering opening a meta bug for it. All meta bugs should block bug 1960641 (tp-breakage-metas).
If the bug was caused by tracking protection, you should make sure the bug has the keyword webcompat:tracker-blocking.
List with rough size of meta available under Privacy/Triage/Tp-Breakage
Meta bugs for breakage due to tracking protection with resource blocking:
31 Total; 31 Open (100%); 0 Resolved (0%); 0 Verified (0%);
Meta bugs for breakge of other causes:
| ID | Summary | Alias | Cc count |
|---|---|---|---|
| 1480137 | [meta] breakage bug for tracking cookie restrictions | etp-breakage | 15 |
| 1602922 | [meta] Breakage bugs of Dynamic First Party Isolation | dfpi-breakage | 15 |
| 1657930 | [meta] - Strict ETP Facebook login breakage (that our shimming should in theory fix) | No alias | 5 |
| 1669486 | [Meta] Web compatibility issues caused by ETP Level 2 | etp-level-2-webcompat | 4 |
| 1834329 | [meta] Breakage from Fingerprinting Protection | No alias | 2 |
| 1917788 | [meta] Third-party cookie deprecation breakage | 3pcd-breakage | 5 |
| 1957426 | [meta] Canvas Noise Breakage | canvas-noise-breakage | 2 |
| 1972297 | [meta] Website breakage due to sending Global Privacy Control Header "Sec-GPC: 1" | tp-breakage-gpc | No cc_count |
8 Total; 8 Open (100%); 0 Resolved (0%); 0 Verified (0%);