Rechercher dans l’assistance

Évitez les escroqueries à l’assistance. Nous ne vous demanderons jamais d’appeler ou d’envoyer un SMS à un numéro de téléphone ou de partager des informations personnelles. Veuillez signaler toute activité suspecte en utilisant l’option « Signaler un abus ».

En savoir plus

Why does Firefox share data between google domains even with all privacy options on?

  • 2 réponses
  • 2 ont ce problème
  • 2 vues
  • Dernière réponse par gggh

more options

I have noticed that when I manually log in into accounts.google.com with no prior cookies in the browser and no association with a google account prior to that, it automatically logs me into sites like youtube.com, even with the strictest cookie policies (tried with Strict, custom+cross-site and custom+third-party). I do not particularly mind privacy wise since I'll log into them with the same account anyways, but as far as I understood, there should be absolutely no way this should happen. Cookies should be isolated by domain, I have uBlock Origin installed which prevents cookie sharing between domains by setting some CNAME records in subdomains (Uncloak canonical names), and afaik Firefox does not automatically read the google account cookies and share them around - if it did, that would be even more serious. So what is happening here and how can I change that? This seems to be a serious issue that I'm honestly not comfortable with out of principle since I chose the strictest settings.

I have noticed that when I manually log in into accounts.google.com with no prior cookies in the browser and no association with a google account prior to that, it automatically logs me into sites like youtube.com, even with the strictest cookie policies (tried with Strict, custom+cross-site and custom+third-party). I do not particularly mind privacy wise since I'll log into them with the same account anyways, but as far as I understood, there should be absolutely no way this should happen. Cookies should be isolated by domain, I have uBlock Origin installed which prevents cookie sharing between domains by setting some CNAME records in subdomains (Uncloak canonical names), and afaik Firefox does not automatically read the google account cookies and share them around - if it did, that would be even more serious. So what is happening here and how can I change that? This seems to be a serious issue that I'm honestly not comfortable with out of principle since I chose the strictest settings.

Toutes les réponses (2)

more options

Hi,

I agree. Mozilla shouldn't accept the fact that youtube login state relies on accounts.google.com. This should be an unreachable third-party cookie for us. This is an old and forgotten issue -> https://bugzilla.mozilla.org/show_bug.cgi?id=1319839

Modifié le par TyDraniu

more options

TyDraniu said

Hi, I agree. Mozilla shouldn't accept the fact that youtube login state relies on accounts.google.com. This should be an unreachable third-party cookie for us. This is an old and forgotten issue -> https://bugzilla.mozilla.org/show_bug.cgi?id=1319839

Yeah I just tracked it down to the redirects too, since just logging in to accounts.google.com creates cookies for youtube.com without ever visiting that site explicitly. Now that's obviously a problem, but most direct solutions I can think of to prevent this (e.g. only give access to cookies to a website when it has been explicitly navigated to) would likely break all google logins, since they use accounts.google.com when logging into youtube afaik.

One solution would be to further subdivide the "cookie jars" into youtube.com|accounts.google.com when logging in to youtube, and mail.google.com|accounts.google.com when logging into gmail (and all other domains that are redirected to when logging in to these services), which would still allow login to function, but have them be completely isolated by initial domain. And make it transparent which service is considered the current, navigated one. This of course does not prevent google servers to store login by IP and associate them by this, but they can't do that reliably anyways as that would be a huge security issue. Unfortunately, existing options that SOUND like they do this, don't change a thing, e.g. privacy.firstparty.isolate and TCP.